int main(int argc, char **argv)
{
skstream_t *stream = NULL;
ssize_t rv;
/* Global setup */
appSetup(argc, argv);
/* process input */
while ((rv = skOptionsCtxNextSilkFile(optctx, &stream, &skAppPrintErr))
== 0)
{
skStreamSetIPv6Policy(stream, ipv6_policy);
if (0 != processFile(stream)) {
skAppPrintErr("Error processing input from %s",
skStreamGetPathname(stream));
skStreamDestroy(&stream);
return EXIT_FAILURE;
}
skStreamDestroy(&stream);
}
if (rv < 0) {
exit(EXIT_FAILURE);
}
rv = skAggBagWrite(ab, output);
if (rv) {
if (SKAGGBAG_E_WRITE == rv) {
skStreamPrintLastErr(output, skStreamGetLastReturnValue(output),
&skAppPrintErr);
} else {
skAppPrintErr("Error writing Aggregate Bag to '%s': %s",
skStreamGetPathname(output), skAggBagStrerror(rv));
}
exit(EXIT_FAILURE);
}
skAggBagDestroy(&ab);
/* Done, do cleanup */
appTeardown();
return 0;
}
int main(int argc, char **argv)
{
int rv;
appSetup(argc, argv);
/* read input file */
if (ip_ranges) {
if (buildIPSetRanges(in_stream)) {
return 1;
}
} else {
if (buildIPSetWildcards(in_stream)) {
return 1;
}
}
skIPSetClean(ipset);
/* write output to stream */
rv = skIPSetWrite(ipset, out_stream);
if (rv) {
if (SKIPSET_ERR_FILEIO == rv) {
skStreamPrintLastErr(out_stream,
skStreamGetLastReturnValue(out_stream),
&skAppPrintErr);
} else {
skAppPrintErr("Unable to write IPset to '%s': %s",
skStreamGetPathname(out_stream),skIPSetStrerror(rv));
}
return 1;
}
skStreamDestroy(&in_stream);
skStreamDestroy(&out_stream);
/* done */
return 0;
}
/*
* skplugin_err_t pmapfile_handler(const char *opt_arg, void *cbdata)
*
* Handler for --pmap-file option. Actually registers the filter and
* fields.
*/
static skplugin_err_t
pmapfile_handler(
const char *opt_arg,
void UNUSED(*cbdata))
{
/* Whether we have seen any unnamed pmaps */
static int have_unnamed_pmap = 0;
skPrefixMapErr_t map_error = SKPREFIXMAP_OK;
skstream_t *stream = NULL;
skPrefixMap_t *prefix_map = NULL;
pmap_data_t *pmap_data = NULL;
int ok;
const char *filename;
const char *sep;
const char *mapname;
char *prefixed_name = NULL;
char *short_prefixed_name;
size_t namelen = 0;
size_t i;
int rv = SKPLUGIN_ERR;
skplugin_callbacks_t regdata;
/* We can only have one pmap whenever we any any pmap without a
* mapname. If we've seen one and enter this function a second
* time, it is an error */
if (have_unnamed_pmap) {
skAppPrintErr(("Invalid %s: You may use only one prefix map"
" when you are\n"
"\tusing a prefix map without specifying a mapname"),
pmap_file_option);
return SKPLUGIN_ERR;
}
/* Parse the argument into a field name and file name */
sep = strchr(opt_arg, ':');
if (NULL == sep) {
/* We do not have a mapname. We'll check for one in the pmap
* once we read it. */
mapname = NULL;
filename = opt_arg;
} else {
/* A mapname was supplied on the command line */
if (sep == opt_arg) {
skAppPrintErr("Invalid %s: Zero length mapnames are not allowed",
pmap_file_option);
return SKPLUGIN_ERR;
}
if (memchr(opt_arg, ',', sep - opt_arg) != NULL) {
skAppPrintErr("Invalid %s: The mapname may not include a comma",
pmap_file_option);
return SKPLUGIN_ERR;
}
mapname = opt_arg;
filename = sep + 1;
namelen = sep - opt_arg;
}
ok = skpinOpenDataInputStream(&stream, SK_CONTENT_SILK, filename);
