struct list * get_rib_routes() { sisis_dump_kernel_routes(); struct listnode * node; struct listnode * appnd_node; struct list * addr_list = calloc(1, sizeof(struct list)); LIST_FOREACH(ipv4_rib_routes, node) { struct route_ipv4 * route = (struct route_ipv4 *)node->data; struct addr * cur_addr; // Set up prefix char prefix_str[INET_ADDRSTRLEN]; if (inet_ntop(AF_INET, &(route->p->prefix.s_addr), prefix_str, INET_ADDRSTRLEN) != 1) { cur_addr = parse_ip_address(prefix_str); if(strcmp(cur_addr->pre, "26") == 0) { appnd_node = calloc(1, sizeof(struct listnode)); appnd_node->data = (void *) cur_addr; LIST_APPEND(addr_list, appnd_node); } else { free(cur_addr); cur_addr = NULL; } } } return addr_list; }
/* Small help func takes ip-address-string, determines if a valid netmask is specified and inserts the netmask into mask. Cuts of the netmask of the string, if it founds a netmask !!! Returns 0 if no netmask found, -1 if netmask isn't valid, and 1 if successful. According to this function a mask is in form of 255.255.192.0 so an ip/mask looks like 10.0.0.0/255.255.192.0 we will extend it to 10.0.0.0/18 which will be also valid */ int parse_ip_netmask (char *c, char **ip, unsigned int *mask) { char *p, *q; unsigned int netmask; if (c == NULL) { return -10; } p = c; if ((q = strchr (p, '/')) == NULL) { *mask = 0xFFFFFFFF; return 0; /* no mask */ } else { *ip = (char *) malloc (q - p + 1); if ((*ip) == NULL) return -2; memcpy (*ip, p, q - p); (*ip)[q - p] = 0; // wrong (*q) = 0; /* cut of the netmask */ q++; /* * two possibilities /16 or /255.255.192.0 */ if (is_positive_number (q) == 1) { /* we have a /16 mask */ if ((netmask = make_mask (atoi (q))) == 0) { *mask = 0; /* error in value of /43 or something like */ return -1; } else { *mask = netmask; return 1; } } else /* we may have a 255.255.192.0 mask */ if (parse_ip_address (q, &netmask) == 1) /* and parse the netmask */ { *mask = netmask; return 1; } else { *mask = 0; return -1; } } }
static unsigned short function_config(char* buffer, char* parameters) { // find the settings in parameters and parse them char* position; int value; position=strstr_P(parameters,dhcp); if (position!=NULL) { value=atoi(position+sizeof(dhcp)-1); config.dhcpenable=value; } position=strstr_P(parameters,ip); if (position!=NULL) { parse_ip_address(config.ipaddr,position+sizeof(ip)-1); uip_sethostaddr(&config.ipaddr); } position=strstr_P(parameters,mask); if (position!=NULL) { parse_ip_address(config.netmask,position+sizeof(mask)-1); uip_setnetmask(&config.netmask); } position=strstr_P(parameters,gw); if (position!=NULL) { parse_ip_address(config.gateway,position+sizeof(gw)-1); uip_setdraddr(&config.gateway); } position=strstr_P(parameters,auth); if (position!=NULL) { char* param=position+sizeof(auth)-1; url_decode(param); // copy the parameter to the config strcpy(config.authentication,param); } writeFlashConfig(); // return a dummy because a null string is not allowed buffer[0]=' '; buffer[1]=0; return 1; }
/* !DO NOT ALTER FUNCTION SIGNATURE! */ int callback_ofc_capable_switch_ofc_logical_switches_ofc_switch_ofc_controllers_ofc_controller_ofc_ip_address (void ** data, XMLDIFF_OP op, xmlNodePtr node, struct nc_err** error) { nc_verb_verbose("%s: data=%p, op=%d\n", __PRETTY_FUNCTION__, data, op); assert(__data); if ((XMLDIFF_ADD) & op) { // fixme handle zone in address (see http://www.netconfcentral.org/modules/ietf-inet-types) CONTROLLER(__data)->ip_domain = parse_ip_address(XML_GET_CONTENT(node->children), &CONTROLLER(__data)->ip); } else if ((XMLDIFF_REM) & op) { } else { nc_verb_error("not implemented"); assert(0); } return EXIT_SUCCESS; }
void report_nmap_set_parameter(struct Ferret *ferret, const char *name, const char *value) { if (ferret->report_nmap == 0) ferret->report_nmap = nmap_create(); if (strcmp(name, "addr") == 0) { struct ParsedIpAddress addr; unsigned offset = 0; //unsigned is_exclude = 0; struct filter *filters; unsigned *filter_count; if (value[0] == '!') { //is_exclude = 1; filters = ferret->report_nmap->exclude_filters; filter_count = &ferret->report_nmap->exclude_count; value++; } else { filters = ferret->report_nmap->include_filters; filter_count = &ferret->report_nmap->include_count; } if (parse_ip_address(value, &offset, (unsigned)strlen(value), &addr)) { if (*filter_count > sizeof(ferret->report_nmap->include_filters)/sizeof(ferret->report_nmap->include_filters[0])) fprintf(stderr, "too many: report.host.%s=%s\n", name, value); else if (addr.version != 4) { fprintf(stderr, "only support IPv4 addresses for this feature at this time\n"); } else { int64_t mask = -1; mask ^= 0xFFFFFFFF; mask >>= addr.prefix_length; filters[*filter_count].ip = addr.address[0]<<24 | addr.address[1]<<16 | addr.address[2]<<8 | addr.address[3]; filters[*filter_count].mask = (unsigned)mask; (*filter_count)++; } } else fprintf(stderr, "bad IP address: report.host.%s=%s\n", name, value); } else
