int main(int argc, char *argv[]) { struct vrmr_ctx vctx; int retval = 0, optch = 0; static char optstring[] = "c:d:hVW"; struct option long_options[] = { {"configfile", required_argument, NULL, 'c'}, {"debug", required_argument, NULL, 'd'}, {"help", no_argument, NULL, 'h'}, {"version", no_argument, NULL, 'V'}, {"wizard", no_argument, NULL, 'W'}, {0, 0, 0, 0}, }; int longopt_index = 0; int debug_level = NONE; PANEL *main_panels[5]; char *s = NULL; /* some defaults */ vuurmuur_semid = -1; vuurmuur_shmid = -1; vuurmuurlog_semid = -1; vuurmuurlog_shmid = -1; /* create the version string */ snprintf(version_string, sizeof(version_string), "%s (using libvuurmuur %s)", VUURMUURCONF_VERSION, libvuurmuur_get_version()); /* some initilization */ if (vrmr_init(&vctx, "vuurmuur_conf") < 0) exit(EXIT_FAILURE); /* settings file */ memset(vccnf.configfile_location, 0, sizeof(vccnf.configfile_location)); if (vctx.conf.etcdir[0] == '\0') (void)strlcpy(vccnf.configfile_location, VUURMUURCONF_CONFIGFILE, sizeof(vccnf.configfile_location)); else (void)snprintf(vccnf.configfile_location, sizeof(vccnf.configfile_location), "%s/vuurmuur/vuurmuur_conf.conf", vctx.conf.etcdir); #ifdef ENABLE_NLS setlocale(LC_ALL, ""); setlocale(LC_TIME, ""); setlocale(LC_MESSAGES, ""); setlocale(LC_COLLATE, ""); setlocale(LC_CTYPE, ""); setlocale(LC_MONETARY, ""); setlocale(LC_NUMERIC, ""); #endif /* check if we are in utf-8 mode */ utf8_mode = 0; if ((s = getenv("LC_ALL")) || (s = getenv("LC_CTYPE")) || (s = getenv("LANG"))) { if (strstr(s, "UTF-8")) utf8_mode = 1; } #ifdef ENABLE_NLS bindtextdomain("vuurmuur", xstr(VRMR_LOCALEDIR)); textdomain("vuurmuur"); #endif /* process commandline options */ while ((optch = getopt_long(argc, argv, optstring, long_options, &longopt_index)) != -1) { switch (optch) { case 'h': print_commandline_args(); break; /* configfile */ case 'c': if (strlcpy(vctx.conf.configfile, optarg, sizeof(vctx.conf.configfile)) >= sizeof(vctx.conf.configfile)) { vrmr_error(EXIT_FAILURE, VR_ERR, gettext("commandline argument too long for option " "-c.")); exit(EXIT_FAILURE); } break; case 'd': /* convert the debug string and check the result */ debug_level = atoi(optarg); if (debug_level < 0 || debug_level > HIGH) { vrmr_error(EXIT_FAILURE, VR_ERR, gettext("commandline debuglevel out of range.")); exit(EXIT_FAILURE); } vrmr_debug_level = debug_level; fprintf(stdout, "vuurmuur_conf: debugging enabled.\n"); fprintf(stdout, "vuurmuur_conf: debug level: %d\n", debug_level); break; case 'V': /* print version */ fprintf(stdout, "Vuurmuur_conf %s\n", version_string); fprintf(stdout, "%s\n", VUURMUUR_COPYRIGHT); exit(EXIT_SUCCESS); case 'W': { char wizard_path[512] = ""; snprintf(wizard_path, sizeof(wizard_path), "%s/scripts/vuurmuur-wizard.sh", vctx.conf.datadir); printf("Running %s...\n", wizard_path); exec_wizard(wizard_path); exit(EXIT_SUCCESS); } default: vrmr_error(EXIT_FAILURE, VR_ERR, gettext("unknown commandline option.")); exit(EXIT_FAILURE); } } /* close the STDERR_FILENO because it gives us annoying "Broken Pipe" errors on some systems with bash3. Let's see if this has negative side-effects. */ close(STDERR_FILENO); /* init vuurmuur_conf config already to get background */ (void)init_vcconfig(&vctx.conf, vccnf.configfile_location, &vccnf); /* Initialize curses */ (void)initscr(); (void)start_color(); (void)cbreak(); (void)noecho(); (void)keypad(stdscr, (bool)TRUE); setup_colors(); /* create the three main windows */ if (!