syslog2iptables: src/syslogconfig.cpp annotate

annotate src/syslogconfig.cpp @ 3:8fe310e5cd44

initial coding

author	carl
date	Sun, 27 Nov 2005 21:12:01 -0800
parents	6e88da080f08
children	2737ab01659a

rev	line source
1 551433a01cab initial coding carl parents: diff changeset	1 /***************************************************************************
551433a01cab initial coding carl parents: diff changeset	2 * Copyright (C) 2005 by 510 Software Group *
551433a01cab initial coding carl parents: diff changeset	3 * *
551433a01cab initial coding carl parents: diff changeset	4 * *
551433a01cab initial coding carl parents: diff changeset	5 * This program is free software; you can redistribute it and/or modify *
551433a01cab initial coding carl parents: diff changeset	6 * it under the terms of the GNU General Public License as published by *
551433a01cab initial coding carl parents: diff changeset	7 * the Free Software Foundation; either version 2 of the License, or *
551433a01cab initial coding carl parents: diff changeset	8 * (at your option) any later version. *
551433a01cab initial coding carl parents: diff changeset	9 * *
551433a01cab initial coding carl parents: diff changeset	10 * This program is distributed in the hope that it will be useful, *
551433a01cab initial coding carl parents: diff changeset	11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
551433a01cab initial coding carl parents: diff changeset	12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
551433a01cab initial coding carl parents: diff changeset	13 * GNU General Public License for more details. *
551433a01cab initial coding carl parents: diff changeset	14 * *
551433a01cab initial coding carl parents: diff changeset	15 * You should have received a copy of the GNU General Public License *
551433a01cab initial coding carl parents: diff changeset	16 * along with this program; if not, write to the *
551433a01cab initial coding carl parents: diff changeset	17 * Free Software Foundation, Inc., *
551433a01cab initial coding carl parents: diff changeset	18 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
551433a01cab initial coding carl parents: diff changeset	19 ***************************************************************************/
551433a01cab initial coding carl parents: diff changeset	20
551433a01cab initial coding carl parents: diff changeset	21 #include "includes.h"
2 6e88da080f08 initial coding carl parents: 1 diff changeset	22 #include <fcntl.h>
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	23 #include <sys/socket.h>
8fe310e5cd44 initial coding carl parents: 2 diff changeset	24 #include <netinet/in.h>
8fe310e5cd44 initial coding carl parents: 2 diff changeset	25 #include <arpa/inet.h>
8fe310e5cd44 initial coding carl parents: 2 diff changeset	26 #include <netdb.h>
1 551433a01cab initial coding carl parents: diff changeset	27
551433a01cab initial coding carl parents: diff changeset	28 static char* syslogconfig_version="$Id$";
551433a01cab initial coding carl parents: diff changeset	29
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	30 char *token_bucket;
1 551433a01cab initial coding carl parents: diff changeset	31 char *token_file;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	32 char *token_ignore;
1 551433a01cab initial coding carl parents: diff changeset	33 char *token_include;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	34 char *token_index;
1 551433a01cab initial coding carl parents: diff changeset	35 char *token_lbrace;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	36 char *token_pattern;
1 551433a01cab initial coding carl parents: diff changeset	37 char *token_rbrace;
551433a01cab initial coding carl parents: diff changeset	38 char *token_semi;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	39 char *token_slash;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	40 char *token_threshold;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	41
8fe310e5cd44 initial coding carl parents: 2 diff changeset	42 struct ltint
8fe310e5cd44 initial coding carl parents: 2 diff changeset	43 {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	44 bool operator()(const int s1, const int s2) const
8fe310e5cd44 initial coding carl parents: 2 diff changeset	45 {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	46 return (unsigned)s1 < (unsigned)s2;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	47 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	48 };
1 551433a01cab initial coding carl parents: diff changeset	49
551433a01cab initial coding carl parents: diff changeset	50 string_set all_strings; // owns all the strings, only modified by the config loader thread
551433a01cab initial coding carl parents: diff changeset	51 const int maxlen = 1000; // used for snprintf buffers
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	52 typedef map<int, int, ltint> ip_buckets;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	53
8fe310e5cd44 initial coding carl parents: 2 diff changeset	54 class IPR {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	55 ip_buckets violations;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	56 public:
8fe310e5cd44 initial coding carl parents: 2 diff changeset	57 void add(int ip, int bucket, CONFIG &con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	58 void changed(CONFIG &con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	59 void leak(int amount, CONFIG &con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	60 };
8fe310e5cd44 initial coding carl parents: 2 diff changeset	61
8fe310e5cd44 initial coding carl parents: 2 diff changeset	62 IPR recorder;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	63
8fe310e5cd44 initial coding carl parents: 2 diff changeset	64
8fe310e5cd44 initial coding carl parents: 2 diff changeset	65 ////////////////////////////////////////////////
8fe310e5cd44 initial coding carl parents: 2 diff changeset	66 //
8fe310e5cd44 initial coding carl parents: 2 diff changeset	67 void IPR::add(int ip, int bucket, CONFIG &con) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	68 if (con.looking(ip)) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	69 ip_buckets::iterator i = violations.find(ip);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	70 if (i == violations.end()) violations[ip] = bucket;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	71 else {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	72 (*i).second += bucket;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	73 if ((*i).second > con.get_threshold()) changed(con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	74 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	75 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	76 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	77
