static NTSTATUS multisam_add_group_mapping_entry(struct pdb_methods *methods, GROUP_MAP *map) { short i; struct multisam_data *data; SET_DATA(data, methods); DEBUG(1, ("Adding group map entry\n")); for (i = 0; i < data->num_backends; i++) { if (!IS_DEFAULT(data->methods[i], add_group_mapping_entry)) { return data->methods[i]->add_group_mapping_entry(data->methods[i], map); } } return NT_STATUS_NOT_IMPLEMENTED; }
static NTSTATUS multisam_delete_group_mapping_entry(struct pdb_methods *methods, DOM_SID sid) { short i; struct multisam_data *data; NTSTATUS ret; SET_DATA(data, methods); for (i = 0; i < data->num_backends; i++) { if (!IS_DEFAULT(data->methods[i], delete_group_mapping_entry)) { ret = data->methods[i]->delete_group_mapping_entry(data->methods[i], sid); if (NT_STATUS_IS_OK(ret)) { return ret; } } } return NT_STATUS_UNSUCCESSFUL; }
static NTSTATUS multisam_init(struct pdb_methods **pdb_method, const char *location) { NTSTATUS nt_status; int i; struct multisam_data *data; multisam_debug_level = debug_add_class("multisam"); if (multisam_debug_level == -1) { multisam_debug_level = DBGC_ALL; DEBUG(0, ("multisam: Couldn't register custom debugging class!\n")); } if ( !NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method )) ) { return nt_status; } data = talloc(*pdb_method, struct multisam_data); (*pdb_method)->private_data = data; /* Create default_methods with default functions (as in pdb_interface.c) */ if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( &(data->default_methods)))) { DEBUG(0, ("Could not create default pdb_method\n")); return nt_status; } (*pdb_method)->name = "multisam"; /* Mandatory implementation */ (*pdb_method)->setsampwent = multisam_setsampwent; (*pdb_method)->endsampwent = multisam_endsampwent; (*pdb_method)->getsampwent = multisam_getsampwent; (*pdb_method)->getsampwnam = multisam_getsampwnam; (*pdb_method)->getsampwsid = multisam_getsampwsid; (*pdb_method)->add_sam_account = multisam_add_sam_account; (*pdb_method)->update_sam_account = multisam_update_sam_account; (*pdb_method)->delete_sam_account = multisam_delete_sam_account; (*pdb_method)->rename_sam_account = multisam_rename_sam_account; (*pdb_method)->rid_algorithm = multisam_rid_algorithm; (*pdb_method)->new_rid = multisam_dummy_new_rid; (*pdb_method)->create_user = multisam_create_user; (*pdb_method)->delete_user = multisam_delete_user; (*pdb_method)->uid_to_rid = multisam_uid_to_rid; (*pdb_method)->gid_to_sid = multisam_gid_to_sid; (*pdb_method)->sid_to_id = multisam_sid_to_id; /* Not yet implemented here */ #if 0 (*pdb_method)->update_login_attempts = multisam_update_login_attempts; (*pdb_method)->getgrsid = multisam_getgrsid; (*pdb_method)->getgrgid = multisam_getgrgid; (*pdb_method)->getgrnam = multisam_getgrnam; (*pdb_method)->create_dom_group = multisam_create_dom_group; (*pdb_method)->delete_dom_group = multisam_delete_dom_group; (*pdb_method)->enum_group_mapping = multisam_enum_group_mapping; (*pdb_method)->enum_group_members = multisam_enum_group_members; (*pdb_method)->enum_group_memberships = multisam_enum_group_memberships; (*pdb_method)->add_groupmem = multisam_add_groupmem; (*pdb_method)->del_groupmem = multisam_del_groupmem; (*pdb_method)->find_alias = multisam_find_alias; (*pdb_method)->create_alias = multisam_create_alias; (*pdb_method)->delete_alias = multisam_delete_alias; (*pdb_method)->get_aliasinfo = multisam_get_aliasinfo; (*pdb_method)->set_aliasinfo = multisam_set_aliasinfo; (*pdb_method)->add_aliasmem = multisam_add_aliasmem; (*pdb_method)->del_aliasmem = multisam_del_aliasmem; (*pdb_method)->enum_aliasmem = multisam_enum_aliasmem; (*pdb_method)->enum_alias_memberships = multisam_alias_memberships; (*pdb_method)->lookup_rids = multisam_lookup_rids; (*pdb_method)->get_account_policy = multisam_get_account_policy; (*pdb_method)->set_account_policy = multisam_set_account_policy; (*pdb_method)->get_seq_num = multisam_get_seq_num; (*pdb_method)->search_users = multisam_search_users; (*pdb_method)->search_groups = multisam_search_groups; (*pdb_method)->search_aliases = multisam_search_aliases; #endif if (!location) { DEBUG(0, ("No identifier specified. Check the Samba HOWTO Collection for details\n")); return NT_STATUS_INVALID_PARAMETER; } data->location = talloc_strdup(data, location); data->names = str_list_make_talloc(data, data->location, NULL); data->num_backends = str_list_count((const char **)data->names); data->locations = talloc_array(data, char *, data->num_backends); data->methods = talloc_array(data, struct pdb_methods *, data->num_backends); for (i = 0; i < data->num_backends; i++) { struct pdb_init_function_entry *entry = NULL; data->locations[i] = strchr(data->names[i], ':'); if (data->locations[i]) { *(data->locations[i]) = '\0'; data->locations[i]++; } entry = pdb_find_backend_entry(data->names[i]); if (!entry) { DEBUG(2,("No builtin backend found, trying to load plugin\n")); if(NT_STATUS_IS_OK(smb_probe_module("pdb", data->names[i])) && !