(status_frame_win = create_newwin( 3, COLS, LINES - 3, 0, NULL, vccnf.color_bgd))) exit(EXIT_FAILURE); if (!(status_win = create_newwin( 1, COLS - 4, LINES - 2, 2, NULL, vccnf.color_bgd))) exit(EXIT_FAILURE); if (!(top_win = create_newwin(3, COLS, 0, 0, NULL, vccnf.color_bgd))) exit(EXIT_FAILURE); if (!(main_win = create_newwin( LINES - 6, COLS, 3, 0, NULL, vccnf.color_bgd))) exit(EXIT_FAILURE); if (!(mainlog_win = newwin(LINES - 8, COLS - 2, 4, 1))) exit(EXIT_FAILURE); (void)wbkgd(mainlog_win, vccnf.color_bgd); wattron(status_frame_win, vccnf.color_bgd); mvwprintw(status_frame_win, 0, 2, " %s ", gettext("Status")); mvwprintw(status_frame_win, 2, (int)(COLS - 4 - StrLen(vctx.user_data.realusername) - 6), " user: %s ", vctx.user_data.realusername); wattroff(status_frame_win, vccnf.color_bgd); /* Attach a panel to each window */ main_panels[0] = new_panel(top_win); main_panels[1] = new_panel(main_win); main_panels[2] = new_panel(status_win); main_panels[3] = new_panel(mainlog_win); main_panels[4] = new_panel(status_frame_win); (void)update_panels(); (void)doupdate(); /* init the vrprint functions for the Gui */ vrprint.error = vuumuurconf_print_error; vrprint.warning = vuumuurconf_print_warning; vrprint.info = vuumuurconf_print_info; if (status_print(status_win, gettext("This is Vuurmuur_conf %s, %s"), version_string, VUURMUUR_COPYRIGHT) < 0) exit(EXIT_FAILURE); /* setup the global busywin */ VrBusyWinCreate(); VrBusyWinHide(); // form_test(); /* startup_screen inits the config, loads the zones, rules, etc */ if (startup_screen(&vctx, &vctx.rules, &vctx.zones, &vctx.services, &vctx.interfaces, &vctx.blocklist, &vctx.reg) < 0) { /* failure! Lets quit. */ /* delete panels and windows */ (void)del_panel(main_panels[0]); (void)del_panel(main_panels[1]); (void)del_panel(main_panels[2]); (void)del_panel(main_panels[3]); (void)del_panel(main_panels[4]); (void)destroy_win(top_win); (void)destroy_win(main_win); (void)destroy_win(status_win); (void)destroy_win(status_frame_win); /* clear screen */ (void)refresh(); /* end ncurses mode */ (void)endwin(); exit(EXIT_FAILURE); } /* setup statuslist */ (void)setup_statuslist(); status_print(status_win, STR_READY); mm_status_checkall(&vctx, NULL, &vctx.rules, &vctx.zones, &vctx.interfaces, &vctx.services); /* main menu loop */ while (main_menu(&vctx, &vctx.rules, &vctx.zones, &vctx.interfaces, &vctx.services, &vctx.blocklist, &vctx.reg) == 1) ; /* clean up the status list */ vrmr_list_cleanup(&vuurmuur_status.StatusList); /* detach from shared memory, if we were attached */ if (vuurmuur_shmp != NULL && vuurmuur_shmp != (char *)(-1) && vuurmuur_shmtable != 0) { if (vrmr_lock(vuurmuur_semid)) { vuurmuur_shmtable->configtool.connected = 3; vrmr_unlock(vuurmuur_semid); } (void)shmdt(vuurmuur_shmp); } if (vuurmuurlog_shmp != NULL && vuurmuurlog_shmp != (char *)(-1) && vuurmuurlog_shmtable != 0) { if (vrmr_lock(vuurmuurlog_semid)) { vuurmuurlog_shmtable->configtool.connected = 