Mercurial > routeflapper

annotate src/routeconfig.cpp @ 2:bb3f804f13a0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
author Carl Byington <carl@five-ten-sg.com>
date Mon, 19 May 2008 21:45:45 -0700
parents 48d06780cf77
children 180d26aa2a17
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
0
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1 /*
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
2
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
4 the GPL version 3 or any later version at your choice available at
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
5 http://www.gnu.org/licenses/gpl-3.0.txt
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
6
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
7 */
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
8
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
9 #include "includes.h"
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
10 #include <fcntl.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
11 #include <sys/socket.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
12 #include <netinet/in.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
13 #include <arpa/inet.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
14 #include <netdb.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
15 #include <limits.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
16 #include <set>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
17 #include <vector>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
18 #include <map>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
19 #include <stdint.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
20 #include <stdlib.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
21 #include <time.h>
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
22
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
23 char *token_announce;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
24 char *token_file;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
25 char *token_include;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
26 char *token_index_ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
27 char *token_index_length;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
28 char *token_index_path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
29 char *token_index_value;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
30 char *token_ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
31 char *token_lbrace;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
32 char *token_path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
33 char *token_rbrace;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
34 char *token_reset;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
35 char *token_semi;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
36 char *token_slash;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
37 char *token_withdraw;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
38
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
39 const int training = 100; // need 100 hours uptime before using the statistics
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
40 const float origin_threshold = 2.9; // a bit less than 1 + decay + decay^2
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
41 const float adjacent_threshold = 2.9; // ""
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
42 const float decay = 0.99; // hourly exponential decay
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
43 const float threshold = 0.01; // when counts have decayed below threshold, discard the item
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
44 const int ancient_smtp = 3*3600;// suspicious smtp connections over 3 hours old are ignored
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
45
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
46 string_set all_strings; // owns all the strings, only modified by the config loader thread
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
47 const int maxlen = 1000; // used for snprintf buffers
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
48 typedef pair<int,int> adjacent;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
49 typedef vector<int> aspath;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
50 typedef map<int,float> o_history; // as origin history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
51 typedef map<adjacent,float> a_history; // as adjacency history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
52 typedef set<adjacent> a_set; // set of current adjacency pairs
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
53 typedef map<uint32_t,time_t> m_connect; // smtp connections
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
54
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
55 class route_prefix {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
56 uint32_t prefix_value;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
57 bool announced;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
58 bool trusted; // cannot be suspicious
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
59 aspath path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
60 o_history origin_history;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
61 m_connect smtp_connections;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
62 public:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
63 route_prefix(uint32_t value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
64 void add_route(aspath path_, a_history &adj_history);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
65 void remove_route(int prefix_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
66 uint32_t prefix() const { return prefix_value; };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
67 bool active() const { return announced; };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
68 adjacent aspair(int i) const { return adjacent(path[i], path[i+1]); };
2
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
69 bool selfpair(int i) const { return (path[1] == path[i+1]); };
0
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
70 bool empty() const { return !announced && origin_history.empty(); };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
71 void update_history(a_set &adj_set);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
72 suspicion suspicious(a_history &adj_history, bool debug = false, int prefix_length = 0, uint32_t ip = 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
73 void record_smtp(uint32_t ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
74 string name(int length) const;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
75 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
76
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
77 struct ltrouteprefix {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
78 bool operator()(const route_prefix* r1, const route_prefix* r2) const {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
79 return r1->prefix() < r2->prefix();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
80 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
81 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
82
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
83 typedef set<route_prefix*, ltrouteprefix> route_prefixes;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
84
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
85 class RIB {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
86 pthread_mutex_t rib_mutex;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
87 int uptime;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
88 bool stable;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
89 route_prefixes prefixes[33]; // /0 to /32
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
90 a_history history;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
91 aspath path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
92 public:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
93 RIB();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
94 void set_path(aspath path_) {path = path_;};
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
95 void add_route(int prefix_length, uint32_t prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
96 void remove_route(int prefix_length, uint32_t prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
97 void update_history();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
98 suspicion suspicious(route_prefix *r, bool debug = false, int prefix_length = 0, uint32_t ip = 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
99 suspicion suspicious(uint32_t ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
100 void clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
101 void reset();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
102 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
103
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
104
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
105 RIB route_base;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
106
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
107 const uint32_t masks[33] = {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
108 0x00000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
109 0x80000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
110 0xc0000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
111 0xe0000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
112 0xf0000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
113 0xf8000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
114 0xfc000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
115 0xfe000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
116 0xff000000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
117 0xff800000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
