void
addrules(Word *head, Word *tail, char *body, int attr, int hline, char *prog)
{
Word *w;
assert(/*addrules args*/ head && body);
/* tuck away first non-meta rule as default target*/
if(target1 == 0 && !(attr®EXP)) {
for(w = head; w; w = w->next)
if(charin(w->s, "%&"))
break;
if(w == 0)
target1 = wdup(head);
}
for(w = head; w; w = w->next)
addrule(w->s, tail, body, head, attr, hline, prog);
}
void reload(GLOBAL *g, struct hostfile_module *hm)
{
FILE *fh;
QueryHandle *res;
char *query;
int i, j, k, nc=0, n=2, en=2, c=2, ec=2, ng=2, eng=2;
struct net *networks = (struct net *) malloc(sizeof(struct net));
char *nets = strdup("AND EXISTS (SELECT 1 FROM networks net "
"WHERE (%nets) "
"AND ((n.ipaddr > net.address AND n.ipaddr < broadcast(net.address, inet_aton(net.mask))) "
"OR (%pubip > net.address AND %pubip < broadcast(net.address, inet_aton(net.mask)))) "
")");
char *netnames = strdup(hm->networks);
char *netname = strdup(netnames);
char *netsql = strdup("");
char *enets = strdup("AND NOT EXISTS (SELECT 1 FROM networks net "
"WHERE (%nets) "
"AND ((n.ipaddr > net.address AND n.ipaddr < broadcast(net.address, inet_aton(net.mask))) "
"OR (%pubip > net.address AND %pubip < broadcast(net.address, inet_aton(net.mask)))) "
")");
char *enetnames = strdup(hm->excluded_networks);
char *enetname = strdup(enetnames);
char *enetsql = strdup("");
char *groups = strdup("AND EXISTS (SELECT 1 FROM customergroups g, customerassignments a "
"WHERE a.customerid = n.ownerid "
"AND g.id = a.customergroupid "
"AND (%groups)) ");
char *groupnames = strdup(hm->customergroups);
char *groupname = strdup(groupnames);
char *groupsql = strdup("");
char *egroups = strdup("AND NOT EXISTS (SELECT 1 FROM customergroups g, customerassignments a "
"WHERE a.customerid = n.ownerid "
"AND g.id = a.customergroupid "
"AND (%groups)) ");
char *egroupnames = strdup(hm->excluded_customergroups);
char *egroupname = strdup(egroupnames);
char *egroupsql = strdup("");
char *ngroups = strdup("AND EXISTS (SELECT 1 FROM nodegroups g, nodegroupassignments na "
"WHERE na.nodeid = n.id "
"AND g.id = na.nodegroupid "
"AND (%groups)) ");
char *ngroupnames = strdup(hm->nodegroups);
char *ngroupname = strdup(ngroupnames);
char *ngroupsql = strdup("");
char *engroups = strdup("AND NOT EXISTS (SELECT 1 FROM nodegroups g, nodegroupassignments na "
"WHERE na.nodeid = n.id "
"AND g.id = na.nodegroupid "
"AND (%groups)) ");
char *engroupnames = strdup(hm->excluded_nodegroups);
char *engroupname = strdup(engroupnames);
char *engroupsql = strdup("");
while( n>1 )
{
n = sscanf(netnames, "%s %[._a-zA-Z0-9- ]", netname, netnames);
if( strlen(netname) )
{
netsql = realloc(netsql, sizeof(char *) * (strlen(netsql) + strlen(netname) + 30));
if(strlen(netsql))
strcat(netsql, " OR UPPER(net.name) = UPPER('");
else
strcat(netsql, "UPPER(net.name) = UPPER('");
strcat(netsql, netname);
strcat(netsql, "')");
}
}
free(netname); free(netnames);
if(strlen(netsql))
g->str_replace(&nets, "%nets", netsql);
while( en>1 )
{
en = sscanf(enetnames, "%s %[._a-zA-Z0-9- ]", enetname, enetnames);
if( strlen(enetname) )
{
enetsql = realloc(enetsql, sizeof(char *) * (strlen(enetsql) + strlen(enetname) + 30));
if(strlen(enetsql))
strcat(enetsql, " OR UPPER(net.name) = UPPER('");
else
strcat(enetsql, "UPPER(net.name) = UPPER('");
strcat(enetsql, enetname);
strcat(enetsql, "')");
}
}
free(enetname); free(enetnames);
if(strlen(enetsql))
g->str_replace(&enets, "%nets", enetsql);
while( c>1 )
{
c = sscanf(groupnames, "%s %[._a-zA-Z0-9- ]", groupname, groupnames);
if( strlen(groupname) )
{
groupsql = realloc(groupsql, sizeof(char *) * (strlen(groupsql) + strlen(groupname) + 30));