3; vrmr_unlock(vuurmuurlog_semid); } (void)shmdt(vuurmuurlog_shmp); } /* destroy the global busywin */ VrBusyWinDelete(); /* delete panels and windows */ (void)del_panel(main_panels[0]); (void)del_panel(main_panels[1]); (void)del_panel(main_panels[2]); (void)del_panel(main_panels[3]); (void)del_panel(main_panels[4]); (void)destroy_win(mainlog_win); (void)destroy_win(top_win); (void)destroy_win(main_win); (void)destroy_win(status_win); (void)destroy_win(status_frame_win); /* clear screen */ (void)refresh(); /* end ncurses mode */ (void)endwin(); /* set error functions to the stdout versions */ vrprint.error = vrmr_stdoutprint_error; vrprint.warning = vrmr_stdoutprint_warning; vrprint.info = vrmr_stdoutprint_info; vrprint.debug = vrmr_stdoutprint_debug; vrprint.audit = vrmr_stdoutprint_audit; /* unload the backends */ if (vrmr_backends_unload(&vctx.conf, &vctx) < 0) { vrmr_error(-1, VR_ERR, gettext("unloading the backends failed")); retval = -1; } /* cleanup the datastructures */ (void)vrmr_list_cleanup(&vctx.blocklist.list); (void)vrmr_destroy_serviceslist(&vctx.services); (void)vrmr_destroy_zonedatalist(&vctx.zones); (void)vrmr_rules_cleanup_list(&vctx.rules); (void)vrmr_destroy_interfaceslist(&vctx.interfaces); vrmr_deinit(&vctx); return (retval); }
/* startup_screen This is the splash-screen which calls the startup functions, like loading the plugins, zones, services etc. Returncodes: 0: ok -1: error */ int startup_screen(struct vrmr_ctx *vctx, struct vrmr_rules *rules, struct vrmr_zones *zones, struct vrmr_services *services, struct vrmr_interfaces *interfaces, struct vrmr_blocklist *blocklist, struct vrmr_regex *reg) { WINDOW *startup_win = NULL, *startup_print_win = NULL; PANEL *startup_panel[2]; int retval = 0, maxy = 0, maxx = 0, y = 0, x = 0, width = 50, heigth = 15, result = 0, config_done = 0, cnfresult = 0; int print_pan_width = 40; // get screensize and set windowlocation getmaxyx(stdscr, maxy, maxx); y = (maxy - heigth) / 2; x = (maxx - width) / 2; // create the windows and panels startup_win = create_newwin(heigth, width, y, x, "Vuurmuur_conf", vccnf.color_win_init | A_BOLD); startup_print_win = newwin(1, print_pan_width, y + heigth - 3, x + 5); wbkgd(startup_print_win, vccnf.color_win_init | A_BOLD); startup_panel[0] = new_panel(startup_win); startup_panel[1] = new_panel(startup_print_win); update_panels(); doupdate(); // print the logo: it looks a bit weird here because of escape sequences // also print version mvwprintw(startup_win, 3, 4, " \\\\ // |\\\\ //| "); mvwprintw(startup_win, 4, 4, " \\\\ // | | | | |] ||\\//|| | | | | |] "); mvwprintw(startup_win, 5, 4, " \\// \\/| \\/| |\\ || || \\/| \\/| |\\ "); mvwprintw(startup_win, 6, 4, " Config "); mvwprintw(startup_win, 7, 4, " ------------------------------------ "); mvwprintw(startup_win, 9, 3, "%s ", VUURMUUR_COPYRIGHT); mvwprintw(startup_win, 10, 3, gettext("Version: %s"), VUURMUURCONF_VERSION); mvwprintw(startup_win, 12, 4, "["); mvwprintw(startup_win, 12, 4 + print_pan_width + 1, "]"); /* initialize the vuurmuur conf config */ /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_LOAD_VUURMUUR_CONF_SETTINGS); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); while (!config_done) { result = init_vcconfig(&vctx->conf, vccnf.configfile_location, &vccnf); if (result == VRMR_CNF_E_UNKNOWN_ERR || result == VRMR_CNF_E_PARAMETER) return (-1); else if (result == VRMR_CNF_E_FILE_PERMISSION) { return (-1); } /* missing file? use defaults */ else if (result == VRMR_CNF_E_FILE_MISSING) { vcconfig_use_defaults(&vccnf); werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_LOAD_VUURMUUR_CONF_SETTINGS, STR_COK); update_panels(); doupdate(); config_done = 1; } else if (result == VRMR_CNF_E_MISSING_VAR || result == VRMR_CNF_E_ILLEGAL_VAR || result == VRMR_CNF_W_MISSING_VAR || result == VRMR_CNF_W_ILLEGAL_VAR) { if (confirm(gettext("Problem with the Vuurmuur_conf settings"), gettext("Do you want to edit the settings now?"), vccnf.color_win_note, vccnf.color_win_note_rev | A_BOLD, 1)) { /* this prompt the user with the config menu */ cnfresult = edit_vcconfig(); if (cnfresult < 0) return (-1); } else { /* if the user doesn't want to solve the problem we exit if we had an error in case of a warning, we continue */ if (result == VRMR_CNF_E_MISSING_VAR || result == VRMR_CNF_E_FILE_MISSING) return (-1); else { // TODO: print warning to warn the user that the config is // not yet ok? config_done = 1; } } } else if (result == VRMR_CNF_OK) { werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_LOAD_VUURMUUR_CONF_SETTINGS, STR_COK); update_panels(); doupdate(); config_done = 1; } else { vrmr_error(-1, VR_ERR, "unknown return code from init_vcconfig. This can't be " "good"); return (-1); } if (config_done == 0) { werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_LOAD_VUURMUUR_CONF_SETTINGS); update_panels(); doupdate(); } } /* initialize the config */ config_done = 0; werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_LOAD_VUURMUUR_CONFIG); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); while (!config_done) { result = vrmr_init_config(&vctx->conf); if (result == VRMR_CNF_E_UNKNOWN_ERR || result == VRMR_CNF_E_PARAMETER) return (-1); else if (result == VRMR_CNF_E_FILE_PERMISSION) { return (-1); } else if (result == VRMR_CNF_E_FILE_MISSING || result == VRMR_CNF_E_MISSING_VAR || result == VRMR_CNF_E_ILLEGAL_VAR || result == VRMR_CNF_W_MISSING_VAR || result == VRMR_CNF_W_ILLEGAL_VAR) { if (confirm(gettext("Problem with the Vuurmuur config"), gettext("Do you want to edit the config now?"), vccnf.color_win_note, vccnf.color_win_note_rev | A_BOLD, 1)) { /* this prompt the user with the config menu */ cnfresult = config_menu(&vctx->conf); if (cnfresult < 0) return (-1); } else { /* if the user doesn't want to solve the problem we exit if we had an error in case of a warning, we continue */ if (result == VRMR_CNF_E_MISSING_VAR || result == VRMR_CNF_E_FILE_MISSING) return (-1); else { // TODO: print warning to warn the user that the config is // not yet ok? config_done = 1; } } } else if (result == VRMR_CNF_OK) { werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_LOAD_VUURMUUR_CONFIG, STR_COK); update_panels(); doupdate(); config_done = 1; } else { vrmr_error(-1, VR_INTERR, "unknown return code from vrmr_init_config. This can't be " "good"); return (-1); } if (config_done == 0) { werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_LOAD_VUURMUUR_CONFIG); update_panels(); doupdate(); } } /* config