public function load_from_domxml($xml)
{
$this->xmlroot = $xml;
$this->name = DH::findAttribute('name', $xml);
if ($this->name === FALSE) {
derr("name not found\n");
}
//print "found rule name '".$this->name."'\n";
$this->extract_disabled_from_domxml();
$this->extract_description_from_domxml();
$this->load_tags();
$this->load_from();
$this->load_to();
$this->load_source();
$this->load_destination();
// //
// Destination NAT properties Extraction //
// //
$this->dnatroot = DH::findFirstElement('destination-translation', $xml);
if ($this->dnatroot !== FALSE) {
//print "rule '".$this->name."' has destination-translation\n";
if ($this->dnatroot->hasChildNodes()) {
$this->subdnatTAroot = DH::findFirstElement('translated-address', $this->dnatroot);
if ($this->subdnatTAroot !== FALSE) {
$f = $this->parentAddressStore->findOrCreate($this->subdnatTAroot->textContent, $this);
$this->dnathost = $f;
$this->subdnatTProot = DH::findFirstElement('translated-port', $this->dnatroot);
if ($this->subdnatTProot !== FALSE) {
$this->subdnatport = $this->subdnatTProot->textContent;
}
}
}
}
// end of destination translation extraction
// //
// Source NAT properties Extraction //
// //
$this->snatroot = DH::findFirstElement('source-translation', $xml);
if ($this->snatroot !== FALSE) {
//print "we have found a source NAT\n";
// next <tag> will determine NAT type
$firstE = DH::firstChildElement($this->snatroot);
$this->snattype = $firstE->nodeName;
// Do we support this type of NAT ?
if ($this->snattype != "static-ip" && $this->snattype != "dynamic-ip-and-port" && $this->snattype != "dynamic-ip") {
derr("SNAT type '" . $this->snattype . "' for rule '" . $this->name . "' is not supported, EXIT\n");
}
//print "Determined NAT type ".$tcur['name']."\n";
if ($this->snattype == "static-ip") {
$isbidrx = DH::findFirstElement('bi-directional', $firstE);
if ($isbidrx !== FALSE) {
$this->snatbidir = $isbidrx->textContent;
}
$transladx = DH::findFirstElement('translated-address', $firstE);
$fad = $this->parentAddressStore->findOrCreate($transladx->textContent, $this);
$this->snathosts->addObject($fad);
$this->snathosts->xmlroot = $transladx;
} else {
if ($this->snattype == "dynamic-ip-and-port") {
// Is it <translated-address> type ?
$subtype = DH::findFirstElement('translated-address', $firstE);
if ($subtype !== FALSE) {
if (DH::firstChildElement($subtype) === FALSE) {
// this rule has no address specified
} else {
foreach ($subtype->childNodes as $node) {
if ($node->nodeType != 1) {
continue;
}
$translad = $this->parentAddressStore->findOrCreate($node->textContent, $this);
$this->snathosts->addObject($translad);
}
$this->snathosts->xmlroot = $subtype;
}
} else {
$subtype = DH::findFirstElement('interface-address', $firstE);
if ($subtype !== FALSE) {
if (DH::firstChildElement($subtype) === FALSE) {
derr("Cannot understand dynmaic NAT for rule '" . $this->name . "'\n");
}
foreach ($subtype->childNodes as $node) {
if ($node->nodeType != 1) {
continue;
}
if ($node->nodeName == 'interface') {
$this->snatinterface = $node->textContent;
} else {
if ($node->nodeName == 'ip') {
$translad = $this->parentAddressStore->findOrCreate($node->textContent, $this);
$this->snathosts->addObject($translad);
} else {
derr("Cannot understand dynmaic NAT for rule '" . $this->name . "'\n");
}
}
}
} else {
mwarning("Unknown dynamic SNAT type on rule '" . $this->name . " don't mess too much with this rule or face unpredictable results");
}
}
}
}
}
//
// End of Source NAT properties extraction //
// //
// Begin of <service> extraction //
// //
$this->serviceroot = DH::findFirstElementOrCreate('service', $xml, 'any');
if ($this->serviceroot !== FALSE) {
$lname = $this->serviceroot->textContent;
if (strtolower($lname) != 'any') {
//print "found service named $lname in NAT rule '".$this->name."'\n";
$f = $this->parentServiceStore->findOrCreate($lname, $this, true);
if (!$f) {
derr("Error: service object named '{$lname}' not found in NAT rule '" . $this->name . "'\n");
}
$this->service = $f;
}
} else {
derr('unexpected error');
}
// End of <service> extraction //
}