if(strlen(groupsql))
strcat(groupsql, " OR UPPER(g.name) = UPPER('");
else
strcat(groupsql, "UPPER(g.name) = UPPER('");
strcat(groupsql, groupname);
strcat(groupsql, "')");
}
}
free(groupname); free(groupnames);
if(strlen(groupsql))
g->str_replace(&groups, "%groups", groupsql);
while( ec>1 )
{
ec = sscanf(egroupnames, "%s %[._a-zA-Z0-9- ]", egroupname, egroupnames);
if( strlen(egroupname) )
{
egroupsql = realloc(egroupsql, sizeof(char *) * (strlen(egroupsql) + strlen(egroupname) + 30));
if(strlen(egroupsql))
strcat(egroupsql, " OR UPPER(g.name) = UPPER('");
else
strcat(egroupsql, "UPPER(g.name) = UPPER('");
strcat(egroupsql, egroupname);
strcat(egroupsql, "')");
}
}
free(egroupname); free(egroupnames);
if(strlen(egroupsql))
g->str_replace(&egroups, "%groups", egroupsql);
while( ng>1 )
{
ng = sscanf(ngroupnames, "%s %[._a-zA-Z0-9- ]", ngroupname, ngroupnames);
if( strlen(ngroupname) )
{
ngroupsql = realloc(ngroupsql, sizeof(char *) * (strlen(ngroupsql) + strlen(ngroupname) + 30));
if(strlen(ngroupsql))
strcat(ngroupsql, " OR UPPER(g.name) = UPPER('");
else
strcat(ngroupsql, "UPPER(g.name) = UPPER('");
strcat(ngroupsql, ngroupname);
strcat(ngroupsql, "')");
}
}
free(ngroupname); free(ngroupnames);
if(strlen(ngroupsql))
g->str_replace(&ngroups, "%groups", ngroupsql);
while( eng>1 )
{
eng = sscanf(engroupnames, "%s %[._a-zA-Z0-9- ]", engroupname, engroupnames);
if( strlen(engroupname) )
{
engroupsql = realloc(engroupsql, sizeof(char *) * (strlen(engroupsql) + strlen(engroupname) + 30));
if(strlen(engroupsql))
strcat(engroupsql, " OR UPPER(g.name) = UPPER('");
else
strcat(engroupsql, "UPPER(g.name) = UPPER('");
strcat(engroupsql, engroupname);
strcat(engroupsql, "')");
}
}
free(engroupname); free(engroupnames);
if(strlen(engroupsql))
g->str_replace(&engroups, "%groups", engroupsql);
// all networks data
res = g->db->query(g->db->conn, "SELECT name, domain, address, inet_aton(mask) AS mask, "
"mask2prefix(inet_aton(mask)) AS prefix, dhcpstart, dhcpend, "
"interface, gateway, dns, dns2, wins FROM networks");
for(nc=0; nc<g->db->nrows(res); nc++)
{
networks = (struct net*) realloc(networks, (sizeof(struct net) * (nc+1)));
networks[nc].name = strdup(g->db->get_data(res,nc,"name"));
networks[nc].domain = strdup(g->db->get_data(res,nc,"domain"));
networks[nc].interface = strdup(g->db->get_data(res,nc,"interface"));
networks[nc].gateway = strdup(g->db->get_data(res,nc,"gateway"));
networks[nc].dns = strdup(g->db->get_data(res,nc,"dns"));
networks[nc].dns2 = strdup(g->db->get_data(res,nc,"dns2"));
networks[nc].wins = strdup(g->db->get_data(res,nc,"wins"));
networks[nc].prefix = strdup(g->db->get_data(res,nc,"prefix"));
networks[nc].dhcpstart = strdup(g->db->get_data(res,nc,"dhcpstart"));
networks[nc].dhcpend = strdup(g->db->get_data(res,nc,"dhcpend"));
networks[nc].address = inet_addr(g->db->get_data(res,nc,"address"));
networks[nc].mask = inet_addr(g->db->get_data(res,nc,"mask"));
}
g->db->free(&res);
fh = fopen(hm->file, "w");
if(fh)
{
fprintf(fh, "%s", hm->prefix);
if(hm->share_netdev_pubip && !hm->skip_dev_ips)
query = strdup(
"SELECT n.id, LOWER(n.name) AS name, n.mac, INET_NTOA(n.ipaddr) AS ip, "
"(CASE WHEN n.ipaddr_pub != 0 THEN INET_NTOA(n.ipaddr_pub) "
"ELSE INET_NTOA(COALESCE(s.ipaddr_pub, 0)) END) AS ip_pub, "
"n.port, n.passwd, n.access, n.info, n.warning, n.location, "
"%devloc AS devlocation %custcols"
"FROM %nodes n "
"LEFT JOIN (SELECT netdev, MIN(ipaddr_pub) AS ipaddr_pub "
"FROM nodes "
"WHERE ownerid = 0 AND ipaddr_pub != 0 AND netdev != 0 "
"GROUP BY netdev "
") s ON (s.netdev = n.netdev AND n.ownerid = 0) "
"%custjoin"
"%devjoin"
"WHERE %where "