118 0xffc00000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
119 0xffe00000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
120 0xfff00000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
121 0xfff80000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
122 0xfffc0000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
123 0xfffe0000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
124 0xffff0000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
125 0xffff8000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
126 0xffffc000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
127 0xffffe000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
128 0xfffff000,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
129 0xfffff800,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
130 0xfffffc00,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
131 0xfffffe00,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
132 0xffffff00,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
133 0xffffff80,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
134 0xffffffc0,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
135 0xffffffe0,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
136 0xfffffff0,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
137 0xfffffff8,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
138 0xfffffffc,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
139 0xfffffffe,
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
140 0xffffffff};
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
141
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
142
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
143 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
144 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
145 char *suspicious_name(suspicion s)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
146 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
147 char *ss = "";
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
148 switch (s) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
149 case suspicious_none: ss = "none"; break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
150 case suspicious_origin: ss = "origin"; break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
151 case suspicious_adjacency: ss = "adjacency"; break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
152 default: break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
153 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
154 return ss;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
155 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
156
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
157
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
158 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
159 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
160 route_prefix::route_prefix(uint32_t value)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
161 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
162 prefix_value = value;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
163 announced = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
164 trusted = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
165 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
166
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
167
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
168 void route_prefix::add_route(aspath path_, a_history &adj_history)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
169 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
170 suspicion s = suspicious(adj_history);
2
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
171 int oldorig = path.empty() ? 0 : path [path.size() - 1];
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
172 int neworig = path_.empty() ? 0 : path_[path_.size() - 1];
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
173 trusted = announced && (s == suspicious_none) && (oldorig == neworig);
0
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
174 announced = true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
175 path = path_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
176 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
177
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
178
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
179 void route_prefix::remove_route(int prefix_length)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
180 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
181 if (announced) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
182 for (m_connect::iterator i = smtp_connections.begin(); i != smtp_connections.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
183 const uint32_t &ip = (*i).first;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
184 time_t &t = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
185 uint32_t nip = htonl(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
186 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
187 char adr[sizeof "255.255.255.255 "];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
188 adr[0] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
189 inet_ntop(AF_INET, (const u_char *)&nip, adr, sizeof(adr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
190 char ctbuf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
191 ctime_r(&t, ctbuf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
192 int ii = strlen(ctbuf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
193 if (ii > 1) ctbuf[ii-1] = '\0'; // remove trailing newline
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
194 snprintf(buf, sizeof(buf), "*** smtp connection at %s from %s via prefix %s/%d being removed", ctbuf, adr, name(prefix_length).c_str(), prefix_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
195 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
196 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
197 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
198 announced = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
199 smtp_connections.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
200 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
201
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
202
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
203 void route_prefix::update_history(a_set &adj_set)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
204 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
205 // decay origin history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
206 for (o_history::iterator i = origin_history.begin(); i != origin_history.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
207 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
208 count *= decay;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
209 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
210 if (announced) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
211 // remove old suspicious smtp connections
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
212 time_t cutoff = time(NULL) - ancient_smtp;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
213 for (m_connect::iterator i = smtp_connections.begin(); i != smtp_connections.end(); ) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
214 time_t &t = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
215 if (t > cutoff) i++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
216 else smtp_connections.erase(i++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
217 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
218
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
219 // update origin history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
220 int n = path.size() - 1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
221 int origin = path[n];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
222 o_history::iterator j = origin_history.find(origin);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
223 if (j == origin_history.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
224 origin_history[origin] = 1.0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
225 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
226 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
227 float &count = (*j).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
228 count++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
229 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
230 // update current adjacency set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
231 for (int k=0; k<n; k++) {
2
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
232 if (!selfpair(k)) adj_set.insert(aspair(k));
0
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
233 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
234 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
235
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
236 // remove origin history entries below the threshold
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
237 for (o_history::iterator i = origin_history.begin(); i != origin_history.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
238 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
239 if (count > threshold) i++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
240 else origin_history.erase(i++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
241 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
242 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
243
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
244
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
245 suspicion route_prefix::suspicious(a_history &adj_history, bool debug, int prefix_length, uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
246 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
247 if (!announced || trusted) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