8fe310e5cd44 initial coding carl parents: 2 diff changeset	78
8fe310e5cd44 initial coding carl parents: 2 diff changeset	79 void IPR::leak(int amount, CONFIG &con) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	80 bool ch = false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	81 for (ip_buckets::iterator i=violations.begin(); i!=violations.end(); ) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	82 int ip = (*i).first;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	83 int n = (*i).second;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	84 in_addr ad;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	85 ad.s_addr = htonl(ip);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	86 char buf[maxlen];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	87 snprintf(buf, maxlen, "leak %s with %d count", inet_ntoa(ad), n);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	88 my_syslog(buf);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	89 if (n <= amount) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	90 ch = true;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	91 violations.erase(i++);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	92 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	93 else {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	94 (*i).second -= amount;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	95 i++;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	96 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	97 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	98 if (ch) changed(con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	99 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	100
8fe310e5cd44 initial coding carl parents: 2 diff changeset	101
8fe310e5cd44 initial coding carl parents: 2 diff changeset	102 void IPR::changed(CONFIG &con) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	103 my_syslog("**** dump");
8fe310e5cd44 initial coding carl parents: 2 diff changeset	104 for (ip_buckets::iterator i=violations.begin(); i!=violations.end(); i++) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	105 int ip = (*i).first;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	106 int n = (*i).second;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	107 in_addr ad;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	108 ad.s_addr = htonl(ip);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	109 char buf[maxlen];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	110 snprintf(buf, maxlen, "%s with %d count", inet_ntoa(ad), n);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	111 my_syslog(buf);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	112 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	113 }
1 551433a01cab initial coding carl parents: diff changeset	114
551433a01cab initial coding carl parents: diff changeset	115
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	116 ////////////////////////////////////////////////
8fe310e5cd44 initial coding carl parents: 2 diff changeset	117 //
8fe310e5cd44 initial coding carl parents: 2 diff changeset	118 int ip_address(char *have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	119 int ip_address(char *have) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	120 int ipaddr = 0;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	121 in_addr ip;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	122 if (inet_aton(have, &ip)) ipaddr = ip.s_addr;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	123 else {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	124 struct hostent *host = gethostbyname(have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	125 if (host && host->h_addrtype == AF_INET) memcpy(&ipaddr, host->h_addr, sizeof(ipaddr));
8fe310e5cd44 initial coding carl parents: 2 diff changeset	126 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	127 return ntohl(ipaddr);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	128 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	129
8fe310e5cd44 initial coding carl parents: 2 diff changeset	130
8fe310e5cd44 initial coding carl parents: 2 diff changeset	131 ////////////////////////////////////////////////
8fe310e5cd44 initial coding carl parents: 2 diff changeset	132 //
8fe310e5cd44 initial coding carl parents: 2 diff changeset	133 PATTERN::PATTERN(TOKEN &tok, char *pattern_, int index_, int bucket_) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	134 pattern = pattern_;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	135 index = index_;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	136 bucket = bucket_;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	137 if (pattern) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	138 int rc = regcomp(&re, pattern, REG_ICASE \| REG_EXTENDED);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	139 if (rc) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	140 char bu[maxlen];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	141 regerror(rc, &re, bu, maxlen);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	142 char buf[maxlen];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	143 snprintf(buf, sizeof(buf), "pattern %s not valid - %s", pattern, bu);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	144 tok.token_error(buf);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	145 pattern = NULL;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	146 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	147 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	148 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	149
8fe310e5cd44 initial coding carl parents: 2 diff changeset	150
8fe310e5cd44 initial coding carl parents: 2 diff changeset	151 PATTERN::~PATTERN() {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	152 regfree(&re);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	153 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	154
8fe310e5cd44 initial coding carl parents: 2 diff changeset	155
8fe310e5cd44 initial coding carl parents: 2 diff changeset	156 bool PATTERN::process(char *buf, CONFIG &con) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	157 if (pattern) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	158 const int nmatch = index+1;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	159 regmatch_t match[nmatch];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	160 if (0 == regexec(&re, buf, nmatch, match, 0)) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	161 int s = match[index].rm_so;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	162 int e = match[index].rm_eo;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	163 // char bu[maxlen];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	164 // snprintf(bu, maxlen, "re match from %d to %d", s, e);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	165 // my_syslog(bu);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	166 if (s != -1) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	167 my_syslog(buf);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	168 buf[e] = '\0';