static inline int php_tcp_sockop_connect(php_stream *stream, php_netstream_data_t *sock, php_stream_xport_param *xparam) { char *host = NULL, *bindto = NULL; int portno, bindport = 0; int err = 0; int ret; zval *tmpzval = NULL; long sockopts = STREAM_SOCKOP_NONE; #ifdef AF_UNIX if (stream->ops == &php_stream_unix_socket_ops || stream->ops == &php_stream_unixdg_socket_ops) { struct sockaddr_un unix_addr; sock->socket = socket(PF_UNIX, stream->ops == &php_stream_unix_socket_ops ? SOCK_STREAM : SOCK_DGRAM, 0); if (sock->socket == SOCK_ERR) { if (xparam->want_errortext) { xparam->outputs.error_text = strpprintf(0, "Failed to create unix socket"); } return -1; } parse_unix_address(xparam, &unix_addr); ret = php_network_connect_socket(sock->socket, (const struct sockaddr *)&unix_addr, (socklen_t) XtOffsetOf(struct sockaddr_un, sun_path) + xparam->inputs.namelen, xparam->op == STREAM_XPORT_OP_CONNECT_ASYNC, xparam->inputs.timeout, xparam->want_errortext ? &xparam->outputs.error_text : NULL, &err); xparam->outputs.error_code = err; goto out; } #endif host = parse_ip_address(xparam, &portno); if (host == NULL) { return -1; } if (PHP_STREAM_CONTEXT(stream) && (tmpzval = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "socket", "bindto")) != NULL) { if (Z_TYPE_P(tmpzval) != IS_STRING) { if (xparam->want_errortext) { xparam->outputs.error_text = strpprintf(0, "local_addr context option is not a string."); } efree(host); return -1; } bindto = parse_ip_address_ex(Z_STRVAL_P(tmpzval), Z_STRLEN_P(tmpzval), &bindport, xparam->want_errortext, &xparam->outputs.error_text); } #ifdef SO_BROADCAST if (stream->ops == &php_stream_udp_socket_ops /* SO_BROADCAST is only applicable for UDP */ && PHP_STREAM_CONTEXT(stream) && (tmpzval = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "socket", "so_broadcast")) != NULL && zend_is_true(tmpzval) ) { sockopts |= STREAM_SOCKOP_SO_BROADCAST; } #endif /* Note: the test here for php_stream_udp_socket_ops is important, because we * want the default to be TCP sockets so that the openssl extension can * re-use this code. */ sock->socket = php_network_connect_socket_to_host(host, portno, stream->ops == &php_stream_udp_socket_ops ? SOCK_DGRAM : SOCK_STREAM, xparam->op == STREAM_XPORT_OP_CONNECT_ASYNC, xparam->inputs.timeout, xparam->want_errortext ? &xparam->outputs.error_text : NULL, &err, bindto, bindport, sockopts ); ret = sock->socket == -1 ? -1 : 0; xparam->outputs.error_code = err; if (host) { efree(host); } if (bindto) { efree(bindto); } #ifdef AF_UNIX out: #endif if (ret >= 0 && xparam->op == STREAM_XPORT_OP_CONNECT_ASYNC && err == EINPROGRESS) { /* indicates pending connection */ return 1; } return ret; }
static inline int php_tcp_sockop_bind(php_stream *stream, php_netstream_data_t *sock, php_stream_xport_param *xparam) { char *host = NULL; int portno, err; long sockopts = STREAM_SOCKOP_NONE; zval *tmpzval = NULL; #ifdef AF_UNIX if (stream->ops == &php_stream_unix_socket_ops || stream->ops == &php_stream_unixdg_socket_ops) { struct sockaddr_un unix_addr; sock->socket = socket(PF_UNIX, stream->ops == &php_stream_unix_socket_ops ? SOCK_STREAM : SOCK_DGRAM, 0); if (sock->socket == SOCK_ERR) { if (xparam->want_errortext) { xparam->outputs.error_text = strpprintf(0, "Failed to create unix%s socket %s", stream->ops == &php_stream_unix_socket_ops ? "" : "datagram", strerror(errno)); } return -1; } parse_unix_address(xparam, &unix_addr); return bind(sock->socket, (const struct sockaddr *)&unix_addr, (socklen_t) XtOffsetOf(struct sockaddr_un, sun_path) + xparam->inputs.namelen); } #endif host = parse_ip_address(xparam, &portno); if (host == NULL) { return -1; } #ifdef IPV6_V6ONLY if (PHP_STREAM_CONTEXT(stream) && (tmpzval = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "socket", "ipv6_v6only")) != NULL && Z_TYPE_P(tmpzval) != IS_NULL ) { sockopts |= STREAM_SOCKOP_IPV6_V6ONLY; sockopts |= STREAM_SOCKOP_IPV6_V6ONLY_ENABLED * zend_is_true(tmpzval); } #endif #ifdef SO_REUSEPORT if (PHP_STREAM_CONTEXT(stream) && (tmpzval = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "socket", "so_reuseport")) != NULL && zend_is_true(tmpzval) ) { sockopts |= STREAM_SOCKOP_SO_REUSEPORT; } #endif #ifdef SO_BROADCAST if (stream->ops == &php_stream_udp_socket_ops /* SO_BROADCAST is only applicable for UDP */ && PHP_STREAM_CONTEXT(stream) && (tmpzval = php_stream_context_get_option(PHP_STREAM_CONTEXT(stream), "socket", "so_broadcast")) != NULL && zend_is_true(tmpzval) ) { sockopts |= STREAM_SOCKOP_SO_BROADCAST; } #endif sock->socket = php_network_bind_socket_to_local_addr(host, portno, stream->ops == &php_stream_udp_socket_ops ? SOCK_DGRAM : SOCK_STREAM, sockopts, xparam->want_errortext ? &xparam->outputs.error_text : NULL, &err ); if (host) { efree(host); } return sock->socket == -1 ? -1 : 0; }
