int main(int argc, const char **argv) { long num_tests; long num_elements; long i; if (argc != 3) { fprintf(stderr, "Usage: ipv4-set-size [# tests] [# elements]\n"); return -1; } num_tests = atol(argv[1]); num_elements = atol(argv[2]); fprintf(stderr, "Creating %lu sets with %lu elements each.\n", num_tests, num_elements); ipset_init_library(); srandom(time(NULL)); for (i = 0; i < num_tests; i++) { one_test(num_elements); } return 0; }
int init_acl(const char *path) { // initialize ipset ipset_init_library(); ipset_init(&acl_ip_set); // initialize array cork_string_array_init(&acl_domain_array); FILE *f = fopen(path, "r"); if (f == NULL) { LOGE("Invalid acl path."); return -1; } char line[256]; while(!feof(f)) { if (fgets(line, 256, f)) { // Trim the newline int len = strlen(line); if (len > 0 && line[len - 1] == '\n') { line[len - 1] = '\0'; } char *host = NULL; int cidr; parse_addr_cidr(line, &host, &cidr); if (cidr == -1) { cork_string_array_append(&acl_domain_array, host); } else { struct cork_ipv4 addr; int err = cork_ipv4_init(&addr, host); if (!err) { if (cidr >= 0) ipset_ipv4_add_network(&acl_ip_set, &addr, cidr); else ipset_ipv4_add(&acl_ip_set, &addr); } } if (host != NULL) free(host); } } fclose(f); return 0; }
int init_acl(const char *path, int mode) { acl_mode = mode; // initialize ipset ipset_init_library(); ipset_init(&acl_ipv4_set); ipset_init(&acl_ipv6_set); FILE *f = fopen(path, "r"); if (f == NULL) { LOGE("Invalid acl path."); return -1; } char line[256]; while (!feof(f)) if (fgets(line, 256, f)) { // Trim the newline int len = strlen(line); if (len > 0 && line[len - 1] == '\n') { line[len - 1] = '\0'; } char host[256]; int cidr; parse_addr_cidr(line, host, &cidr); struct cork_ip addr; int err = cork_ip_init(&addr, host); if (!err) { if (addr.version == 4) { if (cidr >= 0) { ipset_ipv4_add_network(&acl_ipv4_set, &(addr.ip.v4), cidr); } else { ipset_ipv4_add(&acl_ipv4_set, &(addr.ip.v4)); } } else if (addr.version == 6) { if (cidr >= 0) { ipset_ipv6_add_network(&acl_ipv6_set, &(addr.ip.v6), cidr); } else { ipset_ipv6_add(&acl_ipv6_set, &(addr.ip.v6)); } } } } fclose(f); return 0; }
int main(int argc, const char **argv) { int number_failed; Suite *suite = ipset_suite(); SRunner *runner = srunner_create(suite); ipset_init_library(); srunner_run_all(runner, CK_NORMAL); number_failed = srunner_ntests_failed(runner); srunner_free(runner); return (number_failed == 0)? EXIT_SUCCESS: EXIT_FAILURE; }
int init_acl(const char *path) { // initialize ipset ipset_init_library(); ipset_init(&white_list_ipv4); ipset_init(&white_list_ipv6); ipset_init(&black_list_ipv4); ipset_init(&black_list_ipv6); ipset_init(&outbound_block_list_ipv4); ipset_init(&outbound_block_list_ipv6); cork_dllist_init(&black_list_rules); cork_dllist_init(&white_list_rules); cork_dllist_init(&outbound_block_list_rules); struct ip_set *list_ipv4 = &black_list_ipv4; struct ip_set *list_ipv6 = &black_list_ipv6; struct cork_dllist *rules = &black_list_rules; FILE *f = fopen(path, "r"); if (f == NULL) { LOGE("Invalid acl path."); return -1; } char buf[257]; while (!feof(f)) if (fgets(buf, 256, f)) { // Trim the newline int len = strlen(buf); if (len > 0 && buf[len - 1] == '\n') { buf[len - 1] = '\0'; } char *comment = strchr(buf, '#'); if (comment) { *comment = '\0'; } char *line = trimwhitespace(buf); if (strlen(line) == 0) { continue; } if (strcmp(line, "[outbound_block_list]") == 0) { list_ipv4 = &outbound_block_list_ipv4; list_ipv6 = &outbound_block_list_ipv6; rules = &outbound_block_list_rules; continue; } else if (strcmp(line, "[black_list]") == 0 || strcmp(line, "[bypass_list]") == 0) { list_ipv4 = &black_list_ipv4; list_ipv6 = &black_list_ipv6; rules = &black_list_rules; continue; } else if (strcmp(line, "[white_list]") == 0 || strcmp(line, "[proxy_list]") == 0) { list_ipv4 = &white_list_ipv4; list_ipv6 = &white_list_ipv6; rules = &white_list_rules; continue; } else if (strcmp(line, "[reject_all]") == 0 || strcmp(line, "[bypass_all]") == 0) { acl_mode = WHITE_LIST; continue; } else if (strcmp(line, "[accept_all]") == 