Mercurial > syslog2iptables

comparison src/syslogconfig.cpp @ 48:ba0259c9e411 stable-1-0-11

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fixes to compile on Fedora 9 and for const correctness
author Carl Byington <carl@five-ten-sg.com>
date Thu, 29 May 2008 11:38:42 -0700
parents d9ae11033b4b
children 206448c00b55
comparison
equal deleted inserted replaced
47:a4861687fbd1 48:ba0259c9e411
12 #include <netinet/in.h> 12 #include <netinet/in.h>
13 #include <arpa/inet.h> 13 #include <arpa/inet.h>
14 #include <netdb.h> 14 #include <netdb.h>
15 #include <limits.h> 15 #include <limits.h>
16 16
17 char *token_add; 17 const char *token_add;
18 char *token_bucket; 18 const char *token_bucket;
19 char *token_file; 19 const char *token_file;
20 char *token_ignore; 20 const char *token_ignore;
21 char *token_include; 21 const char *token_include;
22 char *token_index; 22 const char *token_index;
23 char *token_lbrace; 23 const char *token_lbrace;
24 char *token_message; 24 const char *token_message;
25 char *token_pattern; 25 const char *token_pattern;
26 char *token_rbrace; 26 const char *token_rbrace;
27 char *token_remove; 27 const char *token_remove;
28 char *token_semi; 28 const char *token_semi;
29 char *token_slash; 29 const char *token_slash;
30 char *token_threshold; 30 const char *token_threshold;
31 31
32 struct ltint 32 struct ltint
33 { 33 {
34 bool operator()(const int s1, const int s2) const 34 bool operator()(const int s1, const int s2) const
35 { 35 {
47 typedef map<int, bucket, ltint> ip_buckets; 47 typedef map<int, bucket, ltint> ip_buckets;
48 48
49 class IPR { 49 class IPR {
50 ip_buckets violations; 50 ip_buckets violations;
51 public: 51 public:
52 void add(int ip, int amount, CONFIG &con, char *file_name, int pattern_index, char *message); 52 void add(int ip, int amount, CONFIG &con, const char *file_name, int pattern_index, const char *message);
53 void leak(int amount, CONFIG &con); 53 void leak(int amount, CONFIG &con);
54 void free_all(CONFIG &con); 54 void free_all(CONFIG &con);
55 void update(int ip, bool added, char *file_name, int pattern_index, char *message); 55 void update(int ip, bool added, const char *file_name, int pattern_index, const char *message);
56 void changed(CONFIG &con, int ip, bool added); 56 void changed(CONFIG &con, int ip, bool added);
57 }; 57 };
58 58
59 IPR recorder; 59 IPR recorder;
60 60
61 61
62 //////////////////////////////////////////////// 62 ////////////////////////////////////////////////
63 // 63 //
64 void IPR::add(int ip, int amount, CONFIG &con, char *file_name, int pattern_index, char *message) { 64 void IPR::add(int ip, int amount, CONFIG &con, const char *file_name, int pattern_index, const char *message) {
65 if (con.looking(ip)) { 65 if (con.looking(ip)) {
66 ip_buckets::iterator i = violations.find(ip); 66 ip_buckets::iterator i = violations.find(ip);
67 if (i == violations.end()) { 67 if (i == violations.end()) {
68 bucket b; 68 bucket b;
69 b.count = amount; 69 b.count = amount;
124 } 124 }
125 violations.clear(); 125 violations.clear();
126 } 126 }
127 127
128 128
129 void IPR::update(int ip, bool added, char *file_name, int pattern_index, char *message) { 129 void IPR::update(int ip, bool added, const char *file_name, int pattern_index, const char *message) {
130 if (debug_syslog > 2) { 130 if (debug_syslog > 2) {
131 char buf[maxlen]; 131 char buf[maxlen];
132 in_addr ad; 132 in_addr ad;
133 ad.s_addr = htonl(ip); 133 ad.s_addr = htonl(ip);
134 if (added) { 134 if (added) {
162 } 162 }
163 163
164 164
165 //////////////////////////////////////////////// 165 ////////////////////////////////////////////////
166 // 166 //
167 int ip_address(char *have); 167 int ip_address(const char *have);
168 int ip_address(char *have) { 168 int ip_address(const char *have) {
169 int ipaddr = 0; 169 int ipaddr = 0;
170 in_addr ip; 170 in_addr ip;
171 if (inet_aton(have, &ip)) ipaddr = ip.s_addr; 171 if (inet_aton(have, &ip)) ipaddr = ip.s_addr;
172 else { 172 else {
173 struct hostent *host = gethostbyname(have); 173 struct hostent *host = gethostbyname(have);
177 } 177 }
178 178
179 179
180 //////////////////////////////////////////////// 180 ////////////////////////////////////////////////
181 // 181 //
182 PATTERN::PATTERN(TOKEN &tok, char *pattern_, int index_, int amount_, char *msg_) { 182 PATTERN::PATTERN(TOKEN &tok, const char *pattern_, int index_, int amount_, const char *msg_) {
