From: Doug Knight Date: Thu, 23 Apr 2015 00:31:50 +0000 (-0800) Subject: (MODULES-1967) Parse escape sequences from iptables X-Git-Tag: 1.7.0~21^2 X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=16cfbdce2ab9d05de12beadc5a89e3e09b3fa213;p=puppet-modules%2Fpuppetlabs-firewall.git (MODULES-1967) Parse escape sequences from iptables --- diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb index 089689c..b6ec22d 100644 --- a/lib/puppet/provider/firewall/iptables.rb +++ b/lib/puppet/provider/firewall/iptables.rb @@ -364,8 +364,16 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir values.slice!('-A') keys << :chain - # Here we generate the main hash - keys.zip(values.scan(/"[^"]*"|\S+/).reverse) { |f, v| hash[f] = v.gsub(/"/, '') } + # Here we generate the main hash by scanning arguments off the values + # string, handling any quoted characters present in the value, and then + # zipping the values with the array of keys. + keys.zip(values.scan(/("([^"\\]|\\.)*"|\S+)/).transpose[0].reverse) do |f, v| + if v =~ /^".*"$/ then + hash[f] = v.sub(/^"(.*)"$/, '\1').gsub(/\\(\\|'|")/, '\1') + else + hash[f] = v.dup + end + end ##################### # POST PARSE CLUDGING diff --git a/spec/fixtures/iptables/conversion_hash.rb b/spec/fixtures/iptables/conversion_hash.rb index e33a2e1..b555eea 100644 --- a/spec/fixtures/iptables/conversion_hash.rb +++ b/spec/fixtures/iptables/conversion_hash.rb @@ -231,6 +231,13 @@ ARGS_TO_HASH = { :source => '192.168.0.1/32', }, }, + 'string_escape_sequences' => { + :line => '-A INPUT -m comment --comment "000 parse escaped \\"s, \\\'s, and \\\\s"', + :table => 'filter', + :params => { + :name => '000 parse escaped "s, \'s, and \\s', + }, + }, 'log_level_debug' => { :line => '-A INPUT -m comment --comment "956 INPUT log-level" -m state --state NEW -j LOG --log-level 7', :table => 'filter',