static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry, unsigned int *flags, struct ebt_entry_match **match) { struct ebt_ip_info *ipinfo = (struct ebt_ip_info *)(*match)->data; char *end; long int i; switch (c) { case IP_SOURCE: check_option(flags, OPT_SOURCE); ipinfo->bitmask |= EBT_IP_SOURCE; case IP_DEST: if (c == IP_DEST) { check_option(flags, OPT_DEST); ipinfo->bitmask |= EBT_IP_DEST; } if (check_inverse(optarg)) { if (c == IP_SOURCE) ipinfo->invflags |= EBT_IP_SOURCE; else ipinfo->invflags |= EBT_IP_DEST; } if (optind > argc) print_error("Missing IP address argument"); if (c == IP_SOURCE) parse_ip_address(argv[optind - 1], &ipinfo->saddr, &ipinfo->smsk); else parse_ip_address(argv[optind - 1], &ipinfo->daddr, &ipinfo->dmsk); break; case IP_SPORT: case IP_DPORT: if (c == IP_SPORT) { check_option(flags, OPT_SPORT); ipinfo->bitmask |= EBT_IP_SPORT; if (check_inverse(optarg)) ipinfo->invflags |= EBT_IP_SPORT; } else { check_option(flags, OPT_DPORT); ipinfo->bitmask |= EBT_IP_DPORT; if (check_inverse(optarg)) ipinfo->invflags |= EBT_IP_DPORT; } if (optind > argc) print_error("Missing port argument"); if (c == IP_SPORT) parse_port_range(NULL, argv[optind - 1], ipinfo->sport); else parse_port_range(NULL, argv[optind - 1], ipinfo->dport); break; case IP_myTOS: check_option(flags, OPT_TOS); if (check_inverse(optarg)) ipinfo->invflags |= EBT_IP_TOS; if (optind > argc) print_error("Missing IP tos argument"); i = strtol(argv[optind - 1], &end, 16); if (i < 0 || i > 255 || *end != '\0') print_error("Problem with specified IP tos"); ipinfo->tos = i; ipinfo->bitmask |= EBT_IP_TOS; break; case IP_myDSCP: /* brcm */ check_option(flags, OPT_DSCP); if (check_inverse(optarg)) ipinfo->invflags |= EBT_IP_DSCP; if (optind > argc) print_error("Missing IP dscp argument"); i = strtol(argv[optind - 1], &end, 16); if (i < 0 || i > 255 || (i & 0x3) || *end != '\0') print_error("Problem with specified IP dscp"); ipinfo->dscp = i; ipinfo->bitmask |= EBT_IP_DSCP; break; case IP_PROTO: check_option(flags, OPT_PROTO); if (check_inverse(optarg)) ipinfo->invflags |= EBT_IP_PROTO; if (optind > argc) print_error("Missing IP protocol argument"); i = strtoul(argv[optind - 1], &end, 10); if (*end != '\0') { struct protoent *pe; pe = getprotobyname(argv[optind - 1]); if (pe == NULL) print_error ("Unknown specified IP protocol - %s", argv[optind - 1]); ipinfo->protocol = pe->p_proto; } else { ipinfo->protocol = (unsigned char) i; } ipinfo->bitmask |= EBT_IP_PROTO; break; default: return 0; } return 1; }
int sdp_mangle_ip (struct sip_msg *msg, char *oldip, char *newip) { int i, oldContentLength, newContentLength, diff, oldlen,len,off,ret,needToDealocate; unsigned int mask, address, locatedIp; struct lump *l; regmatch_t pmatch; regex_t *re; char *s, *pos,*begin,*key; char buffer[16]; /* 123.456.789.123\0 */ #ifdef DEBUG fprintf (stdout,"---START--------MANGLE IP-----------------\n"); #endif key = IP_REGEX; /* * Checking if msg has a payload */ if (msg == NULL) { LOG(L_ERR,"ERROR: sdp_mangle_ip: Received NULL for msg\n"); return -1; } if ((msg->content_length==0) && ((parse_headers(msg,HDR_CONTENTLENGTH,0)==-1) || (msg->content_length==0) )){ LOG(L_ERR,"ERROR: sdp_mangle_port: bad or missing " "Content-Length \n"); return -2; } oldContentLength = get_content_length(msg); if (oldContentLength <= 0) { LOG(L_ERR,"ERROR: sdp_mangle_ip: Received <= for Content-Length\n"); return -2; } /* checking oldip */ if (oldip == NULL) { LOG(L_ERR,"ERROR: sdp_mangle_ip: Received NULL for oldip\n"); return -3; } /* checking newip */ if (newip == NULL) { LOG(L_ERR,"ERROR: sdp_mangle_ip: Received NULL for newip\n"); return -4; } i = parse_ip_netmask (oldip, &pos, &mask); if (i == -1) { /* invalid value for the netmask specified in oldip */ LOG(L_ERR,"ERROR: sdp_mangle_ip: invalid value for the netmask specified in oldip\n"); return -5; } else { i = parse_ip_address (pos, &address); if (pos != NULL) free (pos); if (i == 0) { LOG(L_ERR,"ERROR: sdp_mangle_ip: invalid value for the ip specified in oldip\n"); return -6; /* parse error in ip */ } } /* now we have in address/netmask binary values */ begin = get_body(msg);//msg->buf + msg->first_line.len; // inlocuiesc cu begin = getbody */ ret = -1; len = strlen (newip); /* try to use precompiled expressions */ needToDealocate = 0; if (ipExpression != NULL) { re = ipExpression; #ifdef DEBUG fprintf(stdout,"Using PRECOMPILED expression for ip ...\n"); #endif } else /* we are not using precompiled expressions */ { re = pkg_malloc(sizeof(regex_t)); if (re == NULL) { LOG(L_ERR,"ERROR: sdp_mangle_ip: Unable to allocate re\n"); return -7; } needToDealocate = 1; if ((regcomp (re, key, REG_EXTENDED)) != 0) { LOG(L_ERR,"ERROR: sdp_mangle_ip: Unable to compile %s \n",key); return -8; } #ifdef DEBUG fprintf(stdout,"Using ALLOCATED expression for ip ...