248 debug &= (debug_syslog > 2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
249
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
250 // check origin stability
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
251 int n = path.size() - 1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
252 int origin = path[n];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
253 o_history::const_iterator o = origin_history.find(origin);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
254 if (o == origin_history.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
255 if (debug) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
256 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
257 snprintf(buf, sizeof(buf), "debug suspicious origin %d missing count %s",
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
258 origin, name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
259 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
260 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
261 record_smtp(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
262 return suspicious_origin;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
263 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
264 const float &count = (*o).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
265 if (count < origin_threshold) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
266 if (debug) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
267 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
268 snprintf(buf, sizeof(buf), "debug suspicious origin %d count %5.2f vs %5.2f %s",
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
269 origin, count, origin_threshold, name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
270 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
271 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
272 record_smtp(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
273 return suspicious_origin;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
274 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
275
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
276 // check as adjacency stability
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
277 for (int k=0; k<n; k++) {
2
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
278 if (!selfpair(k)) {
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
279 adjacent aa = aspair(k);
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
280 a_history::iterator a = adj_history.find(aa);
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
281 if (a == adj_history.end()) {
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
282 if (debug) {
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
283 char buf[maxlen];
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
284 snprintf(buf, sizeof(buf), "debug suspicious adjacency (%d,%d) missing count %s",
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
285 aa.first, aa.second, name(prefix_length).c_str());
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
286 my_syslog(buf);
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
287 }
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
288 record_smtp(ip);
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
289 return suspicious_adjacency;
0
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
290 }
2
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
291 float &count = (*a).second;
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
292 if (count < adjacent_threshold) {
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
293 if (debug) {
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
294 char buf[maxlen];
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
295 snprintf(buf, sizeof(buf), "debug suspicious adjacency (%d,%d) count %5.2f vs %5.2f %s",
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
296 aa.first, aa.second, count, adjacent_threshold, name(prefix_length).c_str());
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
297 my_syslog(buf);
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
298 }
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
299 record_smtp(ip);
bb3f804f13a0 add random unsynchronization to hourly timer, trust prefix only for same origin AS, ignore self adjacency
Carl Byington <carl@five-ten-sg.com>
parents: 0
diff changeset
300 return suspicious_adjacency;
0
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
301 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
302 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
303 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
304 return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
305 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
306
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
307
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
308 void route_prefix::record_smtp(uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
309 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
310 if (ip) smtp_connections[ip] = time(NULL);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
311 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
312
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
313
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
314 string route_prefix::name(int length) const
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
315 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
316 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
317 char adr[sizeof "255.255.255.255 "];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
318 adr[0] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
319 uint32_t nip = htonl(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
320 inet_ntop(AF_INET, (const u_char *)&nip, adr, sizeof(adr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
321 snprintf(buf, sizeof(buf), "%s/%d", adr, length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
322 int n = path.size();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
323 for (int i=0; i<n; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
324 snprintf(adr, sizeof(adr), " %d", path[i]);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
325 strncat(buf, adr, max(0, maxlen-1-(int)strlen(adr)));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
326 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
327 return string(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
328 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
329
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
330
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
331 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
332 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
333
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
334 RIB::RIB()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
335 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
336 pthread_mutex_init(&rib_mutex, 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
337 uptime = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
338 stable = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
339 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
340
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
341
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
342 void RIB::add_route(int prefix_length, uint32_t prefix_value)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
343 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
344 if (prefix_length < 0) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
345 if (prefix_length > 32) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
346 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
347 prefix_value &= masks[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
348 route_prefix rr(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
349 route_prefixes &p = prefixes[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
350 route_prefixes::iterator i = p.find(&rr);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
351 route_prefix *r = NULL;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
352 if (i == p.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
353 // new prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
354 r = new route_prefix(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
355 p.insert(r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
356 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
357 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
358 // existing prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
359 r = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
360 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
361 r->add_route(path, history);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
362 suspicion s;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
363 if (debug_syslog > 2) s = suspicious(r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
364 if ((debug_syslog > 2) && (s != suspicious_none) && (prefix_length < 22)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
365 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
366 snprintf(buf, sizeof(buf), "add suspicious %s route %s", suspicious_name(s), r->name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
367 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
368 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
369 else if (debug_syslog > 3) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
370 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
371 snprintf(buf, sizeof(buf), "add route %s", r->name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
372 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
373 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
374 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
375 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
376
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
377
