// Initialize address constraints from whitelist and blacklist files.
// Either can be set to NULL to omit.
int blacklist_init(char *whitelist_filename, char *blacklist_filename,
char **whitelist_entries, size_t whitelist_entries_len,
char **blacklist_entries, size_t blacklist_entries_len)
{
assert(!constraint);
if (whitelist_filename && whitelist_entries) {
log_warn("whitelist", "both a whitelist file and destination addresses "
"were specified. The union of these two sources "
"will be utilized.");
}
if (whitelist_filename || whitelist_entries) {
// using a whitelist, so default to allowing nothing
constraint = constraint_init(ADDR_DISALLOWED);
log_trace("whitelist", "blacklisting 0.0.0.0/0");
if (whitelist_filename) {
init_from_file(whitelist_filename, "whitelist", ADDR_ALLOWED);
}
if (whitelist_entries) {
init_from_array(whitelist_entries,
whitelist_entries_len, ADDR_ALLOWED);
}
} else {
// no whitelist, so default to allowing everything
constraint = constraint_init(ADDR_ALLOWED);
}
if (blacklist_filename) {
init_from_file(blacklist_filename, "blacklist", ADDR_DISALLOWED);
}
if (blacklist_entries) {
init_from_array(blacklist_entries, blacklist_entries_len, ADDR_DISALLOWED);
}
constraint_paint_value(constraint, ADDR_ALLOWED);
uint64_t allowed = blacklist_count_allowed();
log_debug("blacklist", "%lu addresses allowed to be scanned (%0.0f%% of address space)",
allowed, allowed*100./((long long int)1 << 32));
return EXIT_SUCCESS;
}
// Initialize address constraints from whitelist and blacklist files.
// Either can be set to NULL to omit.
int blacklist_init_from_files(char *whitelist_filename, char *blacklist_filename)
{
assert(!constraint);
if (whitelist_filename) {
// using a whitelist, so default to allowing nothing
constraint = constraint_init(ADDR_DISALLOWED);
log_trace("whitelist", "blacklisting 0.0.0.0/0");
init(whitelist_filename, "whitelist", ADDR_ALLOWED);
} else {
// no whitelist, so default to allowing everything
constraint = constraint_init(ADDR_ALLOWED);
}
if (blacklist_filename) {
init(blacklist_filename, "blacklist", ADDR_DISALLOWED);
}
constraint_paint_value(constraint, ADDR_ALLOWED);
uint64_t allowed = blacklist_count_allowed();
log_debug("blacklist", "%lu addresses allowed to be scanned (%0.0f%% of address space)",
allowed, allowed*100./((long long int)1 << 32));
/*
// test
log_debug("blacklist", "testing started");
uint64_t count = constraint_count_ips(constraint, ADDR_ALLOWED);
for (unsigned int i=0; i < count; i++) {
int ip = constraint_lookup_index(constraint, i, ADDR_ALLOWED);
if ((i & 0xFFFFFF) == 0)
log_info("blacklist", "%x", i & 0xFF000000);
if (constraint_lookup_ip(constraint, ip) != ADDR_ALLOWED) {
log_error("blacklist", "test failed for index %d", i);
}
}
log_debug("blacklist", "testing complete");
*/
return 0;
}