8fe310e5cd44 initial coding carl parents: 2 diff changeset	169 int ip = ip_address(buf+s);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	170 if (ip) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	171 my_syslog(buf+s);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	172 recorder.add(ip, bucket, con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	173 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	174 return true;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	175 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	176 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	177 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	178 return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	179 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	180
8fe310e5cd44 initial coding carl parents: 2 diff changeset	181
8fe310e5cd44 initial coding carl parents: 2 diff changeset	182 void PATTERN::dump(int level) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	183 char indent[maxlen];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	184 int i = min(maxlen-1, level*4);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	185 memset(indent, ' ', i);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	186 indent[i] = '\0';
8fe310e5cd44 initial coding carl parents: 2 diff changeset	187 printf("%s pattern \"%s\" {; \n", indent, pattern);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	188 printf("%s index %d; \n", indent, index);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	189 printf("%s bucket %d; \n", indent, bucket);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	190 printf("%s }; \n", indent);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	191 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	192
8fe310e5cd44 initial coding carl parents: 2 diff changeset	193
8fe310e5cd44 initial coding carl parents: 2 diff changeset	194 ////////////////////////////////////////////////
8fe310e5cd44 initial coding carl parents: 2 diff changeset	195 //
1 551433a01cab initial coding carl parents: diff changeset	196 CONFIG::CONFIG() {
551433a01cab initial coding carl parents: diff changeset	197 reference_count = 0;
551433a01cab initial coding carl parents: diff changeset	198 generation = 0;
551433a01cab initial coding carl parents: diff changeset	199 load_time = 0;
551433a01cab initial coding carl parents: diff changeset	200 }
551433a01cab initial coding carl parents: diff changeset	201
551433a01cab initial coding carl parents: diff changeset	202
551433a01cab initial coding carl parents: diff changeset	203 CONFIG::~CONFIG() {
551433a01cab initial coding carl parents: diff changeset	204 for (syslogconfig_list::iterator i=syslogconfigs.begin(); i!=syslogconfigs.end(); i++) {
551433a01cab initial coding carl parents: diff changeset	205 SYSLOGCONFIG c = i;
551433a01cab initial coding carl parents: diff changeset	206 delete c;
551433a01cab initial coding carl parents: diff changeset	207 }
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	208 ignore.clear();
1 551433a01cab initial coding carl parents: diff changeset	209 }
551433a01cab initial coding carl parents: diff changeset	210
551433a01cab initial coding carl parents: diff changeset	211
551433a01cab initial coding carl parents: diff changeset	212 void CONFIG::add_syslogconfig(SYSLOGCONFIGP con) {
551433a01cab initial coding carl parents: diff changeset	213 syslogconfigs.push_back(con);
551433a01cab initial coding carl parents: diff changeset	214 }
551433a01cab initial coding carl parents: diff changeset	215
551433a01cab initial coding carl parents: diff changeset	216
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	217 void CONFIG::add_pair(IPPAIR pair) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	218 ignore.push_back(pair);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	219 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	220
8fe310e5cd44 initial coding carl parents: 2 diff changeset	221
1 551433a01cab initial coding carl parents: diff changeset	222 void CONFIG::dump() {
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	223 printf(" threshold %d; \n\n", threshold);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	224
8fe310e5cd44 initial coding carl parents: 2 diff changeset	225 printf(" ignore { \n");
8fe310e5cd44 initial coding carl parents: 2 diff changeset	226 for (ippair_list::iterator i=ignore.begin(); i!=ignore.end(); i++) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	227 IPPAIR &p = *i;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	228 in_addr ip;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	229 ip.s_addr = htonl(p.first);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	230 printf(" %s/%d; \n", inet_ntoa(ip), p.cidr);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	231 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	232 printf(" }; \n\n");
8fe310e5cd44 initial coding carl parents: 2 diff changeset	233
1 551433a01cab initial coding carl parents: diff changeset	234 for (syslogconfig_list::iterator i=syslogconfigs.begin(); i!=syslogconfigs.end(); i++) {
551433a01cab initial coding carl parents: diff changeset	235 SYSLOGCONFIGP c = *i;
551433a01cab initial coding carl parents: diff changeset	236 c->dump(0);
551433a01cab initial coding carl parents: diff changeset	237 }
551433a01cab initial coding carl parents: diff changeset	238 }
551433a01cab initial coding carl parents: diff changeset	239
551433a01cab initial coding carl parents: diff changeset	240
2 6e88da080f08 initial coding carl parents: 1 diff changeset	241 void CONFIG::read() {
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	242 while (true) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	243 bool have = false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	244 for (syslogconfig_list::iterator i=syslogconfigs.begin(); i!=syslogconfigs.end(); i++) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	245 SYSLOGCONFIGP c = *i;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	246 have \|= c->read(*this);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	247 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	248 break; //!!