done, so now we can use logprinting */ if (vrmr_debug_level >= LOW) vrprint.info = vuumuurconf_print_info; else vrprint.info = vrmr_logprint_info; vrprint.debug = vrmr_logprint_debug; vrprint.audit = vrmr_logprint_audit; /* print that we started */ vrmr_audit("started: effective user %s (%ld), real user %s (%ld).", vctx->user_data.username, (long)vctx->user_data.user, vctx->user_data.realusername, (long)vctx->user_data.realuser); /* now load the backends */ werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_LOAD_PLUGINS); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); result = vrmr_backends_load(&vctx->conf, vctx); if (result < 0) { vrmr_error(-1, VR_ERR, gettext("loading the plugins failed.")); return (-1); } werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_LOAD_PLUGINS, STR_COK); update_panels(); doupdate(); /* init services */ /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_INIT_SERVICES); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); result = vrmr_init_services(vctx, services, reg); if (result < 0) { vrmr_error(-1, VR_ERR, gettext("intializing the services failed.")); return (-1); } /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_INIT_SERVICES, STR_COK); update_panels(); doupdate(); /* init interfaces */ /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_INIT_INTERFACES); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); result = vrmr_init_interfaces(vctx, interfaces); if (result < 0) { vrmr_error(-1, VR_ERR, gettext("intializing the interfaces failed.")); return (-1); } /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_INIT_INTERFACES, STR_COK); update_panels(); doupdate(); /* init zones */ /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_INIT_ZONES); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); result = vrmr_init_zonedata(vctx, zones, interfaces, reg); if (result < 0) { vrmr_error(-1, VR_ERR, gettext("intializing the zones failed.")); return (-1); } /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_INIT_ZONES, STR_COK); update_panels(); doupdate(); /* init rules */ /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_INIT_RULES); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); result = vrmr_rules_init_list(vctx, &vctx->conf, rules, reg); if (result < 0) { /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_INIT_RULES, STR_CFAILED); update_panels(); doupdate(); } else { /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_INIT_RULES, STR_COK); update_panels(); doupdate(); } /* load the blockfile */ /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s...", STR_INIT_BLOCKLIST); update_panels(); doupdate(); if (vrmr_debug_level > LOW) sleep(1); result = vrmr_blocklist_init_list(vctx, &vctx->conf, zones, blocklist, /*load_ips*/ FALSE, /*no_refcnt*/ FALSE); if (result < 0) { /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_INIT_BLOCKLIST, STR_CFAILED); update_panels(); doupdate(); } else { /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s... %s", STR_INIT_BLOCKLIST, STR_COK); update_panels(); doupdate(); } /* try to connect to vuurmuur trough shm */ vuurmuur_shmtable = NULL; werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur...", STR_CONNECTING_TO); update_panels(); doupdate(); vuurmuur_pid = get_vuurmuur_pid("/var/run/vuurmuur.pid", &vuurmuur_shmid); if (vuurmuur_shmid > 0) { /* attach to shared memory */ vuurmuur_shmp = shmat(vuurmuur_shmid, 0, 0); if (vuurmuur_shmp == (char *)(-1)) { vrmr_error(-1, VR_ERR, gettext("attaching to shared memory failed: %s"), strerror(errno)); } else { vuurmuur_shmtable = (struct vrmr_shm_table *)vuurmuur_shmp; vuurmuur_semid = vuurmuur_shmtable->sem_id; /* now try to connect to the shared memory */ if (vrmr_lock(vuurmuur_semid)) { vuurmuur_shmtable->configtool.connected = 1; (void)snprintf(vuurmuur_shmtable->configtool.name, sizeof(vuurmuur_shmtable->configtool.name), "Vuurmuur_conf %s (user: %s)", version_string, vctx->user_data.realusername); (void)strlcpy(vuurmuur_shmtable->configtool.username, vctx->user_data.realusername, sizeof(vuurmuur_shmtable->configtool.username)); vrmr_unlock(vuurmuur_semid); werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur... %s", STR_CONNECTING_TO, STR_COK); update_panels(); doupdate(); } else { werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur... %s", STR_CONNECTING_TO, STR_CFAILED); update_panels(); doupdate(); vuurmuur_shmp = NULL; } } } else { /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur... %s", STR_CONNECTING_TO, STR_CFAILED); update_panels(); doupdate(); vuurmuur_shmp = NULL; } /* try to connect to vuurmuur trough shm */ vuurmuurlog_shmtable = NULL; /* TRANSLATORS: max 40 characters */ werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur_log...", STR_CONNECTING_TO); update_panels(); doupdate(); vuurmuurlog_pid = get_vuurmuur_pid("/var/run/vuurmuur_log.pid", &vuurmuurlog_shmid); if (vuurmuurlog_shmid > 0) { /* attach to shared memory */ vuurmuurlog_shmp = shmat(vuurmuurlog_shmid, 0, 0); if (vuurmuurlog_shmp == (char *)(-1)) { vrmr_error(-1, VR_ERR, "attaching to shared memory failed: %s", strerror(errno)); } else { vuurmuurlog_shmtable = (struct vrmr_shm_table *)vuurmuurlog_shmp; vuurmuurlog_semid = vuurmuurlog_shmtable->sem_id; vrmr_debug(LOW, "vuurmuur_log: sem_id: %d.", vuurmuurlog_semid); /* now try to connect to the shared memory */ if (vrmr_lock(vuurmuurlog_semid)) { vuurmuurlog_shmtable->configtool.connected = 1; (void)snprintf(vuurmuurlog_shmtable->configtool.name, sizeof(vuurmuurlog_shmtable->configtool.name), "Vuurmuur_conf %s (user: %s)", version_string, vctx->user_data.realusername); (void)strlcpy(vuurmuurlog_shmtable->configtool.username, vctx->user_data.realusername, sizeof(vuurmuurlog_shmtable->configtool.username)); vrmr_unlock(vuurmuurlog_semid); werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur_log... %s", STR_CONNECTING_TO, STR_COK); update_panels(); doupdate(); } else { werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur_log... %s", STR_CONNECTING_TO, STR_CFAILED); update_panels(); doupdate(); vuurmuurlog_shmp = NULL; } } } else { werase(startup_print_win); wprintw(startup_print_win, "%s Vuurmuur_log... %s", STR_CONNECTING_TO, STR_CFAILED); update_panels(); doupdate(); vuurmuurlog_shmp = NULL; } /* cleanup */ del_panel(startup_panel[0]); del_panel(startup_panel[1]); destroy_win(startup_print_win); destroy_win(startup_win); update_panels(); doupdate(); return (retval); }
