Project

General

Profile

CommandValidatorConf » History » Revision 6

Revision 5 (Yingdi Yu, 03/17/2014 03:40 PM) → Revision 6/55 (Yingdi Yu, 03/17/2014 04:52 PM)

# Validator Configuration File Format 

 You can set up a `Validator` via a configuration file.  
 Next, we will show you how to write a configuration file. 

 The configuration file consists of **rules** **`rules`** that will be used in validation. 
 Here is an example of configuration file containing two rules. 

     rule 
     { 
       for data 
       name "Simple Rule" 
       type customized self-defined 
       target definition 
       { 
         target 
         { 
           type name 
         
           name "/localhost/example" 
         
           condition isPrefixOf 
       
         } 
       
         signer 
       
         { 
         
           type name 
         
           rule "/ndn/edu/ucla/KEY/yingdi/ksk-1234/ID-CERT" 
         
           condition equal 
         } 
       } 
     } 
     rule 
     { 
       for data 
       name "Testbed Validation Rule" 
       type hierarchical 
       trust-anchor 
       { 
         type file 
         file-name "testbed-trust-anchor.cert" 
       } 
     } 

 Each rule has a unique name (which should be unique in the configuration file), e.g., "Simple Rule", "Testbed Validation Rule". 
 The rule name is specified in the property **name**. **`name`**.  
 Each rule must be specified with a usage which is specified in the property **for**. **`for`**.  
 The usage indicates the type of packets to which the rule should be applied, therefore, only Only two usages can be specified so far: **data** and **interest**. 
 The property **type** indicates how to apply the rule to packets. 
 Some rule types (such as **hierarchical**) has been defined.  
 One can also specify its own rules by set the type property to be **customized**. 
 A particular type of rules might require some other properties.  
 Next, we will introduce the other properties either for the each rule type. 

 ## Customized Rule 

 Two properties are required by customized rule: **target** and **signer**. data validation (i.e., **`fordata`**) or for interest validation (i.e., **`forinterest`**). 
 The **target** property defines the conditions that the packet per se must satisfy, 
 thus restricting the scope of packets to which the Each rule can be applied. 

 A packet will be checked against the **target** property of rules in the configuration file, 
 one-by-one until the first rule whose **target** property can be satisfied by the packet. 
 Therefore, **the order of rules in configuration file MATTERS!** 

 **target** also has a property **type** with two possible value **name** and **regex**. 
 If **type** is **name**, then  

 and **signer** defines the requirements that the signer (or `KeyLocator`) must fulfill. 



 ## Hierarchical Rule 

 As implied by its name, hierarchical rule requires the name of the target packet to be under the namespace of the packet signer. 
 Assume that the usage of the rule is for data, then it is equivalent to a customized rule: 

     rule have 
     { 
       for data 
       name "Expanded Hierarchical Rule" 
       type customized 
       target 
       { 
         type regex 
         expr "^(<>*)$" 
         expand "\\1" 
       } 
       signer 
       { 
         type regex 
         expr "^([^<KEY>]*)<KEY>(<>*)<ksk-.*><ID-CERT>$" 
         expand "\\1\\2" 
       } 
       additional-condition > 
     }