void _memory_preallocate( void )
{
hash_t tracker;
if( !_memory_temporary.storage )
_atomic_allocate_initialize( config_int( HASH_FOUNDATION, HASH_TEMPORARY_MEMORY ) );
tracker = config_string_hash( HASH_FOUNDATION, HASH_MEMORY_TRACKER );
if( tracker == HASH_LOCAL )
memory_set_tracker( memory_tracker_local() );
}
/*
* 割込み管理機能の初期化
*/
void
initialize_interrupt(void)
{
uint_t i;
const INTINIB *p_intinib;
for (i = 0; i < tnum_cfg_intno; i++) {
p_intinib = &(intinib_table[i]);
config_int(p_intinib->intno, p_intinib->intatr, p_intinib->intpri);
}
}
static const char *config_control(struct control **as)
{
const char *t = 0;
struct control *a, *b;
struct simple_list *l;
b = *as;
while (b && b->locations)
b = b->next;
MAKE(a, struct control);
a->locations = 0;
a->alias = 0;
a->clients = 0;
if (b) {
a->index_names = b->index_names;
a->accesses = b->accesses;
a->mimes = b->mimes;
a->symlinksok = b->symlinksok;
a->path_args_ok = b->path_args_ok;
a->loglevel = b->loglevel;
a->admin = b->admin;
a->refresh = b->refresh;
}
else {
a->index_names = 0;
a->accesses = 0;
a->mimes = 0;
a->symlinksok = 0;
a->path_args_ok = 0;
a->loglevel = 0;
a->admin = 0;
a->refresh = 0;
}
a->next = *as;
*as = a;
GETOPEN();
while (NOTCLOSE()) {
REQWORD();
if (strceq(tokbuf, c_location)) {
MAKE(l, struct simple_list);
GETSTRING();
chopslash(tokbuf);
COPY(l->name, tokbuf);
if (a->locations) {
l->next = a->locations->next;
a->locations->next = l;
} else {
l->next = l;
a->locations = l;
}
}
else if (strceq(tokbuf, c_alias)) {
GETSTRING();
chopslash(tokbuf);
COPY(a->alias, tokbuf);
}
else if (strceq(tokbuf, c_symlinks))
t = config_flag(&a->symlinksok);
else if (strceq(tokbuf, c_path_args))
t = config_flag(&a->path_args_ok);
else if (strceq(tokbuf, c_loglevel))
t = config_int(&a->loglevel);
else if (strceq(tokbuf, c_index_names))
t = config_list(&a->index_names);
else if (strceq(tokbuf, c_access))
t = config_access(&a->accesses);
else if (strceq(tokbuf, c_clients))
t = config_access(&a->clients);
else if (strceq(tokbuf, c_types))
t = config_mime(&a->mimes, M_TYPE);
else if (strceq(tokbuf, c_specials))
t = config_mime(&a->mimes, M_SPECIAL);
else if (strceq(tokbuf, c_admin))
t = config_string(&a->admin);
else if (strceq(tokbuf, c_refresh))
t = config_int(&a->refresh);
else
t = e_keyword;
if (t)
return t;
}
if (a->alias && (a->locations == 0))
return e_bad_alias;
return 0;
}
static int client_setup_file(CONTEXT *ctx, char *who)
{
char *p;
u_int16_t l, u;
/*
** little bit sanity check
*/
if( !(ctx && who && *who)) {
return -1;
}
/*
** Inform the auditor that we are using the config file
*/
syslog_write(U_INF, "reading data for '%s' from cfg-file", who);
/*
** Evaluate DestinationAddress, except we have magic_addr
*/
if (INADDR_ANY != ctx->magic_addr) {
ctx->srv_addr = ctx->magic_addr;
} else {
ctx->srv_addr = config_addr(who, "DestinationAddress",
INADDR_ANY);
#if defined(COMPILE_DEBUG)
debug(2, "file DestAddr for %s: '%s'",
ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr));
#endif
}
/*
** Evaluate DestinationPort, except we have magic_port
*/