8fe310e5cd44 initial coding carl parents: 2 diff changeset	249 if (!have) break;
2 6e88da080f08 initial coding carl parents: 1 diff changeset	250 }
6e88da080f08 initial coding carl parents: 1 diff changeset	251 }
6e88da080f08 initial coding carl parents: 1 diff changeset	252
6e88da080f08 initial coding carl parents: 1 diff changeset	253
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	254 void CONFIG::sleep(int duration) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	255 ::sleep(duration);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	256 recorder.leak(duration, *this);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	257 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	258
8fe310e5cd44 initial coding carl parents: 2 diff changeset	259
8fe310e5cd44 initial coding carl parents: 2 diff changeset	260 bool CONFIG::looking(int ip) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	261 for (ippair_list::iterator i=ignore.begin(); i!=ignore.end(); i++) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	262 IPPAIR &p = *i;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	263 if ((p.first <= ip) && (ip <= p.last)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	264 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	265 return true;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	266 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	267
8fe310e5cd44 initial coding carl parents: 2 diff changeset	268 ////////////////////////////////////////////////
8fe310e5cd44 initial coding carl parents: 2 diff changeset	269 //
8fe310e5cd44 initial coding carl parents: 2 diff changeset	270 SYSLOGCONFIG::SYSLOGCONFIG(TOKEN &tok, char *file_name_) {
2 6e88da080f08 initial coding carl parents: 1 diff changeset	271 file_name = file_name_;
6e88da080f08 initial coding carl parents: 1 diff changeset	272 fd = open(file_name, O_RDONLY);
6e88da080f08 initial coding carl parents: 1 diff changeset	273 len = 0;
6e88da080f08 initial coding carl parents: 1 diff changeset	274 if (fd == -1) {
6e88da080f08 initial coding carl parents: 1 diff changeset	275 char buf[maxlen];
6e88da080f08 initial coding carl parents: 1 diff changeset	276 snprintf(buf, sizeof(buf), "syslog file %s not readable", file_name);
6e88da080f08 initial coding carl parents: 1 diff changeset	277 tok.token_error(buf);
6e88da080f08 initial coding carl parents: 1 diff changeset	278 }
6e88da080f08 initial coding carl parents: 1 diff changeset	279 else {
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	280 //lseek(fd, 0, SEEK_END); //!!
