// get a rule // NOT WORKING PROPERLY YET!!!!!!!!!!!!! int get_rule(uint s, int16_t rulenum) { //int RULES=100; int i=0; struct ip_fw rules[10]; socklen_t rules_size; bzero(&rules, sizeof(rules)); rules_size=sizeof(rules); //rule.rulenum = rulenum; // printf("Get rule: "); print_rule(&rule); if(getsockopt(s, IPPROTO_IP, IP_FW_GET, &rules, &rules_size) < 0) { WARNING("Error getting socket options"); perror("getsockopt"); return -1; } printf("Got rules:\n"); for(i=0; i<10; i++) print_rule(&rules[i]); return 0; }
void Find( ElementType X, AvlTree T ) { if( T == NULL ){ } else{ if (compare(T->Element,X) == 0){ print_rule(X,T->Element); if (T->Right != NULL) Find( X, T->Right ); if (T->Left != NULL) Find( X, T->Left ); } if( compare(T->Element,X) == -1 ){ if (T->Right != NULL) Find( X, T->Right ); if (T->Left != NULL) Find( X, T->Left ); } else if( compare(T->Element,X) == 1 ){ if (T->Left != NULL) Find( X, T->Left ); if (T->Right != NULL) Find( X, T->Right ); } } }
void print_rules(fz_css_rule *rule) { while (rule) { print_rule(rule); rule = rule->next; } }
int accept_msg(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) { FILE *fp = (FILE*)arg; if (timestamp) print_timestamp(fp); if (n->nlmsg_type == RTM_NEWROUTE || n->nlmsg_type == RTM_DELROUTE) { print_route(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWLINK || n->nlmsg_type == RTM_DELLINK) { ll_remember_index(who, n, NULL); print_linkinfo(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWADDR || n->nlmsg_type == RTM_DELADDR) { print_addrinfo(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWNEIGH || n->nlmsg_type == RTM_DELNEIGH) { print_neigh(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWPREFIX) { print_prefix(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWRULE || n->nlmsg_type == RTM_DELRULE) { print_rule(who, n, arg); return 0; } if (n->nlmsg_type == 15) { char *tstr; time_t secs = ((__u32*)NLMSG_DATA(n))[0]; long usecs = ((__u32*)NLMSG_DATA(n))[1]; tstr = asctime(localtime(&secs)); tstr[strlen(tstr)-1] = 0; fprintf(fp, "Timestamp: %s %lu us\n", tstr, usecs); return 0; } if (n->nlmsg_type == RTM_NEWQDISC || n->nlmsg_type == RTM_DELQDISC || n->nlmsg_type == RTM_NEWTCLASS || n->nlmsg_type == RTM_DELTCLASS || n->nlmsg_type == RTM_NEWTFILTER || n->nlmsg_type == RTM_DELTFILTER) return 0; if (n->nlmsg_type != NLMSG_ERROR && n->nlmsg_type != NLMSG_NOOP && n->nlmsg_type != NLMSG_DONE) { fprintf(fp, "Unknown message: %08x %08x %08x\n", n->nlmsg_len, n->nlmsg_type, n->nlmsg_flags); } return 0; }
/* Two mappings conflict if the ExternalPort, PortMappingProtocol, and InternalClient are the same, but RemoteHost is different. pp 15, WANIPConection Sevice. */ static bool OverlappingRange(netconf_nat_t *e1, netconf_nat_t *e2) { bool overlap = FALSE; /* assume no conflict */ do { if (e1->ports[1] < e2->ports[0]) break; if (e1->ports[0] > e2->ports[1]) break; overlap = TRUE; printf("OverlappingRange.\n"); printf("rule 1\n"); print_rule(e1); printf("rule 2\n"); print_rule(e2); } while(0); printf("%s\n", (overlap ? "OverlappingRange" : "not OverlappingRange")); return overlap; }