"%nets %enets %groups %egroups %ngroups %engroups"
"ORDER BY ipaddr");
else
query = strdup(
"SELECT n.id, LOWER(n.name) AS name, n.mac, INET_NTOA(n.ipaddr) AS ip, "
"INET_NTOA(n.ipaddr_pub) AS ip_pub, n.passwd, n.access, n.info, n.warning, "
"n.port, n.location, %devloc AS devlocation %custcols"
"FROM %nodes n "
"%custjoin"
"%devjoin"
"WHERE %where "
"%nets %enets %groups %egroups %ngroups %engroups"
"ORDER BY ipaddr");
if(hm->skip_dev_ips)
g->str_replace(&query, "%where", "n.ownerid > 0");
else if(hm->skip_host_ips)
g->str_replace(&query, "%where", "n.ownerid = 0");
else
g->str_replace(&query, "%where", "1 = 1");
g->str_replace(&query, "%nodes", hm->multi_mac ? "vmacs" : "vnodes");
g->str_replace(&query, "%nets", strlen(netsql) ? nets : "");
g->str_replace(&query, "%enets", strlen(enetsql) ? enets : "");
g->str_replace(&query, "%groups", strlen(groupsql) ? groups : "");
g->str_replace(&query, "%egroups", strlen(egroupsql) ? egroups : "");
g->str_replace(&query, "%ngroups", strlen(ngroupsql) ? ngroups : "");
g->str_replace(&query, "%engroups", strlen(engroupsql) ? engroups : "");
g->str_replace(&query, "%custjoin", hm->join_customers ?
"LEFT JOIN customers c ON (c.id = n.ownerid) " : "");
g->str_replace(&query, "%devjoin", hm->join_devices ?
"LEFT JOIN netdevices d ON (d.id = n.netdev) LEFT JOIN vaddresses va ON va.id = d.address_id " : "");
g->str_replace(&query, "%devloc", hm->join_devices ? "va.location" : "''");
g->str_replace(&query, "%custcols", hm->join_customers ?
", c.id AS cid, TRIM(%cfullname) AS customer " : "");
char * cfullname = g->db->concat(3, "UPPER(c.lastname)", "' '", "c.name");
g->str_replace(&query, "%cfullname", cfullname);
free(cfullname);
g->str_replace(&query, "%pubip", hm->share_netdev_pubip && !hm->skip_dev_ips ?
"(CASE WHEN n.ipaddr_pub != 0 THEN n.ipaddr_pub "
"ELSE COALESCE(s.ipaddr_pub, 0) END)" : "n.ipaddr_pub");
res = g->db->query(g->db->conn, query);
for(i=0; i<g->db->nrows(res); i++)
{
unsigned long inet, inet_pub;
struct host h;
char *pattern, *mac;
h.ip = g->db->get_data(res,i,"ip");
h.ip_pub = g->db->get_data(res,i,"ip_pub");
inet = inet_addr(h.ip);
inet_pub = inet_addr(h.ip_pub);
// networks
for(j=0; j<nc; j++)
if(networks[j].address == (inet & networks[j].mask))
break;
h.net = networks[j];
// initialize pubnet, we'll overwrite it if node has public IP
h.pubnet = networks[j];
if(inet_pub)
{
for(k=0; k<nc; k++)
if(networks[k].address == (inet_pub & networks[k].mask))
{
h.pubnet = networks[k];
break;
}
}
h.access = g->db->get_data(res,i,"access");
h.warning = g->db->get_data(res,i,"warning");
h.name = g->db->get_data(res,i,"name");
h.info = g->db->get_data(res,i,"info");
h.passwd = g->db->get_data(res,i,"passwd");
h.id = g->db->get_data(res,i,"id");
h.macs = g->db->get_data(res,i,"mac");
h.port = g->db->get_data(res,i,"port");
h.location = g->db->get_data(res,i,"location");
h.devlocation = g->db->get_data(res,i,"devlocation");
h.customer = hm->join_customers ? g->db->get_data(res,i,"customer") : "";
h.cid = hm->join_customers ? g->db->get_data(res,i,"cid") : "0";
// IP's last octet in hex
h.i16 = strdup(itoha((ntohl(inet) & 0xff)));
h.i16_pub = strdup(inet_pub ? itoha((ntohl(inet_pub) & 0xff)) : "");
// get first mac from the list
mac = strdup(h.macs);
if (!hm->multi_mac) {
mac = strtok(mac, ",");
}
h.mac = mac;
// parse rules
addrule(g, fh, hm->host_prefix, h);
if(*h.access == '1')
pattern = inet_pub && hm->pub_replace ? hm->grant_pub : hm->grant;
else
pattern = inet_pub && hm->pub_replace ? hm->deny_pub : hm->deny;
if(*h.warning == '1' && hm->warn_replace)
pattern = inet_pub ? hm->warn_pub : hm->warn;
addrule(g, fh, pattern, h);
