Mercurial > routeflapper

annotate src/routeconfig.cpp @ 0:48d06780cf77

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
initial version
author Carl Byington <carl@five-ten-sg.com>
date Tue, 13 May 2008 14:03:10 -0700
parents
children bb3f804f13a0
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1 /*
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
2
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
4 the GPL version 3 or any later version at your choice available at
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
5 http://www.gnu.org/licenses/gpl-3.0.txt
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
6
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
7 */
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
8
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
9 #include "includes.h"
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
10 #include <fcntl.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
11 #include <sys/socket.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
12 #include <netinet/in.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
13 #include <arpa/inet.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
14 #include <netdb.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
15 #include <limits.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
16 #include <set>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
17 #include <vector>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
18 #include <map>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
19 #include <stdint.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
20 #include <stdlib.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
21 #include <time.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
22
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
23 char *token_announce;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
24 char *token_file;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
25 char *token_include;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
26 char *token_index_ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
27 char *token_index_length;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
28 char *token_index_path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
29 char *token_index_value;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
30 char *token_ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
31 char *token_lbrace;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
32 char *token_path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
33 char *token_rbrace;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
34 char *token_reset;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
35 char *token_semi;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
36 char *token_slash;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
37 char *token_withdraw;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
38
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
39 const int training = 100; // need 100 hours uptime before using the statistics
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
40 const float origin_threshold = 2.9; // a bit less than 1 + decay + decay^2
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
41 const float adjacent_threshold = 2.9; // ""
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
42 const float decay = 0.99; // hourly exponential decay
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
43 const float threshold = 0.01; // when counts have decayed below threshold, discard the item
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
44 const int ancient_smtp = 3*3600;// suspicious smtp connections over 3 hours old are ignored
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
45
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
46 string_set all_strings; // owns all the strings, only modified by the config loader thread
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
47 const int maxlen = 1000; // used for snprintf buffers
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
48 typedef pair<int,int> adjacent;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
49 typedef vector<int> aspath;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
50 typedef map<int,float> o_history; // as origin history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
51 typedef map<adjacent,float> a_history; // as adjacency history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
52 typedef set<adjacent> a_set; // set of current adjacency pairs
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
53 typedef map<uint32_t,time_t> m_connect; // smtp connections
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
54
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
55 class route_prefix {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
56 uint32_t prefix_value;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
57 bool announced;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
58 bool trusted; // cannot be suspicious
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
59 aspath path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
60 o_history origin_history;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
61 m_connect smtp_connections;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
62 public:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
63 route_prefix(uint32_t value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
64 void add_route(aspath path_, a_history &adj_history);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
65 void remove_route(int prefix_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
66 uint32_t prefix() const { return prefix_value; };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
67 bool active() const { return announced; };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
68 adjacent aspair(int i) const { return adjacent(path[i], path[i+1]); };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
69 bool empty() const { return !announced && origin_history.empty(); };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
70 void update_history(a_set &adj_set);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
71 suspicion suspicious(a_history &adj_history, bool debug = false, int prefix_length = 0, uint32_t ip = 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
72 void record_smtp(uint32_t ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
73 string name(int length) const;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
74 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
75
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
76 struct ltrouteprefix {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
77 bool operator()(const route_prefix* r1, const route_prefix* r2) const {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
78 return r1->prefix() < r2->prefix();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
79 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
80 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
81
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
82 typedef set<route_prefix*, ltrouteprefix> route_prefixes;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
83
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
84 class RIB {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
85 pthread_mutex_t rib_mutex;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
86 int uptime;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
87 bool stable;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
88 route_prefixes prefixes[33]; // /0 to /32
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
89 a_history history;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
90 aspath path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
91 public:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
92 RIB();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
93 void set_path(aspath path_) {path = path_;};
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
94 void add_route(int prefix_length, uint32_t prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
95 void remove_route(int prefix_length, uint32_t prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
96 void update_history();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
97 suspicion suspicious(route_prefix *r, bool debug = false, int prefix_length = 0, uint32_t ip = 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
98 suspicion suspicious(uint32_t ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
99 void clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
100 void reset();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
101 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
102
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
103
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
104 RIB route_base;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
105
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
106 const uint32_t masks[33] = {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
107 0x00000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
108 0x80000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
109 0xc0000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
110 0xe0000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
111 0xf0000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
112 0xf8000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
113 0xfc000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
114 0xfe000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
115 0xff000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
116 0xff800000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
117 0xffc00000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
118 0xffe00000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
119 0xfff00000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
120 0xfff80000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
121 0xfffc0000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
122 0xfffe0000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
123 0xffff0000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
124 0xffff8000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
125 0xffffc000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
126 0xffffe000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
127 0xfffff000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
128 0xfffff800,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
129 0xfffffc00,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
130 0xfffffe00,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
131 0xffffff00,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
132 0xffffff80,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
133 0xffffffc0,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
134 0xffffffe0,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
135 0xfffffff0,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
136 0xfffffff8,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