static int device_ioctl(struct file *file, unsigned int ioctl_num, unsigned long ioctl_param) { struct Rule* r; unsigned long flags; switch (ioctl_num) { //Insert a new rule to rules case IOCTL_ROX_INSERT_RULE: //printk(KERN_INFO "Inset a new rule\n"); r=(struct Rule*)ioctl_param; //Print new rule print_rule(r); //Insert this new rule to RuleTable write_lock_irqsave(&my_rwlock,flags); Insert_Table(&rt,r,GFP_ATOMIC); write_unlock_irqrestore(&my_rwlock,flags); //Print_Table(&rt); break; //Delete a rule from rules case IOCTL_ROX_DELETE_RULE: r=(struct Rule*)ioctl_param; //Print new rule //print_rule(r); //Delete thie rule from RuleTable write_lock_irqsave(&my_rwlock,flags); Delete_Table(&rt,r); write_unlock_irqrestore(&my_rwlock,flags); //Print_Table(&rt); break; //Update a rule case IOCTL_ROX_UPDATE_RULE: r=(struct Rule*)ioctl_param; //Print new rule //print_rule(r); //Update this new rule to RuleTable write_lock_irqsave(&my_rwlock,flags); Update_Table(&rt,r); write_unlock_irqrestore(&my_rwlock,flags); //Print_Table(&rt); break; //Print current rule table case IOCTL_ROX_PRINT_RULE: Print_Table(&rt); break; } //spin_unlock(&globalLock); return SUCCESS; }
/* * list rules */ void print_rule(rule *r) { if (!r) return; printf("\nNEW RULE:\n"); printf("\n\tLEFT: "); if (r->left) print_expression(r->left); else printf("ALL"); if (r->left_exceptions) { printf("\n\tLEFT EXCEPTIONS: "); print_expression(r->left_exceptions); } printf("\n\tRIGHT: "); if (r->right) print_expression(r->right); else printf("ALL"); if (r->right_exceptions) { printf("\n\tRIGHT EXCEPTIONS: "); print_expression(r->right_exceptions); } printf("\n"); if (r->next) print_rule(r->next); }
static void main_loop(char *table) { widechar inbuf[BUFSIZE]; widechar outbuf[BUFSIZE]; int inlen; int outlen; TranslationTableRule **rules = malloc(512 * sizeof(TranslationTableRule)); int ruleslen; int i; while (1) { inlen = get_wide_input(inbuf); outlen = BUFSIZE; ruleslen = RULESSIZE; if (!trace_translate(table, inbuf, &inlen, outbuf, &outlen, NULL, NULL, NULL, NULL, NULL, rules, &ruleslen, 0)) break; printf("%s\n", print_chars(outbuf, outlen)); for (i=0; i<ruleslen; i++) { printf("%d.\t", i+1); print_rule(rules[i]); }} }
static int do_output(const char *tablename) { ip6tc_handle_t h; const char *chain = NULL; if (!tablename) return for_each_table(&do_output); h = ip6tc_init(tablename); if (!h) exit_error(OTHER_PROBLEM, "Can't initialize: %s\n", ip6tc_strerror(errno)); if (!binary) { time_t now = time(NULL); printf("# Generated by ip6tables-save v%s on %s", IPTABLES_VERSION, ctime(&now)); printf("*%s\n", tablename); /* Dump out chain names first, * thereby preventing dependency conflicts */ for (chain = ip6tc_first_chain(&h); chain; chain = ip6tc_next_chain(&h)) { printf(":%s ", chain); if (ip6tc_builtin(chain, h)) { struct ip6t_counters count; printf("%s ", ip6tc_get_policy(chain, &count, &h)); printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); } else { printf("- [0:0]\n"); } } for (chain = ip6tc_first_chain(&h); chain; chain = ip6tc_next_chain(&h)) { const struct ip6t_entry *e; /* Dump out rules */ e = ip6tc_first_rule(chain, &h); while(e) { print_rule(e, &h, chain, counters); e = ip6tc_next_rule(e, &h); } } now = time(NULL); printf("COMMIT\n"); printf("# Completed on %s", ctime(&now)); } else { /* Binary, huh? OK. */ exit_error(OTHER_PROBLEM, "Binary NYI\n"); } ip6tc_free(&h); return 1; }
void print_mapping(const mapping_t *m) { printf("%s (%s)\n", m->desc, ((m->match.flags & NETCONF_DISABLED) ? "disabled" : "enabled")); print_rule((netconf_nat_t *)m); }
/* * This function interprets the reply and prints it to stdout. It returns * 0 if no more should be read and 1 to indicate that more messages of this * type may need to be read. */ int audit_print_reply(struct audit_reply *rep, int fd) { _audit_elf = 0; switch (rep->type) { case NLMSG_NOOP: return 1; case NLMSG_DONE: // Close the socket so kernel can do other things audit_close(fd); if (printed == 0) printf("No rules\n"); else { lnode *n; list_first(&l); n = l.cur; while (n) { print_rule(n->r); n = list_next(&l); } list_clear(&l); } break; case NLMSG_ERROR: printf("NLMSG_ERROR %d (%s)\n", -rep->error->error, strerror(-rep->error->error)); printed = 1; break; case AUDIT_GET: if (interpret) printf("enabled %s\nfailure %s\n", get_enable(rep->status->enabled), get_failure(rep->status->failure)); else printf("enabled %u\nfailure %u\n", rep->status->enabled, rep->status->failure); printf("pid %u\nrate_limit %u\nbacklog_limit %u\n" "lost %u\nbacklog %u\n", rep->status->pid, rep->status->rate_limit, rep->status->backlog_limit, rep->status->lost, rep->status->backlog); #if HAVE_DECL_AUDIT_VERSION_BACKLOG_WAIT_TIME printf("backlog_wait_time %u\n", rep->status->backlog_wait_time); #endif printed = 1; break; #if HAVE_DECL_AUDIT_FEATURE_VERSION case AUDIT_GET_FEATURE: { uint32_t mask = AUDIT_FEATURE_TO_MASK(AUDIT_FEATURE_LOGINUID_IMMUTABLE); if (rep->features->mask & mask) printf("loginuid_immutable %u %s\n", !!(rep->features->features & mask), rep->features->lock & mask ? "locked" : "unlocked"); } printed = 1; break; #endif case AUDIT_LIST_RULES: list_requested = 0; if (key_match(rep->ruledata)) list_append(&l, rep->ruledata, sizeof(struct audit_rule_data) + rep->ruledata->buflen); printed = 1; return 1; default: printf("Unknown: type=%d, len=%d\n", rep->type, rep->nlh->nlmsg_len); printed = 1; break; } return 0; }
int lazy_active_classification() { __START_TIMER__ CACHE.locked=0; int judgements=0, n_tests=0; map<int, int> occurs; list_t* test=TEST; active_t* ordered_tests=(active_t*) malloc(sizeof(active_t)*N_TESTS); while(test) { ordered_tests[n_tests].test.id=strdup(test->id); ordered_tests[n_tests].processed=0; //if(PROC_IDS.find(test->id)!=PROC_IDS.end()) { // ordered_tests[n_tests].processed=1; //} ordered_tests[n_tests].diff=0; ordered_tests[n_tests].total_occurs=0; ordered_tests[n_tests].n_rules=0; ordered_tests[n_tests].test.label=test->label; ordered_tests[n_tests].test.size=test->size; ordered_tests[n_tests].test.instance=(int*)malloc(sizeof(int)*ordered_tests[n_tests].test.size); for(int i=0;i<test->size;i++) { ordered_tests[n_tests].test.instance[i]=test->instance[i]; if(occurs.find(test->instance[i])==occurs.end()) occurs[test->instance[i]]=0; occurs[test->instance[i]]++; } n_tests++; list_t* x=test->next; test=x; } while(judgements<MAX_JUDGEMENTS) { for(int i=0;i<n_tests;i++) { if(ordered_tests[i].processed==0) { get_THE_prediction(ordered_tests[i].test.instance, ordered_tests[i].test.size, ordered_tests[i].test.label); ordered_tests[i].diff=N_RULES-ordered_tests[i].n_rules; printf("%s %d\n", ordered_tests[i].test.id, N_RULES); for(int k=0;k<N_RULES;k++) { print_rule(RULES[k]); printf("\n"); } printf("\n\n\n"); ordered_tests[i].n_rules=N_RULES; ordered_tests[i].total_occurs=0; for(int j=0;j<ordered_tests[i].test.size;j++) ordered_tests[i].total_occurs+=occurs[ordered_tests[i].test.instance[j]]; } } CACHE.hits=CACHE.misses=0; CACHE.content.clear(); qsort((active_t*) ordered_tests, n_tests, sizeof(active_t), test_cmp); ordered_tests[0].processed=1; for(int i=0;i<ordered_tests[0].test.size;i++) occurs[ordered_tests[0].test.instance[i]]=0; printf("inserting instance %s %d\n", ordered_tests[0].test.id, ordered_tests[0].test.label); N_TRANSACTIONS++; COUNT_TARGET[ordered_tests[0].test.label]++; if(COUNT_TARGET[ordered_tests[0].test.label]==1) { ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].count=1; ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].list=(int*)malloc(sizeof(int)); ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].list[0]=N_TRANSACTIONS; } else { ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].list=(int*)realloc(ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].list, sizeof(int)*(ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].count+1)); ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].list[ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].count]=N_TRANSACTIONS; ITEMSETS[TARGET_ID[ordered_tests[0].test.label]].count++; } for(int j=0;j<ordered_tests[0].test.size;j++) { if(ITEMSETS[ordered_tests[0].test.instance[j]].count==0) ITEMSETS[ordered_tests[0].test.instance[j]].list=(int*)malloc(sizeof(int)); else ITEMSETS[ordered_tests[0].test.instance[j]].list=(int*)realloc(ITEMSETS[ordered_tests[0].test.instance[j]].list, sizeof(int)*(ITEMSETS[ordered_tests[0].test.instance[j]].count+1)); ITEMSETS[ordered_tests[0].test.instance[j]].list[ITEMSETS[ordered_tests[0].test.instance[j]].count]=N_TRANSACTIONS; ITEMSETS[ordered_tests[0].test.instance[j]].count++; } judgements++; } for(int i=0;i<n_tests;i++) { free(ordered_tests[i].test.id); free(ordered_tests[i].test.instance); } free(ordered_tests); //lazy_supervised_classification(); __FINISH_TIMER__ return(0); }
static int accept_msg(const struct sockaddr_nl *who, struct nlmsghdr *n, void *arg) { FILE *fp = (FILE*)arg; if (n->nlmsg_type == RTM_NEWROUTE || n->nlmsg_type == RTM_DELROUTE) { struct rtmsg *r = NLMSG_DATA(n); int len = n->nlmsg_len - NLMSG_LENGTH(sizeof(*r)); if (len < 0) { fprintf(stderr, "BUG: wrong nlmsg len %d\n", len); return -1; } if (r->rtm_flags & RTM_F_CLONED) return 0; if (timestamp) print_timestamp(fp); if (r->rtm_family == RTNL_FAMILY_IPMR || r->rtm_family == RTNL_FAMILY_IP6MR) { if (prefix_banner) fprintf(fp, "[MROUTE]"); print_mroute(who, n, arg); return 0; } else { if (prefix_banner) fprintf(fp, "[ROUTE]"); print_route(who, n, arg); return 0; } } if (timestamp) print_timestamp(fp); if (n->nlmsg_type == RTM_NEWLINK || n->nlmsg_type == RTM_DELLINK) { ll_remember_index(who, n, NULL); if (prefix_banner) fprintf(fp, "[LINK]"); print_linkinfo(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWADDR || n->nlmsg_type == RTM_DELADDR) { if (prefix_banner) fprintf(fp, "[ADDR]"); print_addrinfo(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWADDRLABEL || n->nlmsg_type == RTM_DELADDRLABEL) { if (prefix_banner) fprintf(fp, "[ADDRLABEL]"); print_addrlabel(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWNEIGH || n->nlmsg_type == RTM_DELNEIGH || n->nlmsg_type == RTM_GETNEIGH) { if (preferred_family) { struct ndmsg *r = NLMSG_DATA(n); if (r->ndm_family != preferred_family) return 0; } if (prefix_banner) fprintf(fp, "[NEIGH]"); print_neigh(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWPREFIX) { if (prefix_banner) fprintf(fp, "[PREFIX]"); print_prefix(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWRULE || n->nlmsg_type == RTM_DELRULE) { if (prefix_banner) fprintf(fp, "[RULE]"); print_rule(who, n, arg); return 0; } if (n->nlmsg_type == RTM_NEWNETCONF) { if (prefix_banner) fprintf(fp, "[NETCONF]"); print_netconf(who, n, arg); return 0; } if (n->nlmsg_type == NLMSG_TSTAMP) { print_nlmsg_timestamp(fp, n); return 0; } if (n->nlmsg_type != NLMSG_ERROR && n->nlmsg_type != NLMSG_NOOP && n->nlmsg_type != NLMSG_DONE) { fprintf(fp, "Unknown message: type=0x%08x(%d) flags=0x%08x(%d)" "len=0x%08x(%d)\n", n->nlmsg_type, n->nlmsg_type, n->nlmsg_flags, n->nlmsg_flags, n->nlmsg_len, n->nlmsg_len); } return 0; }
