int is_allowed(const char * url) { if (is_allowed_user(getuid())) return 1; if (is_ipv4_addr(url)) return 1; if (is_ipv6_addr(url)) return 1; if (is_allowed_url(url)) return 1; log_blocked(url); return 0; }
int parse_ipc_conf() { char ipc_path[128] = {0}; FILE *fp; char line[1024]; char *p; char **toks; int num_toks; strncpy(ipc_path, pv.conf_path, 128); strcat(ipc_path, "/sft_ipc.conf"); if ((fp = fopen(ipc_path, "rb")) == NULL) { E("-------open log config file [%s] fail.\n", pv.conf_path); return -1; } while(fgets(line, 1024, fp)) { if (*line == '#') continue; toks = mSplit(line, "=", 2, &num_toks, 0); if(unlikely(num_toks != 2)) goto free_toks; _strim(toks[0]); trim_specific(toks[1], "\""); printf("[%s]--[%s]\n",toks[0], toks[1]); if (strncmp(toks[0], "remote_server", strlen("remote_server")) == 0 && is_ipv4_addr(toks[1])) { pv.peer_ip = strdup(toks[1]); } else if (strncmp(toks[0], "remote_port", strlen("remote_port")) == 0 && atoi(toks[1]) > 0) { pv.peer_port = (uint16_t) atoi(toks[1]); } free_toks: memset(line, 0x00, 1024); mSplitFree(&toks, num_toks); } fclose(fp); printf("peer addr is %s:%u\n",pv.peer_ip, pv.peer_port); return 0; }
int parse_log_conf() { char syslog_path[128] = {0}; FILE *fp; char line[1024]; char *remote_server = NULL; uint16_t remote_port = 0; char *p; char **toks; int num_toks; strncpy(syslog_path, pv.conf_path, 128); strcat(syslog_path, "/sft_syslog.conf"); if ((fp = fopen(syslog_path, "rb")) == NULL) { E("-------open log config file [%s] fail.\n", pv.conf_path); return -1; } while(fgets(line, 1024, fp)) { if (*line == '#') continue; toks = mSplit(line, "=", 2, &num_toks, 0); if(unlikely(num_toks != 2)) goto free_toks; _strim(toks[0]); trim_specific(toks[1], "\""); printf("[%s]--[%s]\n",toks[0], toks[1]); if (strncmp(toks[0], "enableSYSLOG", strlen("enableSYSLOG")) == 0) { if (strncmp(toks[1], "1", 1) == 0) { pv.urlog = 1; pv.qqlog = 1; D("syslog is enabled!\n"); } else { pv.urlog = 0; pv.qqlog = 0; D("syslog is disabled!\n"); } } else if (strncmp(toks[0], "remote_server", strlen("remote_server")) == 0 && is_ipv4_addr(toks[1])) { remote_server = strdup(toks[1]); } else if (strncmp(toks[0], "remote_port", strlen("remote_port")) == 0 && atoi(toks[1]) > 0) { remote_port = (uint16_t) atoi(toks[1]); } free_toks: memset(line, 0x00, 1024); mSplitFree(&toks, num_toks); } fclose(fp); printf("peer addr is %s:%u\n",remote_server, remote_port); if (pv.urlog && pv.qqlog && remote_server && remote_port) { if (pv.syslog_sd) close(pv.syslog_sd); pv.syslog_sd = socket(PF_INET, SOCK_DGRAM, 0); if (pv.syslog_sd<0) { perror("socket()"); exit(1); } pv.syslog_peer_addr.sin_family = AF_INET; pv.syslog_peer_addr.sin_port = htons(remote_port); inet_pton(AF_INET, remote_server, &pv.syslog_peer_addr.sin_addr); D("connect remote syslog server\n"); } return 0; }
static int salist_cmd_parse(struct sa_open_data *od, char *cmd, gfp_t gfp) { char *a1 = NULL, *a2 = NULL; char *sep; char sc; int n = 32; /* Case 3: Append an item */ /* Check IP description part: network segment or range? */ if ((sep = strchr(cmd, '/'))) { } else if ((sep = strchr(cmd, '-'))) { } else if ((sep = strchr(cmd, ':'))) { } if (sep) { /* Describes a subnet or range. */ sc = *sep; *sep = '\0'; a1 = cmd; a2 = sep + 1; if (*a2 == '\0') { fprintf(stderr, "Nothing after '%c'.\n", sc); return -EINVAL; } } else { /* Describes a single IP. */ sc = '\0'; a1 = cmd; } switch (sc) { case '/': /* 10.10.20.0/24 */ /* ------------------------------------ */ if (is_ipv4_addr(a2)) { ipv4_list_add_netmask(od, ipv4_stohl(a1), ipv4_stohl(a2), gfp); } else { sscanf(a2, "%d", &n); ipv4_list_add_net(od, ipv4_stohl(a1), n, gfp); } /* ------------------------------------ */ break; case ':': case '-': /* 10.10.20.0-10.20.0.255 */ /* ------------------------------------ */ ipv4_list_add_range(od, ipv4_stohl(a1), ipv4_stohl(a2), gfp); /* ------------------------------------ */ break; default: if (is_ipv4_addr(a1)) { /* Single IP address. */ u32 ip = ipv4_stohl(a1); /* ------------------------------------ */ ipv4_list_add_range(od, ip, ip, gfp); /* ------------------------------------ */ } else { fprintf(stderr, "Invalid IP address '%s'.\n", a1); return -EINVAL; } break; } return 0; }