if (ok == -1) {
/* problem opening file */
skAppPrintErr("Failed to open the prefix map file '%s'",
filename);
return SKPLUGIN_ERR;
}
if (ok == 1) {
/* master needs to process the file, since it may contain the
* map name we use for creating switches */
if ((rv = skStreamCreate(&stream, SK_IO_READ, SK_CONTENT_SILK))
|| (rv = skStreamBind(stream, filename))
|| (rv = skStreamOpen(stream)))
{
skStreamPrintLastErr(stream, rv, &skAppPrintErr);
skStreamDestroy(&stream);
return SKPLUGIN_ERR;
}
/* the master can ignore the file for filtering */
ignore_prefix_map = 1;
}
map_error = skPrefixMapRead(&prefix_map, stream);
if (SKPREFIXMAP_OK != map_error) {
if (SKPREFIXMAP_ERR_IO == map_error) {
skStreamPrintLastErr(stream, skStreamGetLastReturnValue(stream),
&skAppPrintErr);
} else {
skAppPrintErr("Failed to read the prefix map file '%s': %s",
opt_arg, skPrefixMapStrerror(map_error));
}
skStreamDestroy(&stream);
return SKPLUGIN_ERR;
}
skStreamDestroy(&stream);
if (NULL == mapname) {
/* No mapname was supplied on the command line. Check for a
* mapname insided the pmap. */
mapname = skPrefixMapGetMapName(prefix_map);
if (mapname) {
/* The pmap supplied a mapname */
namelen = strlen(mapname);
} else {
/* No mapname. Accept for legacy purposes, unless we have
* read any other pmaps */
have_unnamed_pmap = 1;
if (skVectorGetCount(pmap_vector) != 0) {
skAppPrintErr(("Invalid %s: You may use only one prefix map"
" when you are\n"
"\t using a prefix map without"
" specifying a mapname"),
pmap_file_option);
goto END;
}
}
}
/* Allocate the pmap_data structure */
pmap_data = (pmap_data_t *)calloc(1, sizeof(*pmap_data));
if (pmap_data == NULL) {
ERR_NO_MEM(pmap_data);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
/* pmap_data now "owns" prefix_map */
pmap_data->pmap = prefix_map;
prefix_map = NULL;
/* Cache the content type */
pmap_data->type = skPrefixMapGetContentType(pmap_data->pmap);
/* Fill the direction structure for each direction */
pmap_data->sdir.dir = DIR_SOURCE;
pmap_data->ddir.dir = DIR_DEST;
pmap_data->adir.dir = DIR_ANY;
pmap_data->sdir.data = pmap_data;
pmap_data->ddir.data = pmap_data;
pmap_data->adir.data = pmap_data;
/* Record the path to the pmap file */
pmap_data->filepath = strdup(filename);
if (NULL == pmap_data->filepath) {
ERR_NO_MEM(pmap_data->filepath);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
if (mapname == NULL) {
/* Pmap without a mapname. */
/* Add the proper legacy option names to the pmap_data structure */
switch (pmap_data->type) {
case SKPREFIXMAP_CONT_ADDR_V4:
case SKPREFIXMAP_CONT_ADDR_V6:
pmap_data->sdir.filter_option = strdup(pmap_saddress_option);
pmap_data->ddir.filter_option = strdup(pmap_daddress_option);
pmap_data->adir.filter_option = strdup(pmap_aaddress_option);
break;
case SKPREFIXMAP_CONT_PROTO_PORT:
pmap_data->sdir.filter_option = strdup(pmap_sport_proto_option);
pmap_data->ddir.filter_option = strdup(pmap_dport_proto_option);
pmap_data->adir.filter_option = strdup(pmap_aport_proto_option);
break;
}
if ((pmap_data->sdir.filter_option == NULL)
|| (pmap_data->ddir.filter_option == NULL)
|| (pmap_data->adir.filter_option == NULL))
{