if(!hm->warn_replace && *h.warning == '1' && (!hm->pub_replace || !inet_pub))
{
addrule(g, fh, hm->warn, h);
}
if(!hm->pub_replace && inet_pub)
{
pattern = *h.access == '1' ? hm->grant_pub : hm->deny_pub;
if(*h.warning == '1' && hm->warn_replace)
pattern = hm->warn_pub;
addrule(g, fh, pattern, h);
}
if(!hm->warn_replace && *h.warning == '1' && inet_pub)
{
addrule(g, fh, hm->warn_pub, h);
}
addrule(g, fh, hm->host_append, h);
free(mac);
free(h.i16);
free(h.i16_pub);
}
fprintf(fh, "%s", hm->append);
g->db->free(&res);
free(query);
fclose(fh);
system(hm->command);
#ifdef DEBUG1
syslog(LOG_INFO,"DEBUG: [%s/hostfile] reloaded",hm->base.instance);
#endif
}
else
syslog(LOG_ERR, "[%s/hostfile] Unable to write a temporary file '%s'", hm->base.instance, hm->file);
for(i=0;i<nc;i++)
{
free(networks[i].name);
free(networks[i].domain);
free(networks[i].interface);
free(networks[i].gateway);
free(networks[i].dns);
free(networks[i].dns2);
free(networks[i].wins);
free(networks[i].prefix);
free(networks[i].dhcpstart);
free(networks[i].dhcpend);
}
free(networks);
free(nets);
free(groups);
free(ngroups);
free(enets);
free(egroups);
free(engroups);
free(netsql);
free(groupsql);
free(ngroupsql);
free(enetsql);
free(egroupsql);
free(engroupsql);
free(hm->prefix);
free(hm->append);
free(hm->host_prefix);
free(hm->host_append);
free(hm->grant);
free(hm->deny);
free(hm->warn);
free(hm->warn_pub);
free(hm->grant_pub);
free(hm->deny_pub);
free(hm->file);
free(hm->command);
free(hm->networks);
free(hm->customergroups);
free(hm->nodegroups);
free(hm->excluded_networks);
free(hm->excluded_nodegroups);
free(hm->excluded_customergroups);
}
int netsize()
/*
**--------------------------------------------------------------
** Input: none
** Output: returns error code
** Purpose: determines number of system components
**--------------------------------------------------------------
*/
{
char line[MAXLINE+1]; /* Line from input data file */
char *tok; /* First token of line */
int sect,newsect; /* Input data sections */
int errcode = 0; /* Error code */
/* Initialize network component counts */
MaxJuncs = 0;
MaxTanks = 0;
MaxPipes = 0;
MaxPumps = 0;
MaxValves = 0;
MaxControls = 0;
MaxRules = 0;
MaxCurves = 0;
sect = -1;
/* Add a default pattern 0 */
MaxPats = -1;
addpattern("");
/* Make pass through data file counting number of each component */
while (fgets(line,MAXLINE,InFile) != NULL)
{
/* Skip blank lines & those beginning with a comment */
tok = strtok(line,SEPSTR);
if (tok == NULL) continue;
if (*tok == ';') continue;
/* Check if line begins with a new section heading */
if (*tok == '[')
{
newsect = findmatch(tok,SectTxt);
if (newsect >= 0)
{
sect = newsect;
if (sect == _END) break;
continue;
}
else continue;
}
/* Add to count of current component */
switch(sect)
{
case _JUNCTIONS: MaxJuncs++; break;
case _RESERVOIRS:
case _TANKS: MaxTanks++; break;
case _PIPES: MaxPipes++; break;
case _PUMPS: MaxPumps++; break;
case _VALVES: MaxValves++; break;
case _CONTROLS: MaxControls++; break;
case _RULES: addrule(tok); break; /* See RULES.C */
case _PATTERNS: errcode = addpattern(tok);
break;
case _CURVES: errcode = addcurve(tok);
break;
}
if (errcode) break;
}
MaxNodes = MaxJuncs + MaxTanks;
MaxLinks = MaxPipes + MaxPumps + MaxValves;
if (MaxPats < 1) MaxPats = 1;
if (!errcode)
{
if (MaxJuncs < 1) errcode = 223; /* Not enough nodes */
else if (MaxTanks == 0) errcode = 224; /* No tanks */
}
return(errcode);
} /* End of netsize */
/**********************************************************************
* %FUNCTION: PPPOEConnectDevice
* %ARGUMENTS:
* None
* %RETURNS:
* Non-negative if all goes well; -1 otherwise
* %DESCRIPTION:
* Connects PPPoE device.