void OnButtonAddThisRule(GtkWidget *pButton, gpointer data){ GtkWidget *pDialog; gchar *sDialogText; struct rule r = create_void_rule(); //creer une regle icmp if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryInDev)))) r = fill_indev_rule(r,(u8*)gtk_entry_get_text(GTK_ENTRY(dpr->pEntryInDev))); // printf("InDev:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryInDev))); if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryOutDev)))) r = fill_outdev_rule(r,(u8*)gtk_entry_get_text(GTK_ENTRY(dpr->pEntryOutDev))); // printf("OutDev:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryOutDev))); // if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpSrc)))) // r = fill_addr_src_rule(r,(u8*)gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpSrc))); // printf("IpSrc:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpSrc))); //if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpDst)))) // r = fill_addr_dst_rule(r,(u8*)gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpDst))); // printf("IpDst:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpDst))); //if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryUdpPortSrc)))) // printf("UdpPortSrc:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryUdpPortSrc))); //if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryUdpPortDst)))) // printf("UdpPortDst:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryUdpPortDst))); //if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryTcpPortSrc)))) // printf("TcpPortSrc:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryTcpPortDst))); //if(strcmp("", gtk_entry_get_text(GTK_ENTRY(dpr->pEntryTcpPortDst)))) // printf("TcpPortDst:%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryTcpPortDst))); //au cas ou :) r = fill_addr_src_rule(r,1111111111,1111111111); r = fill_verdict_rule(r,TO_ACCEPT); print_rule(r); message_t m; u8* packet; m = creer_message(TYPE_RULE,sizeof(struct rule),&r); packet = creer_packet(m); printf("Envois de Rule taille: %d\n",sizeof(struct rule)+2*sizeof(u16)); write(ihm_p->ihm_to_core_fd, packet, sizeof(struct rule)+2*sizeof(u16)); close(ihm_p->ihm_to_core_fd); ihm_p->ihm_to_core_fd = open(FIFO_IHM_TO_CORE, O_WRONLY|O_NONBLOCK| O_NDELAY); // Creation du label de la boite de dialogue sDialogText = g_strdup_printf("InDev %s\nOutDev%s\nIpSrc%s\nIpDst%s\nUdpPortSrc%s\nUdpPortDst%s\nTcpPortSrc%s\nTcpPortDst%s\n",gtk_entry_get_text(GTK_ENTRY(dpr->pEntryInDev)), gtk_entry_get_text(GTK_ENTRY(dpr->pEntryOutDev)), gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpSrc)), gtk_entry_get_text(GTK_ENTRY(dpr->pEntryIpDst)), gtk_entry_get_text(GTK_ENTRY(dpr->pEntryUdpPortSrc)), gtk_entry_get_text(GTK_ENTRY(dpr->pEntryUdpPortDst)), gtk_entry_get_text(GTK_ENTRY(dpr->pEntryTcpPortSrc)), gtk_entry_get_text(GTK_ENTRY(dpr->pEntryTcpPortDst))); pDialog = gtk_message_dialog_new (NULL, GTK_DIALOG_MODAL, GTK_MESSAGE_INFO, GTK_BUTTONS_OK, sDialogText); gtk_dialog_run(GTK_DIALOG(pDialog)); gtk_widget_destroy(pDialog); g_free(sDialogText); }
//attention feinte: on read, on lcose et re read bien sur // on enleve l'ancien message et on remet le nouvo void input_callback(gpointer data,gint source,GdkInputCondition condition ){ //GtkWidget *pDialog; //gchar *sDialogText; message_t *m; caract_t *r; gint nbytes; int tmp; int nb_packet = 10; printf("On a appele le callback de fifo\n"); char buf[BUFSIZE]; printf("On lit sur %s\n",FIFO_CORE_TO_IHM); nbytes=read(source,buf,BUFSIZE); printf("On a lu sur le pipe\n"); close(source); printf("On ferme le fichier\n"); //on vire l'ancien callback gdk_input_remove(pipe_tag); printf("On a retire le callback\n"); // on remet le meme... ihm_p->core_to_ihm_fd = open(FIFO_CORE_TO_IHM, O_RDONLY| O_NDELAY); printf("On a reouvert le pipe\n"); // fd = open("./fifo_test", O_RDONLY|O_NONBLOCK); pipe_tag = gdk_input_add( ihm_p->core_to_ihm_fd,GDK_INPUT_READ,input_callback,NULL); printf("On a remi le callback\n"); printf("On a recu:%d\n", nbytes); //Partie recopiee: //on a le buffer, on peut faire