package net.java.slee.resource.diameter.base.events.avp;

import java.util.regex.Matcher;
import java.util.regex.Pattern;

/* loaded from: input_file:base-common-library-2.1.0.FINAL.jar:jars/base-common-events-2.1.0.FINAL.jar:net/java/slee/resource/diameter/base/events/avp/IPFilterRule.class */
public class IPFilterRule {
    public static final int ACTION_PERMIT = 0;
    public static final int ACTION_DENY = 1;
    public static final int DIR_IN = 0;
    public static final int DIR_OUT = 1;
    private int action;
    private int direction;
    private boolean anyProtocol;
    private int protocol;
    private AddressSet sourceAddressSet;
    private AddressSet destAddressSet;
    private boolean fragment = false;
    private String ipoptions = null;
    private String tcpoptions = null;
    private boolean established = false;
    private boolean setup = false;
    private String tcpflags = null;
    private String icmptypes = null;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:base-common-library-2.1.0.FINAL.jar:jars/base-common-events-2.1.0.FINAL.jar:net/java/slee/resource/diameter/base/events/avp/IPFilterRule$AddressSet.class */
    public class AddressSet {
        private String ip;
        private int bits;
        private int[][] ports;
        private boolean assignedIps;
        private boolean notMatch;

        private AddressSet() {
            this.bits = -1;
            this.assignedIps = false;
            this.notMatch = false;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void appendAddressSet(StringBuffer stringBuffer) {
            if (this.notMatch) {
                stringBuffer.append('!');
            }
            if (this.assignedIps) {
                stringBuffer.append("assigned");
            } else {
                stringBuffer.append(this.ip);
                if (0 <= this.bits) {
                    stringBuffer.append('/').append(this.bits);
                }
            }
            if (null != this.ports) {
                stringBuffer.append(' ');
                for (int i = 0; i < this.ports.length; i++) {
                    int[] iArr = this.ports[i];
                    stringBuffer.append(iArr[0]);
                    if (iArr[1] != iArr[0]) {
                        stringBuffer.append('-').append(iArr[1]);
                    }
                    if (i != this.ports.length - 1) {
                        stringBuffer.append(',');
                    }
                }
            }
        }
    }

    public IPFilterRule(String str) {
        parseRule(str);
    }

    public String toString() {
        return getRuleString();
    }

    public String getRuleString() {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(this.action == 0 ? "permit " : "deny ");
        stringBuffer.append(this.direction == 0 ? "in " : "out ");
        stringBuffer.append(isAnyProtocol() ? "ip" : String.valueOf(this.protocol));
        stringBuffer.append(" from ");
        this.sourceAddressSet.appendAddressSet(stringBuffer);
        stringBuffer.append(" to ");
        this.destAddressSet.appendAddressSet(stringBuffer);
        stringBuffer.append(' ');
        stringBuffer.append(this.fragment ? "frag " : "");
        if (this.ipoptions != null) {
            stringBuffer.append("ipoptions ").append(this.ipoptions).append(' ');
        }
        if (this.tcpoptions != null) {
            stringBuffer.append("tcpoptions ").append(this.tcpoptions).append(' ');
        }
        stringBuffer.append(this.established ? "established " : "");
        stringBuffer.append(this.setup ? "setup " : "");
        if (this.tcpflags != null) {
            stringBuffer.append("tcpflags ").append(this.tcpflags).append(' ');
        }
        if (this.icmptypes != null) {
            stringBuffer.append("icmptypes ").append(this.icmptypes);
        }
        return stringBuffer.toString();
    }

    public int getAction() {
        return this.action;
    }

    public int getDirection() {
        return this.direction;
    }

    public boolean isAnyProtocol() {
        return this.anyProtocol;
    }

    public int getProtocol() {
        return this.protocol;
    }

    public String getSourceIp() {
        return this.sourceAddressSet.ip;
    }

    public int getSourceBits() {
        return this.sourceAddressSet.bits;
    }

    public boolean isSourceAssignedIps() {
        return this.sourceAddressSet.assignedIps;
    }

    public int[][] getSourcePorts() {
        return this.sourceAddressSet.ports;
    }

    public String getDestIp() {
        return this.destAddressSet.ip;
    }

    public int getDestBits() {
        return this.destAddressSet.bits;
    }

    public boolean isDestAssignedIps() {
        return this.destAddressSet.assignedIps;
    }

    public int[][] getDestPorts() {
        return this.destAddressSet.ports;
    }

    public boolean isFragment() {
        return this.fragment;
    }

    public String[] getIpOptions() {
        return this.ipoptions.split(",");
    }

    public String[] getTcpOptions() {
        return this.tcpoptions.split(",");
    }

    public boolean isEstablised() {
        return this.established;
    }

    public boolean isSetup() {
        return this.setup;
    }

    public String[] getTcpFlags() {
        return this.tcpflags.split(",");
    }

    public String[] getIcmpTypes() {
        return this.icmptypes.split(",");
    }

    public int[] getNumericIcmpTypes() {
        return new int[0];
    }

    private void parseRule(String str) {
        Matcher matcher = Pattern.compile("(.+)\\s+(.+)\\s+(.+)\\s+from\\s+(.+)\\s+to\\s+([^a-z]+)\\s+(.+)").matcher(str.trim());
        if (!matcher.matches()) {
            fail(str);
            return;
        }
        parseAction(matcher.group(1), str);
        parseDirection(matcher.group(2), str);
        parseProtocol(matcher.group(3), str);
        parseFrom(matcher.group(4), str);
        parseTo(matcher.group(5), str);
        parseOptions(matcher.group(6), str);
    }