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
378 void RIB::remove_route(int prefix_length, uint32_t prefix_value)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
379 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
380 if (prefix_length < 0) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
381 if (prefix_length > 32) return;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
382 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
383 uint32_t mask = masks[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
384 prefix_value &= mask;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
385 route_prefix r(prefix_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
386 route_prefixes &p = prefixes[prefix_length];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
387 route_prefixes::iterator i = p.find(&r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
388 if (i != p.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
389 // existing prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
390 route_prefix* r = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
391 if (debug_syslog > 3) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
392 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
393 snprintf(buf, sizeof(buf), "remove route %s", r->name(prefix_length).c_str());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
394 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
395 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
396 r->remove_route(prefix_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
397 if (r->empty()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
398 p.erase(r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
399 delete r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
400 };
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
401 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
402 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
403 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
404
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
405
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
406 void RIB::update_history()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
407 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
408 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
409 a_set adj_set;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
410 uptime++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
411 stable = (uptime > training);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
412 int total = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
413 int inactive = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
414 int suspic = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
415 for (int i=0; i<=32; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
416 bool debug = true; // show first suspicious prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
417 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
418 for (route_prefixes::iterator j = p.begin(); j != p.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
419 route_prefix *r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
420 r->update_history(adj_set);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
421 total++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
422 if (r->active()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
423 if (suspicious(r, debug, i) != suspicious_none) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
424 suspic++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
425 debug = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
426 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
427 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
428 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
429 inactive++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
430 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
431 if (r->empty()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
432 p.erase(j++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
433 delete r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
434 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
435 else j++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
436 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
437 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
438 if (debug_syslog > 2) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
439 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
440 snprintf(buf, sizeof(buf), "total %d inactive %d suspicious %d", total, inactive, suspic);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
441 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
442 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
443 // decay adjacency history
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
444 for (a_history::iterator i = history.begin(); i != history.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
445 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
446 count *= decay;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
447 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
448 // update adjacency history from the current adjacency set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
449 for (a_set::iterator i = adj_set.begin(); i != adj_set.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
450 a_history::iterator a = history.find(*i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
451 if (a == history.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
452 // new adjacency
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
453 history[*i] = 1.0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
454 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
455 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
456 float &count = (*a).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
457 count++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
458 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
459 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
460 // remove adjacency history entries below the threshold
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
461 for (a_history::iterator i = history.begin(); i != history.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
462 float &count = (*i).second;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
463 if (count > threshold) i++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
464 else history.erase(i++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
465 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
466 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
467 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
468
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
469
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
470 suspicion RIB::suspicious(route_prefix *r, bool debug, int prefix_length, uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
471 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
472 if (!stable) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
473 if (!r) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
474 return r->suspicious(history, debug, prefix_length, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
475 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
476
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
477
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
478 suspicion RIB::suspicious(uint32_t ip)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
479 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
480 if (!stable) return suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
481 suspicion rc = suspicious_none;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
482 route_prefix *r1 = NULL;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
483 int pl;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
484 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
485 for (int i=32; i>=0; i--) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
486 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
487 uint32_t network = ip & masks[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
488 route_prefix r(network);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
489 route_prefixes::iterator j = p.find(&r);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
490 if (j != p.end()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
491 // existing prefix
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
492 route_prefix* r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
493 if (r->active()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
494 r1 = r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
495 pl = i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
496 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
497 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
498 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
499 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
500 rc = suspicious(r1, true, pl, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
501 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
502 return rc;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
503 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
504
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
505
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
506 void RIB::clear()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
507 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
508 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
509 for (int i=0; i<=32; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
510 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
511 for (route_prefixes::iterator j = p.begin(); j != p.end();) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
512 route_prefix *r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