183 pattern = pattern_; 183 pattern = pattern_;
184 index = index_; 184 index = index_;
185 amount = amount_; 185 amount = amount_;
186 message = msg_; 186 message = msg_;
187 if (pattern) { 187 if (pattern) {
201 PATTERN::~PATTERN() { 201 PATTERN::~PATTERN() {
202 regfree(&re); 202 regfree(&re);
203 } 203 }
204 204
205 205
206 bool PATTERN::process(char *buf, CONFIG &con, char *file_name, int pattern_index) { 206 bool PATTERN::process(char *buf, CONFIG &con, const char *file_name, int pattern_index) {
207 if (pattern) { 207 if (pattern) {
208 const int nmatch = index+1; 208 const int nmatch = index+1;
209 regmatch_t match[nmatch]; 209 regmatch_t match[nmatch];
210 if (0 == regexec(&re, buf, nmatch, match, 0)) { 210 if (0 == regexec(&re, buf, nmatch, match, 0)) {
211 int s = match[index].rm_so; 211 int s = match[index].rm_so;
325 return true; 325 return true;
326 } 326 }
327 327
328 //////////////////////////////////////////////// 328 ////////////////////////////////////////////////
329 // 329 //
330 SYSLOGCONFIG::SYSLOGCONFIG(TOKEN &tok, char *file_name_) { 330 SYSLOGCONFIG::SYSLOGCONFIG(TOKEN &tok, const char *file_name_) {
331 tokp = &tok; 331 tokp = &tok;
332 file_name = file_name_; 332 file_name = file_name_;
333 open(true); 333 open(true);
334 } 334 }
335 335
356 else { 356 else {
357 if (debug_syslog > 1) { 357 if (debug_syslog > 1) {
358 snprintf(buf, sizeof(buf), "syslog file %s opened", file_name); 358 snprintf(buf, sizeof(buf), "syslog file %s opened", file_name);
359 my_syslog(buf); 359 my_syslog(buf);
360 } 360 }
361 lseek(fd, 0, SEEK_END); 361 if (msg) lseek(fd, 0, SEEK_END);
362 if (fstat(fd, &openfdstat)) { 362 if (fstat(fd, &openfdstat)) {
363 close(); 363 close();
364 snprintf(buf, sizeof(buf), "syslog file %s cannot stat after open", file_name); 364 snprintf(buf, sizeof(buf), "syslog file %s cannot stat after open", file_name);
365 tokp->token_error(buf); 365 tokp->token_error(buf);
366 } 366 }
441 void SYSLOGCONFIG::dump(int level) { 441 void SYSLOGCONFIG::dump(int level) {
442 char indent[maxlen]; 442 char indent[maxlen];
443 int i = min(maxlen-1, level*4); 443 int i = min(maxlen-1, level*4);
444 memset(indent, ' ', i); 444 memset(indent, ' ', i);
445 indent[i] = '\0'; 445 indent[i] = '\0';
446 char buf[maxlen];
447 printf("%s file \"%s\" {\n", indent, file_name); 446 printf("%s file \"%s\" {\n", indent, file_name);
448 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) { 447 for (pattern_list::iterator i=patterns.begin(); i!=patterns.end(); i++) {
449 PATTERN *p = *i; 448 PATTERN *p = *i;
450 p->dump(level+1); 449 p->dump(level+1);
451 } 450 }
456 //////////////////////////////////////////////// 455 ////////////////////////////////////////////////
457 // helper to discard the strings held by a string_set 456 // helper to discard the strings held by a string_set
458 // 457 //
459 void discard(string_set &s) { 458 void discard(string_set &s) {
460 for (string_set::iterator i=s.begin(); i!=s.end(); i++) { 459 for (string_set::iterator i=s.begin(); i!=s.end(); i++) {
461 free(*i); 460 free((void*)*i);
462 } 461 }
463 s.clear(); 462 s.clear();
464 } 463 }
465 464
466 465
467 //////////////////////////////////////////////// 466 ////////////////////////////////////////////////
468 // helper to register a string in a string set 467 // helper to register a string in a string set
469 // 468 //
470 char* register_string(string_set &s, char *name) { 469 const char* register_string(string_set &s, const char *name) {
471 string_set::iterator i = s.find(name); 470 string_set::const_iterator i = s.find(name);
472 if (i != s.end()) return *i; 471 if (i != s.end()) return *i;
473 char *x = strdup(name); 472 char *x = strdup(name);
474 s.insert(x); 473 s.insert(x);
475 return x; 474 return x;
476 } 475 }
477 476
478 477
479 //////////////////////////////////////////////// 478 ////////////////////////////////////////////////
480 // register a global string 479 // register a global string
481 // 480 //
482 char* register_string(char *name) { 481 const char* register_string(const char *name) {
483 return register_string(all_strings, name); 482 return register_string(all_strings, name);
484 } 483 }
485 484
486 485
