void create_search(const TableDef& t) {
init("search", t);
generate_query(t);
int modulo;
modulo = 30;
if (rand() % 100 == 0) modulo = 1000000;
values.push_back(boost::lexical_cast<std::string>(rand() % modulo));
props.push_back("OFFSET");
modulo = 30;
if (rand() % 100 == 0) modulo = 1000000;
values.push_back(boost::lexical_cast<std::string>(rand() % modulo));
props.push_back("LIMIT");
props.push_back("ORDER_BY");
if (rand() % 2 == 0) values.push_back("int_0");
else values.push_back("-int_0");
}
int
write_client_specific_rule (char *mac, char *interface, int vap, int action)
{
char *static_ip;
unsigned int queue_id;
int dest_http_port;
int dest_https_port;
char mode;
char buffer[512] = { '\0' };
unsigned int ret;
FILE *fp;
static_ip = (char *) safe_malloc (STATIC_IP_SIZE);
generate_query (static_ip, "management", "static_ip");
queue_id = vap;
dest_http_port = VAP_BASE_HTTP_PORT + vap;
dest_https_port = VAP_BASE_HTTPS_PORT + vap;
mode = action ? 'D' : 'A';
fp = cp_get_client_specific_rule_file (mac);
ret =
sprintf (buffer,
"ebtables -t broute -%c BROUTING -p IPv4 -i %s --ip-proto tcp --ip-dport 80 -s %s -j mark --mark-set 0x%d --mark-target ACCEPT",
mode, interface, mac, dest_http_port);
if (ret < 0)
{
CP_ERROR (1, "HTTP client rule failed");
return FAILURE;
}
else
{
CP_ERROR (1, "HTTP rule success %s", buffer);
fprintf (fp, "%s\n", buffer);
}
ret =
sprintf (buffer,
"ebtables -t broute -%c BROUTING -p IPv4 -i %s --ip-proto tcp --ip-dport 443 -s %s -j mark --mark-set 0x%d --mark-target ACCEPT",
mode, interface, mac, dest_https_port);
if (ret < 0)
{
CP_ERROR (1, "HTTP client rule failed");
return FAILURE;
}
else
{
CP_ERROR (1, "HTTPS rule success %s", buffer);
fprintf (fp, "%s\n", buffer);
}
ret =
sprintf (buffer,
"iptables -t nat -%c PREROUTING -p tcp -m mark --mark 0x%d -j DNAT --to-destination %s:%d",
mode, dest_http_port, static_ip, dest_http_port);
if (ret < 0)
{
CP_ERROR (1, "Iptable rule for redirect failed for HTTP");
return FAILURE;
}
else
{
CP_ERROR (1, "IPtable rule for redirection success for HTTP %s ", buffer);
fprintf (fp, "%s\n", buffer);
}
ret =
sprintf (buffer,
"iptables -t nat -%c PREROUTING -p tcp -m mark --mark 0x%d -j DNAT --to-destination %s:%d",
mode, dest_https_port, static_ip, dest_https_port);
if (ret < 0)
{
CP_ERROR (1, "Iptable rule for redirect failed for HTTP");
return FAILURE;
}
else
{
CP_ERROR (1, "IPtable rule for redirection success for HTTP %s", buffer);
fprintf (fp, "%s\n", buffer);
}
ret =
sprintf (buffer,
"iptables -t nat -%c INPUT -p tcp -m mark --mark 0x%d -j NFQUEUE --queue-num %d",
mode, dest_http_port, queue_id);
if (ret < 0)
{
CP_ERROR (1, "Iptable rule for nf queue for the http failed");
return FAILURE;
}
else
{
CP_ERROR (1, "Iptable rule for the nf queue for the http success %s",
buffer);
fprintf (fp, "%s\n", buffer);
}
ret =
sprintf (buffer,
"iptables -t nat -%c INPUT -p tcp -m mark --mark 0x%d -j NFQUEUE --queue-num %d",
mode, dest_https_port, queue_id);
if (ret < 0)
{
CP_ERROR (1, "Iptable rule for nf queue for the https failed");
return FAILURE;
}
else
{
CP_ERROR (1, "Iptable rule for the nf queue for the https success %s",
buffer);
fprintf (fp, "%s\n", buffer);
}
fclose (fp);
return SUCCESS;
}
void create_delete(const TableDef& t) {
init("delete", t);
generate_query(t);
}