annotate src/syslogconfig.h @ 42:d9ae11033b4b stable-1-9

Add default config to firewall systems that send bounces to non-existant accounts. Switch to Mercurial source control. Update spec file for fedora packaging.
author Carl Byington <carl@five-ten-sg.com>
date Fri, 21 Mar 2008 14:02:32 -0700
parents 26c29da3fbdf
children ba0259c9e411
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
36
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
1 /*
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
2
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
3 Copyright (c) 2007 Carl Byington - 510 Software Group, released under
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
4 the GPL version 3 or any later version at your choice available at
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
5 http://www.gnu.org/licenses/gpl-3.0.txt
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
6
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
7 */
1
551433a01cab initial coding
carl
parents:
diff changeset
8
551433a01cab initial coding
carl
parents:
diff changeset
9
551433a01cab initial coding
carl
parents:
diff changeset
10 class SYSLOGCONFIG;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
11 class CONFIG;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
12
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
13 struct IPPAIR {
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
14 int first;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
15 int last;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
16 int cidr;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
17 };
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
18
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
19 class PATTERN {
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
20 char * pattern; // owned by the string table
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
21 regex_t re;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
22 int index; // zero based substring of the regex match that contains the ip address or hostname
4
2737ab01659a initial coding
carl
parents: 3
diff changeset
23 int amount; // count to add to the ip address leaky bucket
35
d2ceebcf6595 add message description in patterns
carl
parents: 27
diff changeset
24 char * message; // for logging, owned by the string table
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
25 public:
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
26 ~PATTERN();
35
d2ceebcf6595 add message description in patterns
carl
parents: 27
diff changeset
27 PATTERN(TOKEN &tok, char *pattern_, int index_, int amount_, char *msg_);
20
0d65c3de34fd add better logging
carl
parents: 9
diff changeset
28 bool process(char *buf, CONFIG &con, char *file_name, int pattern_index);
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
29 void dump(int level);
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
30 };
1
551433a01cab initial coding
carl
parents:
diff changeset
31
551433a01cab initial coding
carl
parents:
diff changeset
32 typedef SYSLOGCONFIG * SYSLOGCONFIGP;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
33 typedef PATTERN * PATTERNP;
1
551433a01cab initial coding
carl
parents:
diff changeset
34 typedef list<SYSLOGCONFIGP> syslogconfig_list;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
35 typedef list<IPPAIR> ippair_list;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
36 typedef list<PATTERNP> pattern_list;
2
6e88da080f08 initial coding
carl
parents: 1
diff changeset
37 const int buflen = 1024;
1
551433a01cab initial coding
carl
parents:
diff changeset
38
551433a01cab initial coding
carl
parents:
diff changeset
39 class SYSLOGCONFIG {
4
2737ab01659a initial coding
carl
parents: 3
diff changeset
40 TOKEN * tokp;
1
551433a01cab initial coding
carl
parents:
diff changeset
41 char * file_name; // name of the syslog file
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
42 pattern_list patterns; // owns the patterns
2
6e88da080f08 initial coding
carl
parents: 1
diff changeset
43 int fd;
4
2737ab01659a initial coding
carl
parents: 3
diff changeset
44 struct stat openfdstat;
2
6e88da080f08 initial coding
carl
parents: 1
diff changeset
45 int len; // bytes in the buffer
6e88da080f08 initial coding
carl
parents: 1
diff changeset
46 char buf[buflen];
1
551433a01cab initial coding
carl
parents:
diff changeset
47 public:
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
48 SYSLOGCONFIG(TOKEN &tok, char *file_name_);
1
551433a01cab initial coding
carl
parents:
diff changeset
49 ~SYSLOGCONFIG();
4
2737ab01659a initial coding
carl
parents: 3
diff changeset
50 bool failed() { return (fd == -1); };
2737ab01659a initial coding
carl
parents: 3
diff changeset
51 void open(bool msg);
2737ab01659a initial coding
carl
parents: 3
diff changeset
52 bool read(CONFIG &con);
2737ab01659a initial coding
carl
parents: 3
diff changeset
53 void close();
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
