ALLOW
action : ALLOW { $$ = ACTION_ALLOW; }
%token ALLOW DENY MATCH
{ "allow", ALLOW },
%token DENY ALLOW READ WRITE BIND ACCESS TO ROOT REFERRAL
| ALLOW { $$ = ACI_ALLOW; }
{ "allow", ALLOW },
allowed_ext[STATE_INIT] |= ALLOW(PRIV_OPEN_DUMP);
allowed_ext[STATE_INIT] |= ALLOW(PRIV_OPEN_BPF);
allowed_ext[STATE_FILTER] |= ALLOW(PRIV_OPEN_OUTPUT);
allowed_ext[STATE_FILTER] |= ALLOW(PRIV_INIT_DONE);
allowed_ext[STATE_RUN] |= ALLOW(PRIV_GETHOSTBYADDR);
allowed_ext[STATE_FILTER] |= ALLOW(PRIV_ETHER_NTOHOST);
allowed_ext[STATE_RUN] |= ALLOW(PRIV_ETHER_NTOHOST);
allowed_ext[STATE_RUN] |= ALLOW(PRIV_GETRPCBYNUMBER);
allowed_ext[STATE_FILTER] |= ALLOW(PRIV_GETPROTOENTRIES);
allowed_ext[STATE_FILTER] |= ALLOW(PRIV_OPEN_PFOSFP);
/* INIT */ ALLOW(PRIV_OPEN_BPF) | ALLOW(PRIV_OPEN_DUMP) |
ALLOW(PRIV_SETFILTER),
/* BPF */ ALLOW(PRIV_SETFILTER),
/* FILTER */ ALLOW(PRIV_OPEN_PFOSFP) | ALLOW(PRIV_OPEN_OUTPUT) |
ALLOW(PRIV_GETSERVENTRIES) |
ALLOW(PRIV_GETPROTOENTRIES) |
ALLOW(PRIV_ETHER_NTOHOST) | ALLOW(PRIV_INIT_DONE),
/* RUN */ ALLOW(PRIV_GETHOSTBYADDR) | ALLOW(PRIV_ETHER_NTOHOST) |
ALLOW(PRIV_GETRPCBYNUMBER) | ALLOW(PRIV_LOCALTIME) |
ALLOW(PRIV_PCAP_STATS),
& ALLOW(action)) == 0) {
/* INIT */ ALLOW(PRIV_SETFILTER),
/* BPF */ ALLOW(PRIV_SETFILTER),
/* FILTER */ ALLOW(PRIV_GETSERVENTRIES),
/* RUN */ ALLOW(PRIV_LOCALTIME) | ALLOW(PRIV_PCAP_STATS),
%token ADD AGENTX ALLOW BOOT CDROM CONTEXT DEVICE DISABLE DISK DOWN ENABLE
instance : ALLOW INSTANCE '{' optnl instance_l '}'
| ALLOW INSTANCE instance_flags
{ "allow", ALLOW },