513 p.erase(j++);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
514 delete r;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
515 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
516 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
517 history.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
518 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
519 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
520
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
521
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
522 void RIB::reset()
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
523 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
524 pthread_mutex_lock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
525 for (int i=0; i<=32; i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
526 route_prefixes &p = prefixes[i];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
527 for (route_prefixes::iterator j = p.begin(); j != p.end(); j++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
528 route_prefix *r = *j;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
529 r->remove_route(i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
530 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
531 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
532 pthread_mutex_unlock(&rib_mutex);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
533 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
534
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
535
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
536 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
537 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
538 CONFIG::CONFIG() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
539 reference_count = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
540 generation = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
541 load_time = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
542 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
543
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
544
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
545 CONFIG::~CONFIG() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
546 for (routeconfig_list::iterator i=routeconfigs.begin(); i!=routeconfigs.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
547 ROUTECONFIG *c = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
548 delete c;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
549 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
550 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
551
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
552
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
553 void CONFIG::dump() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
554 for (routeconfig_list::iterator i=routeconfigs.begin(); i!=routeconfigs.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
555 ROUTECONFIG *c = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
556 c->dump(0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
557 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
558 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
559
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
560
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
561 void CONFIG::read() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
562 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
563 bool have = false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
564 for (routeconfig_list::iterator i=routeconfigs.begin(); i!=routeconfigs.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
565 ROUTECONFIGP c = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
566 have |= c->read(*this);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
567 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
568 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
569 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
570 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
571
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
572
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
573
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
574 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
575 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
576 ROUTECONFIG::ROUTECONFIG(TOKEN &tok, char *file_name_) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
577 tokp = &tok;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
578 file_name = file_name_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
579 open(true);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
580 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
581
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
582
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
583 ROUTECONFIG::~ROUTECONFIG() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
584 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
585 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
586 PATTERN *p = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
587 delete p;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
588 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
589 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
590
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
591
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
592 void ROUTECONFIG::open(bool msg) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
593 fd = ::open(file_name, O_RDONLY);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
594 len = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
595 if (fd == -1) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
596 if (msg) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
597 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
598 snprintf(buf, sizeof(buf), "syslog file %s not readable", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
599 tokp->token_error(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
600 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
601 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
602 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
603 if (debug_syslog > 1) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
604 snprintf(buf, sizeof(buf), "syslog file %s opened", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
605 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
606 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
607 if (msg) lseek(fd, 0, SEEK_END);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
608 if (fstat(fd, &openfdstat)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
609 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
610 snprintf(buf, sizeof(buf), "syslog file %s cannot stat after open", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
611 tokp->token_error(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
612 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
613 // specify that this fd gets closed on exec, so that selinux
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
614 // won't complain
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
615 int oldflags = fcntl(fd, F_GETFD, 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
616 if (oldflags >= 0) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
617 fcntl(fd, F_SETFD, oldflags | FD_CLOEXEC);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
618 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
619 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
620 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
621
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
622
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
623 bool ROUTECONFIG::read(CONFIG &con) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
624 if (failed()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
625 open(false);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
626 if (failed()) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
627 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
628 int n = ::read(fd, buf+len, buflen-len);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
629 bool have = (n > 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
630 if (have) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
631 len += n;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
632 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
633 char *p = (char*)memchr(buf, '\n', len);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
634 if (!p) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
635 n = p-buf;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
636 *p = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
637 process(con); // process null terminated string
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
638 len -= n+1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
639 memmove(buf, p+1, len);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
640 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
641 // no <lf> in a full buffer
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
642 if (len == buflen) len = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
643 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
644 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
645 // check for file close
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
646 struct stat filenamest;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
647 if (0 == stat(file_name, &filenamest)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
648 if ((filenamest.st_dev != openfdstat.st_dev) ||
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
649 (filenamest.st_ino != openfdstat.st_ino)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
650 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
651 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
652 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
