bool WhitelistConfiguration::DeleteEntry(std::string entry) { ifstream ipListFileStream(Config::Inst()->GetPathWhitelistFile()); stringstream ipListNew; if(ipListFileStream.is_open()) { while(ipListFileStream.good()) { string line; if(getline (ipListFileStream,line) == 0) { continue; } if(line != entry) { ipListNew << line << endl; } } ipListFileStream.close(); } else { LOG(ERROR,"Unable to open file: " + Config::Inst()->GetPathWhitelistFile(), ""); return false; } ofstream whitelist(Config::Inst()->GetPathWhitelistFile()); if(whitelist.is_open()) { whitelist << ipListNew.str(); whitelist.close(); } else { LOG(ERROR,"Unable to open file: " + Config::Inst()->GetPathWhitelistFile(), ""); return false; } return true; }
void update_whitelist(void) { int i, connection_string_length; static char temp_procfs_buffer[PROCFS_MAX_SIZE]; char new_connection_string[MAX_NEW_CONNECTION_SIZE], *start; /* Copy the prc fs buffer into a temporary, because it will * be updated from the void whitelist(struct connection *connection). * * By this way, the buffer will be consistent with the whitelist, because * some connections might not be in the right format. */ memcpy(temp_procfs_buffer, procfs_buffer, PROCFS_MAX_SIZE); initialize_procfs_buffer(); destroy_whitelist(); printk(KERN_INFO PROC_CONFIG_NAME ":\t[+] Cleared whitelist\n"); /* Whitelist one by one the connections that our buffer has */ start = temp_procfs_buffer; connection_string_length = 0; for(i = 0; ; ++i) { /* Each connection is separated by a comma in the buffer, * or by a \0 if there is no comma after the last connection string. * Locate them and add them to the whitelist. */ if(temp_procfs_buffer[i] == ',' || temp_procfs_buffer[i] == '\0') { int err; connection_string_length++; memcpy(new_connection_string, start, connection_string_length); new_connection_string[connection_string_length - 1] = '\0'; /* Whitelist the new connection */ err = whitelist(new_connection_string); if(err < 0) { printk(KERN_ERR PROC_CONFIG_NAME ":\t[-] Failed to whitelist %s\n", new_connection_string); } else { printk(KERN_INFO PROC_CONFIG_NAME ":\t[+] Whitelisted %s\n", new_connection_string); } if(temp_procfs_buffer[i] == '\0') { /* End of parsing */ break; } else { /* Skip separating character */ start += connection_string_length; connection_string_length = 0; } } else { connection_string_length++; } } memset(temp_procfs_buffer, '\0', PROCFS_MAX_SIZE); }
bool WhitelistConfiguration::AddEntry(std::string entry) { vector<string> splitOnCommas; boost::split(splitOnCommas, entry, boost::is_any_of(",")); // Convert ip/xx notation if need be uint seperator = splitOnCommas.at(1).find("/"); if(seperator != string::npos) { if(GetSubnet(entry).size() > 0 && GetSubnet(entry).size() <= 2) { in_addr subnetmask; subnetmask.s_addr = 0; int oldMask = atoi(GetSubnet(entry).c_str()); for(int i = 0; i < oldMask; i++) { subnetmask.s_addr |= subnetmask.s_addr | (1 << i); } char *newSubnet = inet_ntoa(subnetmask); entry = GetInterface(entry) + "," + GetIp(entry) + "/" + string(newSubnet); } } ifstream ipListFileStream(Config::Inst()->GetPathWhitelistFile()); stringstream ipListNew; bool alreadyExists = false; if(ipListFileStream.is_open()) { while(ipListFileStream.good()) { string line; if(getline (ipListFileStream,line) == 0) { continue; } if(line == entry) { alreadyExists = true; break; } else { ipListNew << line << endl; } } ipListFileStream.close(); } else { LOG(ERROR,"Unable to open file: " + Config::Inst()->GetPathWhitelistFile(), ""); return false; } if(!alreadyExists) { ofstream whitelist(Config::Inst()->GetPathWhitelistFile()); if(whitelist.is_open()) { whitelist << ipListNew.str(); whitelist << entry; whitelist.close(); } else { LOG(ERROR,"Unable to open file: " + Config::Inst()->GetPathWhitelistFile(), ""); return false; } } return true; }