if (INPORT_ANY != ctx->magic_port) {
ctx->srv_port = ctx->magic_port;
} else {
ctx->srv_port = config_port(who, "DestinationPort",
IPPORT_FTP);
#if defined(COMPILE_DEBUG)
debug(2, "file DestPort for %s: %d",
ctx->cli_ctrl->peer, (int) ctx->srv_port);
#endif
}
/*
** Evaluate the destination transfer mode
*/
p = config_str(who, "DestinationTransferMode", "client");
if(0 == strcasecmp(p, "active")) {
ctx->srv_mode = MOD_ACT_FTP;
} else
if(0 == strcasecmp(p, "passive")) {
ctx->srv_mode = MOD_PAS_FTP;
} else
if(0 == strcasecmp(p, "client")) {
ctx->srv_mode = MOD_CLI_FTP;
} else {
syslog_error("can't eval DestMode for %s",
ctx->cli_ctrl->peer);
return -1;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestMode for %s: %s", ctx->cli_ctrl->peer, p);
#endif
/*
** Evaluate min/max destination port range
*/
l = config_port(who, "DestinationMinPort", INPORT_ANY);
u = config_port(who, "DestinationMaxPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->srv_lrng = l;
ctx->srv_urng = u;
} else {
ctx->srv_lrng = INPORT_ANY;
ctx->srv_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->srv_lrng, ctx->srv_urng);
#endif
/*
** Evaluate min/max active port range
*/
l = config_port(who, "ActiveMinDataPort", INPORT_ANY);
u = config_port(who, "ActiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->act_lrng = l;
ctx->act_urng = u;
} else {
/* do not try to bind a port < 1024 if running as UID != 0 */
if(0 == getuid()) {
ctx->act_lrng = (IPPORT_FTP - 1);
ctx->act_urng = (IPPORT_FTP - 1);
} else {
ctx->act_lrng = INPORT_ANY;
ctx->act_urng = INPORT_ANY;
}
}
#if defined(COMPILE_DEBUG)
debug(2, "file ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->act_lrng, ctx->act_urng);
#endif
/*
** Evaluate min/max passive port range
*/
l = config_port(who, "PassiveMinDataPort", INPORT_ANY);
u = config_port(who, "PassiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->pas_lrng = l;
ctx->pas_urng = u;
} else {
ctx->pas_lrng = INPORT_ANY;
ctx->pas_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->pas_lrng, ctx->pas_urng);
#endif
/*
** Setup other configuration options
*/
ctx->same_adr = config_bool(who, "SameAddress", 1);
ctx->timeout = config_int (who, "TimeOut", 900);
#if defined(COMPILE_DEBUG)
debug(2, "file SameAddress for %s: %s", ctx->cli_ctrl->peer,
ctx->same_adr ? "yes" : "no");
debug(2, "file TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout);
#endif
/*
** Adjust the allow/deny flags for the commands
*/
p = config_str(who, "ValidCommands", NULL);
cmds_set_allow(p);
return 0;
}
void client_run(void)
{
int sock, need, diff;
char str[MAX_PATH_SIZE * 2];
char *p, *q;
FILE *fp;
BUF *buf;
/*
** Setup client signal handling (mostly graceful exit)
*/
signal(SIGINT, client_signal);
signal(SIGTERM, client_signal);
signal(SIGQUIT, client_signal);
signal(SIGHUP, client_signal);
signal(SIGCHLD, SIG_IGN);
signal(SIGUSR1, SIG_IGN);
/*
** Prepare our general client context
*/
memset(&ctx, 0, sizeof(ctx));
ctx.sess_beg = time(NULL);
ctx.cli_mode = MOD_ACT_FTP;
ctx.expect = EXP_IDLE;
ctx.timeout = config_int(NULL, "TimeOut", 900);
