Added a "negate result" option

[sfa.git] / sfatables / exec.py

diff --git a/sfatables/exec.py b/sfatables/exec.py
index 5d096b6..4afcb48 100644 (file)
--- a/sfatables/exec.py
+++ b/sfatables/exec.py
@@ -32,9 +32,44 @@ def main():
     incoming = SFATablesRules('INCOMING')
     outgoing = SFATablesRules('OUTGOING')
 
+    rspec = """
+<rspec>
+    <request-context>
+        <sfa><user><hrn>plc.princeton.sapan</hrn></user></sfa>
+    </request-context>
+
+    <sfatables-rule>
+            <argument>
+                <name>hrn</name>
+                <value>plc</value>
+            </argument>
+            <argument>
+                <name>whitelist</name>
+                <value>plc.princeton</value>
+            </argument>
+            <argument>
+                <name>blacklist</name>
+                <value>plc.tp</value>
+            </argument>
+    </sfatables-rule>
+    <request>
+        <nodespec>
+            <node name="plc.princeton.planetlab-01"/>
+            <node name="plc.princeton.planetlab-02"/>
+            <node name="plc.princeton.planetlab-03"/>
+            <node name="plc.princeton.planetlab-04"/>
+            <node name="plc.tp.planetlab3"/>
+        </nodespec>
+    </request>
+</rspec>
+    """
+
+    
     print "%d rules loaded for INCOMING chain\n"%len(incoming.sorted_rule_list)
     print "%d rules loaded for OUTGOING chain\n"%len(outgoing.sorted_rule_list)
 
+    newrspec = incoming.apply(rspec)
+    print newrspec
     return
 
 if __name__=="__main__":