Skip to content
Toggle navigation
Toggle navigation
This project
Loading...
Sign in
John McEleney
/
mailutils
Go to a project
Toggle navigation
Toggle navigation pinning
Projects
Groups
Snippets
Help
Project
Activity
Repository
Pipelines
Graphs
Issues
0
Merge Requests
0
Wiki
Network
Create a new issue
Builds
Commits
Issue Boards
Files
Commits
Network
Compare
Branches
Tags
Commit
65e69031
...
65e690315175530ba12d03b614f6354fea27335d
authored
2001-11-01 15:38:49 +0000
by
Sergey Poznyakoff
Browse Files
Options
Browse Files
Tag
Download
Email Patches
Plain Diff
Configuration and ACL routines.
1 parent
038ae343
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
295 additions
and
0 deletions
comsat/cfg.c
comsat/cfg.c
0 → 100644
View file @
65e6903
/* Copyright (C) 1998,2001 Free Software Foundation, Inc.
This file is part of GNU Inetutils.
GNU Inetutils is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2, or (at your option)
any later version.
GNU Inetutils is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Inetutils; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. */
#include "comsat.h"
#include <argcv.h>
#include <ctype.h>
typedef
struct
netdef
netdef_t
;
struct
netdef
{
netdef_t
*
next
;
unsigned
int
ipaddr
;
unsigned
int
netmask
;
};
#define ACT_ALLOW 0
#define ACT_DENY 1
typedef
struct
acl
acl_t
;
struct
acl
{
acl_t
*
next
;
netdef_t
*
netlist
;
int
action
;
};
acl_t
*
acl_head
,
*
acl_tail
;
#define DOTTED_QUAD_LEN 16
static
int
read_address
(
char
**
line_ptr
,
char
*
ptr
)
{
char
*
startp
=
*
line_ptr
;
char
*
endp
;
int
dotcount
=
0
;
for
(
endp
=
startp
;
*
endp
;
endp
++
,
ptr
++
)
if
(
!
(
isdigit
(
*
endp
)
||
*
endp
==
'.'
))
break
;
else
if
(
endp
<
startp
+
DOTTED_QUAD_LEN
)
{
if
(
*
endp
==
'.'
)
dotcount
++
;
*
ptr
=
*
endp
;
}
else
break
;
*
line_ptr
=
endp
;
*
ptr
=
0
;
return
dotcount
;
}
static
netdef_t
*
netdef_parse
(
char
*
str
)
{
unsigned
int
ipaddr
,
netmask
;
netdef_t
*
netdef
;
char
ipbuf
[
DOTTED_QUAD_LEN
+
1
];
if
(
strcmp
(
str
,
"any"
)
==
0
)
{
ipaddr
=
0
;
netmask
=
0
;
}
else
{
read_address
(
&
str
,
ipbuf
);
ipaddr
=
inet_addr
(
ipbuf
);
if
(
ipaddr
==
INADDR_NONE
)
return
NULL
;
if
(
*
str
==
0
)
netmask
=
0xfffffffful
;
else
if
(
*
str
!=
'/'
)
return
NULL
;
else
{
str
++
;
if
(
read_address
(
&
str
,
ipbuf
)
==
0
)
{
/* netmask length */
unsigned
int
len
=
strtoul
(
ipbuf
,
NULL
,
0
);
if
(
len
>
32
)
return
NULL
;
netmask
=
0xfffffffful
>>
(
32
-
len
);
netmask
<<=
(
32
-
len
);
/*FIXME: hostorder?*/
}
else
netmask
=
inet_network
(
ipbuf
);
netmask
=
htonl
(
netmask
);
}
}
netdef
=
malloc
(
sizeof
*
netdef
);
if
(
!
netdef
)
{
syslog
(
LOG_ERR
,
"out of memory"
);
exit
(
1
);
}
netdef
->
next
=
NULL
;
netdef
->
ipaddr
=
ipaddr
;
netdef
->
netmask
=
netmask
;
return
netdef
;
}
void
read_config
(
char
*
config_file
)
{
FILE
*
fp
;
int
line
;
char
buf
[
128
];
char
*
ptr
;
if
(
!
config_file
)
return
;
fp
=
fopen
(
config_file
,
"r"
);
if
(
!