ERR_NO_MEM(filter_option);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
pmap_data->mapname = strdup(pmap_title_val);
pmap_data->sdir.field_name = strdup(pmap_title_sval);
pmap_data->ddir.field_name = strdup(pmap_title_dval);
if ((pmap_data->mapname == NULL)
|| (pmap_data->sdir.field_name == NULL)
|| (pmap_data->ddir.field_name == NULL))
{
ERR_NO_MEM(field_name);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
} else { /* if (mapname == NULL) */
/* Create the field names*/
pmap_data->mapname = (char*)malloc(namelen + 1);
if (NULL == pmap_data->mapname) {
ERR_NO_MEM(pmap_data->mapname);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
strncpy(pmap_data->mapname, mapname, namelen);
pmap_data->mapname[namelen] = '\0';
/* Allocate space for the [pmap-]{src-,dst-}<mapname> string */
prefixed_name
= (char*)malloc(namelen + pmap_prefix_len + dir_name_len + 1);
if (NULL == prefixed_name) {
ERR_NO_MEM(prefixed_name);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
/* Copy in the pmap- prefix */
strncpy(prefixed_name, pmap_prefix, pmap_prefix_len);
/* short name (for fields) starts at the {src-,dst-} */
short_prefixed_name = prefixed_name + pmap_prefix_len;
/* add in the actual field name, and zero terminate it */
strncpy(short_prefixed_name + dir_name_len, mapname, namelen);
short_prefixed_name[namelen + dir_name_len] = '\0';
/* Create the destination-themed names */
strncpy(short_prefixed_name, src_dir_name, dir_name_len);
pmap_data->sdir.filter_option = strdup(prefixed_name);
pmap_data->sdir.field_name = strdup(short_prefixed_name);
if ((pmap_data->sdir.filter_option == NULL)
|| (pmap_data->sdir.field_name == NULL))
{
ERR_NO_MEM(pmap_data->sdir);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
strncpy(short_prefixed_name, dst_dir_name, dir_name_len);
pmap_data->ddir.filter_option = strdup(prefixed_name);
pmap_data->ddir.field_name = strdup(short_prefixed_name);
if ((pmap_data->ddir.filter_option == NULL)
|| (pmap_data->ddir.field_name == NULL))
{
ERR_NO_MEM(pmap_data->ddir);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
strncpy(short_prefixed_name, any_dir_name, dir_name_len);
pmap_data->adir.filter_option = strdup(prefixed_name);
if (pmap_data->adir.filter_option == NULL) {
ERR_NO_MEM(pmap_data->adir);
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
/* Free the temporary name buffer */
free(prefixed_name);
prefixed_name = NULL;
} /* if (mapname == NULL) */
/* Verify unique field names */
for (i = 0; i < skVectorGetCount(pmap_vector); i++) {
pmap_data_t *p;
skVectorGetValue(&p, pmap_vector, i);
if ((strcmp(pmap_data->mapname, p->mapname) == 0) ||
(strcmp(pmap_data->sdir.field_name, p->sdir.field_name) == 0) ||
(strcmp(pmap_data->ddir.field_name, p->ddir.field_name) == 0))
{
skAppPrintErr(("Invalid %s: Multiple pmaps use the mapname '%s':\n"
"\t%s\n\t%s"),
pmap_file_option, pmap_data->mapname,
p->filepath, pmap_data->filepath);
rv = SKPLUGIN_ERR;
goto END;
}
}
/* Register fields and filter options */
memset(®data, 0, sizeof(regdata));
regdata.init = pmap_field_init;
regdata.column_width = 0;
regdata.bin_bytes = 4;
regdata.rec_to_text = pmap_text_fn;
regdata.rec_to_bin = pmap_bin_fn;
regdata.bin_to_text = pmap_bin_to_text_fn;
