Module: validate_script - Helmigreg/ant GitHub Wiki

Technical Documentation: validate_script.py


Overview

This module is responsible for validating the syntax of a given nftables firewall script using the nftables Python library. It helps detect and extract specific error messages from the output of an nft command run against a rule file.

This utility is useful in automated testbeds, firewall configuration tools, or deployment pipelines where pre-validation of nftables scripts is required before applying them to a system.


Exception Handling

  • No exceptions are explicitly raised in this module.
  • The function relies on parsing error strings returned from the nftables library.

Dependencies

  • re (Python Standard Library): Used for regular expression matching of error messages.
  • nftables (Python binding for nft): Required to parse and validate nft scripts via system calls.

Constants

REGEX

REGEX = r"(?!Error: Could not process rule: Operation not permitted\n)(Error:.*\n)"