653 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
654 // filename no longer exists
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
655 close();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
656 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
657 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
658 return have;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
659 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
660
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
661
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
662 void ROUTECONFIG::close() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
663 if (debug_syslog > 1) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
664 snprintf(buf, sizeof(buf), "syslog file %s closed", file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
665 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
666 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
667 if (fd != -1) ::close(fd);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
668 fd = -1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
669 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
670
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
671
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
672 void ROUTECONFIG::add_pattern(PATTERNP pat) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
673 patterns.push_back(pat);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
674 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
675
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
676
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
677 void ROUTECONFIG::process(CONFIG &con) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
678 int pi=0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
679 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
680 PATTERN *p = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
681 if (p->process(buf, con, file_name, pi)) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
682 pi++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
683 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
684 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
685
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
686
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
687 void ROUTECONFIG::dump(int level) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
688 char indent[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
689 int i = min(maxlen-1, level*4);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
690 memset(indent, ' ', i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
691 indent[i] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
692 printf("%s file \"%s\" {\n", indent, file_name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
693 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
694 PATTERN *p = *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
695 p->dump(level+1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
696 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
697 printf("%s }; \n", indent);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
698 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
699
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
700
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
701 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
702 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
703 int ip_address(char *have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
704 int ip_address(char *have) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
705 int ipaddr = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
706 in_addr ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
707 if (inet_aton(have, &ip)) ipaddr = ip.s_addr;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
708 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
709 struct hostent *host = gethostbyname(have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
710 if (host && host->h_addrtype == AF_INET) memcpy(&ipaddr, host->h_addr, sizeof(ipaddr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
711 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
712 return ntohl(ipaddr);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
713 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
714
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
715
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
716 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
717 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
718
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
719 PATTERN::PATTERN(TOKEN &tok, pattern_style style_, char *pattern_, int index1_, int index2_)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
720 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
721 style = style_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
722 pattern = pattern_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
723 index1 = index1_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
724 index2 = index2_;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
725 if (pattern) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
726 int rc = regcomp(&re, pattern, REG_ICASE | REG_EXTENDED);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
727 if (rc) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
728 char bu[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
729 regerror(rc, &re, bu, maxlen);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
730 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
731 snprintf(buf, sizeof(buf), "pattern %s not valid - %s", pattern, bu);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
732 tok.token_error(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
733 pattern = NULL;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
734 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
735 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
736 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
737
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
738
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
739 PATTERN::~PATTERN() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
740 regfree(&re);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
741 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
742
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
743
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
744 bool PATTERN::process(char *buf, CONFIG &con, char *file_name, int pattern_index)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
745 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
746 if (pattern) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
747 const int nmatch = max(index1, index2) + 1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
748 regmatch_t match[nmatch];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
749 if (0 == regexec(&re, buf, nmatch, match, 0)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
750 int sp1 = match[index1].rm_so;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
751 int ep1 = match[index1].rm_eo;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
752 int sp2 = match[index2].rm_so;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
753 int ep2 = match[index2].rm_eo;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
754 if ((sp1 != -1) && (sp2 != -1)) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
755 if (debug_syslog > 13) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
756 my_syslog(buf); // show lines with matches
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
757 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
758 buf[ep1] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
759 buf[ep2] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
760 uint32_t ip;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
761 int pl;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
762 suspicion s;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
763 switch (style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
764 case style_reset:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
765 route_base.reset();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
766 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
767 case style_path:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
768 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
769 aspath path;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
770 char *p = buf+sp1;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
771 char *e;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
772 long l;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
773 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
774 l = strtol(p, &e, 10);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
775 if (e == p) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
776 p = e;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
777 path.push_back((int)l);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
778 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
779 route_base.set_path(path);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
780 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
781 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
782 case style_announce:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
783 ip = ip_address(buf+sp1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
784 pl = atoi(buf+sp2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
785 if (ip) route_base.add_route(pl, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
786 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
787 case style_withdraw:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
788 ip = ip_address(buf+sp1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
789 pl = atoi(buf+sp2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
