|>> Sample MACAT firewalling language (incomplete)
|>> Copyright (C) 2009 Matous Jan Fialka,
|>> Released under the terms of The MIT License
|>> Prepend every expand with /sbin/iptables
|>- |-> /sbin/iptables
|>> Define `filter'
|<- --table filter
|>> Define `input'
|<- --chain INPUT
|>> Define `input-politic ' (politic is uppercased)
|<- politic
filter --chain INPUT --politic |<< |^^ 1
|>> Define `interface-in '
|<- interface-in --in-interface |<< 1
|>> Define `interface-out '
|<- interface-out --out-interface |<< 1
|>> Define `tcp'
|<- tcp --module tcp --protocol tcp
|>> Define `udp'
|<- udp --module udp --protocol udp
|>> Define `source '
|<- source --source |<< 1/|<< 2
|>> Define `destination '
|<- destination --destination |<< 1/|<< 2
|>> Define `source-ports ' (ports are lowercased)
|<- source-ports --source-ports |<< |__ 1
|>> Define `destination-ports '
|<- destination-ports --destination-ports |<< |__ 1
|>> Define `state ' (state is uppercased)
|<- state --module state --state |<< |^^ 1
|>> Define `target ' (target is uppercased)
|<- target --jump |<< |^^ 1
|>> Define `reject-with '
|<- reject-with --jump REJECT --reject-with |<< 1
|>> Define `ruleset'
|<- ruleset |<-
|>> Define `expand'
|<- expand |->
|>> Define `prepend'
|<- prepend |>-
|>> Define `!' as comment character
|<- ! |>>
|>> Define `description ' to comment anything
|<- description !
|>> Finally, cryptically, destroy whole original syntax
|-- |-> |-- |>- |-- |-< |-- |-- |-- |<< |-- |>> |-- |^^ |-- |__ |-- |--