changeset 2:6e88da080f08

initial coding
author carl
date Thu, 24 Nov 2005 10:31:09 -0800
parents 551433a01cab
children 8fe310e5cd44
files src/syslog2iptables.cpp src/syslogconfig.cpp src/syslogconfig.h
diffstat 3 files changed, 82 insertions(+), 7 deletions(-) [+]
line wrap: on
line diff
--- a/src/syslog2iptables.cpp	Wed Nov 23 19:29:14 2005 -0800
+++ b/src/syslog2iptables.cpp	Thu Nov 24 10:31:09 2005 -0800
@@ -36,6 +36,9 @@
 #include <signal.h> 	/* header for signal functions */
 #include "includes.h"
 
+extern "C" {
+	void sig_chld(int signo);
+}
 int  debug_syslog  = 0;
 bool syslog_opened = false;
 bool use_syslog    = true;	// false to printf
@@ -196,6 +199,10 @@
 		CONFIG *conf = new_conf();
 		if (conf) {
 			conf->dump();
+			for (int i=0; i<30; i++) {
+				conf->read();
+				sleep(1);
+			}
 			delete conf;
 			return 0;
 		}
@@ -242,6 +249,16 @@
 		exit(1);
 	}
 
+	// setup sigchld handler to prevent zombies
+	struct sigaction act;
+	act.sa_handler = sig_chld;		// Assign sig_chld as our SIGCHLD handler
+	sigemptyset(&act.sa_mask);		// We don't want to block any other signals in this example
+	act.sa_flags = SA_NOCLDSTOP;	// only want children that have terminated
+	if (sigaction(SIGCHLD, &act, NULL) < 0) {
+		my_syslog("failed to setup SIGCHLD handler");
+		exit(1);
+	}
+
 	// only create threads after the fork() in daemon
 	pthread_t tid;
 	if (pthread_create(&tid, 0, config_loader, 0))
--- a/src/syslogconfig.cpp	Wed Nov 23 19:29:14 2005 -0800
+++ b/src/syslogconfig.cpp	Thu Nov 24 10:31:09 2005 -0800
@@ -19,6 +19,7 @@
  ***************************************************************************/
 
 #include "includes.h"
+#include <fcntl.h>
 
 static char* syslogconfig_version="$Id$";
 
@@ -63,13 +64,58 @@
 }
 
 
-SYSLOGCONFIG::SYSLOGCONFIG(char *file_name_, parser_style parser_) {
+void CONFIG::read() {
+	for (syslogconfig_list::iterator i=syslogconfigs.begin(); i!=syslogconfigs.end(); i++) {
+		SYSLOGCONFIGP c = *i;
+		c->read();
+	}
+}
+
+
+SYSLOGCONFIG::SYSLOGCONFIG(TOKEN &tok, char *file_name_, parser_style parser_) {
 	file_name	= file_name_;
 	parser		= parser_;
+	fd		  = open(file_name, O_RDONLY);
+	len 	  = 0;
+	if (fd == -1) {
+		char buf[maxlen];
+		snprintf(buf, sizeof(buf), "syslog file %s not readable", file_name);
+		tok.token_error(buf);
+	}
+	else {
+		lseek(fd, 0, SEEK_END);
+	}
 }
 
 
 SYSLOGCONFIG::~SYSLOGCONFIG() {
+	if (fd != -1) close(fd);
+	fd = -1;
+}
+
+
+void SYSLOGCONFIG::read() {
+	if (failed()) return;
+	int n = ::read(fd, buf, buflen-len);
+	if (n > 0) {
+		len += n;
+		while (true) {
+			char *p = (char*)memchr(buf, '\n', len);
+			if (!p) break;
+			n = p-buf;
+			*p = '\0';
+			process();	// process null terminated string
+			len -= n+1;
+			memmove(buf, p+1, len);
+		}
+		// no <lf> in a full buffer
+		if (len == buflen) len = 0;
+	}
+}
+
+
+void SYSLOGCONFIG::process() {
+	my_syslog(buf);
 }
 
 
@@ -162,7 +208,11 @@
 		}
 	}
 	if (!tsa(tok, token_semi)) return false;
-	SYSLOGCONFIGP con = new SYSLOGCONFIG(name, parser);
+	SYSLOGCONFIGP con = new SYSLOGCONFIG(tok, name, parser);
+	if (con->failed()) {
+		delete con;
+		return false;
+	}
 	dc.add_syslogconfig(con);
 	return true;
 }
--- a/src/syslogconfig.h	Wed Nov 23 19:29:14 2005 -0800
+++ b/src/syslogconfig.h	Thu Nov 24 10:31:09 2005 -0800
@@ -30,14 +30,21 @@
 typedef SYSLOGCONFIG *			SYSLOGCONFIGP;
 typedef list<SYSLOGCONFIGP> 	syslogconfig_list;
 enum parser_style {cisco, ssh};
+const int buflen = 1024;
 
 class SYSLOGCONFIG {
 	char *			file_name;	// name of the syslog file
 	parser_style	parser;
+	int 			fd;
+	int 			len;		// bytes in the buffer
+	char			buf[buflen];
 public:
-	SYSLOGCONFIG(char *file_name_, parser_style parser_);
+	SYSLOGCONFIG(TOKEN &tok, char *file_name_, parser_style parser_);
 	~SYSLOGCONFIG();
 	void	dump(int level);
+	bool	failed()	{ return (fd == -1); };
+	void	read();
+	void	process();
 };
 
 struct CONFIG {
@@ -53,6 +60,7 @@
 	~CONFIG();
 	void		add_syslogconfig(SYSLOGCONFIGP con);
 	void		dump();
+	void	read();
 };
 
 void discard(string_set &s);