void
GetInterfaceInfo(void)
{
int fd, len, i, j;
struct ifreq ifbuf[512], ifr, *ifp;
struct ifconf list;
struct sockaddr_in *sin;
struct hostent *hp;
char *sp;
char ip[CF_MAXVARSIZE];
char name[CF_MAXVARSIZE];
Debug("GetInterfaceInfo()\n");
if ((fd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) {
CfLog(cferror, "Couldn't open socket", "socket");
exit(1);
}
list.ifc_len = sizeof(ifbuf);
list.ifc_req = ifbuf;
#ifdef SIOCGIFCONF
if (ioctl(fd, SIOCGIFCONF, &list) == -1 ||
(list.ifc_len < (sizeof(struct ifreq))))
#else
if (ioctl(fd, OSIOCGIFCONF, &list) == -1 ||
(list.ifc_len < (sizeof(struct ifreq))))
#endif
{
CfLog(cferror, "Couldn't get interfaces", "ioctl");
exit(1);
}
for (j = 0, len = 0, ifp = list.ifc_req; len < list.ifc_len;
len+=SIZEOF_IFREQ(*ifp), j++, ifp=&ifbuf[j]) {
if (ifp->ifr_addr.sa_family == 0) {
continue;
}
Verbose("Interface %d: %s\n", j+1, ifp->ifr_name);
if(g_underscore_classes) {
snprintf(g_vbuff, CF_BUFSIZE, "_net_iface_%s",
CanonifyName(ifp->ifr_name));
} else {
snprintf(g_vbuff, CF_BUFSIZE, "net_iface_%s",
CanonifyName(ifp->ifr_name));
}
AddClassToHeap(g_vbuff);
if (ifp->ifr_addr.sa_family == AF_INET) {
strncpy(ifr.ifr_name, ifp->ifr_name, sizeof(ifp->ifr_name));
if (ioctl(fd,SIOCGIFFLAGS,&ifr) == -1) {
CfLog(cferror, "No such network device", "ioctl");
close(fd);
return;
}
/*
* Used to check if interface was "up" if ((ifr.ifr_flags &
* IFF_UP) && !(ifr.ifr_flags & IFF_LOOPBACK)) Now check
* whether it is configured ...
*/
if ((ifr.ifr_flags & IFF_BROADCAST) &&
!(ifr.ifr_flags & IFF_LOOPBACK)) {
sin=(struct sockaddr_in *)&ifp->ifr_addr;
snprintf(name, CF_MAXVARSIZE-1, "ipv4[%s]",
CanonifyName(ifp->ifr_name));
AddMacroValue(g_contextid, name,
inet_ntoa(sin->sin_addr));
if ((hp = gethostbyaddr((char *)&(sin->sin_addr.s_addr),
sizeof(sin->sin_addr.s_addr), AF_INET)) == NULL) {
Debug("Host information for %s not found\n",
inet_ntoa(sin->sin_addr));
} else {
if (hp->h_name != NULL) {
Debug("Adding hostip %s..\n",
inet_ntoa(sin->sin_addr));
AddClassToHeap(CanonifyName(inet_ntoa(sin->sin_addr)));
Debug("Adding hostname %s..\n", hp->h_name);
AddClassToHeap(CanonifyName(hp->h_name));
for (i=0; hp->h_aliases[i] != NULL; i++) {
Debug("Adding alias %s..\n", hp->h_aliases[i]);
AddClassToHeap(CanonifyName(hp->h_aliases[i]));
}
/* Old style compat */
strcpy(ip,inet_ntoa(sin->sin_addr));
AppendItem(&g_ipaddresses, ip, "");
for (sp = ip+strlen(ip)-1; *sp != '.'; sp--) { }
*sp = '\0';
AddClassToHeap(CanonifyName(ip));
/* New style */
strcpy(ip, "ipv4_");
strcat(ip, inet_ntoa(sin->sin_addr));
AddClassToHeap(CanonifyName(ip));
for (sp = ip+strlen(ip)-1; (sp > ip); sp--) {
if (*sp == '.') {
*sp = '\0';
AddClassToHeap(CanonifyName(ip));
}
}
}
}
}
}
ifp = (struct ifreq *)((char *)ifp + SIZEOF_IFREQ(*ifp));