137 0xfffffffc,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
138 0xfffffffe,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
139 0xffffffff};
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
140
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
141
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
142 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
143 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
144 char *suspicious_name(suspicion s)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
145 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
146 char *ss = "";
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
147 switch (s) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
148 case suspicious_none: ss = "none"; break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
149 case suspicious_origin: ss = "origin"; break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
150 case suspicious_adjacency: ss = "adjacency"; break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
151 default: break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
152 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
153 return ss;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
154 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
155
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
156
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
157 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
158 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
159 route_prefix::route_prefix(uint32_t value)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
160 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
161 prefix_value = value;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
162 announced = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
163 trusted = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
164 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
165
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
166
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
167 void route_prefix::add_route(aspath path_, a_history &adj_history)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
168 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
169 suspicion s = suspicious(adj_history);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
170 trusted = announced && (s == suspicious_none);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
171 announced = true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
172 path = path_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
173 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
174
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
175
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
176 void route_prefix::remove_route(int prefix_length)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
177 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
178 if (announced) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
179 for (m_connect::iterator i = smtp_connections.begin(); i != smtp_connections.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
180 const uint32_t &ip = (*i).first;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
181 time_t &t = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
182 uint32_t nip = htonl(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
183 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
184 char adr[sizeof "255.255.255.255 "];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
185 adr[0] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
186 inet_ntop(AF_INET, (const u_char *)&nip, adr, sizeof(adr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
187 char ctbuf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
188 ctime_r(&t, ctbuf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
189 int ii = strlen(ctbuf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
190 if (ii > 1) ctbuf[ii-1] = '\0'; // remove trailing newline
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
191 snprintf(buf, sizeof(buf), "*** smtp connection at %s from %s via prefix %s/%d being removed", ctbuf, adr, name(prefix_length).c_str(), prefix_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
192 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
193 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
194 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
195 announced = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
196 smtp_connections.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
197 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
198
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
199
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
200 void route_prefix::update_history(a_set &adj_set)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
201 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
202 // decay origin history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
203 for (o_history::iterator i = origin_history.begin(); i != origin_history.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
204 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
205 count *= decay;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
206 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
207 if (announced) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
208 // remove old suspicious smtp connections
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
209 time_t cutoff = time(NULL) - ancient_smtp;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
210 for (m_connect::iterator i = smtp_connections.begin(); i != smtp_connections.end(); ) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
211 time_t &t = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
212 if (t > cutoff) i++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
213 else smtp_connections.erase(i++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
214 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
215
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
216 // update origin history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
217 int n = path.size() - 1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
218 int origin = path[n];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
219 o_history::iterator j = origin_history.find(origin);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
220 if (j == origin_history.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
221 origin_history[origin] = 1.0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
222 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
223 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
224 float &count = (*j).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
225 count++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
226 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
227 // update current adjacency set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
228 for (int k=0; k<n; k++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
229 adj_set.insert(aspair(k));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
230 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
231 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
232
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
233 // remove origin history entries below the threshold
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
234 for (o_history::iterator i = origin_history.begin(); i != origin_history.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
235 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
236 if (count > threshold) i++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
237 else origin_history.erase(i++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
238 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
239 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
240
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
241
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
242 suspicion route_prefix::suspicious(a_history &adj_history, bool debug, int prefix_length, uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
243 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
244 if (!announced || trusted) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
245 debug &= (debug_syslog > 2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
246
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
247 // check origin stability
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
248 int n = path.size() - 1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
249 int origin = path[n];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
250 o_history::const_iterator o = origin_history.find(origin);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
251 if (o == origin_history.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
252 if (debug) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
253 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
254 snprintf(buf, sizeof(buf), "debug suspicious origin %d missing count %s",
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
255 origin, name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
256 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
257 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
258 record_smtp(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
259 return suspicious_origin;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
260 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
261 const float &count = (*o).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
262 if (count < origin_threshold) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
263 if (debug) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
264 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
265 snprintf(buf, sizeof(buf), "debug suspicious origin %d count %5.2f vs %5.2f %s",
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
266 origin, count, origin_threshold, name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
267 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
268 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
269 record_smtp(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
270 return suspicious_origin;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
271 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
272
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
273 // check as adjacency stability
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
274 for (int k=0; k<n; k++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
275 adjacent aa = aspair(k);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
276 a_history::iterator a = adj_history.find(aa);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
277 if (a == adj_history.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
278 if (debug) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
279 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
280 snprintf(buf, sizeof(buf), "debug suspicious adjacency (%d,%d) missing count %s",
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
281 aa.first, aa.second, name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