487 //////////////////////////////////////////////// 486 ////////////////////////////////////////////////
492 } 491 }
493 492
494 493
495 //////////////////////////////////////////////// 494 ////////////////////////////////////////////////
496 // 495 //
497 bool tsa(TOKEN &tok, char *token); 496 bool tsa(TOKEN &tok, const char *token);
498 bool tsa(TOKEN &tok, char *token) { 497 bool tsa(TOKEN &tok, const char *token) {
499 char *have = tok.next(); 498 const char *have = tok.next();
500 if (have == token) return true; 499 if (have == token) return true;
501 tok.token_error(token, have); 500 tok.token_error(token, have);
502 return false; 501 return false;
503 } 502 }
504 503
505 504
506 //////////////////////////////////////////////// 505 ////////////////////////////////////////////////
507 // 506 //
508 bool parse_pattern(TOKEN &tok, SYSLOGCONFIG &con); 507 bool parse_pattern(TOKEN &tok, SYSLOGCONFIG &con);
509 bool parse_pattern(TOKEN &tok, SYSLOGCONFIG &con) { 508 bool parse_pattern(TOKEN &tok, SYSLOGCONFIG &con) {
510 char *pat = tok.next(); 509 const char *pat = tok.next();
511 int ind, buc; 510 int ind = 0;
512 char *msg = NULL; 511 int buc = 0;
512 const char *msg = NULL;
513 if (!tsa(tok, token_lbrace)) return false; 513 if (!tsa(tok, token_lbrace)) return false;
514 while (true) { 514 while (true) {
515 char *have = tok.next(); 515 const char *have = tok.next();
516 if (!have) break; 516 if (!have) break;
517 if (have == token_rbrace) break; 517 if (have == token_rbrace) break;
518 if (have == token_index) { 518 if (have == token_index) {
519 have = tok.next(); 519 have = tok.next();
520 ind = atoi(have); 520 ind = atoi(have);
545 // 545 //
546 bool parse_ignore(TOKEN &tok, CONFIG &dc); 546 bool parse_ignore(TOKEN &tok, CONFIG &dc);
547 bool parse_ignore(TOKEN &tok, CONFIG &dc) { 547 bool parse_ignore(TOKEN &tok, CONFIG &dc) {
548 if (!tsa(tok, token_lbrace)) return false; 548 if (!tsa(tok, token_lbrace)) return false;
549 while (true) { 549 while (true) {
550 char *have = tok.next(); 550 const char *have = tok.next();
551 if (!have) break; 551 if (!have) break;
552 if (have == token_rbrace) break; 552 if (have == token_rbrace) break;
553 int ipaddr = ip_address(have); 553 int ipaddr = ip_address(have);
554 if (ipaddr == 0) { 554 if (ipaddr == 0) {
555 tok.token_error("ip address", have); 555 tok.token_error("ip address", have);
609 609
610 //////////////////////////////////////////////// 610 ////////////////////////////////////////////////
611 // 611 //
612 bool parse_syslogconfig(TOKEN &tok, CONFIG &dc); 612 bool parse_syslogconfig(TOKEN &tok, CONFIG &dc);
613 bool parse_syslogconfig(TOKEN &tok, CONFIG &dc) { 613 bool parse_syslogconfig(TOKEN &tok, CONFIG &dc) {
614 char *name = tok.next(); 614 const char *name = tok.next();
615 if (!tsa(tok, token_lbrace)) return false; 615 if (!tsa(tok, token_lbrace)) return false;
616 SYSLOGCONFIGP con = new SYSLOGCONFIG(tok, name); 616 SYSLOGCONFIGP con = new SYSLOGCONFIG(tok, name);
617 if (con->failed()) { 617 if (con->failed()) {
618 delete con; 618 delete con;
619 return false; 619 return false;
620 } 620 }
621 dc.add_syslogconfig(con); 621 dc.add_syslogconfig(con);
622 while (true) { 622 while (true) {
623 char *have = tok.next(); 623 const char *have = tok.next();
624 if (!have) break; 624 if (!have) break;
625 if (have == token_rbrace) break; 625 if (have == token_rbrace) break;
626 if (have == token_pattern) { 626 if (have == token_pattern) {
627 if (!parse_pattern(tok, *con)) return false; 627 if (!parse_pattern(tok, *con)) return false;
628 } 628 }
637 637
638 638
639 //////////////////////////////////////////////// 639 ////////////////////////////////////////////////
640 // parse a config file 640 // parse a config file
641 // 641 //
642 bool load_conf(CONFIG &dc, char *fn) { 642 bool load_conf(CONFIG &dc, const char *fn) {
643 int count = 0; 643 int count = 0;
644 TOKEN tok(fn, &dc.config_files); 644 TOKEN tok(fn, &dc.config_files);
645 while (true) { 645 while (true) {
646 char *have = tok.next(); 646 const char *have = tok.next();
647 if (!have) break; 647 if (!have) break;
648 if (have == token_threshold) { 648 if (have == token_threshold) {
649 have = tok.next(); 649 have = tok.next();
650 dc.set_threshold(atoi(have)); 650 dc.set_threshold(atoi(have));
651 if (!tsa(tok, token_semi)) return false; 651 if (!tsa(tok, token_semi)) return false;