le traitement // nbytes = read(ihm_p->core_to_ihm_fd, buf, BUFSIZE); if(nbytes < 0){ printf("Problemes dans la lecture de %s car %i\n",FIFO_CORE_TO_IHM,nbytes); }else{ tmp = (nbytes<BUFSIZE?nbytes:BUFSIZE); //on met un 0 ds le dernier caract // buf[tmp] = '\0'; printf("On a receptionne un message de taille %d\n",tmp); m=(message_t*)buf; printf("Get Type:%d Len:%d\n",m->type,m->len); if(m->type == TYPE_CARACT){ printf("On a receptionne un caract\n"); r = (struct caract*)(&(m->payload)); caract_t r2 = *r; print_caract(r2); ihm_p->wai_caract = caract_list_add(ihm_p->wai_caract,r2); } if(m->type == TYPE_LISTE_RULE){ //on recoi la liste des rules printf("On recoi la liste des rules\n"); struct rule * rule_tab = (struct rule *)(&(m->payload)); int nbRule = (m->len - 2*sizeof(u16))/sizeof(struct rule); if((m->len - 2*sizeof(u16)) > 0){ struct rule * rule_tab_ihm = (struct rule *)malloc((m->len - 2*sizeof(u16))*sizeof(struct rule)); printf("Taille: %d\n",(m->len - 2*sizeof(u16))); printf("Nombre Rule: %d\n",nbRule); memcpy(rule_tab_ihm,rule_tab,(m->len - 2*sizeof(u16))); printf("Apres memcpy\n"); if(ihm_p->rule_tab != NULL) free(ihm_p->rule_tab); printf("apres free\n"); ihm_p->rule_tab = rule_tab_ihm; ihm_p->rule_tab_size = nbRule; printf("On a %d rules\n",nbRule); //maintenant on parcoure les rule :) int i=0; for(i=0;i<nbRule;i++) print_rule( *(rule_tab_ihm+i) ); recreate_show_rule_page(); } } /* printf("On renvoi TO_ACCEPT au packet:\n"); message_t m_choix; u8* packet_choix; //pareil on envoi un choix choix_t c = creer_choix(r2.id,TO_ACCEPT); m_choix=creer_message_choix(c); packet_choix=creer_packet(m_choix); printf("Envois de Choix taille: %d\n",sizeof(struct choix)+2*sizeof(u16)); print_choix(c); write(ihm_to_core_fd, packet_choix,sizeof(struct choix)+2*sizeof(u16)); */ //printf("Policy a jour:\n"); //close(ihm_p->core_to_ihm_fd); plus besoin, fait au dessus } //test recreate_front_page(); }
// apply socket options related to ipfw commands static int apply_socket_options(int s, int option_id, void *option, socklen_t option_length) { // choose the action corresponding to the given command switch(option_id) { // add a rule to the firewall (the rule contains dummynet pipes); // option should be of type "struct ip_fw*" case IP_FW_ADD: #ifdef MESSAGE_DEBUG DEBUG("Add ipfw rule: "); print_rule((struct ip_fw*)option); #endif if(getsockopt(s, IPPROTO_IP, option_id, option, &option_length) < 0) { WARNING("Error getting socket options"); perror("getsockopt"); return ERROR; } break; // delete a firewall rule (the rule contains dummynet pipes); // option should be of type "u_int32_t *" case IP_FW_DEL: DEBUG("Delete ipfw rule #%d", (*(u_int32_t *)option)); if(setsockopt(s, IPPROTO_IP, option_id, option, option_length)<0) { WARNING("Error setting socket options"); perror("setsockopt"); return ERROR; } break; // configure a dummynet pipe; // option should be of type "dn_pipe *" case IP_DUMMYNET_CONFIGURE: #ifdef MESSAGE_DEBUG DEBUG("Configure ipfw dummynet pipe: "); print_pipe((struct dn_pipe*)option); #endif if(setsockopt(s, IPPROTO_IP, option_id, option, option_length)<0) { WARNING("Error setting socket options"); perror("setsockopt"); return ERROR; } break; /* FUTURE PLAN: DELETE _PIPES_ INSTEAD OF RULES case IP_DUMMYNET_DEL: printf("delete pipe: option_id=%d option=%d option_length=%d\n", option_id, (*(int16_t*)(option)), option_length); if(setsockopt(s, IPPROTO_IP, option_id, option, option_length)<0) { WARNING("Error setting socket options"); perror("setsockopt"); return ERROR; } break; */ default: WARNING("Unrecognized ipfw socket option: %d", option_id); return -1; } return 0; }