2 6e88da080f08 initial coding carl parents: 1 diff changeset	281 }
1 551433a01cab initial coding carl parents: diff changeset	282 }
551433a01cab initial coding carl parents: diff changeset	283
551433a01cab initial coding carl parents: diff changeset	284
551433a01cab initial coding carl parents: diff changeset	285 SYSLOGCONFIG::~SYSLOGCONFIG() {
2 6e88da080f08 initial coding carl parents: 1 diff changeset	286 if (fd != -1) close(fd);
6e88da080f08 initial coding carl parents: 1 diff changeset	287 fd = -1;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	288 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	289 PATTERN p = i;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	290 delete p;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	291 }
2 6e88da080f08 initial coding carl parents: 1 diff changeset	292 }
6e88da080f08 initial coding carl parents: 1 diff changeset	293
6e88da080f08 initial coding carl parents: 1 diff changeset	294
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	295 void SYSLOGCONFIG::add_pattern(PATTERNP pat) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	296 patterns.push_back(pat);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	297 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	298
8fe310e5cd44 initial coding carl parents: 2 diff changeset	299
8fe310e5cd44 initial coding carl parents: 2 diff changeset	300 bool SYSLOGCONFIG::read(CONFIG &con) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	301 if (failed()) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	302 int n = ::read(fd, buf+len, buflen-len);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	303 bool have = (n > 0);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	304 if (have) {
2 6e88da080f08 initial coding carl parents: 1 diff changeset	305 len += n;
6e88da080f08 initial coding carl parents: 1 diff changeset	306 while (true) {
6e88da080f08 initial coding carl parents: 1 diff changeset	307 char p = (char)memchr(buf, '\n', len);
6e88da080f08 initial coding carl parents: 1 diff changeset	308 if (!p) break;
6e88da080f08 initial coding carl parents: 1 diff changeset	309 n = p-buf;
6e88da080f08 initial coding carl parents: 1 diff changeset	310 *p = '\0';
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	311 process(con); // process null terminated string
2 6e88da080f08 initial coding carl parents: 1 diff changeset	312 len -= n+1;
6e88da080f08 initial coding carl parents: 1 diff changeset	313 memmove(buf, p+1, len);
6e88da080f08 initial coding carl parents: 1 diff changeset	314 }
6e88da080f08 initial coding carl parents: 1 diff changeset	315 // no <lf> in a full buffer
6e88da080f08 initial coding carl parents: 1 diff changeset	316 if (len == buflen) len = 0;
6e88da080f08 initial coding carl parents: 1 diff changeset	317 }
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	318 return have;
2 6e88da080f08 initial coding carl parents: 1 diff changeset	319 }
6e88da080f08 initial coding carl parents: 1 diff changeset	320
6e88da080f08 initial coding carl parents: 1 diff changeset	321
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	322 void SYSLOGCONFIG::process(CONFIG &con) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	323 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	324 PATTERN p = i;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	325 if (p->process(buf, con)) break;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	326 }
1 551433a01cab initial coding carl parents: diff changeset	327 }
551433a01cab initial coding carl parents: diff changeset	328
551433a01cab initial coding carl parents: diff changeset	329
551433a01cab initial coding carl parents: diff changeset	330 void SYSLOGCONFIG::dump(int level) {
551433a01cab initial coding carl parents: diff changeset	331 char indent[maxlen];
551433a01cab initial coding carl parents: diff changeset	332 int i = min(maxlen-1, level*4);
551433a01cab initial coding carl parents: diff changeset	333 memset(indent, ' ', i);
551433a01cab initial coding carl parents: diff changeset	334 indent[i] = '\0';
551433a01cab initial coding carl parents: diff changeset	335 char buf[maxlen];
551433a01cab initial coding carl parents: diff changeset	336 printf("%s file \"%s\" {\n", indent, file_name);
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	337 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	338 PATTERN p = i;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	339 p->dump(level);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	340 }
1 551433a01cab initial coding carl parents: diff changeset	341 printf("%s }; \n", indent);
551433a01cab initial coding carl parents: diff changeset	342 }
551433a01cab initial coding carl parents: diff changeset	343
551433a01cab initial coding carl parents: diff changeset	344
551433a01cab initial coding carl parents: diff changeset	345 ////////////////////////////////////////////////
551433a01cab initial coding carl parents: diff changeset	346 // helper to discard the strings held by a string_set
551433a01cab initial coding carl parents: diff changeset	347 //
551433a01cab initial coding carl parents: diff changeset	348 void discard(string_set &s) {
551433a01cab initial coding carl parents: diff changeset	349 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
551433a01cab initial coding carl parents: diff changeset	350 free(*i);
551433a01cab initial coding carl parents: diff changeset	351 }
551433a01cab initial coding carl parents: diff changeset	352 s.clear();
551433a01cab initial coding carl parents: diff changeset	353 }
551433a01cab initial coding carl parents: diff changeset	354
551433a01cab initial coding carl parents: diff changeset	355
