# HG changeset patch # User Carl Byington # Date 1206208704 25200 # Node ID 9e9f09cf411c0367ff716479b5f036877d00c72e # Parent f7e118192ee60a37fd5cf4ec63df4380af5bede5 Add fixes for Solaris from sm-archive. diff -r f7e118192ee6 -r 9e9f09cf411c ChangeLog --- a/ChangeLog Fri Mar 21 14:06:26 2008 -0700 +++ b/ChangeLog Sat Mar 22 10:58:24 2008 -0700 @@ -1,3 +1,6 @@ +1.10 2008-03-22 + Add fixes for Solaris from sm-archive. + 1.9 2008-03-21 Add default config to firewall systems that send bounces to non-existant accounts. Switch to Mercurial source control. diff -r f7e118192ee6 -r 9e9f09cf411c Makefile.am --- a/Makefile.am Fri Mar 21 14:06:26 2008 -0700 +++ b/Makefile.am Sat Mar 22 10:58:24 2008 -0700 @@ -1,3 +1,5 @@ +ACLOCAL_AMFLAGS = -I m4 + SUBDIRS = src man html info hackdir = $(sysconfdir) hack_SCRIPTS = syslog2iptables diff -r f7e118192ee6 -r 9e9f09cf411c Makefile.cvs --- a/Makefile.cvs Fri Mar 21 14:06:26 2008 -0700 +++ b/Makefile.cvs Sat Mar 22 10:58:24 2008 -0700 @@ -1,7 +1,7 @@ default: all all: - aclocal + aclocal -I m4 autoheader automake autoconf diff -r f7e118192ee6 -r 9e9f09cf411c NEWS --- a/NEWS Fri Mar 21 14:06:26 2008 -0700 +++ b/NEWS Sat Mar 22 10:58:24 2008 -0700 @@ -1,3 +1,4 @@ +1.10 2008-03-22 Add fixes for Solaris from sm-archive. 1.9 2008-03-21 Add default config for bounce floods; fedora packaging 1.8 2007-11-08 Allow shutdown to remove the iptables entries that we added. 1.7 2007-09-18 Add description in config file for each regular expression. diff -r f7e118192ee6 -r 9e9f09cf411c configure.in --- a/configure.in Fri Mar 21 14:06:26 2008 -0700 +++ b/configure.in Sat Mar 22 10:58:24 2008 -0700 @@ -1,6 +1,6 @@ AC_PREREQ(2.59) -AC_INIT(syslog2iptables,1.9,carl@five-ten-sg.com) +AC_INIT(syslog2iptables,1.10,carl@five-ten-sg.com) AC_CONFIG_SRCDIR([config.h.in]) AC_CONFIG_HEADER([config.h]) @@ -35,7 +35,7 @@ AC_FUNC_GETPGRP AC_HEADER_STDC AC_FUNC_STAT -AC_CHECK_FUNCS([gethostbyname inet_ntoa memchr memmove memset regcomp strdup strtol]) +AC_CHECK_FUNCS([daemon gethostbyname inet_ntoa memchr memmove memset regcomp strdup strtol]) AC_CONFIG_FILES([Makefile syslog2iptables.rc diff -r f7e118192ee6 -r 9e9f09cf411c m4/acx_pthread.m4 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/m4/acx_pthread.m4 Sat Mar 22 10:58:24 2008 -0700 @@ -0,0 +1,280 @@ +##### http://autoconf-archive.cryp.to/acx_pthread.html +# +# SYNOPSIS +# +# ACX_PTHREAD([ACTION-IF-FOUND[, ACTION-IF-NOT-FOUND]]) +# +# DESCRIPTION +# +# This macro figures out how to build C programs using POSIX threads. +# It sets the PTHREAD_LIBS output variable to the threads library and +# linker flags, and the PTHREAD_CFLAGS output variable to any special +# C compiler flags that are needed. (The user can also force certain +# compiler flags/libs to be tested by setting these environment +# variables.) +# +# Also sets PTHREAD_CC to any special C compiler that is needed for +# multi-threaded programs (defaults to the value of CC otherwise). +# (This is necessary on AIX to use the special cc_r compiler alias.) +# +# NOTE: You are assumed to not only compile your program with these +# flags, but also link it with them as well. e.g. you should link +# with $PTHREAD_CC $CFLAGS $PTHREAD_CFLAGS $LDFLAGS ... $PTHREAD_LIBS +# $LIBS +# +# If you are only building threads programs, you may wish to use +# these variables in your default LIBS, CFLAGS, and CC: +# +# LIBS="$PTHREAD_LIBS $LIBS" +# CFLAGS="$CFLAGS $PTHREAD_CFLAGS" +# CC="$PTHREAD_CC" +# +# In addition, if the PTHREAD_CREATE_JOINABLE thread-attribute +# constant has a nonstandard name, defines PTHREAD_CREATE_JOINABLE to +# that name (e.g. PTHREAD_CREATE_UNDETACHED on AIX). +# +# ACTION-IF-FOUND is a