static int timer_config(struct simio_device *dev,
const char *param, char **arg_text)
{
struct timer *tr = (struct timer *)dev;
if (!strcasecmp(param, "base"))
return config_addr(&tr->base_addr, arg_text);
if (!strcasecmp(param, "iv"))
return config_addr(&tr->iv_addr, arg_text);
if (!strcasecmp(param, "irq0"))
return config_irq(&tr->irq0, arg_text);
if (!strcasecmp(param, "irq1"))
return config_irq(&tr->irq1, arg_text);
if (!strcasecmp(param, "set"))
return config_channel(tr, arg_text);
printc_err("timer: config: unknown parameter: %s\n", param);
return -1;
}
static int console_config(struct simio_device *dev,
const char *param, char **arg_text)
{
struct console *c = (struct console *)dev;
if (!strcasecmp(param, "base")) {
return config_addr(&c->base_addr, arg_text);
}
else if (!strcasecmp(param, "output")) {
return config_output(&c->file, arg_text);
}
printc_err("console: config: unknown parameter: %s\n", param);
return -1;
}
static void client_xfer_fireup(void)
{
u_int32_t ladr = INADDR_ANY;
int incr;
/*
** should we bind a rand(port-range) or increment?
*/
incr = !config_bool(NULL,"SockBindRand", 0);
/*
** If appropriate, connect to the client's data port
*/
if (ctx.cli_mode == MOD_ACT_FTP) {
/*
** TransProxy mode: check if we can use our real
** ip instead of the server's one as our local ip,
** we pre-bind the socket/ports to before connect.
*/
if(config_bool(NULL, "AllowTransProxy", 0)) {
ladr = config_addr(NULL, "Listen",
(u_int32_t)INADDR_ANY);
}
if(INADDR_ANY == ladr) {
ladr = socket_sck2addr(ctx.cli_ctrl->sock,
LOC_END, NULL);
}
if (socket_d_connect(ctx.cli_addr, ctx.cli_port,
ladr, ctx.act_lrng, ctx.act_urng,
&(ctx.cli_data), "Cli-Data", incr) == 0)
{
syslog_error("can't connect Cli-Data for %s",
ctx.cli_ctrl->peer);
client_respond(425, NULL,
"Can't open data connection");
client_data_reset(MOD_RESET);
ctx.expect = EXP_IDLE;
return;
}
}
/*
** Send the original command from the client
*/
if (ctx.xfer_arg[0] != '\0') {
socket_printf(ctx.srv_ctrl, "%s %s\r\n",
ctx.xfer_cmd, ctx.xfer_arg);
syslog_write(T_INF, "'%s %s' sent for %s",
ctx.xfer_cmd, ctx.xfer_arg, ctx.cli_ctrl->peer);
} else {
socket_printf(ctx.srv_ctrl, "%s\r\n", ctx.xfer_cmd);
syslog_write(T_INF, "'%s' sent for %s",
ctx.xfer_cmd, ctx.cli_ctrl->peer);
}
/*
** Prepare the handling and statistics buffers
*/
memset(ctx.xfer_rep, 0, sizeof(ctx.xfer_rep));
ctx.xfer_beg = time(NULL);
ctx.expect = EXP_XFER; /* Expect 226 complete */
}
static int client_setup_file(CONTEXT *ctx, char *who)
{
char *p;
u_int16_t l, u;
/*
** little bit sanity check
*/
if( !(ctx && who && *who)) {
return -1;
}
/*
** Inform the auditor that we are using the config file
*/
syslog_write(U_INF, "reading data for '%s' from cfg-file", who);
/*
** Evaluate DestinationAddress, except we have magic_addr
*/
if (INADDR_ANY != ctx->magic_addr) {
ctx->srv_addr = ctx->magic_addr;
} else {
ctx->srv_addr = config_addr(who, "DestinationAddress",
INADDR_ANY);
#if defined(COMPILE_DEBUG)
debug(2, "file DestAddr for %s: '%s'",
ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr));
#endif
}
/*
** Evaluate DestinationPort, except we have magic_port
*/
if (INPORT_ANY != ctx->magic_port) {
ctx->srv_port = ctx->magic_port;
} else {
ctx->srv_port = config_port(who, "DestinationPort",
IPPORT_FTP);
#if defined(COMPILE_DEBUG)
debug(2, "file DestPort for %s: %d",
ctx->cli_ctrl->peer, (int) ctx->srv_port);
#endif
}
/*
** Evaluate the destination transfer mode
*/
p = config_str(who, "DestinationTransferMode", "client");
if(0 == strcasecmp(p, "active")) {
ctx->srv_mode = MOD_ACT_FTP;
} else
if(0 == strcasecmp(p, "passive")) {
ctx->srv_mode = MOD_PAS_FTP;
} else
if(0 == strcasecmp(p, "client")) {
