API
The aims API is implemented in Perl.
The only hook into the parse phase is ontoken(), which registers a handler
which is then called every time the token is encountered during the parse.
Handlers are then able to manipulate the resulting rules by calling the rest
of the API calls.
The API makes the distiction between lines (the rule as it exists in the ruleset) and rules (the data structure populated via the API and eventually compiled into a complete iptables command). Handlers can affect the compiled ruleset by changing the rule data structure.