282 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
283 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
284 record_smtp(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
285 return suspicious_adjacency;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
286 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
287 float &count = (*a).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
288 if (count < adjacent_threshold) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
289 if (debug) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
290 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
291 snprintf(buf, sizeof(buf), "debug suspicious adjacency (%d,%d) count %5.2f vs %5.2f %s",
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
292 aa.first, aa.second, count, adjacent_threshold, name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
293 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
294 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
295 record_smtp(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
296 return suspicious_adjacency;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
297 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
298 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
299 return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
300 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
301
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
302
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
303 void route_prefix::record_smtp(uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
304 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
305 if (ip) smtp_connections[ip] = time(NULL);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
306 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
307
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
308
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
309 string route_prefix::name(int length) const
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
310 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
311 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
312 char adr[sizeof "255.255.255.255 "];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
313 adr[0] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
314 uint32_t nip = htonl(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
315 inet_ntop(AF_INET, (const u_char *)&nip, adr, sizeof(adr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
316 snprintf(buf, sizeof(buf), "%s/%d", adr, length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
317 int n = path.size();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
318 for (int i=0; i<n; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
319 snprintf(adr, sizeof(adr), " %d", path[i]);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
320 strncat(buf, adr, max(0, maxlen-1-(int)strlen(adr)));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
321 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
322 return string(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
323 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
324
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
325
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
326 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
327 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
328
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
329 RIB::RIB()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
330 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
331 pthread_mutex_init(&rib_mutex, 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
332 uptime = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
333 stable = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
334 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
335
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
336
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
337 void RIB::add_route(int prefix_length, uint32_t prefix_value)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
338 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
339 if (prefix_length < 0) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
340 if (prefix_length > 32) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
341 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
342 prefix_value &= masks[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
343 route_prefix rr(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
344 route_prefixes &p = prefixes[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
345 route_prefixes::iterator i = p.find(&rr);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
346 route_prefix *r = NULL;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
347 if (i == p.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
348 // new prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
349 r = new route_prefix(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
350 p.insert(r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
351 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
352 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
353 // existing prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
354 r = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
355 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
356 r->add_route(path, history);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
357 suspicion s;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
358 if (debug_syslog > 2) s = suspicious(r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
359 if ((debug_syslog > 2) && (s != suspicious_none) && (prefix_length < 22)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
360 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
361 snprintf(buf, sizeof(buf), "add suspicious %s route %s", suspicious_name(s), r->name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
362 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
363 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
364 else if (debug_syslog > 3) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
365 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
366 snprintf(buf, sizeof(buf), "add route %s", r->name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
367 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
368 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
369 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
370 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
371
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
372
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
373 void RIB::remove_route(int prefix_length, uint32_t prefix_value)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
374 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
375 if (prefix_length < 0) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
376 if (prefix_length > 32) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
377 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
378 uint32_t mask = masks[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
379 prefix_value &= mask;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
380 route_prefix r(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
381 route_prefixes &p = prefixes[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
382 route_prefixes::iterator i = p.find(&r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
383 if (i != p.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
384 // existing prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
385 route_prefix* r = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
386 if (debug_syslog > 3) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
387 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
388 snprintf(buf, sizeof(buf), "remove route %s", r->name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
389 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
390 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
391 r->remove_route(prefix_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
392 if (r->empty()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
393 p.erase(r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
394 delete r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
395 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
396 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
397 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
398 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
399
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
400
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
401 void RIB::update_history()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
402 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
403 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
404 a_set adj_set;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
405 uptime++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
406 stable = (uptime > training);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
407 int total = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
408 int inactive = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
409 int suspic = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
410 for (int i=0; i<=32; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
411 bool debug = true; // show first suspicious prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
412 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
413 for (route_prefixes::iterator j = p.begin(); j != p.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
414 route_prefix *r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
415 r->update_history(adj_set);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
416 total++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
417 if (r->active()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
418 if (suspicious(r, debug, i) != suspicious_none) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
419 suspic++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
420 debug = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
421 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
422 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
423 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
424 inactive++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
425 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
426 if (r->empty()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
427 p.erase(j++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
428 delete r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
429 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
430 else j++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
431 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
432 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
433 if (debug_syslog > 2) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
434 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
435 snprintf(buf, sizeof(buf), "total %d inactive %d suspicious %d", total, inactive, suspic);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