sock = fileno(stdin); /* "recover" our socket */
/*
** Check whether a DenyMessage file exists. This
** indicates that we are currently not willing
** to serve any clients.
*/
p = config_str(NULL, "DenyMessage", NULL);
if (p != NULL && (fp = fopen(p, "r")) != NULL) {
while (fgets(str, sizeof(str) - 4, fp) != NULL) {
p = socket_msgline(str);
if ((q = strchr(p, '\n')) != NULL)
strcpy(q, "\r\n");
else
strcat(p, "\r\n");
send(sock, "421-", 4, 0);
send(sock, p, strlen(p), 0);
}
fclose(fp);
if ((p = config_str(NULL, "DenyString", NULL)) != NULL)
p = socket_msgline(p);
else
p = "Service not available";
send(sock, "421 ", 4, 0);
send(sock, p, strlen(p), 0);
send(sock, ".\r\n", 3, 0);
p = socket_addr2str(socket_sck2addr(sock, REM_END, NULL));
close(sock);
syslog_write(U_ERR, "reject: '%s' (DenyMessage)", p);
exit(EXIT_SUCCESS);
}
/*
** Create a High Level Socket for the client's User-PI
*/
if ((ctx.cli_ctrl = socket_init(sock)) == NULL)
misc_die(FL, "client_run: ?cli_ctrl?");
ctx.cli_ctrl->ctyp = "Cli-Ctrl";
/*
** Announce the connection request
*/
syslog_write(U_INF, "connect from %s", ctx.cli_ctrl->peer);
/*
** Display the welcome message (invite the user to login)
*/
if ((p = config_str(NULL, "WelcomeString", NULL)) == NULL)
p = "%h FTP server (Version %v - %b) ready";
misc_strncpy(str, socket_msgline(p), sizeof(str));
client_respond(220,
config_str(NULL, "WelcomeMessage", NULL), str);
/*
** Enter the client mainloop
*/
while (close_flag == 0) {
/*
** We need to go into select() only
** if all input has been processed
** or
** we wait for more data to get a line
** complete (partially sent, no EOL).
**
** (data buffers are never splited)
*/
need = 1;
if (ctx.cli_ctrl && ctx.cli_ctrl->rbuf)
need = 0;
if (ctx.srv_ctrl && ctx.srv_ctrl->rbuf)
need = 0;
if((ctx.cli_ctrl && ctx.cli_ctrl->more>0) ||
(ctx.srv_ctrl && ctx.srv_ctrl->more>0))
need = 1;
/*
** use higher priority to writes;
** read only if nothing to write...
*/
if(ctx.srv_data && ctx.cli_data) {
if(ctx.srv_data->wbuf) {
ctx.cli_data->more = -1;
} else {
ctx.cli_data->more = 0;
}
if(ctx.cli_data->wbuf) {
ctx.srv_data->more = -1;
} else {
ctx.srv_data->more = 0;
}
}
if (need != 0) {
if (socket_exec(ctx.timeout, &close_flag) <= 0)
break; /* Timed out or worse */
}
#if defined(COMPILE_DEBUG)
debug(4, "client-loop ...");
#endif
/*
** Check if any zombie sockets can be removed
*/
if (ctx.cli_ctrl != NULL && ctx.cli_ctrl->sock == -1)
close_flag = 1; /* Oops, forget it ... */
if (ctx.srv_ctrl != NULL && ctx.srv_ctrl->sock == -1) {
#if defined(COMPILE_DEBUG)
debug(3, "about to destroy Srv-Ctrl");
#endif
/*
** If we have any open data connections,
** make really sure they don't survive.
*/
if (ctx.cli_data != NULL)
ctx.cli_data->kill = 1;
if (ctx.srv_data != NULL)
ctx.srv_data->kill = 1;
/*
** Our client should be informed
*/
if (ctx.cli_ctrl->kill == 0) {
client_respond(421, NULL,
"Service not available, "
"closing control connection");
}
/*
** Don't forget to remove the dead socket
*/
socket_kill(ctx.srv_ctrl);
ctx.srv_ctrl = NULL;
}
if (ctx.cli_data != NULL && ctx.cli_data->sock == -1) {
#if defined(COMPILE_DEBUG)
debug(3, "about to destroy Cli-Data");
