Exemple #1
0
int garden_check(pass_through *ptlist, uint32_t *pcnt,
		 pass_through **pt_match,
		 struct pkt_ipphdr_t *ipph, int dst
#ifdef HAVE_PATRICIA
		 , patricia_tree_t *ptree
#endif
		 ) {
  uint32_t ptcnt = *pcnt;
  pass_through *pt;
  int i;

  for (i = 0; i < ptcnt; i++) {
    pt = &ptlist[i];
    if (pt->proto == 0 || ipph->protocol == pt->proto)
      if (pt->host.s_addr == 0 ||
	  pt->host.s_addr ==
	  ((dst ? ipph->daddr : ipph->saddr) & pt->mask.s_addr))
	if (pt->port == 0 ||
	    ((ipph->protocol == PKT_IP_PROTO_TCP ||
	      ipph->protocol == PKT_IP_PROTO_UDP) &&
	     (dst ? ipph->dport : ipph->sport) == htons(pt->port))) {
	  if (pt_match) *pt_match = pt;
#ifdef ENABLE_GARDENEXT
	  if (pt->expiry && pt->expiry < mainclock_now()) {
	    return -1;
	  }
#endif
	  return 1;
	}
  }

  return 0;
}
Exemple #2
0
void garden_print_list(int fd, pass_through *ptlist, int ptcnt) {
  char mask[32];
  char line[512];
  pass_through *pt;
  int i;

  for (i = 0; i < ptcnt; i++) {
    pt = &ptlist[i];

    strlcpy(mask, inet_ntoa(pt->mask), sizeof(mask));

    safe_snprintf(line, sizeof(line),
		  "host=%-16s mask=%-16s proto=%-3d port=%-3d"
#ifdef ENABLE_GARDENEXT
		  " expiry=%-3d"
#endif
		  "\n",
		  inet_ntoa(pt->host), mask,
		  pt->proto, pt->port
#ifdef ENABLE_GARDENEXT
		  , pt->expiry ? pt->expiry - mainclock_now() : 0
#endif
		  );

    if (!safe_write(fd, line, strlen(line))) /* error */
      ;
  }
}
Exemple #3
0
 *
 */

#include "chilli.h"

/*#define _DEBUG_PRINT_ 1*/

const unsigned int IPPOOL_STATSIZE = 0x10000;

int ippool_print(int fd, struct ippool_t *this) {
  int n;
  char line[1024];
  char useLine[16];
  char peerLine[128];

  time_t now = mainclock_now();

  char * sep = "-- %-15s ------------------------------------------------------------\n";

#define ERR 0
#define USED 1
#define FREE 2
#define LIST 3
  int dyn[4] = { 0, 0, 0, 0};
  int stat[4] = { 0, 0, 0, 0};

  snprintf(line, sizeof(line),
		"DHCP lease time %d sec, grace period %d sec\n"
		"First available dynamic %d Last %d\n"
		"First available static %d Last %d\n"
		"List size %d\n",
Exemple #4
0
int pass_throughs_from_string(pass_through *ptlist, uint32_t ptlen,
			      uint32_t *ptcnt, char *s,
			      char is_dyn, char is_rem
#ifdef HAVE_PATRICIA
			      , patricia_tree_t *ptree
#endif
			      ) {
  struct hostent *host;
  pass_through pt;
  char *t, *p1 = NULL, *p2 = NULL;
  char *p3;

  if (!s || strlen(s) == 0)
    return 0;

  p3 = malloc(strlen(s)+1);
  strcpy(p3, s);
  p1 = p3;

  if (_options.debug)
    syslog(LOG_DEBUG, "Uamallowed [%s]", s);

  for ( ; p1; p1 = p2) {

    /* save the next entry position */
    if ((p2 = strchr(p1, ','))) { *p2=0; p2++; }

    /* clear the pass-through entry in case we partitially filled it already */
    memset(&pt, 0, sizeof(pass_through));

    /* eat whitespace */
    while (isspace((int) *p1)) p1++;

    /* look for specific protocols */
    if ((t = strchr(p1, ':'))) {
      int pnum = 0;

      *t = 0;

#ifdef HAVE_GETPROTOENT
      if (1) {
	struct protoent *proto = getprotobyname(p1);

	if (!proto && !strchr(p1, '.'))
	  proto = getprotobynumber(atoi(p1));

	if (proto)
	  pnum = proto->p_proto;
      }
#else
      if      (!strcmp(p1,"tcp"))  { pnum = 6;  }
      else if (!strcmp(p1,"udp"))  { pnum = 17; }
      else if (!strcmp(p1,"icmp")) { pnum = 1;  }
#endif

      if (pnum > 0) {
	/* if a protocol, skip ahead */
	pt.proto = pnum;
	p1 = t + 1;
      } else {
	/* if not a protocol, put the ':' back */
	*t = ':';
      }
    }

#ifdef ENABLE_GARDENEXT
    {
      char *e = strchr(p1, '#');
      if (e) {
	int add = atoi(e+1);
	pt.expiry = mainclock_now() + add;
	*e = 0;
      }
    }
#endif

    /* look for an optional port */
    if ((t = strchr(p1, ':'))) {
      pt.port = atoi(t+1);
      *t = 0;
    }

    if (strchr(p1, '/')) {	/* parse a network address */
      if (option_aton(&pt.host, &pt.mask, p1, 0)) {
	syslog(LOG_ERR, "Invalid uamallowed network address or mask %s!", s);
	continue;
      }
      if (is_rem) {
	if (pass_through_rem(ptlist, ptcnt, &pt
#ifdef HAVE_PATRICIA
			     , ptree
#endif
			     ))
	  syslog(LOG_ERR, "Too many pass-throughs! skipped %s", s);
      } else {
	if (pass_through_add(ptlist, ptlen, ptcnt, &pt, is_dyn
#ifdef HAVE_PATRICIA
			     , ptree
#endif
			     ))
	  syslog(LOG_ERR, "Too many pass-throughs! skipped %s", s);
      }
    }
    else {	/* otherwise, parse a host ip or hostname */
      int j = 0;
      pt.mask.s_addr = 0xffffffff;

      if (!(host = gethostbyname(p1))) {
	syslog(LOG_ERR, "%s: Invalid uamallowed domain or address: %s!", strerror(errno), p1);
	continue;
      }

      while (host->h_addr_list[j] != NULL) {
	pt.host = *((struct in_addr *) host->h_addr_list[j++]);
	if (is_rem) {
	  if (pass_through_rem(ptlist, ptcnt, &pt
#ifdef HAVE_PATRICIA
			       , ptree
#endif
			       ))
	    syslog(LOG_ERR, "Too many pass-throughs! skipped %s", s);
	} else {
	  if (pass_through_add(ptlist, ptlen, ptcnt, &pt, is_dyn
#ifdef HAVE_PATRICIA
			       , ptree
#endif
			       ))
	    syslog(LOG_ERR, "Too many pass-throughs! skipped %s", s);
	}
      }
    }
  }

  free(p3);
  return 0;
}