436 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
437 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
438 // decay adjacency history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
439 for (a_history::iterator i = history.begin(); i != history.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
440 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
441 count *= decay;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
442 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
443 // update adjacency history from the current adjacency set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
444 for (a_set::iterator i = adj_set.begin(); i != adj_set.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
445 a_history::iterator a = history.find(*i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
446 if (a == history.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
447 // new adjacency
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
448 history[*i] = 1.0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
449 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
450 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
451 float &count = (*a).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
452 count++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
453 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
454 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
455 // remove adjacency history entries below the threshold
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
456 for (a_history::iterator i = history.begin(); i != history.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
457 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
458 if (count > threshold) i++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
459 else history.erase(i++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
460 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
461 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
462 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
463
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
464
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
465 suspicion RIB::suspicious(route_prefix *r, bool debug, int prefix_length, uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
466 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
467 if (!stable) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
468 if (!r) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
469 return r->suspicious(history, debug, prefix_length, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
470 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
471
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
472
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
473 suspicion RIB::suspicious(uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
474 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
475 if (!stable) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
476 suspicion rc = suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
477 route_prefix *r1 = NULL;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
478 int pl;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
479 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
480 for (int i=32; i>=0; i--) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
481 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
482 uint32_t network = ip & masks[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
483 route_prefix r(network);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
484 route_prefixes::iterator j = p.find(&r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
485 if (j != p.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
486 // existing prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
487 route_prefix* r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
488 if (r->active()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
489 r1 = r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
490 pl = i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
491 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
492 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
493 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
494 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
495 rc = suspicious(r1, true, pl, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
496 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
497 return rc;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
498 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
499
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
500
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
501 void RIB::clear()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
502 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
503 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
504 for (int i=0; i<=32; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
505 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
506 for (route_prefixes::iterator j = p.begin(); j != p.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
507 route_prefix *r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
508 p.erase(j++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
509 delete r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
510 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
511 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
512 history.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
513 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
514 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
515
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
516
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
517 void RIB::reset()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
518 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
519 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
520 for (int i=0; i<=32; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
521 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
522 for (route_prefixes::iterator j = p.begin(); j != p.end(); j++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
523 route_prefix *r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
524 r->remove_route(i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
525 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
526 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
527 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
528 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
529
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
530
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
531 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
532 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
533 CONFIG::CONFIG() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
534 reference_count = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
535 generation = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
536 load_time = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
537 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
538
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
539
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
540 CONFIG::~CONFIG() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
541 for (routeconfig_list::iterator i=routeconfigs.begin(); i!=routeconfigs.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
542 ROUTECONFIG *c = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
543 delete c;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
544 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
545 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
546
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
547
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
548 void CONFIG::dump() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
549 for (routeconfig_list::iterator i=routeconfigs.begin(); i!=routeconfigs.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
550 ROUTECONFIG *c = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
551 c->dump(0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
552 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
553 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
554
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
555
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
556 void CONFIG::read() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
557 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
558 bool have = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
559 for (routeconfig_list::iterator i=routeconfigs.begin(); i!=routeconfigs.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
560 ROUTECONFIGP c = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
561 have |= c->read(*this);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
562 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
563 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
564 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
565 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
566
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
567
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
568
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
569 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
570 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
571 ROUTECONFIG::ROUTECONFIG(TOKEN &tok, char *file_name_) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
572 tokp = &tok;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
573 file_name = file_name_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
574 open(true);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
575 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
576
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
577
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
578 ROUTECONFIG::~ROUTECONFIG() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
579 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
580 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
581 PATTERN *p = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
582 delete p;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
583 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
584 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
585
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
586
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
587 void ROUTECONFIG::open(bool msg) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
588 fd = ::open(file_name, O_RDONLY);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
589 len = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
590 if (fd == -1) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
591 if (msg) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
592 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
593 snprintf(buf, sizeof(buf), "syslog file %s not readable", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
594 tokp->token_error(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