790 if (ip) route_base.remove_route(pl, ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
791 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
792 case style_ip:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
793 ip = ip_address(buf+sp1);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
794 s = route_base.suspicious(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
795 if (s != suspicious_none) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
796 char adr[sizeof "255.255.255.255 "];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
797 adr[0] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
798 uint32_t nip = htonl(ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
799 inet_ntop(AF_INET, (const u_char *)&nip, adr, sizeof(adr));
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
800 char buf[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
801 snprintf(buf, sizeof(buf), "*** suspicious %s ip %s", suspicious_name(s), adr);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
802 my_syslog(buf);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
803 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
804 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
805 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
806 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
807 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
808 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
809 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
810 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
811 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
812
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
813
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
814 void PATTERN::dump(int level, int index, char *token)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
815 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
816 char indent[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
817 int i = min(maxlen-1, level*4);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
818 memset(indent, ' ', i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
819 indent[i] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
820 printf("%s %s %d; \n", indent, token, index);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
821 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
822
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
823
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
824 void PATTERN::dump(int level)
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
825 {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
826 char indent[maxlen];
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
827 int i = min(maxlen-1, level*4);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
828 memset(indent, ' ', i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
829 indent[i] = '\0';
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
830 switch (style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
831 case style_reset:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
832 printf("%s %s \"%s\" { \n", indent, token_reset, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
833 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
834 case style_path:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
835 printf("%s %s \"%s\" { \n", indent, token_path, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
836 dump(level+1, index1, token_index_path);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
837 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
838 case style_announce:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
839 printf("%s %s \"%s\" { \n", indent, token_announce, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
840 dump(level+1, index1, token_index_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
841 dump(level+1, index2, token_index_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
842 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
843 case style_withdraw:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
844 printf("%s %s \"%s\" { \n", indent, token_withdraw, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
845 dump(level+1, index1, token_index_value);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
846 dump(level+1, index2, token_index_length);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
847 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
848 case style_ip:
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
849 printf("%s %s \"%s\" { \n", indent, token_ip, pattern);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
850 dump(level+1, index1, token_index_ip);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
851 break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
852 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
853 printf("%s }; \n", indent);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
854 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
855
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
856
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
857 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
858 // helper to discard the strings held by a string_set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
859 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
860 void discard(string_set &s) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
861 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
862 free(*i);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
863 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
864 s.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
865 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
866
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
867
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
868 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
869 // helper to register a string in a string set
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
870 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
871 char* register_string(string_set &s, char *name) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
872 string_set::iterator i = s.find(name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
873 if (i != s.end()) return *i;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
874 char *x = strdup(name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
875 s.insert(x);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
876 return x;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
877 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
878
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
879
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
880 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
881 // register a global string
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
882 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
883 char* register_string(char *name) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
884 return register_string(all_strings, name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
885 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
886
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
887
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
888 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
889 // clear all global strings, helper for valgrind checking
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
890 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
891 void clear_strings() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
892 discard(all_strings);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
893 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
894
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
895
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
896 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
897 // clear the rib, helper for valgrind checking
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
898 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
899 void clear_rib() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
900 route_base.clear();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
901 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
902
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
903
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
904 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
905 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
906 bool tsa(TOKEN &tok, char *token);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
907 bool tsa(TOKEN &tok, char *token) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
908 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
909 if (have == token) return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
910 tok.token_error(token, have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
911 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
912 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
913
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
914
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
915 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
916 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
917 bool parse_path(TOKEN &tok, ROUTECONFIG &con, char *tokk, pattern_style style);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
918 bool parse_path(TOKEN &tok, ROUTECONFIG &con, char *tokk, pattern_style style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
919 char *pattern = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
920 int index = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
921 if (!tsa(tok, token_lbrace)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
922 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
923 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
924 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