ctx->srv_mode = MOD_CLI_FTP;
} else {
syslog_error("can't eval DestMode for %s",
ctx->cli_ctrl->peer);
return -1;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestMode for %s: %s", ctx->cli_ctrl->peer, p);
#endif
/*
** Evaluate min/max destination port range
*/
l = config_port(who, "DestinationMinPort", INPORT_ANY);
u = config_port(who, "DestinationMaxPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->srv_lrng = l;
ctx->srv_urng = u;
} else {
ctx->srv_lrng = INPORT_ANY;
ctx->srv_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->srv_lrng, ctx->srv_urng);
#endif
/*
** Evaluate min/max active port range
*/
l = config_port(who, "ActiveMinDataPort", INPORT_ANY);
u = config_port(who, "ActiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->act_lrng = l;
ctx->act_urng = u;
} else {
/* do not try to bind a port < 1024 if running as UID != 0 */
if(0 == getuid()) {
ctx->act_lrng = (IPPORT_FTP - 1);
ctx->act_urng = (IPPORT_FTP - 1);
} else {
ctx->act_lrng = INPORT_ANY;
ctx->act_urng = INPORT_ANY;
}
}
#if defined(COMPILE_DEBUG)
debug(2, "file ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->act_lrng, ctx->act_urng);
#endif
/*
** Evaluate min/max passive port range
*/
l = config_port(who, "PassiveMinDataPort", INPORT_ANY);
u = config_port(who, "PassiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->pas_lrng = l;
ctx->pas_urng = u;
} else {
ctx->pas_lrng = INPORT_ANY;
ctx->pas_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->pas_lrng, ctx->pas_urng);
#endif
/*
** Setup other configuration options
*/
ctx->same_adr = config_bool(who, "SameAddress", 1);
ctx->timeout = config_int (who, "TimeOut", 900);
#if defined(COMPILE_DEBUG)
debug(2, "file SameAddress for %s: %s", ctx->cli_ctrl->peer,
ctx->same_adr ? "yes" : "no");
debug(2, "file TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout);
#endif
/*
** Adjust the allow/deny flags for the commands
*/
p = config_str(who, "ValidCommands", NULL);
cmds_set_allow(p);
return 0;
}
static int client_setup_file(CONTEXT *ctx, char *who)
{
char *p;
u_int16_t l, u;
/*
** little bit sanity check
*/
if( !(ctx && who && *who)) {
return -1;
}
/*
** Inform the auditor that we are using the config file
*/
syslog_write(U_INF, "[ %s ] reading data for '%s' from cfg-file", ctx->cli_ctrl->peer, who);
/*
** Evaluate DestinationAddress, except we have magic_addr
*/
if (INADDR_ANY != ctx->magic_addr) {
ctx->srv_addr = ctx->magic_addr;
} else {
ctx->srv_addr = config_addr(who, "DestinationAddress",
INADDR_ANY);
#if defined(COMPILE_DEBUG)
debug(2, "[ %s ] file DestAddr for %s: '%s'", ctx->cli_ctrl->peer,
ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr));
#endif
}
/*
** Evaluate DestinationPort, except we have magic_port
*/
if (INPORT_ANY != ctx->magic_port) {
ctx->srv_port = ctx->magic_port;
} else {
ctx->srv_port = config_port(who, "DestinationPort",
IPPORT_FTP);
#if defined(COMPILE_DEBUG)
debug(2, "[ %s ] file DestPort for %s: %d", ctx->cli_ctrl->peer,
ctx->cli_ctrl->peer, (int) ctx->srv_port);
#endif
}
/*
** Evaluate the destination transfer mode
*/
p = config_str(who, "DestinationTransferMode", "client");
if(0 == strcasecmp(p, "active")) {
ctx->srv_mode = MOD_ACT_FTP;
} else
if(0 == strcasecmp(p, "passive")) {
ctx->srv_mode = MOD_PAS_FTP;
} else
if(0 == strcasecmp(p, "client")) {
ctx->srv_mode = MOD_CLI_FTP;
} else {
syslog_error("can't eval DestMode for %s",
ctx->cli_ctrl->peer);
return -1;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestMode for %s: %s", ctx->cli_ctrl->peer, p);
#endif
/*
** Evaluate min/max destination port range
*/
l = config_port(who, "DestinationMinPort", INPORT_ANY);
u = config_port(who, "DestinationMaxPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->srv_lrng = l;