551433a01cab initial coding carl parents: diff changeset	356 ////////////////////////////////////////////////
551433a01cab initial coding carl parents: diff changeset	357 // helper to register a string in a string set
551433a01cab initial coding carl parents: diff changeset	358 //
551433a01cab initial coding carl parents: diff changeset	359 char* register_string(string_set &s, char *name) {
551433a01cab initial coding carl parents: diff changeset	360 string_set::iterator i = s.find(name);
551433a01cab initial coding carl parents: diff changeset	361 if (i != s.end()) return *i;
551433a01cab initial coding carl parents: diff changeset	362 char *x = strdup(name);
551433a01cab initial coding carl parents: diff changeset	363 s.insert(x);
551433a01cab initial coding carl parents: diff changeset	364 return x;
551433a01cab initial coding carl parents: diff changeset	365 }
551433a01cab initial coding carl parents: diff changeset	366
551433a01cab initial coding carl parents: diff changeset	367
551433a01cab initial coding carl parents: diff changeset	368 ////////////////////////////////////////////////
551433a01cab initial coding carl parents: diff changeset	369 // register a global string
551433a01cab initial coding carl parents: diff changeset	370 //
551433a01cab initial coding carl parents: diff changeset	371 char* register_string(char *name) {
551433a01cab initial coding carl parents: diff changeset	372 return register_string(all_strings, name);
551433a01cab initial coding carl parents: diff changeset	373 }
551433a01cab initial coding carl parents: diff changeset	374
551433a01cab initial coding carl parents: diff changeset	375
551433a01cab initial coding carl parents: diff changeset	376 ////////////////////////////////////////////////
551433a01cab initial coding carl parents: diff changeset	377 //
551433a01cab initial coding carl parents: diff changeset	378 bool tsa(TOKEN &tok, char *token);
551433a01cab initial coding carl parents: diff changeset	379 bool tsa(TOKEN &tok, char *token) {
551433a01cab initial coding carl parents: diff changeset	380 char *have = tok.next();
551433a01cab initial coding carl parents: diff changeset	381 if (have == token) return true;
551433a01cab initial coding carl parents: diff changeset	382 tok.token_error(token, have);
551433a01cab initial coding carl parents: diff changeset	383 return false;
551433a01cab initial coding carl parents: diff changeset	384 }
551433a01cab initial coding carl parents: diff changeset	385
551433a01cab initial coding carl parents: diff changeset	386
551433a01cab initial coding carl parents: diff changeset	387 ////////////////////////////////////////////////
551433a01cab initial coding carl parents: diff changeset	388 //
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	389 bool parse_pattern(TOKEN &tok, SYSLOGCONFIG &con);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	390 bool parse_pattern(TOKEN &tok, SYSLOGCONFIG &con) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	391 char *pat = tok.next();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	392 int ind, buc;
1 551433a01cab initial coding carl parents: diff changeset	393 if (!tsa(tok, token_lbrace)) return false;
551433a01cab initial coding carl parents: diff changeset	394 while (true) {
551433a01cab initial coding carl parents: diff changeset	395 char *have = tok.next();
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	396 if (!have) break;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	397 if (have == token_rbrace) break;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	398 if (have == token_index) {
1 551433a01cab initial coding carl parents: diff changeset	399 have = tok.next();
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	400 ind = atoi(have);
1 551433a01cab initial coding carl parents: diff changeset	401 if (!tsa(tok, token_semi)) return false;
551433a01cab initial coding carl parents: diff changeset	402 }
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	403 else if (have == token_bucket) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	404 have = tok.next();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	405 buc = atoi(have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	406 if (!tsa(tok, token_semi)) return false;
1 551433a01cab initial coding carl parents: diff changeset	407 }
551433a01cab initial coding carl parents: diff changeset	408 else {
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	409 tok.token_error("index/bucket", have);
1 551433a01cab initial coding carl parents: diff changeset	410 return false;
551433a01cab initial coding carl parents: diff changeset	411 }
551433a01cab initial coding carl parents: diff changeset	412 }
551433a01cab initial coding carl parents: diff changeset	413 if (!tsa(tok, token_semi)) return false;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	414 PATTERNP patt = new PATTERN(tok, pat, ind, buc);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	415 con.add_pattern(patt);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	416 return true;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	417 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	418
8fe310e5cd44 initial coding carl parents: 2 diff changeset	419
8fe310e5cd44 initial coding carl parents: 2 diff changeset	420 ////////////////////////////////////////////////
8fe310e5cd44 initial coding carl parents: 2 diff changeset	421 //