    private void parseProtocol(String str, String str2) {
        if ("ip".equals(str)) {
            this.anyProtocol = true;
            return;
        }
        try {
            this.protocol = Integer.parseInt(str);
        } catch (NumberFormatException e) {
            fail(str2, str);
        }
    }

    private void parseDirection(String str, String str2) {
        if ("in".equals(str)) {
            this.direction = 0;
        } else if ("out".equals(str)) {
            this.direction = 1;
        } else {
            fail(str2, str);
        }
    }

    private void parseAction(String str, String str2) {
        if ("permit".equals(str)) {
            this.action = 0;
        } else if ("deny".equals(str)) {
            this.action = 1;
        } else {
            fail(str2, str);
        }
    }

    private void parseFrom(String str, String str2) {
        this.sourceAddressSet = parseAddressSet(str, str2);
    }

    private void parseTo(String str, String str2) {
        this.destAddressSet = parseAddressSet(str, str2);
    }

    private AddressSet parseAddressSet(String str, String str2) {
        AddressSet addressSet = new AddressSet();
        Matcher matcher = Pattern.compile("(!?)(assigned|[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3}.[0-9]{1,3})(/[0-9]{1,3})?( [0-9,-]*)?").matcher(str);
        if (matcher.matches()) {
            addressSet.notMatch = "!".equals(matcher.group(1));
            if ("assigned".equals(matcher.group(2))) {
                addressSet.assignedIps = true;
            } else {
                addressSet.ip = matcher.group(2);
                if (null != matcher.group(3)) {
                    try {
                        addressSet.bits = Integer.parseInt(matcher.group(3).substring(1));
                    } catch (NumberFormatException e) {
                        fail(str2, matcher.group(3));
                    }
                }
            }
            if (null != matcher.group(4)) {
                String trim = matcher.group(4).trim();
                String[] split = trim.split(",");
                addressSet.ports = new int[split.length][2];
                for (int i = 0; i < split.length; i++) {
                    String[] split2 = split[i].split("-");
                    addressSet.ports[i][0] = Integer.parseInt(split2[0]);
                    try {
                        if (split2.length == 1) {
                            addressSet.ports[i][1] = addressSet.ports[i][0];
                        } else if (split2.length == 2) {
                            addressSet.ports[i][1] = Integer.parseInt(split2[1]);
                        } else {
                            fail(str2, trim);
                        }
                    } catch (NumberFormatException e2) {
                        fail(str2, trim);
                    }
                }
            }
        } else {
            fail(str2, str);
        }
        return addressSet;
    }

    private void parseOptions(String str, String str2) {
        if (str.length() > 0) {
            String[] split = Pattern.compile("\\s+").split(str);
            int i = 0;
            while (i < split.length) {
                String str3 = split[i];
                if ("frag".equals(str3)) {
                    this.fragment = true;
                } else if ("ipoptions".equals(str3)) {
                    i++;
                    this.ipoptions = split[i];
                } else if ("tcpoptions".equals(str3)) {
                    i++;
                    this.tcpoptions = split[i];
                } else if ("established".equals(str3)) {
                    this.established = true;
                } else if ("setup".equals(str3)) {
                    this.setup = true;
                } else if ("tcpflags".equals(str3)) {
                    i++;
                    this.tcpflags = split[i];
                } else if ("icmptypes".equals(str3)) {
                    i++;
                    this.icmptypes = split[i];
                } else {
                    fail(str2, str3);
                }
                i++;
            }
        }
    }

    private void fail(String str, String str2) {
        throw new IllegalArgumentException("Could not parse rule \"" + str + "\", failed at: \"" + str2 + "\"");
    }

    private void fail(String str) {
        throw new IllegalArgumentException("Could not parse rule \"" + str + "\", failed to match.");
    }

    public static void main(String[] strArr) {
        for (String str : new String[]{"permit in ip from 192.168.0.0/24 10,11,12,20-30 to 192.168.1.1 99 frag established", "permit out 2 from 192.1.0.0/24 to 192.1.1.1/0 frag established setup tcpoptions mrss", "permit out 2 from !192.1.0.0/24 to 192.1.1.1/0 frag established setup tcpoptions mrss", "permit out 2 from assigned 34 to 192.1.1.1/0 6,3 frag established setup tcpoptions mrss ipoptions !rr,!ts", "deny in ip from !assigned to 192.1.1.1/0 6,3 frag established setup tcpoptions mrss", "deny out udp from 192.168.0.0 to 192.168.1.1 established", "permit in 9999 from 192.168.0.0/24 to 192.168.1.1 frag foo"}) {
            try {
                System.out.println(str + " -> " + new IPFilterRule(str).toString());
            } catch (IllegalArgumentException e) {
                System.out.println(e.getMessage());
            }
        }
    }
}