***********************************************************************/
static int
PPPOEConnectDevice(void)
{
struct sockaddr_pppox sp;
static int qosidx=6410;
strlcpy(ppp_devnam, devnam, sizeof(ppp_devnam));
if (existingSession) {
unsigned int mac[ETH_ALEN];
int i, ses;
if (sscanf(existingSession, "%d:%x:%x:%x:%x:%x:%x",
&ses, &mac[0], &mac[1], &mac[2],
&mac[3], &mac[4], &mac[5]) != 7) {
fatal("Illegal value for rp_pppoe_sess option");
}
conn->session = htons(ses);
for (i=0; i<ETH_ALEN; i++) {
conn->peerEth[i] = (unsigned char) mac[i];
}
} else {
discovery(conn);
if (conn->discoveryState != STATE_SESSION) {
error("Unable to complete PPPoE Discovery");
return -1;
}
}
/* Set PPPoE session-number for further consumption */
ppp_session_number = ntohs(conn->session);
/* Make the session socket */
conn->sessionSocket = socket(AF_PPPOX, SOCK_STREAM, PX_PROTO_OE);
if (conn->sessionSocket < 0) {
error("Failed to create PPPoE socket: %m");
goto errout;
}
sp.sa_family = AF_PPPOX;
sp.sa_protocol = PX_PROTO_OE;
sp.sa_addr.pppoe.sid = conn->session;
memcpy(sp.sa_addr.pppoe.dev, conn->ifName, IFNAMSIZ);
memcpy(sp.sa_addr.pppoe.remote, conn->peerEth, ETH_ALEN);
/* Set remote_number for ServPoET */
sprintf(remote_number, "%02X:%02X:%02X:%02X:%02X:%02X",
(unsigned) conn->peerEth[0],
(unsigned) conn->peerEth[1],
(unsigned) conn->peerEth[2],
(unsigned) conn->peerEth[3],
(unsigned) conn->peerEth[4],
(unsigned) conn->peerEth[5]);
warn("Connected to %02X:%02X:%02X:%02X:%02X:%02X via interface %s",
(unsigned) conn->peerEth[0],
(unsigned) conn->peerEth[1],
(unsigned) conn->peerEth[2],
(unsigned) conn->peerEth[3],
(unsigned) conn->peerEth[4],
(unsigned) conn->peerEth[5],
conn->ifName);
script_setenv("MACREMOTE", remote_number, 0);
if (connect(conn->sessionSocket, (struct sockaddr *) &sp,
sizeof(struct sockaddr_pppox)) < 0) {
fatal("Failed to connect PPPoE socket: %d %m", errno);
close(conn->sessionSocket);
goto errout;
}
#ifdef HAVE_AQOS
if (bandwidthup!=0 && bandwidthdown!=0)
{
char uplevel[64];
char downlevel[64];
char mac[64];
sprintf(mac, MACSTR, MAC2STR(conn->myEth));
sprintf(uplevel,"%d",bandwidthup/1000);
sprintf(downlevel,"%d",bandwidthdown/1000);
fprintf(stderr,"use bandwidth down value to %d\n",bandwidthdown);
fprintf(stderr,"use bandwidth up value to %d\n",bandwidthdown);
int ret = addrule(mac,uplevel,downlevel);
if (!ret)
{
qosidx+=10;
if (qosidx>8190)
qosidx=0;
add_usermac(mac, qosidx, uplevel,downlevel,"0" );
}else if (ret>1)
{
system("startstop_f wshaper");
}
}
#endif
return conn->sessionSocket;
errout:
if (conn->discoverySocket >= 0) {
sendPADT(conn, NULL);
close(conn->discoverySocket);
conn->discoverySocket = -1;
}
return -1;
}