(entry = pdb_find_backend_entry(data->names[i]))) { DEBUG(0,("Plugin is available, but doesn't register passdb backend %s\n", data->names[i])); return NT_STATUS_UNSUCCESSFUL; } } if (!entry) { DEBUG(0, ("Unable to find multisam backend %d: %s\n", i, data->names[i])); return NT_STATUS_UNSUCCESSFUL; } DEBUG(2, ("Found entry point. Loading multisam backend %d: %s\n", i, data->names[i])); nt_status = entry->init(&data->methods[i], data->locations[i]); if (NT_STATUS_IS_ERR(nt_status)) { return nt_status; } /* These functions are only used on LDAP now.. */ if (!IS_DEFAULT(data->methods[i], add_group_mapping_entry)) (*pdb_method)->add_group_mapping_entry = multisam_add_group_mapping_entry; if (!IS_DEFAULT(data->methods[i], update_group_mapping_entry)) (*pdb_method)->update_group_mapping_entry = multisam_update_group_mapping_entry; if (!IS_DEFAULT(data->methods[i], delete_group_mapping_entry)) (*pdb_method)->delete_group_mapping_entry = multisam_delete_group_mapping_entry; } return NT_STATUS_OK; }
static void print_help(void) { mysyslog( "Usage: " PACKAGE " [options] (\"*\" Denotes enabled by default)\n" "--user or -u <user|UID> Run as specified the user or UID.\n" "--group or -g <group|GID> Run with specified the group or GID.\n" "--logfile or -l <file> Log to <file>.\n" "--pid-file <file> Use <file> as the pid file.\n" "--ignore or -d Ignore DNS traffic from nameservers listed in\n" " /etc/resolv.conf.\n" "--interface or -i <if0,...,ifN> Listen on the specified interface(s).\n" "--promisc or -a <network> Log traffic to all hosts on <network>.\n" "--kill or -k Kill iplog, if it is running.\n" "--restart or -R Restart iplog, if it is running.\n" "--no-fork or -o Run in the foreground.\n" "--stdout or -L Log to stdout.\n" "--help or -h This help screen.\n" "--version or -v Print version information and exit.\n" "\n" "--facility <facility> Use the specified syslog facility.\n" "--priority <priority> Use the specified syslog priority.\n" "\n" "--tcp[=true|false|toggle] %cLog TCP traffic.\n" "--udp[=true|false|toggle] %cLog UDP traffic.\n" "--icmp[=true|false|toggle] %cLog ICMP traffic.\n" "\n" "--log-ip[=true|false|toggle] or -w %cLog IP along with hostname.\n" "--log-dest[=true|false|toggle] or -D %cLog the destination of traffic.\n" "--dns-cache[=true|false|toggle] or -c %cUse the built-in DNS cache.\n" "--get-ident[=true|false|toggle] or -e %cGet ident info on connections\n" " to listening ports.\n" "\n" "--tcp-resolve[=true|false|toggle] or -T %cResolve IPs of TCP traffic.\n" "--udp-resolve[=true|false|toggle] or -U %cResolve IPs of UDP traffic.\n" "--icmp-resolve[=true|false|toggle] or -I %cResolve IPs of ICMP traffic.\n" "--disable-resolver or -N %cDo not resolve any IPs.\n" "\n" "--verbose[=true|false|toggle] or -V %cBe verbose.\n" "--fool-nmap[=true|false|toggle] or -z %cFool nmap's OS detection.\n" "--scans-only[=true|false|toggle] or -m %cOnly log scans.\n" "--detect-syn-flood[=true|false|toggle] or -s %cStop resolving IPs if a\n" " SYN flood is detected.\n" "\n" "--log-frag[=true|false|toggle] or -y %cLog fragment attacks.\n" "--log-traceroute[=true|false|toggle] or -t %cLog traceroutes.\n" "--log-ping-flood[=true|false|toggle] or -P %cLog ICMP ping floods.\n" "--log-smurf[=true|false|toggle] or -S %cLog smurf attacks.\n" "--log-bogus[=true|false|toggle] or -b %cLog bogus TCP flags.\n" "--log-portscan[=true|false|toggle] or -p %cLog port scans.\n" "--log-udp-scan[=true|false|toggle] or -F %cLog UDP scans/floods.\n" "--log-fin-scan[=true|false|toggle] or -f %cLog FIN scans.\n" "--log-syn-scan[=true|false|toggle] or -q %cLog SYN scans.\n" "--log-xmas-scan[=true|false|toggle] or -x %cLog Xmas scans.\n" "--log-null-scan[=true|false|toggle] or -n %cLog null scans.", IS_DEFAULT(LOG_TCP), IS_DEFAULT(LOG_UDP), IS_DEFAULT(LOG_ICMP), IS_DEFAULT(LOG_IP), IS_DEFAULT(LOG_DEST), IS_DEFAULT(DNS_CACHE), IS_DEFAULT(GET_IDENT), IS_DEFAULT(TCP_RES), IS_DEFAULT(UDP_RES), IS_DEFAULT(ICMP_RES), IS_DEFAULT(NO_RESOLV), IS_DEFAULT(VERBOSE), IS_DEFAULT(FOOL_NMAP), IS_DEFAULT(SCANS_ONLY), IS_DEFAULT(SYN_FLOOD), IS_DEFAULT(LOG_FRAG), IS_DEFAULT(TRACEROUTE), IS_DEFAULT(PING_FLOOD), IS_DEFAULT(SMURF), IS_DEFAULT(BOGUS), IS_DEFAULT(PORTSCAN), IS_DEFAULT(UDP_SCAN), IS_DEFAULT(FIN_SCAN), IS_DEFAULT(SYN_SCAN), IS_DEFAULT(XMAS_SCAN), IS_DEFAULT(NULL_SCAN)); exit(0); }