\n"); #endif } diff = 0; while ((begin < msg->buf + msg->len) && (regexec (re, begin, 1, &pmatch, 0) == 0)) { off = begin - msg->buf; if (pmatch.rm_so == -1) { LOG (L_ERR,"ERROR: sdp_mangler_ip: offset unknown\n"); return -9; } #ifdef STRICT_CHECK pmatch.rm_eo --; /* return with one space,\n,\r */ #endif /* for BSD and Solaris we avoid memrchr pos = (char *) memrchr (begin + pmatch.rm_so, ' ',pmatch.rm_eo - pmatch.rm_so); */ pos = begin+pmatch.rm_eo; do pos--; while (*pos != ' '); /* we should find ' ' because we matched c=IN IP4 ip */ pos++; /* jumping over space */ oldlen = (pmatch.rm_eo - pmatch.rm_so) - (pos - (begin + pmatch.rm_so)); /* ip length */ if (oldlen > 15) { LOG(L_WARN,"WARNING: sdp_mangle_ip: Silent fail because oldlen > 15\n"); #ifdef STRICT_CHECK return -10; #else goto continue2; /* silent fail return -10; invalid ip format ,probably like 1000.3.12341.2 */ #endif } buffer[0] = '\0'; strncat ((char *) buffer, pos, oldlen); buffer[oldlen] = '\0'; i = parse_ip_address (buffer, &locatedIp); if (i == 0) { LOG(L_WARN,"WARNING: sdp_mangle_ip: Silent fail on parsing matched address \n"); #ifdef STRICT_CHECK return -11; #else goto continue2; #endif } if (same_net (locatedIp, address, mask) == 0) { LOG(L_WARN,"WARNING: sdp_mangle_ip: Silent fail because matched address is not in network\n"); #ifdef DEBUG fprintf(stdout,"Extracted ip is %s and not mangling \n",buffer); #endif goto continue2; /* not in the same net, skiping */ } #ifdef DEBUG fprintf(stdout,"Extracted ip is %s and mangling to %s\n",buffer,newip); #endif /* replacing ip */ /* deleting old ip */ if ((l = del_lump (msg,pmatch.rm_so + off + (pos - (begin + pmatch.rm_so)),oldlen, 0)) == 0) { LOG (L_ERR,"ERROR: sdp_mangle_ip: del_lump failed\n"); return -12; } s = pkg_malloc (len); if (s == 0) { LOG (L_ERR,"ERROR: sdp_mangle_ip: mem. allocation failure\n"); return -13; } memcpy (s, newip, len); if (insert_new_lump_after (l, s, len, 0) == 0) { LOG (L_ERR, "ERROR: sdp_mangle_ip: could not insert new lump\n"); pkg_free (s); return -14; } diff = diff + len /*new length */ - oldlen; /* new cycle */ ret++; continue2: begin = begin + pmatch.rm_eo; } /* while */ if (needToDealocate) { regfree (re); /* if I am going to use precompiled expressions to be removed */ pkg_free(re); #ifdef DEBUG fprintf(stdout,"Dealocating expression for ip ...\n"); #endif } if (diff != 0) { newContentLength = oldContentLength + diff; patch_content_length (msg, newContentLength); } #ifdef DEBUG fprintf (stdout,"---END--------MANGLE IP-----------------\n"); #endif return ret+2; }
static int parse(int c, char **argv, int argc, const struct ebt_u_entry *entry, unsigned int *flags, struct ebt_entry_match **match) { struct ebt_arp_info *arpinfo = (struct ebt_arp_info *)(*match)->data; long int i; char *end; uint32_t *addr; uint32_t *mask; char *maddr; char *mmask; switch (c) { case ARP_OPCODE: check_option(flags, OPT_OPCODE); if (check_inverse(optarg)) arpinfo->invflags |= EBT_ARP_OPCODE; if (optind > argc) print_error("Missing ARP opcode argument"); i = strtol(argv[optind - 1], &end, 10); if (i < 0 || i >= (0x1 << 16) || *end !='\0') { for (i = 0; i < NUMOPCODES; i++) if (!strcasecmp(opcodes[i], optarg)) break; if (i == NUMOPCODES) print_error("Problem with specified " "ARP opcode"); i++; } arpinfo->opcode = htons(i); arpinfo->bitmask |= EBT_ARP_OPCODE; break; case ARP_HTYPE: check_option(flags, OPT_HTYPE); if (check_inverse(optarg)) arpinfo->invflags |= EBT_ARP_HTYPE; if (optind > argc) print_error("Missing ARP hardware type argument"); i = strtol(argv[optind - 1], &end, 10); if (i < 0 || i >= (0x1 << 16) || *end !='\0') { if (!strcasecmp("Ethernet", argv[optind - 1])) i = 1; else print_error("Problem with specified ARP " "hardware type"); } arpinfo->htype = htons(i); arpinfo->bitmask |= EBT_ARP_HTYPE; break; case ARP_PTYPE: { uint16_t proto; check_option(flags, OPT_PTYPE); if (check_inverse(optarg)) arpinfo->invflags |= EBT_ARP_PTYPE; if (optind > argc) print_error("Missing ARP protocol type argument"); i = strtol(argv[optind - 1], &end, 16); if (i < 0 || i >= (0x1 << 16) || *end !