|>> Sample MACAT firewalling language (incomplete) |>> Copyright (C) 2009 Matous Jan Fialka, |>> Released under the terms of The MIT License |>> Prepend every expand with /sbin/iptables |>- |-> /sbin/iptables |>> Define `filter' |<- --table filter |>> Define `input' |<- --chain INPUT |>> Define `input-politic ' (politic is uppercased) |<- politic filter --chain INPUT --politic |<< |^^ 1 |>> Define `interface-in ' |<- interface-in --in-interface |<< 1 |>> Define `interface-out ' |<- interface-out --out-interface |<< 1 |>> Define `tcp' |<- tcp --module tcp --protocol tcp |>> Define `udp' |<- udp --module udp --protocol udp |>> Define `source ' |<- source --source |<< 1/|<< 2 |>> Define `destination ' |<- destination --destination |<< 1/|<< 2 |>> Define `source-ports ' (ports are lowercased) |<- source-ports --source-ports |<< |__ 1 |>> Define `destination-ports ' |<- destination-ports --destination-ports |<< |__ 1 |>> Define `state ' (state is uppercased) |<- state --module state --state |<< |^^ 1 |>> Define `target ' (target is uppercased) |<- target --jump |<< |^^ 1 |>> Define `reject-with ' |<- reject-with --jump REJECT --reject-with |<< 1 |>> Define `ruleset' |<- ruleset |<- |>> Define `expand' |<- expand |-> |>> Define `prepend' |<- prepend |>- |>> Define `!' as comment character |<- ! |>> |>> Define `description ' to comment anything |<- description ! |>> Finally, cryptically, destroy whole original syntax |-- |-> |-- |>- |-- |-< |-- |-- |-- |<< |-- |>> |-- |^^ |-- |__ |-- |--