Mercurial > syslog2iptables
view src/syslogconfig.h @ 35:d2ceebcf6595 stable-1-7
add message description in patterns
author | carl |
---|---|
date | Tue, 18 Sep 2007 09:54:22 -0700 |
parents | 28fec0c67646 |
children | 6a2f26976898 |
line wrap: on
line source
/*************************************************************************** * Copyright (C) 2005 by 510 Software Group * * * * * * This program is free software; you can redistribute it and/or modify * * it under the terms of the GNU General Public License as published by * * the Free Software Foundation; either version 2 of the License, or * * (at your option) any later version. * * * * This program is distributed in the hope that it will be useful, * * but WITHOUT ANY WARRANTY; without even the implied warranty of * * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * * GNU General Public License for more details. * * * * You should have received a copy of the GNU General Public License * * along with this program; if not, write to the * * Free Software Foundation, Inc., * * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * ***************************************************************************/ class SYSLOGCONFIG; class CONFIG; struct IPPAIR { int first; int last; int cidr; }; class PATTERN { char * pattern; // owned by the string table regex_t re; int index; // zero based substring of the regex match that contains the ip address or hostname int amount; // count to add to the ip address leaky bucket char * message; // for logging, owned by the string table public: ~PATTERN(); PATTERN(TOKEN &tok, char *pattern_, int index_, int amount_, char *msg_); bool process(char *buf, CONFIG &con, char *file_name, int pattern_index); void dump(int level); }; typedef SYSLOGCONFIG * SYSLOGCONFIGP; typedef PATTERN * PATTERNP; typedef list<SYSLOGCONFIGP> syslogconfig_list; typedef list<IPPAIR> ippair_list; typedef list<PATTERNP> pattern_list; const int buflen = 1024; class SYSLOGCONFIG { TOKEN * tokp; char * file_name; // name of the syslog file pattern_list patterns; // owns the patterns int fd; struct stat openfdstat; int len; // bytes in the buffer char buf[buflen]; public: SYSLOGCONFIG(TOKEN &tok, char *file_name_); ~SYSLOGCONFIG(); bool failed() { return (fd == -1); }; void open(bool msg); bool read(CONFIG &con); void close(); void add_pattern(PATTERNP pat); void process(CONFIG &con); void dump(int level); }; class CONFIG { public: // the only mutable stuff once it has been loaded from the config file int reference_count; // protected by the global config_mutex // all the rest is constant after loading from the config file int generation; time_t load_time; string_set config_files; int threshold; ippair_list ignore; // owns all the ippairs char * add_command; // owned by the string table char * remove_command; // "" syslogconfig_list syslogconfigs; // owns all the syslogconfigs CONFIG(); ~CONFIG(); void set_add(char *add) { add_command = add; }; void set_remove(char *remove) { remove_command = remove; }; void set_threshold(int threshold_) { threshold = threshold_; }; int get_threshold() { return threshold; }; void add_syslogconfig(SYSLOGCONFIGP con); void add_pair(IPPAIR pair); void dump(); void read(); void sleep(int duration, time_t &previous); bool looking(int ip); }; void discard(string_set &s); char* register_string(string_set &s, char *name); char* register_string(char *name); int ip_address(char *have); bool load_conf(CONFIG &dc, char *fn); void token_init(); extern char *token_add; extern char *token_bucket; extern char *token_file; extern char *token_ignore; extern char *token_include; extern char *token_index; extern char *token_lbrace; extern char *token_pattern; extern char *token_rbrace; extern char *token_remove; extern char *token_semi; extern char *token_slash; extern char *token_threshold;