595 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
596 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
597 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
598 if (debug_syslog > 1) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
599 snprintf(buf, sizeof(buf), "syslog file %s opened", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
600 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
601 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
602 if (msg) lseek(fd, 0, SEEK_END);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
603 if (fstat(fd, &openfdstat)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
604 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
605 snprintf(buf, sizeof(buf), "syslog file %s cannot stat after open", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
606 tokp->token_error(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
607 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
608 // specify that this fd gets closed on exec, so that selinux
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
609 // won't complain
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
610 int oldflags = fcntl(fd, F_GETFD, 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
611 if (oldflags >= 0) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
612 fcntl(fd, F_SETFD, oldflags | FD_CLOEXEC);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
613 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
614 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
615 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
616
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
617
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
618 bool ROUTECONFIG::read(CONFIG &con) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
619 if (failed()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
620 open(false);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
621 if (failed()) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
622 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
623 int n = ::read(fd, buf+len, buflen-len);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
624 bool have = (n > 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
625 if (have) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
626 len += n;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
627 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
628 char *p = (char*)memchr(buf, '\n', len);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
629 if (!p) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
630 n = p-buf;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
631 *p = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
632 process(con); // process null terminated string
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
633 len -= n+1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
634 memmove(buf, p+1, len);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
635 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
636 // no <lf> in a full buffer
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
637 if (len == buflen) len = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
638 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
639 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
640 // check for file close
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
641 struct stat filenamest;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
642 if (0 == stat(file_name, &filenamest)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
643 if ((filenamest.st_dev != openfdstat.st_dev) ||
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
644 (filenamest.st_ino != openfdstat.st_ino)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
645 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
646 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
647 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
648 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
649 // filename no longer exists
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
650 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
651 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
652 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
653 return have;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
654 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
655
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
656
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
657 void ROUTECONFIG::close() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
658 if (debug_syslog > 1) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
659 snprintf(buf, sizeof(buf), "syslog file %s closed", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
660 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
661 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
662 if (fd != -1) ::close(fd);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
663 fd = -1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
664 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
665
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
666
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
667 void ROUTECONFIG::add_pattern(PATTERNP pat) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
668 patterns.push_back(pat);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
669 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
670
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
671
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
672 void ROUTECONFIG::process(CONFIG &con) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
673 int pi=0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
674 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
675 PATTERN *p = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
676 if (p->process(buf, con, file_name, pi)) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
677 pi++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
678 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
679 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
680
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
681
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
682 void ROUTECONFIG::dump(int level) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
683 char indent[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
684 int i = min(maxlen-1, level*4);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
685 memset(indent, ' ', i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
686 indent[i] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
687 printf("%s file \"%s\" {\n", indent, file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
688 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
689 PATTERN *p = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
690 p->dump(level+1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
691 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
692 printf("%s }; \n", indent);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
693 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
694
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
695
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
696 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
697 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
698 int ip_address(char *have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
699 int ip_address(char *have) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
700 int ipaddr = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
701 in_addr ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
702 if (inet_aton(have, &ip)) ipaddr = ip.s_addr;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
703 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
704 struct hostent *host = gethostbyname(have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
705 if (host && host->h_addrtype == AF_INET) memcpy(&ipaddr, host->h_addr, sizeof(ipaddr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
706 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
707 return ntohl(ipaddr);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
708 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
709
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
710
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
711 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
712 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
713
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
714 PATTERN::PATTERN(TOKEN &tok, pattern_style style_, char *pattern_, int index1_, int index2_)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
715 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
716 style = style_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
717 pattern = pattern_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
718 index1 = index1_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
719 index2 = index2_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
720 if (pattern) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
721 int rc = regcomp(&re, pattern, REG_ICASE | REG_EXTENDED);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
722 if (rc) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
723 char bu[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
724 regerror(rc, &re, bu, maxlen);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
725 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
726 snprintf(buf, sizeof(buf), "pattern %s not valid - %s", pattern, bu);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
727 tok.token_error(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
728 pattern = NULL;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
729 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
730 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
731 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
732
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
733
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
734 PATTERN::~PATTERN() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
735 regfree(&re);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
736 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
737
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
738
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
739 bool PATTERN::process(char *buf, CONFIG &con, char *file_name, int pattern_index)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
740 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
741 if (pattern) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
742 const int nmatch = max(index1, index2) + 1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
743 regmatch_t match[nmatch];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
744 if (0 == regexec(&re, buf, nmatch, match, 0)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
745 int sp1 = match[index1].rm_so;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
746 int ep1 = match[index1].rm_eo;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
