Mercurial > syslog2iptables
comparison src/syslogconfig.h @ 3:8fe310e5cd44
initial coding
| author | carl |
|---|---|
| date | Sun, 27 Nov 2005 21:12:01 -0800 |
| parents | 6e88da080f08 |
| children | 2737ab01659a |
comparison
equal
deleted
inserted
replaced
| 2:6e88da080f08 | 3:8fe310e5cd44 |
|---|---|
| 21 #ifndef syslogconfig_include | 21 #ifndef syslogconfig_include |
| 22 #define syslogconfig_include | 22 #define syslogconfig_include |
| 23 | 23 |
| 24 #include "tokenizer.h" | 24 #include "tokenizer.h" |
| 25 #include <map> | 25 #include <map> |
| 26 #include <regex.h> | |
| 26 | 27 |
| 27 | 28 |
| 28 class SYSLOGCONFIG; | 29 class SYSLOGCONFIG; |
| 30 class CONFIG; | |
| 31 | |
| 32 struct IPPAIR { | |
| 33 int first; | |
| 34 int last; | |
| 35 int cidr; | |
| 36 }; | |
| 37 | |
| 38 class PATTERN { | |
| 39 char * pattern; // owned by the string table | |
| 40 regex_t re; | |
| 41 int index; // zero based substring of the regex match that contains the ip address or hostname | |
| 42 int bucket; // count to add to the ip address leaky bucket | |
| 43 public: | |
| 44 ~PATTERN(); | |
| 45 PATTERN(TOKEN &tok, char *pattern_, int index_, int bucket_); | |
| 46 bool process(char *buf, CONFIG &con); | |
| 47 void dump(int level); | |
| 48 }; | |
| 29 | 49 |
| 30 typedef SYSLOGCONFIG * SYSLOGCONFIGP; | 50 typedef SYSLOGCONFIG * SYSLOGCONFIGP; |
| 51 typedef PATTERN * PATTERNP; | |
| 31 typedef list<SYSLOGCONFIGP> syslogconfig_list; | 52 typedef list<SYSLOGCONFIGP> syslogconfig_list; |
| 32 enum parser_style {cisco, ssh}; | 53 typedef list<IPPAIR> ippair_list; |
| 54 typedef list<PATTERNP> pattern_list; | |
| 33 const int buflen = 1024; | 55 const int buflen = 1024; |
| 34 | 56 |
| 35 class SYSLOGCONFIG { | 57 class SYSLOGCONFIG { |
| 36 char * file_name; // name of the syslog file | 58 char * file_name; // name of the syslog file |
| 37 parser_style parser; | 59 pattern_list patterns; // owns the patterns |
| 38 int fd; | 60 int fd; |
| 39 int len; // bytes in the buffer | 61 int len; // bytes in the buffer |
| 40 char buf[buflen]; | 62 char buf[buflen]; |
| 41 public: | 63 public: |
| 42 SYSLOGCONFIG(TOKEN &tok, char *file_name_, parser_style parser_); | 64 SYSLOGCONFIG(TOKEN &tok, char *file_name_); |
| 43 ~SYSLOGCONFIG(); | 65 ~SYSLOGCONFIG(); |
| 66 void add_pattern(PATTERNP pat); | |
| 67 bool failed() { return (fd == -1); }; | |
| 68 bool read(CONFIG &con); | |
| 69 void process(CONFIG &con); | |
| 44 void dump(int level); | 70 void dump(int level); |
| 45 bool failed() { return (fd == -1); }; | |
| 46 void read(); | |
| 47 void process(); | |
| 48 }; | 71 }; |
| 49 | 72 |
| 50 struct CONFIG { | 73 class CONFIG { |
| 74 public: | |
| 51 // the only mutable stuff once it has been loaded from the config file | 75 // the only mutable stuff once it has been loaded from the config file |
| 52 int reference_count; // protected by the global config_mutex | 76 int reference_count; // protected by the global config_mutex |
| 53 // all the rest is constant after loading from the config file | 77 // all the rest is constant after loading from the config file |
| 54 int generation; | 78 int generation; |
| 55 time_t load_time; | 79 time_t load_time; |
| 56 string_set config_files; | 80 string_set config_files; |
| 57 syslogconfig_list syslogconfigs; // owns all the syslogconfigs, not just top level syslogconfigs | 81 int threshold; |
| 82 ippair_list ignore; // owns all the ippairs | |
| 83 syslogconfig_list syslogconfigs; // owns all the syslogconfigs | |
| 58 | 84 |
| 59 CONFIG(); | 85 CONFIG(); |
| 60 ~CONFIG(); | 86 ~CONFIG(); |
| 87 void set_threshold(int threshold_) { threshold = threshold_; }; | |
| 88 int get_threshold() { return threshold; }; | |
| 61 void add_syslogconfig(SYSLOGCONFIGP con); | 89 void add_syslogconfig(SYSLOGCONFIGP con); |
| 90 void add_pair(IPPAIR pair); | |
| 62 void dump(); | 91 void dump(); |
| 63 void read(); | 92 void read(); |
| 93 void sleep(int duration); | |
| 94 bool looking(int ip); | |
| 64 }; | 95 }; |
| 65 | 96 |
| 66 void discard(string_set &s); | 97 void discard(string_set &s); |
| 67 char* register_string(string_set &s, char *name); | 98 char* register_string(string_set &s, char *name); |
| 68 char* register_string(char *name); | 99 char* register_string(char *name); |
| 69 CONFIG *parse_config(char *fn); | 100 int ip_address(char *have); |
| 70 bool load_conf(CONFIG &dc, char *fn); | 101 bool load_conf(CONFIG &dc, char *fn); |
| 71 void token_init(); | 102 void token_init(); |
| 72 | 103 |
| 73 extern char *token_cisco; | 104 extern char *token_bucket; |
| 74 extern char *token_file; | 105 extern char *token_file; |
| 106 extern char *token_ignore; | |
| 75 extern char *token_include; | 107 extern char *token_include; |
| 108 extern char *token_index; | |
| 76 extern char *token_lbrace; | 109 extern char *token_lbrace; |
| 77 extern char *token_parser; | 110 extern char *token_pattern; |
| 78 extern char *token_rbrace; | 111 extern char *token_rbrace; |
| 79 extern char *token_semi; | 112 extern char *token_semi; |
| 80 extern char *token_ssh; | 113 extern char *token_slash; |
| 114 extern char *token_threshold; | |
| 81 | 115 |
| 82 #endif | 116 #endif |