Peter Blair > ACL-Regex-0.0001 > ACL::Regex

Download:
ACL-Regex-0.0001.tar.gz

Dependencies

Annotate this POD

View/Report Bugs
Module Version: 0.0001   Source   Latest Release: ACL-Regex-0.0002

NAME ^

ACL::Regex - Process arbitrary events with regular expressions.

SYNOPSIS ^

   use ACL::Regex;

   # Instantiate a reject object
   my $reject_acl = ACL::Regex->new->
           generate_required( 'required.txt' )->
           parse_acl_from_file( { Filename => "acl.reject.txt" } );

   while( <> ){
           chomp;
           my ($rc,$regex,$comment) = $reject_acl->match( $_ );
           if( $rc ){
                  print "\t! Rejected against $regex\n";
                  print "\t: Reason: $comment\n";
                  next;
           }
   }

DESCRIPTION ^

ACL::Regex allows you to parse a series of actions, key/value pairs through an object containing a series of regular expressions.

OBJECT ORIENTED INTERFACE

The module is written with an object oriented interface. There is no function interface to choose from. To streamline many of the initial operations of the object, many of the initialization methods return the object reference, allowing the programmer to chain the commands together.

generate_required

This method pulls in a :file containing a series of required keys.

sanitize_acl

This method re-sorts the keys in alphabetical order.

sanitize_action

This method accomplishes the same thing as :sanitize_acl but for actions.

parse_acl_from_file

This method takes a hash as a parameter:

  parse_acl_from_file( { Filename => "acl.reject.txt" } )
match

This method takes an action as a parameter, and returns a triplet containing the return code, matched regex, and any comment associated with the regex.

INPUT FILES

An example of ain input ACL file can be found in the t folder of this project, but it simply comprises of rows that look like:

  # Don't allow domain admins to delete mailboxes on weekends or mondays
  /action=[mac-delete-mailbox] account=[.*@domain.net.adm] group=[domain-admin] dow=[sat|sun|mon]/        Domain admins can only delete mailboxes during the week
  # Reject mail from brazil
  /account=[.*@example.net] ip=[200..*] group=[user] action=[send-mail]/  No mail to be sent from Brazil!

The two tab deliminated columns separate the regex acl and the comment returned if any match is found.

The required file is supplied to the object during instantiation and will seed the object with a list of required keys in the hash. This way, if a key regex isn't present in the ACL REGEX FILE then the object will fill the hash with a regex that matches all possibilities. This is designed to satisfy the regex string should a key be absent from the action line.

  # This file contains a list of actions, and required attributes
  send-mail=account,ip,group,dow,time
  rwi_login=account,ip,auth_method,dow,time
  create_user=account,ip

A line of key=[val] pairs to be consumed by the ACL object. These get massaged so that any action key that doesn't satisfy the REQUIRED fields are added and the entire string is sorted by key name.

syntax highlighting: