Module: validate_script - Helmigreg/ant GitHub Wiki
Technical Documentation: validate_script.py
Overview
This module is responsible for validating the syntax of a given nftables firewall script using the nftables
Python library. It helps detect and extract specific error messages from the output of an nft
command run against a rule file.
This utility is useful in automated testbeds, firewall configuration tools, or deployment pipelines where pre-validation of nftables scripts is required before applying them to a system.
Exception Handling
- No exceptions are explicitly raised in this module.
- The function relies on parsing error strings returned from the
nftables
library.
Dependencies
re
(Python Standard Library): Used for regular expression matching of error messages.nftables
(Python binding for nft): Required to parse and validate nft scripts via system calls.
Constants
REGEX
REGEX = r"(?!Error: Could not process rule: Operation not permitted\n)(Error:.*\n)"