='\0') { struct ethertypeent *ent; ent = getethertypebyname(argv[optind - 1]); if (!ent) print_error("Problem with specified ARP " "protocol type"); proto = ent->e_ethertype; } else proto = i; arpinfo->ptype = htons(proto); arpinfo->bitmask |= EBT_ARP_PTYPE; break; } case ARP_IP_S: case ARP_IP_D: if (c == ARP_IP_S) { check_option(flags, OPT_IP_S); addr = &arpinfo->saddr; mask = &arpinfo->smsk; arpinfo->bitmask |= EBT_ARP_SRC_IP; } else { check_option(flags, OPT_IP_D); addr = &arpinfo->daddr; mask = &arpinfo->dmsk; arpinfo->bitmask |= EBT_ARP_DST_IP; } if (check_inverse(optarg)) { if (c == ARP_IP_S) arpinfo->invflags |= EBT_ARP_SRC_IP; else arpinfo->invflags |= EBT_ARP_DST_IP; } if (optind > argc) print_error("Missing ARP IP address argument"); parse_ip_address(argv[optind - 1], addr, mask); break; case ARP_MAC_S: case ARP_MAC_D: if (c == ARP_MAC_S) { check_option(flags, OPT_MAC_S); maddr = arpinfo->smaddr; mmask = arpinfo->smmsk; arpinfo->bitmask |= EBT_ARP_SRC_MAC; } else { check_option(flags, OPT_MAC_D); maddr = arpinfo->dmaddr; mmask = arpinfo->dmmsk; arpinfo->bitmask |= EBT_ARP_DST_MAC; } if (check_inverse(optarg)) { if (c == ARP_MAC_S) arpinfo->invflags |= EBT_ARP_SRC_MAC; else arpinfo->invflags |= EBT_ARP_DST_MAC; } if (optind > argc) print_error("Missing ARP MAC address argument"); if (get_mac_and_mask(argv[optind - 1], maddr, mmask)) print_error("Problem with ARP MAC address argument"); break; default: return 0; } return 1; }
/* this functione tryes to interpret what we have read from the config file and makes the changes to the global variables if possible */ void change_config (struct name_value *config_values) { int result, ret; unsigned int conv; struct name_value *config_list, *csv_list, *this_name_value; struct fcp_address_list *this_address_list, *tmp; config_list = config_values; fcp_log (LOG_DEBUG, "CONFIGURE: begin of changing configuration"); while (config_list->name != NULL) { /* what parameter was read */ result = compare_to_def (config_list->name); if (result) { /* if it was a correct spelled parameter switch to point where we scan the value and make the changes */ switch (result) { case argument_PORT: conv = atol (config_list->value); if ((conv > 65535) || (conv < 1)) { sprintf (debug_msg_helper, "CONFIGURE: error port %i out of range", conv); fcp_log (LOG_ERR, debug_msg_helper); conv = FCP_DEFAULT_PORT; sprintf (debug_msg_helper, "CONFIGURE: using standard port %i instead", conv); fcp_log (LOG_ERR, debug_msg_helper); } else { sprintf (debug_msg_helper, "CONFIGURE: using port %i", conv); fcp_log (LOG_DEBUG, debug_msg_helper); } if (conv != fcp_port) { /* the listening port have changed so we stop our network (all connections are getting lost) and restart it with the new port */ stop_network(); fcp_port = conv; init_network(); fcp_log (LOG_DEBUG, "CONFIGURE: network restartet with new port"); } break; case argument_DEBUGLEVEL: conv = atoi (config_list->value); if ((conv > 7) || (conv < 0)) { sprintf (debug_msg_helper, "CONFIGURE: error debuglevel %i out of range", conv); fcp_log (LOG_ERR, debug_msg_helper); } else { if (fcp_loglevel_override) conv = fcp_loglevel; /* was specified on command line */ sprintf (debug_msg_helper, "CONFIGURE: using debuglevel %i", conv); fcp_log (LOG_INFO, debug_msg_helper); if (conv != fcp_loglevel) /* change our loglevel to the new value */ fcp_loglevel = conv; } break; case argument_ACL: sprintf (debug_msg_helper, "CONFIGURE: access restricted to %s.", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); /* Seperate the string by the commas */ csv_list = (struct name_value *) scan_csv (config_list->value); if (csv_list) { /* First of all free the existing acl_list. */ this_address_list = fcp_acl_list.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } /* Convert the strings into IPs and netmasks and put them into the acl_list. */ this_name_value = csv_list; fcp_acl_list.next = malloc (sizeof (struct fcp_address_list)); this_address_list = fcp_acl_list.next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in ACL isn't valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in ACL isn't valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in ACL isn't valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; /* The first element is now in the list, now do the same for the rest. */ while (this_name_value) { this_address_list->next = malloc (sizeof (struct fcp_address_list)); this_address_list = this_address_list->next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in ACL isn't valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in ACL isn't valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in ACL isn't valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; } /* Everything is in the acl_list now freeing the name_value_list where the strings were in. */ while (csv_list) { this_name_value = csv_list->next; free (csv_list->name); free (csv_list); csv_list = this_name_value; } } else { fcp_log (LOG_ERR, "CONFIGURE: ACL couldn't be converted"); /* Free the existing acl_list if exists. */ if (fcp_acl_list.next) { this_address_list = fcp_acl_list.