747 int sp2 = match[index2].rm_so;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
748 int ep2 = match[index2].rm_eo;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
749 if ((sp1 != -1) && (sp2 != -1)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
750 if (debug_syslog > 13) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
751 my_syslog(buf); // show lines with matches
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
752 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
753 buf[ep1] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
754 buf[ep2] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
755 uint32_t ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
756 int pl;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
757 suspicion s;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
758 switch (style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
759 case style_reset:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
760 route_base.reset();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
761 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
762 case style_path:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
763 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
764 aspath path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
765 char *p = buf+sp1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
766 char *e;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
767 long l;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
768 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
769 l = strtol(p, &e, 10);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
770 if (e == p) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
771 p = e;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
772 path.push_back((int)l);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
773 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
774 route_base.set_path(path);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
775 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
776 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
777 case style_announce:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
778 ip = ip_address(buf+sp1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
779 pl = atoi(buf+sp2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
780 if (ip) route_base.add_route(pl, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
781 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
782 case style_withdraw:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
783 ip = ip_address(buf+sp1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
784 pl = atoi(buf+sp2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
785 if (ip) route_base.remove_route(pl, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
786 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
787 case style_ip:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
788 ip = ip_address(buf+sp1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
789 s = route_base.suspicious(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
790 if (s != suspicious_none) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
791 char adr[sizeof "255.255.255.255 "];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
792 adr[0] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
793 uint32_t nip = htonl(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
794 inet_ntop(AF_INET, (const u_char *)&nip, adr, sizeof(adr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
795 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
796 snprintf(buf, sizeof(buf), "*** suspicious %s ip %s", suspicious_name(s), adr);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
797 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
798 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
799 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
800 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
801 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
802 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
803 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
804 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
805 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
806 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
807
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
808
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
809 void PATTERN::dump(int level, int index, char *token)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
810 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
811 char indent[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
812 int i = min(maxlen-1, level*4);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
813 memset(indent, ' ', i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
814 indent[i] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
815 printf("%s %s %d; \n", indent, token, index);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
816 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
817
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
818
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
819 void PATTERN::dump(int level)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
820 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
821 char indent[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
822 int i = min(maxlen-1, level*4);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
823 memset(indent, ' ', i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
824 indent[i] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
825 switch (style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
826 case style_reset:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
827 printf("%s %s \"%s\" { \n", indent, token_reset, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
828 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
829 case style_path:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
830 printf("%s %s \"%s\" { \n", indent, token_path, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
831 dump(level+1, index1, token_index_path);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
832 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
833 case style_announce:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
834 printf("%s %s \"%s\" { \n", indent, token_announce, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
835 dump(level+1, index1, token_index_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
836 dump(level+1, index2, token_index_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
837 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
838 case style_withdraw:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
839 printf("%s %s \"%s\" { \n", indent, token_withdraw, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
840 dump(level+1, index1, token_index_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
841 dump(level+1, index2, token_index_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
842 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
843 case style_ip:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
844 printf("%s %s \"%s\" { \n", indent, token_ip, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
845 dump(level+1, index1, token_index_ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
846 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
847 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
848 printf("%s }; \n", indent);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
849 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
850
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
851
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
852 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
853 // helper to discard the strings held by a string_set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
854 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
855 void discard(string_set &s) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
856 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
857 free(*i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
858 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
859 s.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
860 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
861
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
862
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
863 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
864 // helper to register a string in a string set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
865 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
866 char* register_string(string_set &s, char *name) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
867 string_set::iterator i = s.find(name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
868 if (i != s.end()) return *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
869 char *x = strdup(name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
870 s.insert(x);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
871 return x;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
872 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
873
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
874
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
875 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
876 // register a global string
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
877 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
878 char* register_string(char *name) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
879 return register_string(all_strings, name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
880 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
881
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
882
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
883 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
884 // clear all global strings, helper for valgrind checking
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
885 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
886 void clear_strings() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
887 discard(all_strings);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
888 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
889
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
890
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
891 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
892 // clear the rib, helper for valgrind checking
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
893 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
894 void clear_rib() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
895 route_base.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
896 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
897
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
898
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
899 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
900 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
