nullnet-libfireparse 0.3.4

A library for parsing and translating firewall configurations across multiple NullNet targets
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

use nullnet_libconfmon::{InterfaceSnapshot, Snapshot};
use roxmltree::Document;

mod aliases_parser;
mod enpoint_parser;
mod interfaces_parser;
mod rules_parser;
mod ssh_parser;
mod webgui_parser;

use crate::{
    Configuration, FireparseError,
    opnsense::{
        aliases_parser::OpnSenseAliasesParser, interfaces_parser::OpnSenseInterfacesParser,
        rules_parser::OpnSenseRulesParser, ssh_parser::OpnSenseSSHParser,
        webgui_parser::OpnSenseWebGuiParser,
    },
    utils::{self, find_in_snapshot},
};

pub struct OpnSenseParser {}

impl OpnSenseParser {
    pub fn parse(snapshot: Snapshot) -> Result<Configuration, FireparseError> {
        let (document, encoded) = OpnSenseParser::parse_config_from_snapshot(&snapshot)?;
        let iterfaces = OpnSenseParser::parse_interfaces_info_from_snapshot(&snapshot)?;

        Ok(Configuration {
            rules: OpnSenseRulesParser::parse(&document),
            aliases: OpnSenseAliasesParser::parse(&document),
            interfaces: OpnSenseInterfacesParser::parse(&document, iterfaces),
            hostname: Default::default(),
            ssh: OpnSenseSSHParser::parse(&document),
            gui_protocol: OpnSenseWebGuiParser::parse(&document, "https"),
            raw_content: encoded,
        })
    }

    fn parse_config_from_snapshot(
        snapshot: &Snapshot,
    ) -> Result<(Document, String), FireparseError> {
        let pfsense_config =
            find_in_snapshot(snapshot, "config.xml").ok_or(FireparseError::ParserError(
                String::from("OpnSenseParser: 'config.xml' file is missing in the snapshot"),
            ))?;

        let config_content = std::str::from_utf8(&pfsense_config.content).map_err(|e| {
            FireparseError::ParserError(format!(
                "OpnSenseParser: Failed to parse 'config.xml' blob as UTF-8: {e}"
            ))
        })?;

        let xmltree = Document::parse(config_content)
            .map_err(|e| FireparseError::ParserError(e.to_string()))?;

        let document_encoded = utils::encode_base64(config_content.as_bytes());

        Ok((xmltree, document_encoded))
    }

    fn parse_interfaces_info_from_snapshot(
        snapshot: &Snapshot,
    ) -> Result<Vec<InterfaceSnapshot>, FireparseError> {
        let ifaces_data = find_in_snapshot(snapshot, "#NetworkInterfaces").ok_or(
            FireparseError::ParserError(String::from(
                "OpnSenseParser: '#NetworkInterfaces' file is missing in the snapshot",
            )),
        )?;

        InterfaceSnapshot::deserialize_snapshot(&ifaces_data.content)
            .map_err(|e| FireparseError::ParserError(format!("OpnSenseParser: Failed to deserialize network interfaces data from the snapshot. {e}")))
    }
}