list of shell commands to run if a threads +# library is found, and ACTION-IF-NOT-FOUND is a list of commands to +# run it if it is not found. If ACTION-IF-FOUND is not specified, the +# default action will define HAVE_PTHREAD. +# +# Please let the authors know if this macro fails on any platform, or +# if you have any other suggestions or comments. This macro was based +# on work by SGJ on autoconf scripts for FFTW (http://www.fftw.org/) +# (with help from M. Frigo), as well as ac_pthread and hb_pthread +# macros posted by Alejandro Forero Cuervo to the autoconf macro +# repository. We are also grateful for the helpful feedback of +# numerous users. +# +# LAST MODIFICATION +# +# 2006-05-29 +# +# COPYLEFT +# +# Copyright (c) 2006 Steven G. Johnson +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2 of the +# License, or (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +# 02111-1307, USA. +# +# As a special exception, the respective Autoconf Macro's copyright +# owner gives unlimited permission to copy, distribute and modify the +# configure scripts that are the output of Autoconf when processing +# the Macro. You need not follow the terms of the GNU General Public +# License when using or distributing such scripts, even though +# portions of the text of the Macro appear in them. The GNU General +# Public License (GPL) does govern all other use of the material that +# constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the +# Autoconf Macro released by the Autoconf Macro Archive. When you +# make and distribute a modified version of the Autoconf Macro, you +# may extend this special exception to the GPL to apply to your +# modified version as well. + +AC_DEFUN([ACX_PTHREAD], [ +AC_REQUIRE([AC_CANONICAL_HOST]) +AC_LANG_SAVE +AC_LANG_C +acx_pthread_ok=no + +# We used to check for pthread.h first, but this fails if pthread.h +# requires special compiler flags (e.g. on True64 or Sequent). +# It gets checked for in the link test anyway. + +# First of all, check if the user has set any of the PTHREAD_LIBS, +# etcetera environment variables, and if threads linking works using +# them: +if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + AC_MSG_CHECKING([for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS]) + AC_TRY_LINK_FUNC(pthread_join, acx_pthread_ok=yes) + AC_MSG_RESULT($acx_pthread_ok) + if test x"$acx_pthread_ok" = xno; then + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" + fi + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" +fi + +# We must check for the threads library under a number of different +# names; the ordering is very important because some systems +# (e.g. DEC) have both -lpthread and -lpthreads, where one of the +# libraries is broken (non-POSIX). + +# Create a list of thread flags to try. Items starting with a "-" are +# C compiler flags, and other items are library names, except for "none" +# which indicates that we try without any flags at all, and "pthread-config" +# which is a program returning the flags for the Pth emulation library. + +acx_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" + +# The ordering *is* (sometimes) important. Some notes on the +# individual items follow: + +# pthreads: AIX (must check this before -lpthread) +# none: in case threads are in libc; should be tried before -Kthread and +# other compiler flags to prevent continual compiler warnings +# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) +# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) +# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) +# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) +# -pthreads: Solaris/gcc +# -mthreads: Mingw32/gcc, Lynx/gcc +# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it +# doesn't hurt to check since this sometimes defines pthreads too; +# also defines -D_REENTRANT) +# ... -mt is also the pthreads flag for HP/aCC +# pthread: Linux, etcetera +# --thread-safe: KAI C++ +# pthread-config: use pthread-config program (for GNU Pth library) + +case "${host_cpu}-${host_os}" in + *solaris*) + + # On Solaris (at least, for some versions), libc contains stubbed + # (non-functional) versions of the pthreads routines, so link-based + # tests will erroneously succeed. (We need to link with -pthreads/-mt/ + # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather + # a function called by this macro, so we could check for that, but + # who knows whether they'll stub that too in a future libc.) So, + # we'll just look for -pthreads and -lpthread first: + + acx_pthread_flags="-pthreads pthread -mt -pthread $acx_pthread_flags" + ;; +esac + +if test x"$acx_pthread_ok" = xno; then +for flag in $acx_pthread_flags; do + + case $flag in + none) + AC_MSG_CHECKING([whether pthreads work without any flags]) + ;; + + -*) + AC_MSG_CHECKING([whether pthreads work with $flag]) + PTHREAD_CFLAGS="$flag" + ;; + + pthread-config) + AC_CHECK_PROG(acx_pthread_config, pthread-config, yes, no) + if test x"$acx_pthread_config" = xno; then continue; fi + PTHREAD_CFLAGS="`pthread-config --cflags`" + PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" + ;; + + *) + AC_MSG_CHECKING([for the pthreads library -l$flag]) + PTHREAD_LIBS="-l$flag" + ;; + esac + + save_LIBS="$LIBS" + save_CFLAGS="$CFLAGS" + LIBS="$PTHREAD_LIBS $LIBS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + + # Check for various functions. We must include pthread.h, + # since some functions may be macros. (On the Sequent, we + # need a special flag -Kthread to make this header compile.) + # We check for pthread_join because it is in -lpthread on IRIX + # while pthread_create is in libc. We check for pthread_attr_init + # due to DEC craziness with -lpthreads. We check for + # pthread_cleanup_push because it is one of the few pthread + # functions on Solaris that doesn't have a non-functional libc stub. + # We try pthread_create on general principles. + AC_TRY_LINK([#include ], + [pthread_t th; pthread_join(th, 0); + pthread_attr_init(0); pthread_cleanup_push(0, 0); + pthread_create(0,0,0,0); pthread_cleanup_pop(0); ], + [acx_pthread_ok=yes]) + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + AC_MSG_RESULT($acx_pthread_ok) + if test "x$acx_pthread_ok" = xyes; then + break; + fi + + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" +done +fi + +# Various other checks: +if test "x$acx_pthread_ok" = xyes; then + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + + # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. + AC_MSG_CHECKING([for joinable pthread attribute]) + attr_name=unknown + for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do + AC_TRY_LINK([#include ], [int attr=$attr; return attr;], + [attr_name=$attr; break]) + done + AC_MSG_RESULT($attr_name) + if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then + AC_DEFINE_UNQUOTED(PTHREAD_CREATE_JOINABLE, $attr_name, + [Define to necessary symbol if this constant + uses a non-standard name on your system.]) + fi + + AC_MSG_CHECKING([if more special flags are required for pthreads]) + flag=no + case "${host_cpu}-${host_os}" in + *-aix* | *-freebsd* | *-darwin*) flag="-D_THREAD_SAFE";; + *solaris* | *-osf* | *-hpux*) flag="-D_REENTRANT";; + esac + AC_MSG_RESULT(${flag}) + if test "x$flag" != xno; then + PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" + fi + + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + # More AIX lossage: must compile with xlc_r or cc_r + if test x"$GCC" != xyes; then + AC_CHECK_PROGS(PTHREAD_CC, xlc_r cc_r, ${CC}) + else + PTHREAD_CC=$CC + fi +else + PTHREAD_CC="$CC" +fi + +AC_SUBST(PTHREAD_LIBS) +AC_SUBST(PTHREAD_CFLAGS) +AC_SUBST(PTHREAD_CC) + +# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: +if test x"$acx_pthread_ok" = xyes; then + ifelse([$1],,AC_DEFINE(HAVE_PTHREAD,1,[Define if you have POSIX threads libraries and header files.]),[$1]) + : +else + acx_pthread_ok=no + $2 +fi +AC_LANG_RESTORE +])dnl ACX_PTHREAD diff -r f7e118192ee6 -r 9e9f09cf411c src/Makefile.am --- a/src/Makefile.am Fri Mar 21 14:06:26 2008 -0700 +++ b/src/Makefile.am Sat Mar 22 10:58:24 2008 -0700 @@ -1,6 +1,7 @@ sbin_PROGRAMS = syslog2iptables syslog2iptables_SOURCES = syslog2iptables.cpp tokenizer.cpp tokenizer.h \ - includes.h syslogconfig.cpp syslogconfig.h syslog2iptables.h + includes.h syslogconfig.cpp syslogconfig.h syslog2iptables.h daemon.h +EXTRA_DIST = daemon.c # set the include path found by configure INCLUDES= $(all_includes) diff -r f7e118192ee6 -r 9e9f09cf411c src/daemon.c --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/daemon.c Sat Mar 22 10:58:24 2008 -0700 @@ -0,0 +1,61 @@ +/*Add by Sergey Shapovalov */ +#include +#include +#include +#include +#include +#include +#include + +/* closeall() -- close all FDs >= a specified value */ + +void closeall(int fd) +{ + int fdlimit = sysconf(_SC_OPEN_MAX); + + while (fd < fdlimit) + close(fd++); +} + +/* daemon() - detach process from user and disappear into the background + * returns -1 on failure, but you can't do much except exit in that case + * since we may already have forked. This is based on the BSD version, + * so the caller is responsible for things like the umask, etc. + */ + +/* believed to work on all Posix systems */ + +int daemon(int nochdir, int noclose) +{ + switch (fork()) + { + case 0: break; + case -1: return -1; + default: _exit(0); /* exit the original process */ + } + + if (setsid() < 0) /* shoudn't fail */ + return -1; + + /* dyke out this switch if you want to acquire a control tty in */ + /* the future -- not normally advisable for daemons */ + + switch (fork()) + { + case 0: break; + case -1: return -1; + default: _exit(0); + } + + if (!nochdir) + chdir("/"); + + if (!noclose) + { + closeall(0); + open("/dev/null",O_RDWR); + dup(0); dup(0); + } + + return 0; +} diff -r f7e118192ee6 -r 9e9f09cf411c src/daemon.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/src/daemon.h Sat Mar 22 10:58:24 2008 -0700 @@ -0,0 +1,23 @@ +/* + * File: daemon.h + * Author: shasn + * + * Created on 22 Декабрь 2006 г., 15:28 + */ + +#ifndef _daemon_H +#define _daemon_H + +#ifdef __cplusplus +extern "C" { +#endif + +int daemon(int nochdir, int noclose); + + +#ifdef __cplusplus +} +#endif + +#endif /* _daemon_H */ + diff -r f7e118192ee6 -r 9e9f09cf411c src/syslog2iptables.cpp --- a/src/syslog2iptables.cpp Fri Mar 21 14:06:26 2008 -0700 +++ b/src/syslog2iptables.cpp Sat Mar 22 10:58:24 2008 -0700 @@ -23,6 +23,11 @@ #include /* header for waitpid() and various macros */ #include /* header for signal functions */ +#ifndef HAVE_DAEMON + #include "daemon.h" + #include "daemon.c" +#endif + extern "C" { void sigchld(int sig); void sigterm(int sig); diff -r f7e118192ee6 -r 9e9f09cf411c xml/syslog2iptables.in --- a/xml/syslog2iptables.in Fri Mar 21 14:06:26 2008 -0700 +++ b/xml/syslog2iptables.in Sat Mar 22 10:58:24 2008 -0700 @@ -7,6 +7,13 @@ The most recent documentation is available at http://www.five-ten-sg.com/@PACKAGE@/ + + A Mercurial source + code repository for this project is available at http://hg.five-ten-sg.com/@PACKAGE@/. + +