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } fcp_acl_list.next = NULL; } } break; case argument_INTFIN: if (strlen (config_list->value) > 0) { sprintf (debug_msg_helper, "CONFIGURE: in interface %s found.", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); /* Freeing the old interface if specified, alloc and copy the new value. More then one interface is NOT supported yet. */ if (fcp_in_interface.name) free (fcp_in_interface.name); fcp_in_interface.name = malloc (sizeof (config_list->value)); strcpy (fcp_in_interface.name, config_list->value); } break; case argument_INTFOUT: if (strlen (config_list->value) > 0) { sprintf (debug_msg_helper, "CONFIGURE: out interface %s found.", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); /* Freeing the old interface if specified, alloc and copy the new value. More then one interface is NOT supported yet. */ if (fcp_out_interface.name) free (fcp_out_interface.name); fcp_out_interface.name = malloc (sizeof (config_list->value)); strcpy (fcp_out_interface.name, config_list->value); } break; case argument_INTFDMZ: if (strlen (config_list->value) > 0) { sprintf (debug_msg_helper, "CONFIGURE: dmz interface %s found.", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); /* Freeing the old interface if specified, alloc and copy the new value. More then one interface is NOT supported yet. */ if (fcp_dmz_interface.name) free (fcp_dmz_interface.name); fcp_dmz_interface.name = malloc (sizeof (config_list->value)); strcpy (fcp_dmz_interface.name, config_list->value); } break; case argument_TIMEOUT: conv = atoi (config_list->value); if ((conv > FCP_MAX_TIMEOUT) || (conv < 0)) { sprintf (debug_msg_helper, "CONFIGURE: the timeout value %i is grater then the" " maximum %i or less 0", conv, FCP_MAX_TIMEOUT); fcp_log (LOG_ERR, debug_msg_helper); conv = FCP_DEFAULT_TIMEOUT; sprintf (debug_msg_helper, "CONFIGURE: using standard timeout %i instead", conv); fcp_log (LOG_ERR, debug_msg_helper); } else { sprintf (debug_msg_helper, "CONFIGURE: using %i as standard timeout value", conv); fcp_log (LOG_DEBUG, debug_msg_helper); } if (conv != fcp_timeout) /* is there anything else to do ??? should we calculate the timeout of the existing states new? but how? we don't know how much time is elapsed by every state. so i assume that the new timeout is only valid for new states. :( */ fcp_timeout = conv; break; case argument_MAXPRIORITY: conv = atoi (config_list->value); if ((conv > FCP_MAX_PRIORITY_CLASSES) || (conv < 0)) { sprintf (debug_msg_helper, "CONFIGURE: %i priority classes are grater then the" " maximum %i or less 0", conv, FCP_MAX_PRIORITY_CLASSES); fcp_log (LOG_ERR, debug_msg_helper); conv = FCP_DEFAULT_PRIORITY_CLASSES; sprintf (debug_msg_helper, "CONFIGURE: using %i priority classes instead.", conv); fcp_log (LOG_ERR, debug_msg_helper); } else { sprintf (debug_msg_helper, "CONFIGURE: using %i priority classes.", conv); fcp_log (LOG_DEBUG, debug_msg_helper); } if (conv != fcp_priorityclasses) /* *FIXME* here we definetly have to do some more things but at this ... */ fcp_priorityclasses = conv; break; case argument_MAXLOG: conv = atoi (config_list->value); if ((conv > FCP_MAX_LOG_CLASSES) || (conv < 0)) { sprintf (debug_msg_helper, "CONFIGURE: %i log classes are grater then the" " maximum %i or less 0", conv, FCP_MAX_LOG_CLASSES); fcp_log (LOG_ERR, debug_msg_helper); conv = FCP_DEFAULT_LOG_CLASSES; sprintf (debug_msg_helper, "CONFIGURE: using %i log classes instead.", conv); fcp_log (LOG_ERR, debug_msg_helper); } else { sprintf (debug_msg_helper, "CONFIGURE: using %i logging classes.", conv); fcp_log (LOG_DEBUG, debug_msg_helper); } if (fcp_logclasses != conv) /* *FIXME* here we definetly have to do some more things but at this time ... */ fcp_logclasses = conv; break; case argument_INTERNALIPS: sprintf (debug_msg_helper, "CONFIGURE: internal IPs are %s.", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); /* Seperate the string by the commas */ csv_list = (struct name_value *) scan_csv (config_list->value); if (csv_list) { /* First of all free the existing internal_ips. */ this_address_list = fcp_internal_ips.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } /* Convert the strings into IPs and netmasks and put them into the internal_ips. */ this_name_value = csv_list; fcp_internal_ips.next = malloc (sizeof (struct fcp_address_list)); this_address_list = fcp_internal_ips.next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in INTERNALIPS isn't valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in INTERNALIPS isn't valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in INTERNALIPS isn't" " valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; /* The first element is now in the list, now do the same for the rest. */ while (this_name_value) { this_address_list->next = malloc (sizeof (struct fcp_address_list)); this_address_list = this_address_list->next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in INTERNALIPS isn't" " valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in INTERNALIPS isn't" " valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in INTERNALIPS isn't" " valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; } /* Everything is in the internal_ips now freeing the name_value_list where the strings were in. */ while (csv_list) { this_name_value = csv_list->next; free (csv_list->name); free (csv_list); csv_list = this_name_value; } } else { fcp_log (LOG_ERR, "CONFIGURE: INTERNALIPS couldn't be converted"); /* Free the existing internal_ips if exists. */ if (fcp_internal_ips.next) { this_address_list = fcp_internal_ips.