struct rdl * rdl_loadfile (struct rdllib *rl, const char *file) { return loadfn (rl, "evalf", file); }
struct rdl * rdl_load (struct rdllib *rl, const char *s) { return loadfn (rl, "eval", s); }
static int default_rules(int load) { int ret; check_type_t type; check_acceptreject_t acceptreject; struct sockaddr_storage addr1; struct sockaddr_storage addr2; int i = 0; int (*loadfn)(void *fd_tracker_match_entry_head, struct sockaddr_storage *ss1, struct sockaddr_storage *ss2, check_type_t type, check_acceptreject_t acceptreject); if (load) { loadfn = _ipcheck_addip; } else { loadfn = ipcheck_rmip; } while (rules[i] != NULL) { printf("Parsing rule: %s\n", rules[i]); memset(&addr1, 0, sizeof(struct sockaddr_storage)); memset(&addr2, 0, sizeof(struct sockaddr_storage)); /* * First char is A (accept) or R (Reject) */ switch(rules[i][0] & 0x5F) { case 'A': acceptreject = CHECK_ACCEPT; break; case 'R': acceptreject = CHECK_REJECT; break; default: fprintf(stderr, "Unknown record type on line %d: %s\n", i, rules[i]); goto next_record; } /* * Second char is the filter type: * A Address * M Mask * R Range */ switch(rules[i][1] & 0x5F) { case 'A': type = CHECK_TYPE_ADDRESS; ret = get_ipaddress(rules[i]+2, &addr1); break; case 'M': type = CHECK_TYPE_MASK; ret = read_2ip(rules[i]+2, "/", &addr1, &addr2); break; case 'R': type = CHECK_TYPE_RANGE; ret = read_2ip(rules[i]+2, "-", &addr1, &addr2); break; default: fprintf(stderr, "Unknown filter type on line %d: %s\n", i, rules[i]); goto next_record; break; } if (ret) { fprintf(stderr, "Failed to parse address on line %d: %s\n", i, rules[i]); return -1; } else { if (addr1.ss_family == AF_INET) { if (loadfn(&match_entry_v4, &addr1, &addr2, type, acceptreject) < 0) { fprintf(stderr, "Failed to add/rm address on line %d: %s (errno: %s)\n", i, rules[i], strerror(errno)); return -1; } } else { if (loadfn(&match_entry_v6, &addr1, &addr2, type, acceptreject) < 0) { fprintf(stderr, "Failed to add/rm address on line %d: %s (errno: %s)\n", i, rules[i], strerror(errno)); return -1; } } } next_record: i++; } return 0; }