int script_apply(const int debuglvl, VuurmuurScript *vr_script) { /* vuurmuur */ int vuurmuur_shmid = 0; int vuurmuur_semid = -1; /*@null@*/ struct vrmr_shm_table *vuurmuur_shmtable = NULL; char *vuurmuur_shmp = NULL; /* vuurmuur_log */ int vuurmuurlog_shmid = 0; int vuurmuurlog_semid = -1; char *vuurmuurlog_shmp = NULL; /*@null@*/ struct vrmr_shm_table *vuurmuurlog_shmtable = NULL; int vuurmuur_result = 0, vuurmuurlog_result = 0; int waittime = 0; int vuurmuur_progress = 0, vuurmuurlog_progress = 0; char failed = FALSE; int retval = 0; /* try to connect to vuurmuur trough shm */ vuurmuur_shmtable = NULL; get_vuurmuur_pid("/var/run/vuurmuur.pid", &vuurmuur_shmid); if(vuurmuur_shmid > 0) { /* attach to shared memory */ vuurmuur_shmp = shmat(vuurmuur_shmid, 0, 0); if(vuurmuur_shmp == (char *)(-1)) { vrmr_error(VRS_ERR_COMMAND_FAILED, VR_ERR, "attaching to shared memory failed: %s (in: %s:%d).", strerror(errno), __FUNC__, __LINE__); } else { vuurmuur_shmtable = (struct vrmr_shm_table *)vuurmuur_shmp; vuurmuur_semid = vuurmuur_shmtable->sem_id; /* now try to connect to the shared memory */ if(vrmr_lock(vuurmuur_semid)) { vuurmuur_shmtable->configtool.connected = 1; (void)strlcpy(vuurmuur_shmtable->configtool.username, vr_script->vctx.user_data.realusername, sizeof(vuurmuur_shmtable->configtool.username)); snprintf(vuurmuur_shmtable->configtool.name, sizeof(vuurmuur_shmtable->configtool.name), "Vuurmuur_script %s (user: %s)", version_string, vr_script->vctx.user_data.realusername); vrmr_unlock(vuurmuur_semid); } else { vrmr_error(VRS_ERR_COMMAND_FAILED, VR_ERR, "connecting to Vuurmuur failed: could not lock semid."); vuurmuur_shmp = NULL; } } } else { vrmr_warning(VR_WARN, "vuurmuur not notified: connecting failed: no shmid."); vuurmuur_shmp = NULL; } /* try to connect to vuurmuur trough shm */ vuurmuurlog_shmtable = NULL; get_vuurmuur_pid("/var/run/vuurmuur_log.pid", &vuurmuurlog_shmid); if(vuurmuurlog_shmid > 0) { /* attach to shared memory */ vuurmuurlog_shmp = shmat(vuurmuurlog_shmid, 0, 0); if(vuurmuurlog_shmp == (char *)(-1)) { vrmr_error(VRS_ERR_COMMAND_FAILED, VR_ERR, "attaching to shared memory failed: %s (in: %s:%d).", strerror(errno), __FUNC__, __LINE__); } else { vuurmuurlog_shmtable = (struct vrmr_shm_table *)vuurmuurlog_shmp; vuurmuurlog_semid = vuurmuurlog_shmtable->sem_id; /* now try to connect to the shared memory */ if(vrmr_lock(vuurmuurlog_semid)) { vuurmuurlog_shmtable->configtool.connected = 1; (void)strlcpy(vuurmuurlog_shmtable->configtool.username, vr_script->vctx.user_data.realusername, sizeof(vuurmuurlog_shmtable->configtool.username)); snprintf(vuurmuurlog_shmtable->configtool.name, sizeof(vuurmuurlog_shmtable->configtool.name), "Vuurmuur_script %s (user: %s)", version_string, vr_script->vctx.user_data.realusername); vrmr_unlock(vuurmuurlog_semid); } else { vrmr_error(VRS_ERR_COMMAND_FAILED, VR_ERR, "connecting to Vuurmuur_log failed: could not lock semid."); vuurmuurlog_shmp = NULL; } } } else { vrmr_warning(VR_WARN, "vuurmuur_log not notified: connecting failed: no shmid."); vuurmuurlog_shmp = NULL; } /* handle no vuurmuur connection */ if(vuurmuur_shmtable != NULL && vuurmuur_semid != -1) { if(vrmr_lock(vuurmuur_semid)) { vuurmuur_shmtable->backend_changed = 1; vrmr_unlock(vuurmuur_semid); vuurmuur_result = VRMR_RR_NO_RESULT_YET; } } else { vuurmuur_result = VRMR_RR_READY; } /* handle no vuurmuur_log connection */ if(vuurmuurlog_shmtable != NULL && vuurmuurlog_semid != -1) { if(vrmr_lock(vuurmuurlog_semid)) { vuurmuurlog_shmtable->backend_changed = 1; vrmr_unlock(vuurmuurlog_semid); vuurmuurlog_result = VRMR_RR_NO_RESULT_YET; } } else { vuurmuurlog_result = VRMR_RR_READY; } /* wait max 60 seconds */ while (((vuurmuur_result == VRMR_RR_NO_RESULT_YET || vuurmuur_result == VRMR_RR_RESULT_ACK) || (vuurmuurlog_result == VRMR_RR_NO_RESULT_YET || vuurmuurlog_result == VRMR_RR_RESULT_ACK)) && waittime < 60000000) { if(vuurmuur_shmtable != NULL && vuurmuur_semid != -1) { if(vuurmuur_progress < 100) { if(vrmr_lock(vuurmuur_semid)) { if(vuurmuur_shmtable->reload_result != VRMR_RR_READY) { vuurmuur_result = vuurmuur_shmtable->reload_result; } vuurmuur_progress = vuurmuur_shmtable->reload_progress; vrmr_unlock(vuurmuur_semid); } } if(vuurmuur_progress == 100) { if(vuurmuur_semid == -1) { vuurmuur_result = VRMR_RR_READY; failed = 1; } else if(vrmr_lock(vuurmuur_semid)) { vuurmuur_shmtable->reload_result = VRMR_RR_RESULT_ACK; vrmr_unlock(vuurmuur_semid); if(vuurmuur_result != VRMR_RR_SUCCES && vuurmuur_result != VRMR_RR_NOCHANGES) { vuurmuur_result = VRMR_RR_READY; failed = 1; } } } } else { vuurmuur_result = VRMR_RR_READY; failed = 1; } if(vuurmuurlog_shmtable != NULL && vuurmuurlog_semid != -1) { if(vuurmuurlog_progress < 100) { if(vrmr_lock(vuurmuurlog_semid)) { if(vuurmuurlog_shmtable->reload_result != VRMR_RR_READY) { vuurmuurlog_result = vuurmuurlog_shmtable->reload_result; } vuurmuurlog_progress = vuurmuurlog_shmtable->reload_progress; vrmr_unlock(vuurmuurlog_semid); } } if(vuurmuurlog_progress == 100) { if(vuurmuurlog_semid == -1) { } else if(vrmr_lock(vuurmuurlog_semid)) { vuurmuurlog_shmtable->reload_result = VRMR_RR_RESULT_ACK; vrmr_unlock(vuurmuurlog_semid); if(vuurmuurlog_result != VRMR_RR_SUCCES && vuurmuur_result != VRMR_RR_NOCHANGES) { vuurmuurlog_result = VRMR_RR_READY; failed = 1; } } } else { vuurmuurlog_result = VRMR_RR_READY; failed = 1; } } /* no result yet, sleep 1 sec, or if the server didn't have a chance to do anything */ if( (vuurmuur_result == VRMR_RR_NO_RESULT_YET || vuurmuur_result == VRMR_RR_RESULT_ACK) || (vuurmuurlog_result == VRMR_RR_NO_RESULT_YET || vuurmuurlog_result == VRMR_RR_RESULT_ACK)) { waittime += 1000; usleep(1000); } } /* timed out */ if(vuurmuur_progress < 100) { failed = 1; } /* timed out */ if(vuurmuurlog_progress < 100) { failed = 1; } /* detach from shared memory, if we were attached */ if(vuurmuur_shmp != NULL && vuurmuur_shmp != (char *)(-1) && vuurmuur_shmtable != 0) { if(vrmr_lock(vuurmuur_semid)) { vuurmuur_shmtable->configtool.connected = 3; vrmr_unlock(vuurmuur_semid); } (void)shmdt(vuurmuur_shmp); } if(vuurmuurlog_shmp != NULL && vuurmuurlog_shmp != (char *)(-1) && vuurmuurlog_shmtable != 0) { if(vrmr_lock(vuurmuurlog_semid)) { vuurmuurlog_shmtable->configtool.connected = 3; vrmr_unlock(vuurmuurlog_semid); } (void)shmdt(vuurmuurlog_shmp); } if(failed == TRUE) retval = VRS_ERR_COMMAND_FAILED; return(retval); }