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } fcp_internal_ips.next = NULL; } } break; case argument_MASQUIPS: sprintf (debug_msg_helper, "CONFIGURE: this IPS %s will be masqueraded.", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); /* Seperate the string by the commas */ csv_list = (struct name_value *) scan_csv (config_list->value); if (csv_list) { /* First of all free the existing masqu_ips. */ this_address_list = fcp_masq_ips.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } /* Convert the strings into IPs and netmasks and put them into the masqu_ips. */ this_name_value = csv_list; fcp_masq_ips.next = malloc (sizeof (struct fcp_address_list)); this_address_list = fcp_masq_ips.next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in MASQUIPS isn't valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in MASQUIPS isn't valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in MASQUIPS isn't valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; /* The first element is now in the list, now do the same for the rest. */ while (this_name_value) { this_address_list->next = malloc (sizeof (struct fcp_address_list)); this_address_list = this_address_list->next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in MASQUIPS isn't" " valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in MASQUIPS isn't" " valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in MASQUIPS isn't" " valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; } /* Everything is in the masqu_ips now freeing the name_value_list where the strings were in. */ while (csv_list) { this_name_value = csv_list->next; free (csv_list->name); free (csv_list); csv_list = this_name_value; } } else { fcp_log (LOG_ERR, "CONFIGURE: MASQIPS couldn't be converted"); /* Free the existing masq_ips if exists. */ if (fcp_masq_ips.next) { this_address_list = fcp_masq_ips.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } fcp_masq_ips.next = NULL; } } break; case argument_IPIN: if (parse_ip_address (config_list->value, &conv)) { sprintf (debug_msg_helper, "CONFIGURE: IP of internal interface is %s", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); fcp_internal_IP = conv; } else { sprintf (debug_msg_helper, "CONFIGURE: couldn't convert IP (%s) of internal" " interface", config_list->value); fcp_log (LOG_ERR, debug_msg_helper); } break; case argument_IPOUT: if (parse_ip_address (config_list->value, &conv)) { sprintf (debug_msg_helper, "CONFIGURE: IP of outer (external) interface is %s", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); fcp_outer_IP = conv; } else { sprintf (debug_msg_helper, "CONFIGURE: couldn't convert IP (%s) of outer" " (external) interface", config_list->value); fcp_log (LOG_ERR, debug_msg_helper); } break; case argument_IPDMZ: if (parse_ip_address (config_list->value, &conv)) { sprintf (debug_msg_helper, "CONFIGURE: IP of DMZ interface is %s", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); fcp_demilitary_IP = conv; } else { sprintf (debug_msg_helper, "CONFIGURE: couldn't convert IP (%s) of DMZ" " interface", config_list->value); fcp_log (LOG_ERR, debug_msg_helper); } break; case argument_DMZIPS: sprintf (debug_msg_helper, "CONFIGURE: this IPS %s are in the DMZ.", config_list->value); fcp_log (LOG_DEBUG, debug_msg_helper); /* Seperate the string by the commas */ csv_list = (struct name_value *) scan_csv (config_list->value); if (csv_list) { /* First of all free the existing dmz_ips. */ this_address_list = fcp_dmz_ips.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } /* Convert the strings into IPs and netmasks and put them into the dmz_ips. */ this_name_value = csv_list; fcp_dmz_ips.next = malloc (sizeof (struct fcp_address_list)); this_address_list = fcp_dmz_ips.next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in DMZIPS isn't valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in DMZIPS isn't valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in DMZIPS isn't valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; /* The first element is now in the list, now do the same for the rest. */ while (this_name_value) { this_address_list->next = malloc (sizeof (struct fcp_address_list)); this_address_list = this_address_list->next; this_address_list->next = NULL; ret = parse_ip_netmask (this_name_value->name, &this_address_list->netmask); if (ret == 1) { if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in DMZIPS isn't valid"); this_address_list->address = 0; } } else if (ret == 0) { this_address_list->netmask = 0xFFFFFFFF; if (!parse_ip_address (this_name_value->name, &this_address_list->address)) { fcp_log (LOG_ERR, "CONFIGURE: IP in DMZIPS isn't valid"); this_address_list->address = 0; } } else { fcp_log (LOG_ERR, "CONFIGURE: netmask in DMZIPS isn't valid"); this_address_list->netmask = 0xFFFFFFFF; this_address_list->address = 0; } this_name_value = this_name_value->next; } /* Everything is in the dmz_ips now freeing the name_value_list where the strings were in. */ while (csv_list) { this_name_value = csv_list->next; free (csv_list->name); free (csv_list); csv_list = this_name_value; } } else { fcp_log (LOG_ERR, "CONFIGURE: DMZIPS couldn't be converted"); /* Free the existing dmz_ips if exists. */ if (fcp_dmz_ips.next) { this_address_list = fcp_dmz_ips.next; while (this_address_list) { tmp = this_address_list->next; free (this_address_list); this_address_list = tmp; } fcp_dmz_ips.next = NULL; } } break; case argument_LOG_S: fcp_log_per_sec = atoi (config_list->value); sprintf (debug_msg_helper, "CONFIGURE: log class 1 will log %i packets/second", fcp_log_per_sec); fcp_log (LOG_DEBUG, debug_msg_helper); break; case argument_LOG_M: fcp_log_per_min = atoi (config_list->value); sprintf (debug_msg_helper, "CONFIGURE: log class 2 will log %i packets/minute", fcp_log_per_min); fcp_log (LOG_DEBUG, debug_msg_helper); break; case argument_LOG_H: fcp_log_per_hou = atoi (config_list->value); sprintf (debug_msg_helper, "CONFIGURE: log class 3 will log %i packets/hour", fcp_log_per_hou); fcp_log (LOG_DEBUG, debug_msg_helper); break; case argument_LOG_D: fcp_log_per_day = atoi (config_list->value); sprintf (debug_msg_helper, "CONFIGURE: log class 4 will log %i packets/day", fcp_log_per_day); fcp_log (LOG_DEBUG, debug_msg_helper); break; default: sprintf (debug_msg_helper, "CONFIGURE: don't know what to do with parameter %s", config_list->name); fcp_log (LOG_ERR, debug_msg_helper); break; } } /* if result */ else { sprintf (debug_msg_helper, "CONFIGURE: unknown parameter %s found in config file\n", config_list->name); fcp_log (LOG_CRIT, debug_msg_helper); } /* if result */ config_list = config_list->next; } /* while */ fcp_log (LOG_DEBUG, "CONFIGURE: end of changing configuration\n"); }
/*************************************************************************** * Read the configuration from the command-line. * Called by 'main()' when starting up. ***************************************************************************/ void conf_command_line(struct Configuration *cfg, int argc, char *argv[]) { int i; struct ParsedIpAddress ipaddr; for (i=1; i<argc; i++) { /* * --name=value * --name:value * -- name value */ if (argv[i][0] == '-' && argv[i][1] == '-') { if (strcmp(argv[i], "--help") == 0) conf_help(); else { char name2[64]; char *name = argv[i] + 2; unsigned name_length; const char *value; value = strchr(&argv[i][2], '='); if (value == NULL) value = strchr(&argv[i][2], ':'); if (value == NULL) { value = argv[++i]; name_length = (unsigned)strlen(name); } else { name_length = (unsigned)(value - name); value++; } if (i >= argc) { fprintf(stderr, "%.*s: empty parameter\n", name_length, name); break; } if (name_length > sizeof(name2) - 1) { fprintf(stderr, "%.*s: name too long\n", name_length, name); name_length = sizeof(name2) - 1; } memcpy(name2, name, name_length); name2[name_length] = '\0'; conf_set_parameter(cfg, name2, value); } continue; } /* For for a single-dash parameter */ else if (argv[i][0] == '-') { const char *arg; switch (argv[i][1]) { case 'c': if (argv[i][2]) arg = argv[i]+2; else arg = argv[++i]; //conf_trackfile_add(cfg->tf, argv[i]); cfg_parse_file(cfg, argv[i]); break; case 'd': if (argv[i][2]) arg = argv[i]+2; else arg = argv[++i]; if (arg[0] < '0' || '9' < arg[0]) LOG_ERR(C_CONFIG, "expected numeric debug level after -d option\n"); else verbosity = atoi(arg); break; case 'i': if (argv[i][2]) arg = argv[i]+2; else arg = argv[++i]; conf_set_parameter(cfg, "adapter", arg); break; case 'h': case '?': conf_usage(); break; case 'v': verbosity++; break; default: LOG_ERR(C_CONFIG, "FAIL: unknown option: -%s\n", argv[i]); LOG_ERR(C_CONFIG, " [hint] try \"--help\"\n"); exit(1); } continue; } else if (ends_with(argv[i], ".zone")) cfg_add_zonefile(cfg, argv[i]); else if (ends_with(argv[i], ".conf")) { //conf_trackfile_add(cfg->tf, argv[i]); cfg_parse_file(cfg, argv[i]); } else if (parse_ip_address(argv[i], 0, 0, &ipaddr)) { ;//conf_set_parameter(conf, "adapter-ip", argv[i]); } else if (pixie_nic_exists(argv[i])) { //strcpy_s(conf->nic[0].ifname, sizeof(conf->nic[0].ifname), argv[i]); } else if (is_directory(argv[i]) && has_configuration(argv[i])) { //directory_to_zonefile_list(conf, argv[i]); } else { LOG_ERR(C_CONFIG, "%s: unknown command-line parameter\n", argv[i]); } } }