8fe310e5cd44 initial coding carl parents: 2 diff changeset	422 bool parse_ignore(TOKEN &tok, CONFIG &dc);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	423 bool parse_ignore(TOKEN &tok, CONFIG &dc) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	424 if (!tsa(tok, token_lbrace)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	425 while (true) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	426 char *have = tok.next();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	427 if (!have) break;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	428 if (have == token_rbrace) break;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	429 int ipaddr = ip_address(have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	430 if (ipaddr == 0) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	431 tok.token_error("ip address", have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	432 return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	433 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	434 if (!tsa(tok, token_slash)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	435 have = tok.next();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	436 int mask = atoi(have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	437 if ((mask < 8) \|\| (mask > 32)) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	438 tok.token_error("cidr 8..32 value", have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	439 return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	440 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	441 if (!tsa(tok, token_semi)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	442 IPPAIR pair;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	443 const int masks[33] = {0xffffffff, // 0
8fe310e5cd44 initial coding carl parents: 2 diff changeset	444 0x7fffffff, // 1
8fe310e5cd44 initial coding carl parents: 2 diff changeset	445 0x3fffffff, // 2
8fe310e5cd44 initial coding carl parents: 2 diff changeset	446 0x1fffffff, // 3
8fe310e5cd44 initial coding carl parents: 2 diff changeset	447 0x0fffffff, // 4
8fe310e5cd44 initial coding carl parents: 2 diff changeset	448 0x07ffffff, // 5
8fe310e5cd44 initial coding carl parents: 2 diff changeset	449 0x03ffffff, // 6
8fe310e5cd44 initial coding carl parents: 2 diff changeset	450 0x01ffffff, // 7
8fe310e5cd44 initial coding carl parents: 2 diff changeset	451 0x00ffffff, // 8
8fe310e5cd44 initial coding carl parents: 2 diff changeset	452 0x007fffff, // 9
8fe310e5cd44 initial coding carl parents: 2 diff changeset	453 0x003fffff, // 10
8fe310e5cd44 initial coding carl parents: 2 diff changeset	454 0x001fffff, // 11
8fe310e5cd44 initial coding carl parents: 2 diff changeset	455 0x000fffff, // 12
8fe310e5cd44 initial coding carl parents: 2 diff changeset	456 0x0007ffff, // 13
8fe310e5cd44 initial coding carl parents: 2 diff changeset	457 0x0003ffff, // 14
8fe310e5cd44 initial coding carl parents: 2 diff changeset	458 0x0001ffff, // 15
8fe310e5cd44 initial coding carl parents: 2 diff changeset	459 0x0000ffff, // 16
8fe310e5cd44 initial coding carl parents: 2 diff changeset	460 0x00007fff, // 17
8fe310e5cd44 initial coding carl parents: 2 diff changeset	461 0x00003fff, // 18
8fe310e5cd44 initial coding carl parents: 2 diff changeset	462 0x00001fff, // 19
8fe310e5cd44 initial coding carl parents: 2 diff changeset	463 0x00000fff, // 20
8fe310e5cd44 initial coding carl parents: 2 diff changeset	464 0x000007ff, // 21
8fe310e5cd44 initial coding carl parents: 2 diff changeset	465 0x000003ff, // 22
8fe310e5cd44 initial coding carl parents: 2 diff changeset	466 0x000001ff, // 23
8fe310e5cd44 initial coding carl parents: 2 diff changeset	467 0x000000ff, // 24
8fe310e5cd44 initial coding carl parents: 2 diff changeset	468 0x0000007f, // 25
8fe310e5cd44 initial coding carl parents: 2 diff changeset	469 0x0000003f, // 26
8fe310e5cd44 initial coding carl parents: 2 diff changeset	470 0x0000001f, // 27
8fe310e5cd44 initial coding carl parents: 2 diff changeset	471 0x0000000f, // 28
8fe310e5cd44 initial coding carl parents: 2 diff changeset	472 0x00000007, // 29
8fe310e5cd44 initial coding carl parents: 2 diff changeset	473 0x00000003, // 30
8fe310e5cd44 initial coding carl parents: 2 diff changeset	474 0x00000001, // 31
8fe310e5cd44 initial coding carl parents: 2 diff changeset	475 0x00000000}; // 32
8fe310e5cd44 initial coding carl parents: 2 diff changeset	476 pair.first = ipaddr;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	477 pair.last = ipaddr \| masks[mask];
8fe310e5cd44 initial coding carl parents: 2 diff changeset	478 pair.cidr = mask;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	479 dc.add_pair(pair);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	480 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	481 if (!tsa(tok, token_semi)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	482 return true;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	483 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	484
8fe310e5cd44 initial coding carl parents: 2 diff changeset	485
8fe310e5cd44 initial coding carl parents: 2 diff changeset	486 ////////////////////////////////////////////////
8fe310e5cd44 initial coding carl parents: 2 diff changeset	487 //
8fe310e5cd44 initial coding carl parents: 2 diff changeset	488 bool parse_syslogconfig(TOKEN &tok, CONFIG &dc);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	489 bool parse_syslogconfig(TOKEN &tok, CONFIG &dc) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	490 char *name = tok.next();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	491 if (!tsa(tok, token_lbrace)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	492 SYSLOGCONFIGP con = new SYSLOGCONFIG(tok, name);
2 6e88da080f08 initial coding carl parents: 1 diff changeset	493 if (con->failed()) {
