Back | Next | Contents Cams Administrator's Guide

Regular Expressions

Cams supports regular expressions for use with pattern matching on various values. For example, you can use regular expressions to define the <host> and <address> child elements of the <host acr> access control rule. Regular expressions can be quite complex, but their usage and scope within Cams should be somewhat simplified. This document introduces newbies to the basics of regular expressions and provides some examples for use with Cams.

Regular Expression Syntax

Regular expressions (regex's) are sets of symbols and syntactic elements used to match patterns of text.
The simplest form of a regular expression is a literal string, such as security or programming. Regular expression matching also allows you to test whether a string fits into a specific syntactic form, such as an email address.

Text

Some metacharacters match single characters. Other notations enable you to work with entire text strings.

Pattern Description
. Matches any single character
[chars] Matches any character (chars) between the brackets
[^chars] Matches any character (chars) except those listed between the brackets
\char Escape that particular char, for instance, to specify reserved chars such as ".[]()"
text1|text2 Alternative: text1 or text2
(text) Grouping of text

Quantifiers

The regular expression syntax provides metacharacters which specify the number of times a particular character should match.

Pattern Description
? Matches any character zero or one times
* Matches the preceding element zero or more times
+ Matches the preceding element one or more times
{num} Matches the preceding element num times
{min, max} Matches the preceding element at least min times, but not more than max times

Anchors

Often, you need to specify the position at which a particular pattern occurs. This is often referred to as anchoring the pattern.

Pattern Description
^ Matches at the start of the line
$ Matches at the end of the line
\< Matches at the beginning of a word
\> Matches at the end of a word
\b Matches at the beginning or the end of a word
\B Matches any charater not at the beginning or end of a word

See the Javadoc for java.util.regex.Pattern for a more complete listing of regular expression anchors available with Cams.

Cams Examples

Cams uses regular expressions to match DNS hostnames and IP address. For example, suppose you want to match only hosts from the "gov" domain. You could use:

<allow-host>
  <host>^.*gov</host>
</allow-host>

This expression matches any string starting at the beginning of the line that ends with "gov". Or, you want to deny access to any host not in the 192.168.0 address range. You could use:

<deny-address>
  <host>192.168.0.*</host>
</deny-address>

This expression matches any text string that starts with "192.168.0". This example demonstrates that you should be careful with the use of the dot metacharacter (".") with hostnames and IP addresses, but that it usually provides the results you desire. In this case, the regular expression's trailing dot-asterick (".*") matches any characters that follow the string "192.168.0". The fact that the next character of an IP address is a dot is only a coincidence. In fact, as a regular expression, all hostname and IP address dots match any character. If you want to match the dot character instead of using it as a wildcard you must escape it:

<deny-address>
  <host>192\.168\.0\..*</host>
</deny-address>

Resources

Many online test tools, such as regexpal, are useful to refine your regular expressions.

For a quick tutorial on regular expressions see Using Regular Expressions by Stephen Ramsay, Assistant Director Electronic Text Center, University of Virginia.

A good Java-centric regular expression article named Regular Expressions and the Java Programming Language is found at the Java Developer's Connection.

If you are interested in more detailed information about regular expressions and their variants (POSIX regex, Perl regex, etc.) read the following dedicated book to this topic:

Mastering Regular Expressions
Jeffrey E.F. Friedl
Nutshell Handbook Series
O'Reilly & Associates, Inc. 1997
ISBN 1-56592-257-3

Back | Next | Contents