901 bool tsa(TOKEN &tok, char *token);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
902 bool tsa(TOKEN &tok, char *token) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
903 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
904 if (have == token) return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
905 tok.token_error(token, have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
906 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
907 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
908
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
909
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
910 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
911 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
912 bool parse_path(TOKEN &tok, ROUTECONFIG &con, char *tokk, pattern_style style);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
913 bool parse_path(TOKEN &tok, ROUTECONFIG &con, char *tokk, pattern_style style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
914 char *pattern = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
915 int index = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
916 if (!tsa(tok, token_lbrace)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
917 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
918 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
919 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
920 if (have == token_rbrace) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
921 if (have == tokk) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
922 index = tok.nextint();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
923 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
924 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
925 else return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
926 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
927 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
928 PATTERNP p = new PATTERN(tok, style, pattern, index, 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
929 con.add_pattern(p);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
930 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
931 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
932
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
933
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
934 bool parse_announce_withdraw(TOKEN &tok, ROUTECONFIG &con, pattern_style style);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
935 bool parse_announce_withdraw(TOKEN &tok, ROUTECONFIG &con, pattern_style style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
936 char *pattern = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
937 int index1 = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
938 int index2 = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
939 if (!tsa(tok, token_lbrace)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
940 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
941 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
942 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
943 if (have == token_rbrace) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
944 if (have == token_index_value) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
945 index1 = tok.nextint();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
946 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
947 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
948 else if (have == token_index_length) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
949 index2 = tok.nextint();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
950 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
951 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
952 else return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
953 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
954 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
955 PATTERNP p = new PATTERN(tok, style, pattern, index1, index2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
956 con.add_pattern(p);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
957 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
958 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
959
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
960
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
961 bool parse_routeconfig(TOKEN &tok, CONFIG &dc);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
962 bool parse_routeconfig(TOKEN &tok, CONFIG &dc) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
963 char *name = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
964 if (!tsa(tok, token_lbrace)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
965 ROUTECONFIGP con = new ROUTECONFIG(tok, name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
966 if (con->failed()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
967 delete con;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
968 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
969 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
970 dc.add_routeconfig(con);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
971 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
972 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
973 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
974 if (have == token_rbrace) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
975 if (have == token_reset) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
976 if (!parse_path(tok, *con, NULL, style_reset)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
977 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
978 else if (have == token_path) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
979 if (!parse_path(tok, *con, token_index_path, style_path)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
980 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
981 else if (have == token_ip) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
982 if (!parse_path(tok, *con, token_index_ip, style_ip)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
983 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
984 else if (have == token_announce) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
985 if (!parse_announce_withdraw(tok, *con, style_announce)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
986 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
987 else if (have == token_withdraw) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
988 if (!parse_announce_withdraw(tok, *con, style_withdraw)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
989 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
990 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
991 tok.token_error("path/announce/withdraw", have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
992 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
993 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
994 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
995 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
996 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
997 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
998
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
999
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1000 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1001 // parse a config file
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1002 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1003 bool load_conf(CONFIG &dc, char *fn) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1004 int count = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1005 TOKEN tok(fn, &dc.config_files);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1006 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1007 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1008 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1009 if (have == token_file) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1010 if (!parse_routeconfig(tok, dc)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1011 count++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1012 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1013 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1014 tok.token_error("file", have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1015 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1016 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1017 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1018 tok.token_error("load_conf() found %d syslog files in %s", count, fn);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1019 return (!dc.routeconfigs.empty());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1020 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1021
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1022
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1023 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1024 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1025 void routing_hourly_update() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1026 route_base.update_history();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1027 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1028
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1029
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1030 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1031 // init the tokens
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1032 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1033 void token_init() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1034 token_announce = register_string("announce");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1035 token_file = register_string("file");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1036 token_include = register_string("include");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1037 token_index_ip = register_string("index_ip");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1038 token_index_length = register_string("index_length");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1039 token_index_path = register_string("index_path");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1040 token_index_value = register_string("index_value");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1041 token_ip = register_string("ip");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1042 token_lbrace = register_string("{");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1043 token_path = register_string("path");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1044 token_rbrace = register_string("}");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1045 token_reset = register_string("reset");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1046 token_semi = register_string(";");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1047 token_slash = register_string("/");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1048 token_withdraw = register_string("withdraw");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1049 }