fp
)
{
syslog
(
LOG_ERR
,
"can't open config file %s: %m"
,
config_file
);
return
;
}
line
=
0
;
while
((
ptr
=
fgets
(
buf
,
sizeof
buf
,
fp
)))
{
int
len
,
i
;
int
argc
;
char
**
argv
;
int
action
;
netdef_t
*
head
,
*
tail
;
acl_t
*
acl
;
line
++
;
len
=
strlen
(
ptr
);
if
(
len
>
0
&&
ptr
[
len
-
1
]
==
'\n'
)
ptr
[
--
len
]
=
0
;
while
(
*
ptr
&&
isspace
(
*
ptr
))
ptr
++
;
if
(
!*
ptr
||
*
ptr
==
'#'
)
continue
;
argcv_get
(
ptr
,
""
,
&
argc
,
&
argv
);
if
(
argc
<
2
)
{
syslog
(
LOG_ERR
,
"%s:%d: too few fields"
,
config_file
,
line
);
argcv_free
(
argc
,
argv
);
continue
;
}
if
(
strcmp
(
argv
[
0
],
"max-requests"
)
==
0
)
maxrequests
=
strtoul
(
argv
[
1
],
NULL
,
0
);
else
if
(
strcmp
(
argv
[
0
],
"request-control-interval"
)
==
0
)
request_control_interval
=
strtoul
(
argv
[
1
],
NULL
,
0
);
else
if
(
strcmp
(
argv
[
0
],
"overflow-control-interval"
)
==
0
)
overflow_control_interval
=
strtoul
(
argv
[
1
],
NULL
,
0
);
else
if
(
strcmp
(
argv
[
0
],
"overflow-delay-time"
)
==
0
)
overflow_delay_time
=
strtoul
(
argv
[
1
],
NULL
,
0
);
else
if
(
strcmp
(
argv
[
0
],
"max-lines"
)
==
0
)
maxlines
=
strtoul
(
argv
[
1
],
NULL
,
0
);
else
if
(
strcmp
(
argv
[
0
],
"acl"
)
==
0
)
{
if
(
strcmp
(
argv
[
1
],
"allow"
)
==
0
)
action
=
ACT_ALLOW
;
else
if
(
strcmp
(
argv
[
1
],
"deny"
)
==
0
)
action
=
ACT_DENY
;
else
{
syslog
(
LOG_ERR
,
"%s:%d: unknown keyword"
,
config_file
,
line
);
argcv_free
(
argc
,
argv
);
continue
;
}
head
=
tail
=
NULL
;
for
(
i
=
2
;
i
<
argc
;
i
++
)
{
netdef_t
*
cur
=
netdef_parse
(
argv
[
i
]);
if
(
!
cur
)
{
syslog
(
LOG_ERR
,
"%s:%d: can't parse netdef: %s"
,
config_file
,
line
,
argv
[
i
]);
continue
;
}
if
(
!
tail
)
head
=
cur
;
else
tail
->
next
=
cur
;
tail
=
cur
;
}
argcv_free
(
argc
,
argv
);
acl
=
malloc
(
sizeof
*
acl
);
if
(
!
acl
)
{
syslog
(
LOG_CRIT
,
"out of memory"
);
exit
(
1
);
}
acl
->
next
=
NULL
;
acl
->
action
=
action
;
acl
->
netlist
=
head
;
if
(
!
acl_tail
)
acl_head
=
acl
;
else
acl_tail
->
next
=
acl
;
acl_tail
=
acl
;
}
}
fclose
(
fp
);
}
static
void
netdef_free
(
netdef_t
*
netdef
)
{
netdef_t
*
next
;
while
(
netdef
)
{
next
=
netdef
->
next
;
free
(
netdef
);
netdef
=
next
;
}
}
static
void
acl_free
(
acl_t
*
acl
)
{
acl_t
*
next
;
while
(
acl
)
{
next
=
acl
->
next
;
netdef_free
(
acl
->
netlist
);
free
(
acl
);
acl
=
next
;
}
}
/*NOTE: currently unused. */
void
discard_acl
(
acl_t
*
mark
)
{
if
(
mark
)
{
acl_free
(
mark
->
next
);
acl_tail
=
mark
;
acl_tail
->
next
=
NULL
;
}
else
acl_head
=
acl_tail
=
NULL
;
}
int
acl_match
(
struct
sockaddr_in
*
sa_in
)
{
acl_t
*
acl
;
unsigned
int
ip
;
ip
=
sa_in
->
sin_addr
.
s_addr
;
for
(
acl
=
acl_head
;
acl
;
acl
=
acl
->
next
)
{
netdef_t
*
net
;
for
(
net
=
acl
->
netlist
;
net
;
net
=
net
->
next
)
{
if
(
net
->
ipaddr
==
(
ip
&
net
->
netmask
))
return
acl
->
action
;
}
}
return
ACT_ALLOW
;
}
Please
register
or
sign in
to post a comment