Exemple #1
0
extern void #MARK_init(void);
void init_extensions(void) {
	ah_init();
	addrtype_init();
	comment_init();
	2connmark_init();
	conntrack_init();
	2dscp_init();
	2ecn_init();
	esp_init();
	hashlimit_init();
	helper_init();
	icmp_init();
	iprange_init();
	length_init();
	limit_init();
	mac_init();
	multiport_init();
	#2mark_init();
	owner_init();
	physdev_init();
	pkttype_init();
	policy_init();
	realm_init();
	sctp_init();
	standard_init();
	state_init();
	tcp_init();
	2tcpmss_init();
	2tos_init();
	2ttl_init();
	udp_init();
	unclean_init();
	CLASSIFY_init();
	CONNMARK_init();
	DNAT_init();
	LOG_init();
	#DSCP_init();
	ECN_init();
	MASQUERADE_init();
	MIRROR_init();
	NETMAP_init();
	NFQUEUE_init();
	NOTRACK_init();
	REDIRECT_init();
	REJECT_init();
	#MARK_init();
}
Exemple #2
0
int main(int argc, char *argv[])
{
    int ret, i, cpu = 0, level;
    pid_t pid;
    char buf1[128], buf2[128], buf[8192];

    // argument parse
    if(argc != 2){
        USAGE();
        exit(-1);
    }

    if(!strcmp(argv[1], "-h")){
        USAGE();
        exit(0);
    }

    // config file parse
    if( (ret = conf_init(argv[1])) < 0 ){
        log(g_log, "conf[%s] init error\n", argv[1]);
        exit(-1);
    } else {
        log(g_log, "conf[%s] init success\n", argv[1]);
    }

    // log init
    if(!strncmp(g_global_conf.log_level, "log", 3)){
        level = LOG_LEVEL_LOG;
    } else if(!strncmp(g_global_conf.log_level, "debug", 5)){
        level = LOG_LEVEL_DEBUG;
    } else if(!strncmp(g_global_conf.log_level, "info", 4)){
        level = LOG_LEVEL_INFO;
    } else if(!strncmp(g_global_conf.log_level, "none", 4)){
        level = LOG_NONE;
    } else {
        log(g_log, "log_level[%s] unknown\n", g_global_conf.log_level);
        exit(-1);
    }

    if( (g_log = log_init(g_global_conf.log_path, level)) == NULL ){
        log(g_log, "log[%s] init error\n", g_global_conf.log_path);
        exit(-1);
    }

    // signal init
    if( (signal_init()) < 0 ){
        log(g_log, "signal init error\n");
        exit(-1);
    } else {
        log(g_log, "signal init success\n");
    }

    // timer init
    if( (timer_init()) < 0 ){
        log(g_log, "timer init error\n");
        exit(-1);
    } else {
        log(g_log, "timer init success\n");
    }

    // conneciont init
    if( (ret = connection_init(g_global_conf.max_connections)) < 0 ){
        log(g_log, "connection init error\n");
        exit(-1);
    } else {
        log(g_log, "connection init success\n");
    }

    // ipfilter init
    ret = ipfilter_conf_init(g_filter_conf.ipfilter_cycle1, g_filter_conf.ipfilter_cycle2, \
                        g_filter_conf.ipfilter_threshold1, g_filter_conf.ipfilter_threshold2, \
                        g_filter_conf.ipfilter_time1, g_filter_conf.ipfilter_time2);
    if(ret < 0){
        log(g_log, "ipfilter init error\n");
    } else {
        log(g_log, "ipfilter init success\n");
    }    

    // cookiefilter init
    ret = cookiefilter_conf_init(g_filter_conf.cookiefilter_cycle1, g_filter_conf.cookiefilter_cycle2, \
                        g_filter_conf.cookiefilter_threshold1, g_filter_conf.cookiefilter_threshold2, \
                        g_filter_conf.cookiefilter_time1, g_filter_conf.cookiefilter_time2);
    if(ret < 0){
        log(g_log, "cookiefilter init error\n");
    } else {
        log(g_log, "cookiefilter init success\n");
    }    

    // ippool & ipentry init
    if( (ret = ip_pool_init(g_global_conf.max_connections)) < 0 ){
        log(g_log, "ip pool init error\n");
        exit(-1);
    } else {
        log(g_log, "ip pool init success\n");
    }

    // cookie pool init
    if( (ret = cookie_pool_init(1000000)) < 0 ){
        log(g_log, "cookie pool init error\n");
        exit(-1);
    } else {
        log(g_log, "cookie pool init success\n");
    }

    // whitelist init
    if( (g_whitelist = iprange_init(g_filter_conf.whitelist, 1024)) == NULL ){
        log(g_log, "whitelist[%s] init error\n", g_filter_conf.whitelist);
        exit(-1);
    } else {
        log(g_log, "whitelist[%s] init success\n", g_filter_conf.whitelist);
    }

    // blacklist init
    if( (g_blacklist = iprange_init(g_filter_conf.blacklist, 1024)) == NULL ){
        log(g_log, "blacklist[%s] init error\n", g_filter_conf.blacklist);
        exit(-1);
    } else {
        log(g_log, "blacklist[%s] init success\n", g_filter_conf.blacklist);
    }

    // mempool init
    if( (ret = mempool_init(g_global_conf.buffer_size, g_global_conf.max_buffer)) < 0 ){
        log(g_log, "mempool init error\n");
        exit(-1);
    } else {
        log(g_log, "mempool init success\n");
    }

    log(g_log, "all init success\n");

    // make listen
    while(1){
        g_listenfd = make_listen_nonblock(g_global_conf.listen_addr, g_global_conf.listen_port);
        if(g_listenfd < 0){
            log(g_log, "make listen socket error\n");
        } else {
            log(g_log, "make listen socket success %s:%s\n", \
                                g_global_conf.listen_addr, g_global_conf.listen_port);
            break;
        }

        sleep(5);
    }

    if(g_global_conf.daemon){
        daemon(1, 0);
    }

    // fork children
    for(i = 0; i < g_global_conf.workers ; i++){
        if( (pid = fork()) < 0 ){
            log(g_log, "fork error: %s\n", strerror(errno));
            exit(-1);
        } else if(pid > 0) {
            if(g_global_conf.cpu_attach == 1){
                if(cpu_attach(pid, cpu++) == 0){
                    log(g_log, "cpu attach success\n");
                }
            }
            continue;
        } else {
            work();
            exit(-1);
        }
    }

    while(1){
        sleep(5);

        // reopen to release log file when deleted
        log_deinit(g_log);
        if( (g_log = log_init(g_global_conf.log_path, level)) == NULL ){
            log(g_log, "log init error\n");
        }

        pid = waitpid(-1, NULL, WNOHANG);

        if(pid > 0){
            log(g_log, "process[%d] exit, restart again\n", pid);

            while( (pid = fork()) == -1 ){
                log(g_log, "fork error: %s\n", strerror(errno));
                sleep(5);
            }

            if(pid > 0){
                log(g_log, "fork success\n");
                continue;
            } else {
                log(g_log, "goto work\n");
                work();
                exit(-1);
            }
        } else if(pid < 0) {
            log(g_log, "wait error: %s\n", strerror(errno));
        } else {
        }
    }

    return 0;
}