#endif
/*
** If we have an outstanding server reply
** (e.g. 226 Transfer complete), send it.
*/
if (ctx.xfer_rep[0] != '\0') {
socket_printf(ctx.cli_ctrl,
"%s\r\n", ctx.xfer_rep);
memset(ctx.xfer_rep, 0,
sizeof(ctx.xfer_rep));
} else {
if(ctx.expect == EXP_XFER)
ctx.expect = EXP_PTHR;
}
/*
** Good time for statistics and data reset
*/
if (ctx.xfer_beg == 0)
ctx.xfer_beg = time(NULL);
diff = (int) (time(NULL) - ctx.xfer_beg);
if (diff < 1)
diff = 1;
/*
** print our current statistic
*/
syslog_write(U_INF,
"Transfer for %s %s: %s '%s' %s %u/%d byte/sec",
ctx.cli_ctrl->peer,
ctx.cli_data->ernr ? "failed" : "completed",
ctx.xfer_cmd, ctx.xfer_arg,
ctx.cli_data->rcnt ? "sent" : "read",
ctx.cli_data->rcnt ? ctx.cli_data->rcnt
: ctx.cli_data->wcnt,
diff);
/*
** update session statistics data
*/
if(ctx.cli_data->rcnt)
ctx.xfer_rsec += diff;
ctx.xfer_rcnt += ctx.cli_data->rcnt;
if(ctx.cli_data->wcnt)
ctx.xfer_wsec += diff;
ctx.xfer_wcnt += ctx.cli_data->wcnt;
/*
** reset data transfer state
*/
client_data_reset(MOD_RESET);
/*
** Doom the corresponding server socket
*/
if (ctx.srv_data != NULL)
ctx.srv_data->kill = 1;
/*
** Don't forget to remove the dead socket
*/
socket_kill(ctx.cli_data);
ctx.cli_data = NULL;
}
if (ctx.srv_data != NULL && ctx.srv_data->sock == -1) {
#if defined(COMPILE_DEBUG)
debug(3, "about to destroy Srv-Data");
#endif
/*
** Doom the corresponding client socket if an
** error occured, FailResetsPasv=yes or we
** expect other response than PASV (Netscape!)
*/
if(ctx.cli_data != NULL) {
if(0 != ctx.srv_data->ernr) {
ctx.cli_data->ernr = -1;
ctx.cli_data->kill = 1;
}
if(config_bool(NULL,"FailResetsPasv", 0)) {
ctx.cli_data->kill = 1;
} else if(ctx.expect != EXP_PASV) {
ctx.cli_data->kill = 1;
}
}
/*
** Don't forget to remove the dead socket
*/
socket_kill(ctx.srv_data);
ctx.srv_data = NULL;
}
/*
** Serve the control connections
*/
if (ctx.cli_ctrl != NULL && ctx.cli_ctrl->rbuf != NULL) {
if (socket_gets(ctx.cli_ctrl,
str, sizeof(str)) != NULL)
client_cli_ctrl_read(str);
}
if (ctx.srv_ctrl != NULL && ctx.srv_ctrl->rbuf != NULL) {
if (socket_gets(ctx.srv_ctrl,
str, sizeof(str)) != NULL)
client_srv_ctrl_read(str);
}
/*
** Serve the data connections. This is a bit tricky,
** since all we do is move the buffer pointers.
*/
if (ctx.cli_data != NULL && ctx.srv_data != NULL) {
if (ctx.cli_data->rbuf != NULL) {
#if defined(COMPILE_DEBUG)
debug(2, "Cli-Data -> Srv-Data");
#endif
if (ctx.srv_data->wbuf == NULL) {
ctx.srv_data->wbuf =
ctx.cli_data->rbuf;
} else {
for (buf = ctx.srv_data->wbuf;
buf && buf->next;
buf = buf->next)
;
buf->next = ctx.cli_data->rbuf;
}
ctx.cli_data->rbuf = NULL;
}
if (ctx.srv_data->rbuf != NULL) {
#if defined(COMPILE_DEBUG)
debug(2, "Srv-Data -> Cli-Data");
#endif
if (ctx.cli_data->wbuf == NULL) {
ctx.cli_data->wbuf =
ctx.srv_data->rbuf;
} else {
for (buf = ctx.cli_data->wbuf;
buf && buf->next;
buf = buf->next)
;
buf->next = ctx.srv_data->rbuf;
}
ctx.srv_data->rbuf = NULL;