6e88da080f08 initial coding carl parents: 1 diff changeset	494 delete con;
6e88da080f08 initial coding carl parents: 1 diff changeset	495 return false;
6e88da080f08 initial coding carl parents: 1 diff changeset	496 }
1 551433a01cab initial coding carl parents: diff changeset	497 dc.add_syslogconfig(con);
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	498 while (true) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	499 char *have = tok.next();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	500 if (!have) break;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	501 if (have == token_rbrace) break;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	502 if (have == token_pattern) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	503 if (!parse_pattern(tok, *con)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	504 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	505 else {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	506 tok.token_error("pattern", have);
8fe310e5cd44 initial coding carl parents: 2 diff changeset	507 return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	508 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	509 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	510 if (!tsa(tok, token_semi)) return false;
1 551433a01cab initial coding carl parents: diff changeset	511 return true;
551433a01cab initial coding carl parents: diff changeset	512 }
551433a01cab initial coding carl parents: diff changeset	513
551433a01cab initial coding carl parents: diff changeset	514
551433a01cab initial coding carl parents: diff changeset	515 ////////////////////////////////////////////////
551433a01cab initial coding carl parents: diff changeset	516 // parse a config file
551433a01cab initial coding carl parents: diff changeset	517 //
551433a01cab initial coding carl parents: diff changeset	518 bool load_conf(CONFIG &dc, char *fn) {
551433a01cab initial coding carl parents: diff changeset	519 int count = 0;
551433a01cab initial coding carl parents: diff changeset	520 TOKEN tok(fn, &dc.config_files);
551433a01cab initial coding carl parents: diff changeset	521 while (true) {
551433a01cab initial coding carl parents: diff changeset	522 char *have = tok.next();
551433a01cab initial coding carl parents: diff changeset	523 if (!have) break;
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	524 if (have == token_threshold) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	525 have = tok.next();
8fe310e5cd44 initial coding carl parents: 2 diff changeset	526 dc.set_threshold(atoi(have));
8fe310e5cd44 initial coding carl parents: 2 diff changeset	527 if (!tsa(tok, token_semi)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	528 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	529 else if (have == token_ignore) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	530 if (!parse_ignore(tok, dc)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	531 }
8fe310e5cd44 initial coding carl parents: 2 diff changeset	532 else if (have == token_file) {
8fe310e5cd44 initial coding carl parents: 2 diff changeset	533 if (!parse_syslogconfig(tok, dc)) return false;
8fe310e5cd44 initial coding carl parents: 2 diff changeset	534 count++;
1 551433a01cab initial coding carl parents: diff changeset	535 }
551433a01cab initial coding carl parents: diff changeset	536 else {
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	537 tok.token_error("threshold/ignore/file", have);
1 551433a01cab initial coding carl parents: diff changeset	538 return false;
551433a01cab initial coding carl parents: diff changeset	539 }
551433a01cab initial coding carl parents: diff changeset	540 }
551433a01cab initial coding carl parents: diff changeset	541 tok.token_error("load_conf() found %d syslog files in %s", count, fn);
551433a01cab initial coding carl parents: diff changeset	542 return (!dc.syslogconfigs.empty());
551433a01cab initial coding carl parents: diff changeset	543 }
551433a01cab initial coding carl parents: diff changeset	544
551433a01cab initial coding carl parents: diff changeset	545
551433a01cab initial coding carl parents: diff changeset	546 ////////////////////////////////////////////////
551433a01cab initial coding carl parents: diff changeset	547 // init the tokens
551433a01cab initial coding carl parents: diff changeset	548 //
551433a01cab initial coding carl parents: diff changeset	549 void token_init() {
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	550 token_bucket = register_string("bucket");
1 551433a01cab initial coding carl parents: diff changeset	551 token_file = register_string("file");
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	552 token_ignore = register_string("ignore");
1 551433a01cab initial coding carl parents: diff changeset	553 token_include = register_string("include");
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	554 token_index = register_string("index");
1 551433a01cab initial coding carl parents: diff changeset	555 token_lbrace = register_string("{");
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	556 token_pattern = register_string("pattern");
1 551433a01cab initial coding carl parents: diff changeset	557 token_rbrace = register_string("}");
551433a01cab initial coding carl parents: diff changeset	558 token_semi = register_string(";");
3 8fe310e5cd44 initial coding carl parents: 2 diff changeset	559 token_slash = register_string("/");
8fe310e5cd44 initial coding carl parents: 2 diff changeset	560 token_threshold = register_string("threshold");
1 551433a01cab initial coding carl parents: diff changeset	561 }

Mercurial > syslog2iptables

annotate src/syslogconfig.cpp @ 3:8fe310e5cd44