view src/syslogconfig.h @ 42:d9ae11033b4b stable-1-9

Add default config to firewall systems that send bounces to non-existant accounts. Switch to Mercurial source control. Update spec file for fedora packaging.
author Carl Byington <carl@five-ten-sg.com>
date Fri, 21 Mar 2008 14:02:32 -0700
parents 26c29da3fbdf
children ba0259c9e411
line wrap: on
line source

/*

Copyright (c) 2007 Carl Byington - 510 Software Group, released under
the GPL version 3 or any later version at your choice available at
http://www.gnu.org/licenses/gpl-3.0.txt

*/


class SYSLOGCONFIG;
class CONFIG;

struct IPPAIR {
	int first;
	int last;
	int cidr;
};

class PATTERN {
	char *			pattern;	// owned by the string table
	regex_t 		re;
	int 			index;		// zero based substring of the regex match that contains the ip address or hostname
	int 			amount; 	// count to add to the ip address leaky bucket
	char *			message;	// for logging, owned by the string table
public:
	~PATTERN();
	PATTERN(TOKEN &tok, char *pattern_, int index_, int amount_, char *msg_);
	bool	process(char *buf, CONFIG &con, char *file_name, int pattern_index);
	void	dump(int level);
};

typedef SYSLOGCONFIG *			SYSLOGCONFIGP;
typedef PATTERN *				PATTERNP;
typedef list<SYSLOGCONFIGP> 	syslogconfig_list;
typedef list<IPPAIR>			ippair_list;
typedef list<PATTERNP>			pattern_list;
const int buflen = 1024;

class SYSLOGCONFIG {
	TOKEN * 		tokp;
	char *			file_name;	// name of the syslog file
	pattern_list	patterns;	// owns the patterns
	int 			fd;
	struct stat 	openfdstat;
	int 			len;		// bytes in the buffer
	char			buf[buflen];
public:
	SYSLOGCONFIG(TOKEN &tok, char *file_name_);
	~SYSLOGCONFIG();
	bool	failed()	{ return (fd == -1); };
	void	open(bool msg);
	bool	read(CONFIG &con);
	void	close();
	void	add_pattern(PATTERNP pat);
	void	process(CONFIG &con);
	void	dump(int level);
};

class CONFIG {
public:
	// the only mutable stuff once it has been loaded from the config file
	int 				reference_count;	// protected by the global config_mutex
	// all the rest is constant after loading from the config file
	int 				generation;
	time_t				load_time;
	string_set			config_files;
	int 				threshold;
	ippair_list 		ignore; 			// owns all the ippairs
	char *				add_command;		// owned by the string table
	char *				remove_command; 	// ""
	syslogconfig_list	syslogconfigs;		// owns all the syslogconfigs

	CONFIG();
	~CONFIG();
	void	set_add(char *add)				{ add_command	 = add; 	   };
	void	set_remove(char *remove)		{ remove_command = remove;	   };
	void	set_threshold(int threshold_)	{ threshold 	 = threshold_; };
	int 	get_threshold() 				{ return threshold; 		   };
	void	add_syslogconfig(SYSLOGCONFIGP con);
	void	add_pair(IPPAIR pair);
	void	dump();
	void	read();
	void	sleep(int duration, time_t &previous);
    void    free_all();
	bool	looking(int ip);
};

void discard(string_set &s);
char* register_string(string_set &s, char *name);
char* register_string(char *name);
void  clear_strings();
int   ip_address(char *have);
bool  load_conf(CONFIG &dc, char *fn);
void  token_init();

extern char *token_add;
extern char *token_bucket;
extern char *token_file;
extern char *token_ignore;
extern char *token_include;
extern char *token_index;
extern char *token_lbrace;
extern char *token_pattern;
extern char *token_rbrace;
extern char *token_remove;
extern char *token_semi;
extern char *token_slash;
extern char *token_threshold;