}
}
/* at this point the main loop resumes ... */
}
/*
** Display basic session statistics...
** in secs since session begin
** downloads / read (xfer-reads from server)
** uploads / send (xfer-sends from server)
*/
syslog_write(U_INF, "closing connect from %s after %d secs - "
"read %d/%d, sent %d/%d byte/sec",
ctx.cli_ctrl ? ctx.cli_ctrl->peer : "unknown peer",
time(NULL)-ctx.sess_beg,
ctx.xfer_wcnt, ctx.xfer_wsec,
ctx.xfer_rcnt, ctx.xfer_rsec);
/*
** Free allocated memory
*/
ctx.magic_auth = NULL;
if (ctx.userauth != NULL) {
misc_free(FL, ctx.userauth);
ctx.userauth = NULL;
}
if (ctx.username != NULL) {
misc_free(FL, ctx.username);
ctx.username = NULL;
}
if(ctx.userpass != NULL) {
misc_free(FL, ctx.userpass);
ctx.userpass = NULL;
}
#if defined(COMPILE_DEBUG)
debug(1, "}}}}} %s client-exit", misc_getprog());
#endif
exit(EXIT_SUCCESS);
}
static int client_setup_file(CONTEXT *ctx, char *who)
{
char *p;
u_int16_t l, u;
/*
** little bit sanity check
*/
if( !(ctx && who && *who)) {
return -1;
}
/*
** Inform the auditor that we are using the config file
*/
syslog_write(U_INF, "[ %s ] reading data for '%s' from cfg-file", ctx->cli_ctrl->peer, who);
/*
** Evaluate DestinationAddress, except we have magic_addr
*/
if (INADDR_ANY != ctx->magic_addr) {
ctx->srv_addr = ctx->magic_addr;
} else {
ctx->srv_addr = config_addr(who, "DestinationAddress",
INADDR_ANY);
#if defined(COMPILE_DEBUG)
debug(2, "[ %s ] file DestAddr for %s: '%s'", ctx->cli_ctrl->peer,
ctx->cli_ctrl->peer, socket_addr2str(ctx->srv_addr));
#endif
}
/*
** Evaluate DestinationPort, except we have magic_port
*/
if (INPORT_ANY != ctx->magic_port) {
ctx->srv_port = ctx->magic_port;
} else {
ctx->srv_port = config_port(who, "DestinationPort",
IPPORT_FTP);
#if defined(COMPILE_DEBUG)
debug(2, "[ %s ] file DestPort for %s: %d", ctx->cli_ctrl->peer,
ctx->cli_ctrl->peer, (int) ctx->srv_port);
#endif
}
/*
** Evaluate the destination transfer mode
*/
p = config_str(who, "DestinationTransferMode", "client");
if(0 == strcasecmp(p, "active")) {
ctx->srv_mode = MOD_ACT_FTP;
} else
if(0 == strcasecmp(p, "passive")) {
ctx->srv_mode = MOD_PAS_FTP;
} else
if(0 == strcasecmp(p, "client")) {
ctx->srv_mode = MOD_CLI_FTP;
} else {
syslog_error("can't eval DestMode for %s",
ctx->cli_ctrl->peer);
return -1;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestMode for %s: %s", ctx->cli_ctrl->peer, p);
#endif
/*
** Evaluate min/max destination port range
*/
l = config_port(who, "DestinationMinPort", INPORT_ANY);
u = config_port(who, "DestinationMaxPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->srv_lrng = l;
ctx->srv_urng = u;
} else {
ctx->srv_lrng = INPORT_ANY;
ctx->srv_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file DestRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->srv_lrng, ctx->srv_urng);
#endif
/*
** Evaluate min/max active port range
*/
l = config_port(who, "ActiveMinDataPort", INPORT_ANY);
u = config_port(who, "ActiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->act_lrng = l;
ctx->act_urng = u;
} else {
/* do not try to bind a port < 1024 if running as UID != 0 */
if(0 == getuid()) {
ctx->act_lrng = (IPPORT_FTP - 1);
ctx->act_urng = (IPPORT_FTP - 1);
} else {