925 if (have == token_rbrace) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
926 if (have == tokk) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
927 index = tok.nextint();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
928 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
929 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
930 else return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
931 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
932 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
933 PATTERNP p = new PATTERN(tok, style, pattern, index, 0);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
934 con.add_pattern(p);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
935 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
936 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
937
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
938
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
939 bool parse_announce_withdraw(TOKEN &tok, ROUTECONFIG &con, pattern_style style);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
940 bool parse_announce_withdraw(TOKEN &tok, ROUTECONFIG &con, pattern_style style) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
941 char *pattern = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
942 int index1 = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
943 int index2 = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
944 if (!tsa(tok, token_lbrace)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
945 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
946 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
947 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
948 if (have == token_rbrace) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
949 if (have == token_index_value) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
950 index1 = tok.nextint();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
951 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
952 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
953 else if (have == token_index_length) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
954 index2 = tok.nextint();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
955 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
956 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
957 else return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
958 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
959 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
960 PATTERNP p = new PATTERN(tok, style, pattern, index1, index2);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
961 con.add_pattern(p);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
962 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
963 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
964
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
965
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
966 bool parse_routeconfig(TOKEN &tok, CONFIG &dc);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
967 bool parse_routeconfig(TOKEN &tok, CONFIG &dc) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
968 char *name = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
969 if (!tsa(tok, token_lbrace)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
970 ROUTECONFIGP con = new ROUTECONFIG(tok, name);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
971 if (con->failed()) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
972 delete con;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
973 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
974 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
975 dc.add_routeconfig(con);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
976 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
977 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
978 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
979 if (have == token_rbrace) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
980 if (have == token_reset) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
981 if (!parse_path(tok, *con, NULL, style_reset)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
982 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
983 else if (have == token_path) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
984 if (!parse_path(tok, *con, token_index_path, style_path)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
985 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
986 else if (have == token_ip) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
987 if (!parse_path(tok, *con, token_index_ip, style_ip)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
988 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
989 else if (have == token_announce) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
990 if (!parse_announce_withdraw(tok, *con, style_announce)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
991 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
992 else if (have == token_withdraw) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
993 if (!parse_announce_withdraw(tok, *con, style_withdraw)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
994 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
995 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
996 tok.token_error("path/announce/withdraw", have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
997 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
998 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
999 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1000 if (!tsa(tok, token_semi)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1001 return true;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1002 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1003
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1004
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1005 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1006 // parse a config file
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1007 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1008 bool load_conf(CONFIG &dc, char *fn) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1009 int count = 0;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1010 TOKEN tok(fn, &dc.config_files);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1011 while (true) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1012 char *have = tok.next();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1013 if (!have) break;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1014 if (have == token_file) {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1015 if (!parse_routeconfig(tok, dc)) return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1016 count++;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1017 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1018 else {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1019 tok.token_error("file", have);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1020 return false;
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1021 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1022 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1023 tok.token_error("load_conf() found %d syslog files in %s", count, fn);
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1024 return (!dc.routeconfigs.empty());
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1025 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1026
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1027
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1028 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1029 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1030 void routing_hourly_update() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1031 route_base.update_history();
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1032 }
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1033
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1034
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1035 ////////////////////////////////////////////////
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1036 // init the tokens
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1037 //
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1038 void token_init() {
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1039 token_announce = register_string("announce");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1040 token_file = register_string("file");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1041 token_include = register_string("include");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1042 token_index_ip = register_string("index_ip");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1043 token_index_length = register_string("index_length");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1044 token_index_path = register_string("index_path");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1045 token_index_value = register_string("index_value");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1046 token_ip = register_string("ip");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1047 token_lbrace = register_string("{");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1048 token_path = register_string("path");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1049 token_rbrace = register_string("}");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1050 token_reset = register_string("reset");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1051 token_semi = register_string(";");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1052 token_slash = register_string("/");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1053 token_withdraw = register_string("withdraw");
48d06780cf77 initial version
Carl Byington <carl@five-ten-sg.com>
parents:
diff changeset
1054 }