// Initialize address constraints from whitelist and blacklist files. // Either can be set to NULL to omit. int blacklist_init(char *whitelist_filename, char *blacklist_filename, char **whitelist_entries, size_t whitelist_entries_len, char **blacklist_entries, size_t blacklist_entries_len) { assert(!constraint); if (whitelist_filename && whitelist_entries) { log_warn("whitelist", "both a whitelist file and destination addresses " "were specified. The union of these two sources " "will be utilized."); } if (whitelist_filename || whitelist_entries) { // using a whitelist, so default to allowing nothing constraint = constraint_init(ADDR_DISALLOWED); log_trace("whitelist", "blacklisting 0.0.0.0/0"); if (whitelist_filename) { init_from_file(whitelist_filename, "whitelist", ADDR_ALLOWED); } if (whitelist_entries) { init_from_array(whitelist_entries, whitelist_entries_len, ADDR_ALLOWED); } } else { // no whitelist, so default to allowing everything constraint = constraint_init(ADDR_ALLOWED); } if (blacklist_filename) { init_from_file(blacklist_filename, "blacklist", ADDR_DISALLOWED); } if (blacklist_entries) { init_from_array(blacklist_entries, blacklist_entries_len, ADDR_DISALLOWED); } constraint_paint_value(constraint, ADDR_ALLOWED); uint64_t allowed = blacklist_count_allowed(); log_debug("blacklist", "%lu addresses allowed to be scanned (%0.0f%% of address space)", allowed, allowed*100./((long long int)1 << 32)); return EXIT_SUCCESS; }
// Initialize address constraints from whitelist and blacklist files. // Either can be set to NULL to omit. int blacklist_init_from_files(char *whitelist_filename, char *blacklist_filename) { assert(!constraint); if (whitelist_filename) { // using a whitelist, so default to allowing nothing constraint = constraint_init(ADDR_DISALLOWED); log_trace("whitelist", "blacklisting 0.0.0.0/0"); init(whitelist_filename, "whitelist", ADDR_ALLOWED); } else { // no whitelist, so default to allowing everything constraint = constraint_init(ADDR_ALLOWED); } if (blacklist_filename) { init(blacklist_filename, "blacklist", ADDR_DISALLOWED); } constraint_paint_value(constraint, ADDR_ALLOWED); uint64_t allowed = blacklist_count_allowed(); log_debug("blacklist", "%lu addresses allowed to be scanned (%0.0f%% of address space)", allowed, allowed*100./((long long int)1 << 32)); /* // test log_debug("blacklist", "testing started"); uint64_t count = constraint_count_ips(constraint, ADDR_ALLOWED); for (unsigned int i=0; i < count; i++) { int ip = constraint_lookup_index(constraint, i, ADDR_ALLOWED); if ((i & 0xFFFFFF) == 0) log_info("blacklist", "%x", i & 0xFF000000); if (constraint_lookup_ip(constraint, ip) != ADDR_ALLOWED) { log_error("blacklist", "test failed for index %d", i); } } log_debug("blacklist", "testing complete"); */ return 0; }