ctx->act_lrng = INPORT_ANY;
ctx->act_urng = INPORT_ANY;
}
}
#if defined(COMPILE_DEBUG)
debug(2, "file ActiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->act_lrng, ctx->act_urng);
#endif
/*
** Evaluate min/max passive port range
*/
l = config_port(who, "PassiveMinDataPort", INPORT_ANY);
u = config_port(who, "PassiveMaxDataPort", INPORT_ANY);
if (l > 0 && u > 0 && u >= l) {
ctx->pas_lrng = l;
ctx->pas_urng = u;
} else {
ctx->pas_lrng = INPORT_ANY;
ctx->pas_urng = INPORT_ANY;
}
#if defined(COMPILE_DEBUG)
debug(2, "file PassiveRange for %s: %u-%u", ctx->cli_ctrl->peer,
ctx->pas_lrng, ctx->pas_urng);
#endif
/*
** Setup other configuration options
*/
ctx->same_adr = config_bool(who, "SameAddress", 1);
ctx->timeout = config_int (who, "TimeOut", 900);
#if defined(COMPILE_DEBUG)
debug(2, "file SameAddress for %s: %s", ctx->cli_ctrl->peer,
ctx->same_adr ? "yes" : "no");
debug(2, "file TimeOut for %s: %d", ctx->cli_ctrl->peer, ctx->timeout);
#endif
/*** Adjust the allow/deny flags for the commands ** Fred patch */
char dest[17];
char ipdest[17];
char ipsrc[17];
strcpy (ipsrc,ctx->cli_ctrl->peer);
strcpy (ipdest, socket_addr2str(ctx->srv_addr));
syslog_write(U_INF, "\n");
syslog_write(U_INF, "[ %s ] Fred Patch rules dest: %s src: %s", ipsrc, ipdest, ipsrc);
char groupname[]="group";
char commandename[]="ValidCommands";
char *group;
FILE *fp;
group = "group1";
int ix;
int ix2;
u_int32_t dnsaddr;
for(ix=1; group != NULL; ix++) {
sprintf (&groupname[5],"%d",ix);
group = config_str(who, groupname, NULL);
}
syslog_write(U_INF, "[ %s ] Number of groups: %d", ipsrc, ix-2);
for (ix2=1; ix2 <= ix-2; ix2++) {
sprintf (&groupname[5],"%d",ix2);
group = config_str(who, groupname, NULL);
syslog_write(U_INF, "[ %s ] Reading: %s",ipsrc, group );
if ((fp = fopen(group, "r")) == NULL)
{
syslog_write(U_INF, "File not found");
return 0;
}
else
{
fseek(fp, 0, SEEK_SET);
while (fgets(dest, 17 , fp) != NULL)
{
// Pour une IP
// Correction Bug Ligne sans \n
dest[16] = '\n';
char *c = strchr (dest, '\n');
*c = 0;
/* Dns resolution */
if (ipdest != dest) {
dnsaddr = socket_str2addr(dest, INADDR_ANY);
if (dnsaddr != 0)
strcpy (dest, socket_addr2str(dnsaddr));
}
if (strcmp(dest,ipdest) == 0 || strcmp(dest,ipsrc) == 0)
{
sprintf (&commandename[13],"%d",ix);
p = config_str(who,commandename, NULL);
cmds_set_allow(p);
syslog_write(U_INF, "[ %s ] Apply rules for: %s dst: %s",ipsrc, ipsrc, ipdest);
syslog_write(U_INF, "[ %s ] Server match %s ",ipsrc, group );
syslog_write(U_INF, "\n");
fclose(fp);
return 0;
}
// Network
if (strchr(dest, 'x') != NULL)
{
char *c = strchr(dest, 'x');
*c = 0;
int longueur;
longueur = strlen(dest);
if (strncmp(dest,ipdest,longueur) == 0 || strncmp(dest,ipsrc,longueur) == 0)
{
sprintf (&commandename[13],"%d",ix);
p = config_str(who,commandename, NULL);
cmds_set_allow(p);
syslog_write(U_INF, "[ %s ] Apply rules for Network: %s src: %s",ipsrc, ipdest, ipsrc);
syslog_write(U_INF, "[ %s ] Server match %s ",ipsrc, group );
syslog_write(U_INF, "\n");
fclose(fp);
return 0;
}
}
}
fclose(fp);
}
}
syslog_write(U_INF, "[ %s ] Oh, Oh, no rule found -> defaultrules", ipsrc) ;
p = config_str(who, "defaultrules", NULL);
cmds_set_allow(p);
return 0;
}