54 void add_pattern(PATTERNP pat);
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
55 void process(CONFIG &con);
1
551433a01cab initial coding
carl
parents:
diff changeset
56 void dump(int level);
551433a01cab initial coding
carl
parents:
diff changeset
57 };
551433a01cab initial coding
carl
parents:
diff changeset
58
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
59 class CONFIG {
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
60 public:
1
551433a01cab initial coding
carl
parents:
diff changeset
61 // the only mutable stuff once it has been loaded from the config file
551433a01cab initial coding
carl
parents:
diff changeset
62 int reference_count; // protected by the global config_mutex
551433a01cab initial coding
carl
parents:
diff changeset
63 // all the rest is constant after loading from the config file
551433a01cab initial coding
carl
parents:
diff changeset
64 int generation;
551433a01cab initial coding
carl
parents:
diff changeset
65 time_t load_time;
551433a01cab initial coding
carl
parents:
diff changeset
66 string_set config_files;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
67 int threshold;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
68 ippair_list ignore; // owns all the ippairs
27
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
69 char * add_command; // owned by the string table
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
70 char * remove_command; // ""
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
71 syslogconfig_list syslogconfigs; // owns all the syslogconfigs
1
551433a01cab initial coding
carl
parents:
diff changeset
72
551433a01cab initial coding
carl
parents:
diff changeset
73 CONFIG();
551433a01cab initial coding
carl
parents:
diff changeset
74 ~CONFIG();
27
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
75 void set_add(char *add) { add_command = add; };
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
76 void set_remove(char *remove) { remove_command = remove; };
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
77 void set_threshold(int threshold_) { threshold = threshold_; };
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
78 int get_threshold() { return threshold; };
2
6e88da080f08 initial coding
carl
parents: 1
diff changeset
79 void add_syslogconfig(SYSLOGCONFIGP con);
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
80 void add_pair(IPPAIR pair);
2
6e88da080f08 initial coding
carl
parents: 1
diff changeset
81 void dump();
6e88da080f08 initial coding
carl
parents: 1
diff changeset
82 void read();
4
2737ab01659a initial coding
carl
parents: 3
diff changeset
83 void sleep(int duration, time_t &previous);
36
6a2f26976898 shutdown removes iptables entries that we added
carl
parents: 35
diff changeset
84 void free_all();
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
85 bool looking(int ip);
1
551433a01cab initial coding
carl
parents:
diff changeset
86 };
551433a01cab initial coding
carl
parents:
diff changeset
87
551433a01cab initial coding
carl
parents:
diff changeset
88 void discard(string_set &s);
551433a01cab initial coding
carl
parents:
diff changeset
89 char* register_string(string_set &s, char *name);
551433a01cab initial coding
carl
parents:
diff changeset
90 char* register_string(char *name);
38
26c29da3fbdf shutdown removes iptables entries that we added
carl
parents: 36
diff changeset
91 void clear_strings();
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
92 int ip_address(char *have);
1
551433a01cab initial coding
carl
parents:
diff changeset
93 bool load_conf(CONFIG &dc, char *fn);
551433a01cab initial coding
carl
parents:
diff changeset
94 void token_init();
551433a01cab initial coding
carl
parents:
diff changeset
95
27
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
96 extern char *token_add;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
97 extern char *token_bucket;
1
551433a01cab initial coding
carl
parents:
diff changeset
98 extern char *token_file;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
99 extern char *token_ignore;
1
551433a01cab initial coding
carl
parents:
diff changeset
100 extern char *token_include;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
101 extern char *token_index;
1
551433a01cab initial coding
carl
parents:
diff changeset
102 extern char *token_lbrace;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
103 extern char *token_pattern;
1
551433a01cab initial coding
carl
parents:
diff changeset
104 extern char *token_rbrace;
27
28fec0c67646 make add/remove commands configureable
carl
parents: 20
diff changeset
105 extern char *token_remove;
1
551433a01cab initial coding
carl
parents:
diff changeset
106 extern char *token_semi;
3
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
107 extern char *token_slash;
8fe310e5cd44 initial coding
carl
parents: 2
diff changeset
108 extern char *token_threshold;
1
551433a01cab initial coding
carl
parents:
diff changeset
109