}
close(fd);
}
int CheckForModule(char *actiontxt,char *args)
{ struct stat statbuf;
char line[CF_BUFSIZE],command[CF_EXPANDSIZE],name[CF_MAXVARSIZE],content[CF_BUFSIZE],ebuff[CF_EXPANDSIZE],*sp;
FILE *pp;
int print;
if (NOMODULES)
{
return false;
}
if (*actiontxt == '/')
{
snprintf(OUTPUT,CF_BUFSIZE,"Absolute module path (%s) should be named relative to the authorized module directory",actiontxt);
CfLog(cferror,OUTPUT,"");
}
if (GetMacroValue(CONTEXTID,"moduledirectory"))
{
ExpandVarstring("$(moduledirectory)",ebuff,NULL);
}
else
{
snprintf(ebuff,CF_BUFSIZE,"%s/modules",VLOCKDIR);
}
AddSlash(ebuff);
strcat(ebuff,actiontxt);
if (stat(ebuff,&statbuf) == -1)
{
snprintf(OUTPUT,CF_BUFSIZE*2,"(Plug-in %s not found)",ebuff);
Banner(OUTPUT);
return false;
}
if ((statbuf.st_uid != 0) && (statbuf.st_uid != getuid()))
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Module %s was not owned by uid=%d executing cfagent\n",ebuff,getuid());
CfLog(cferror,OUTPUT,"");
return false;
}
snprintf(OUTPUT,CF_BUFSIZE*2,"Plug-in `%s\'",actiontxt);
Banner(OUTPUT);
strcat(ebuff," ");
if (BufferOverflow(ebuff,args))
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Culprit: class list for module (shouldn't happen)\n" );
CfLog(cferror,OUTPUT,"");
return false;
}
strcat(ebuff,args);
ExpandVarstring(ebuff,command,NULL);
Verbose("Exec module [%s]\n",command);
if ((pp = cfpopen(command,"r")) == NULL)
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Couldn't open pipe from %s\n",actiontxt);
CfLog(cferror,OUTPUT,"cfpopen");
return false;
}
while (!feof(pp))
{
if (ferror(pp)) /* abortable */
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Shell command pipe %s\n",actiontxt);
CfLog(cferror,OUTPUT,"ferror");
break;
}
ReadLine(line,CF_BUFSIZE,pp);
if (strlen(line) > CF_BUFSIZE - 80)
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Line from module %s is too long to be sensible\n",actiontxt);
CfLog(cferror,OUTPUT,"");
break;
}
if (ferror(pp)) /* abortable */
{
snprintf(OUTPUT,CF_BUFSIZE*2,"Shell command pipe %s\n",actiontxt);
CfLog(cferror,OUTPUT,"ferror");
break;
}
print = false;
for (sp = line; *sp != '\0'; sp++)
{
if (! isspace((int)*sp))
{
print = true;
break;
}
}
switch (*line)
{
case '+':
Verbose("Activated classes: %s\n",line+1);
CheckClass(line+1,command);
AddMultipleClasses(line+1);
break;
case '-':
Verbose("Deactivated classes: %s\n",line+1);
CheckClass(line+1,command);
NegateCompoundClass(line+1,&VNEGHEAP);
break;
case '=':
content[0] = '\0';
sscanf(line+1,"%[^=]=%[^\n]",name,content);
Verbose("Defined Macro: %s, Value: %s\n",name,content);
AddMacroValue(CONTEXTID,name,content);
break;
default:
if (print)
{
snprintf(OUTPUT,CF_BUFSIZE,"%s: %s\n",actiontxt,line);
CfLog(cferror,OUTPUT,"");
}
}
}
cfpclose(pp);
return true;
}