ctx->srv_urng = u;
} else {
ctx->srv_lrng = INPORT_ANY;
ctx->srv_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->srv_lrng, ctx->srv_urng);
#endif
/*
** Evaluate min/max active port range
*/
l = config_port(who, "ActiveMinDataPort", INPORT_ANY);
u = config_port(who, "ActiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->act_lrng = l;
ctx->act_urng = u;
} else {
/* do not try to bind a port < 1024 if running as UID != 0 */
if(0 == getuid()) {
ctx->act_lrng = (IPPORT_FTP - 1);
ctx->act_urng = (IPPORT_FTP - 1);
} else {
ctx->act_lrng = INPORT_ANY;
ctx->act_urng = INPORT_ANY;
}
}
#if defined(COMPILE_DEBUG)
debug(2, "file ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->act_lrng, ctx->act_urng);
#endif
/*
** Evaluate min/max passive port range
*/
l = config_port(who, "PassiveMinDataPort", INPORT_ANY);
u = config_port(who, "PassiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->pas_lrng = l;
ctx->pas_urng = u;
} else {
ctx->pas_lrng = INPORT_ANY;
ctx->pas_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->pas_lrng, ctx->pas_urng);
#endif
/*
** Setup other configuration options
*/
ctx->same_adr = config_bool(who, "SameAddress", 1);
ctx->timeout = config_int (who, "TimeOut", 900);
#if defined(COMPILE_DEBUG)
debug(2, "file SameAddress for %s: %s", ctx->cli_ctrl->peer,
ctx->same_adr ? "yes" : "no");
debug(2, "file TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout);
#endif
/*** Adjust the allow/deny flags for the commands ** Fred patch */
char dest[17];
char ipdest[17];
char ipsrc[17];
strcpy (ipsrc,ctx->cli_ctrl->peer);
strcpy (ipdest, socket_addr2str(ctx->srv_addr));
syslog_write(U_INF, "\n");
syslog_write(U_INF, "[ %s ] Fred Patch rules dest: %s src: %s", ipsrc, ipdest, ipsrc);
char groupname[]="group";
char commandename[]="ValidCommands";
char *group;
FILE *fp;
group = "group1";
int ix;
int ix2;
u_int32_t dnsaddr;
for(ix=1; group != NULL; ix++) {
sprintf (&groupname[5],"%d",ix);
group = config_str(who, groupname, NULL);
}
syslog_write(U_INF, "[ %s ] Number of groups: %d", ipsrc, ix-2);
for (ix2=1; ix2 <= ix-2; ix2++) {
sprintf (&groupname[5],"%d",ix2);
group = config_str(who, groupname, NULL);
syslog_write(U_INF, "[ %s ] Reading: %s",ipsrc, group );
if ((fp = fopen(group, "r")) == NULL)
{
syslog_write(U_INF, "File not found");
return 0;
}
else
{
fseek(fp, 0, SEEK_SET);
while (fgets(dest, 17 , fp) != NULL)
{
// Pour une IP
// Correction Bug Ligne sans \n
dest[16] = '\n';
char *c = strchr (dest, '\n');
*c = 0;
/* Dns resolution */
if (ipdest != dest) {
dnsaddr = socket_str2addr(dest, INADDR_ANY);
if (dnsaddr != 0)
strcpy (dest, socket_addr2str(dnsaddr));
}
if (strcmp(dest,ipdest) == 0 || strcmp(dest,ipsrc) == 0)
{
sprintf (&commandename[13],"%d",ix);
p = config_str(who,commandename, NULL);
cmds_set_allow(p);
syslog_write(U_INF, "[ %s ] Apply rules for: %s dst: %s",ipsrc, ipsrc, ipdest);
syslog_write(U_INF, "[ %s ] Server match %s ",ipsrc, group );
syslog_write(U_INF, "\n");
fclose(fp);
return 0;
}
// Network
if (strchr(dest, 'x') != NULL)
{
char *c = strchr(dest, 'x');
*c = 0;
int longueur;
longueur = strlen(dest);
if (strncmp(dest,ipdest,longueur) == 0 || strncmp(dest,ipsrc,longueur) == 0)
{
sprintf (&commandename[13],"%d",ix);
p = config_str(who,commandename, NULL);
cmds_set_allow(p);
syslog_write(U_INF, "[ %s ] Apply rules for Network: %s src: %s",ipsrc, ipdest, ipsrc);
syslog_write(U_INF, "[ %s ] Server match %s ",ipsrc, group );
syslog_write(U_INF, "\n");
fclose(fp);
return 0;
}
}
}
fclose(fp);
}
}
syslog_write(U_INF, "[ %s ] Oh, Oh, no rule found -> defaultrules", ipsrc) ;
p = config_str(who, "defaultrules", NULL);
cmds_set_allow(p);
return 0;
}