for (i = 0; i < 2; ++i) {
directed_pmap_data_t *dir = ((0 == i)
? &pmap_data->sdir
: &pmap_data->ddir);
skpinRegField(&dir->field, dir->field_name, NULL, ®data, dir);
skpinRegOption2(dir->filter_option,
REQUIRED_ARG,
NULL, &pmap_filter_help,
&pmap_handle_filter_option, dir,
1, SKPLUGIN_FN_FILTER);
}
/* Register the "any" filter separately */
skpinRegOption2(pmap_data->adir.filter_option,
REQUIRED_ARG,
NULL, &pmap_filter_help,
&pmap_handle_filter_option, &pmap_data->adir,
1, SKPLUGIN_FN_FILTER);
if (skVectorAppendValue(pmap_vector, &pmap_data)) {
rv = SKPLUGIN_ERR_FATAL;
goto END;
}
rv = SKPLUGIN_OK;
END:
/* Free the temporary name buffer */
if (prefixed_name) {
free(prefixed_name);
}
if (rv != SKPLUGIN_OK) {
if (prefix_map) {
skPrefixMapDelete(prefix_map);
}
if (pmap_data) {
pmap_data_destroy(pmap_data);
}
}
return (skplugin_err_t)rv;
}
int main(int argc, char **argv)
{
char errbuf[2 * PATH_MAX];
const char *filename = NULL;
skstream_t *stream = NULL;
skIPWildcard_t ipwild;
skipset_t *input_set = NULL;
skipset_t *wild_set = NULL;
char buf[64];
int found_match = 0; /* application return value */
int rv;
appSetup(argc, argv); /* never returns on error */
/* Build an IP wildcard from the pattern argument */
rv = skStringParseIPWildcard(&ipwild, pattern);
if (rv) {
skAppPrintErr("Invalid IP '%s': %s",
pattern, skStringParseStrerror(rv));
skAppUsage();
}
if (count && !quiet) {
/* Create an IPset containing the IPwildcard */
if ((rv = skIPSetCreate(&wild_set, skIPWildcardIsV6(&ipwild)))
|| (rv = skIPSetInsertIPWildcard(wild_set, &ipwild))
|| (rv = skIPSetClean(wild_set)))
{
skAppPrintErr("Unable to create temporary IPset: %s",
skIPSetStrerror(rv));
return EXIT_FAILURE;
}
}
/* Iterate over the set files */
while ((filename = appNextInput(argc, argv)) != NULL) {
/* Load the input set */
if ((rv = skStreamCreate(&stream, SK_IO_READ, SK_CONTENT_SILK))
|| (rv = skStreamBind(stream, filename))
|| (rv = skStreamOpen(stream)))
{
skStreamLastErrMessage(stream, rv, errbuf, sizeof(errbuf));
skAppPrintErr("Unable to read IPset from '%s': %s",
filename, errbuf);
skStreamDestroy(&stream);
continue;
}
rv = skIPSetRead(&input_set, stream);
if (rv) {
if (SKIPSET_ERR_FILEIO == rv) {
skStreamLastErrMessage(stream,
skStreamGetLastReturnValue(stream),
errbuf, sizeof(errbuf));
} else {
strncpy(errbuf, skIPSetStrerror(rv), sizeof(errbuf));
}
skAppPrintErr("Unable to read IPset from '%s': %s",
filename, errbuf);
skStreamDestroy(&stream);
continue;
}
skStreamDestroy(&stream);
if (quiet || !count) {
/* Only need to check for a match */
if (skIPSetCheckIPWildcard(input_set, &ipwild)) {
found_match = 1;
if (quiet) {
goto done;
}
printf("%s\n", filename);
}
} else {
/* Need a count of IPs, so intersect */
rv = skIPSetIntersect(input_set, wild_set);
if (rv) {
skAppPrintErr("Unable to intersect IPsets: %s",
skIPSetStrerror(rv));
skIPSetDestroy(&input_set);
skIPSetDestroy(&wild_set);
return EXIT_FAILURE;
}
printf("%s:%s\n",
filename,
skIPSetCountIPsString(input_set, buf, sizeof(buf)));
if ('0' != buf[0]) {
found_match = 1;
}
}
skIPSetDestroy(&input_set);
}
done:
/* done */
skIPSetDestroy(&input_set);
skIPSetDestroy(&wild_set);
return ((found_match) ? 0 : 1);
}