0 || strcmp(line, "[proxy_all]") == 0) { acl_mode = BLACK_LIST; continue; } else if (strcmp(line, "[remote_dns]") == 0) { continue; } char host[257]; int cidr; parse_addr_cidr(line, host, &cidr); struct cork_ip addr; int err = cork_ip_init(&addr, host); if (!err) { if (addr.version == 4) { if (cidr >= 0) { ipset_ipv4_add_network(list_ipv4, &(addr.ip.v4), cidr); } else { ipset_ipv4_add(list_ipv4, &(addr.ip.v4)); } } else if (addr.version == 6) { if (cidr >= 0) { ipset_ipv6_add_network(list_ipv6, &(addr.ip.v6), cidr); } else { ipset_ipv6_add(list_ipv6, &(addr.ip.v6)); } } } else { rule_t *rule = new_rule(); accept_rule_arg(rule, line); init_rule(rule); add_rule(rules, rule); } } fclose(f); return 0; }
int main(int argc, char **argv) { ipset_init_library(); /* * Parse the command-line options. */ GError *error = NULL; GOptionContext *context; context = g_option_context_new("INPUT FILES"); g_option_context_add_main_entries(context, entries, NULL); if (!g_option_context_parse(context, &argc, &argv, &error)) { fprintf(stderr, "Error parsing command-line options: %s\n", error->message); exit(1); } /* * Verify that the user specified at least one SiLK file to read. */ if (argc <= 1) { #if GLIB_MINOR_VERSION < 14 fprintf(stderr, "ERROR: You need to specify at " "least one input file.\n"); #else fprintf(stderr, "ERROR: You need to specify at " "least one input file.\n\n%s", g_option_context_get_help(context, TRUE, NULL)); #endif exit(1); } /* * Set up logging. */ g_log_set_handler("ipset", G_LOG_LEVEL_DEBUG, ignore_log_message, NULL); /* * Read in the IP set files specified on the command line. */ ip_set_t set; ipset_init(&set); int i; for (i = 1; i < argc; i++) { const char *filename = argv[i]; FILE *stream; gboolean close_stream; /* * Create a FILE object for the file. */ if (strcmp(filename, "-") == 0) { fprintf(stderr, "Opening stdin...\n"); filename = "stdin"; stream = stdin; close_stream = FALSE; } else { fprintf(stderr, "Opening file %s...\n", filename); stream = fopen(filename, "rb"); if (stream == NULL) { fprintf(stderr, "Cannot open file %s:\n %s\n", filename, strerror(errno)); exit(1); } close_stream = TRUE; } /* * Read in one IP address per line in the file. */ gsize ip_count = 0; #define MAX_LINELENGTH 4096 gchar line[MAX_LINELENGTH]; while (fgets(line, MAX_LINELENGTH, stream) != NULL) { /* * Reserve enough space for an IPv6 address. */ guint32 addr[4]; int rc; /* * Try to parse the line as an IPv4 address. If that * works, add it to the set. */ rc = inet_pton(AF_INET, line, addr); if (rc == 1) { ipset_ipv4_add(&set, addr); g_free(line); continue; } /* * If that didn't work, try IPv6. */ rc = inet_pton(AF_INET6, line, addr); if (rc == 1) { ipset_ipv6_add(&set, addr); g_free(line); continue; } /* * Otherwise, we've got an error. */ fprintf(stderr, "\"%s\" is not a valid IP address.\n", line); exit(1); } if (ferror(stream)) { /* * There was an error reading from the stream. */ fprintf(stderr, "Error reading from %s:\n %s\n", filename, strerror(errno)); exit(1); } fprintf(stderr, "Read %" G_GSIZE_FORMAT " IP addresses from %s.\n", ip_count, filename); /* * Free the streams before opening the next file. */ if (close_stream) { fclose(stream); } } fprintf(stderr, "Set uses %" G_GSIZE_FORMAT " bytes of memory.\n", ipset_memory_size(&set)); /* * Serialize the IP set to the desired output file. */ FILE *ostream; gboolean close_ostream; if ((output_filename == NULL) || (strcmp(output_filename, "-") == 0)) { fprintf(stderr, "Writing to stdout...\n"); ostream = stdout; output_filename = "stdout"; close_ostream = FALSE; } else { fprintf(stderr, "Writing to file %s...\n", output_filename); ostream = fopen(output_filename, "wb"); if (ostream == NULL) { fprintf(stderr, "Cannot open file %s:\n %s\n", output_filename, strerror(errno)); exit(1); } close_ostream = TRUE; } if (!ipset_save(ostream, &set, &error)) { fprintf(stderr, "Error saving IP set:\n %s\n", error->message); exit(1); } /* * Close the output stream for exiting. */ if (close_ostream) { fclose(ostream); } return 0; }