GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
Net::ACL::Rule(3) User Contributed Perl Documentation Net::ACL::Rule(3)

Net::ACL::Rule - Class representing a generic access-list/route-map entry 

    use Net::ACL::Rule qw( :action :rc );

    # Constructor
    $entry = new Net::ACL::Rule(
        Action  => ACL_PERMIT
        Match   => {
                IP      => '127.0.0.0/8'
                }
        Set     => {
                IP      => '127.0.0.1'
                },
        Seq     => 10
        );

    # Object Copy
    $clone = $entry->clone();

    # Accessor Methods
    $action = $entry->action($action);
    $action_str = $entry->action($action_str);

    $entry->add_match($matchrule);
    $entry->remove_match($matchrule);
    $entry->add_set($setrule);
    $entry->remove_set($setrule);

    $rc = $entry->match(@data);
    @data = $entry->set(@data);

    ($rc,@data) = $entry->query(@data);

    $subrule = $entry->autoconstruction($type,$class,$arg,@values);

This module represents a single generic access-list and route-map entry. It is used by the Net::ACL object. It can match any data against a list of Net::ACL::Match objects, and if all are matched, it can have a list of Net::ACL::Set objects modify the data.

new() - create a new Net::ACL::Rule object
    $entry = new Net::ACL::Rule(
        Action  => ACL_PERMIT
        Match   => {
                IP      => '127.0.0.0/8'
                }
        Set     => {
                IP      => '127.0.0.1'
                }
        );

This is the constructor for Net::ACL::Rule objects. It returns a reference to the newly created object. The following named parameters may be passed to the constructor.

Action
The action parameter could be either of the constants exported using "action" (See EXPORTS) or just a string matching permit or deny. ACL_PERMIT accepts the data, ACL_DENY drops the data, while ACL_CONTINUE is used to indicate that this entry might change the data, but does not decide whether the data should be accepted or droped.
Match
The match parameter can have multiple forms, and my exists zero, one or more times. The following forms are allowed:
Match object - A Net::ACL::Match object (or ancestor)
List - A list of Net::ACL::Match objects (or ancestors)
Hash - A hash reference. The constructor will for each key/value-pair call the autoconstructor() method and add the returned objects to the rule-set.
Set
The set parameter are in syntax just like the "Match" parameter, except it uses Net::ACL::Set objects.

clone() - clone a Net::ACL::Rule object
    $clone = $entry->clone();

This method creates an exact copy of the Net::ACL::Rule object, with set, match and action attributes.

action()
This method returns the entry's action value. If called with an argument, the action value is changed to that argument.
action_str()
This method returns the entry's action string as either "permit" or "deny". If called with an argument, the action value are changed to ACL_PERMIT if the argument matches /permit/i - otherwise ACL_DENY.
add_match()
remove_match()
add_set()
remove_set()
The methods add and remove match and set rules. Each argument should be a match or set rule object. New rules are added in the end of the rule set.
match()
The match method gets any arbitrary number of arguments. The arguments are passed to the match() method of each of the Net::ACL::Match objects, given at construction time - see new(). If all Match objects did match, the method returns ACL_MATCH. Otherwise ACL_MATCH.
set()
The set method gets any arbitrary number of arguments. The arguments are passed to the first of the Net::ACL::Set objects set() method. The result of this function is then used to call the next. This is repeated for all Set objects given at construction time - see new(). Finally the result of the last call is returned.
query()
The query method first attempt to match it's arguments with the match() method. If this fails, it returns ACL_CONTINUE. Otherwise it uses the set() method to potentially alter the arguments before they are returned with "Action" given on construction prefixed.
autoconstruction()
This method is used on construction to construct rules based on key/value-pairs in a Rule argument hash reference.

The first argument is the type ("Match" or "Set"). The second is the class name (see below). The third is the key name from the construction hash. The forth and any remaining arguments are used as parameters to the constructor.

The return value will be the result of:

        $class->new(@values);

The class is by the constructor set as "Net::ACL::$type::$key"

NOTE: Do to this; the keys of the hash are case-sensitive!

By replacing this function in a sub-class, it is possible to modify the class and/or key-value pairs and hence make more complex constructions from simple key-value pairs, or have more user-friendly key values (e.g. make them case-insensitive).

The module exports the following symbols according to the rules and conventions of the Exporter module.
:rc
        ACL_MATCH, ACL_NOMATCH
:action
        ACL_PERMIT, ACL_DENY, ACL_CONTINUE

Net::ACL, Net::ACL::Set, Net::ACL::Match

Martin Lorensen <bgp@martin.lorensen.dk>
2003-06-06 perl v5.32.1
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.