diff options
Diffstat (limited to 'contrib/ipfilter/lib')
| -rw-r--r-- | contrib/ipfilter/lib/Makefile | 68 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/alist_free.c | 20 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/alist_new.c | 64 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/load_file.c | 88 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/load_http.c | 182 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/load_url.c | 31 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/printhash_live.c | 77 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/printhashdata.c | 112 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/printpool_live.c | 78 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/printpooldata.c | 78 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/printproto.c | 4 | ||||
| -rw-r--r-- | contrib/ipfilter/lib/printtqtable.c | 25 |
12 files changed, 795 insertions, 32 deletions
diff --git a/contrib/ipfilter/lib/Makefile b/contrib/ipfilter/lib/Makefile index 3dcf3a1..b0d5052 100644 --- a/contrib/ipfilter/lib/Makefile +++ b/contrib/ipfilter/lib/Makefile @@ -1,7 +1,16 @@ +# +# Copyright (C) 1993-2001 by Darren Reed. +# +# See the IPFILTER.LICENCE file for details on licencing. +# +# $Id: Makefile,v 1.41.2.13 2007/05/10 06:02:19 darrenr Exp $ +# INCDEP=$(TOP)/ip_compat.h $(TOP)/ip_fil.h $(TOP)/ipf.h LIBOBJS=$(DEST)/addicmp.o \ $(DEST)/addipopt.o \ + $(DEST)/alist_free.o \ + $(DEST)/alist_new.o \ $(DEST)/bcopywrap.o \ $(DEST)/binprint.o \ $(DEST)/buildopts.o \ @@ -9,23 +18,17 @@ LIBOBJS=$(DEST)/addicmp.o \ $(DEST)/count6bits.o \ $(DEST)/count4bits.o \ $(DEST)/debug.o \ - $(DEST)/extras.o \ $(DEST)/facpri.o \ $(DEST)/flags.o \ $(DEST)/fill6bits.o \ - $(DEST)/genmask.o \ $(DEST)/gethost.o \ $(DEST)/getifname.o \ - $(DEST)/getline.o \ $(DEST)/getnattype.o \ $(DEST)/getport.o \ $(DEST)/getportproto.o \ $(DEST)/getproto.o \ $(DEST)/getsumd.o \ - $(DEST)/hexdump.o \ - $(DEST)/hostmask.o \ $(DEST)/hostname.o \ - $(DEST)/hostnum.o \ $(DEST)/icmpcode.o \ $(DEST)/inet_addr.o \ $(DEST)/initparse.o \ @@ -41,11 +44,13 @@ LIBOBJS=$(DEST)/addicmp.o \ $(DEST)/kmem.o \ $(DEST)/kmemcpywrap.o \ $(DEST)/kvatoname.o \ + $(DEST)/load_file.o \ $(DEST)/load_hash.o \ $(DEST)/load_hashnode.o \ + $(DEST)/load_http.o \ $(DEST)/load_pool.o \ $(DEST)/load_poolnode.o \ - $(DEST)/loglevel.o \ + $(DEST)/load_url.o \ $(DEST)/mutex_emul.o \ $(DEST)/nametokva.o \ $(DEST)/nat_setgroupmap.o \ @@ -55,17 +60,19 @@ LIBOBJS=$(DEST)/addicmp.o \ $(DEST)/optprintv6.o \ $(DEST)/optvalue.o \ $(DEST)/portname.o \ - $(DEST)/portnum.o \ - $(DEST)/ports.o \ $(DEST)/print_toif.o \ $(DEST)/printactivenat.o \ $(DEST)/printaps.o \ $(DEST)/printbuf.o \ $(DEST)/printhash.o \ + $(DEST)/printhashdata.o \ $(DEST)/printhashnode.o \ + $(DEST)/printhash_live.o \ $(DEST)/printip.o \ $(DEST)/printpool.o \ + $(DEST)/printpooldata.o \ $(DEST)/printpoolnode.o \ + $(DEST)/printpool_live.o \ $(DEST)/printproto.o \ $(DEST)/printfr.o \ $(DEST)/printfraginfo.o \ @@ -80,9 +87,8 @@ LIBOBJS=$(DEST)/addicmp.o \ $(DEST)/printpacket6.o \ $(DEST)/printsbuf.o \ $(DEST)/printstate.o \ + $(DEST)/printtqtable.o \ $(DEST)/printtunable.o \ - $(DEST)/ratoi.o \ - $(DEST)/ratoui.o \ $(DEST)/remove_hash.o \ $(DEST)/remove_hashnode.o \ $(DEST)/remove_pool.o \ @@ -91,7 +97,6 @@ LIBOBJS=$(DEST)/addicmp.o \ $(DEST)/rwlock_emul.o \ $(DEST)/tcpflags.o \ $(DEST)/tcp_flags.o \ - $(DEST)/to_interface.o \ $(DEST)/var.o \ $(DEST)/verbose.o \ $(DEST)/v6ionames.o \ @@ -106,6 +111,10 @@ $(DEST)/addicmp.o: $(LIBSRC)/addicmp.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/addicmp.c -o $@ $(DEST)/addipopt.o: $(LIBSRC)/addipopt.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/addipopt.c -o $@ +$(DEST)/alist_free.o: $(LIBSRC)/alist_free.c $(INCDEP) + $(CC) $(CCARGS) -c $(LIBSRC)/alist_free.c -o $@ +$(DEST)/alist_new.o: $(LIBSRC)/alist_new.c $(INCDEP) + $(CC) $(CCARGS) -c $(LIBSRC)/alist_new.c -o $@ $(DEST)/bcopywrap.o: $(LIBSRC)/bcopywrap.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/bcopywrap.c -o $@ $(DEST)/binprint.o: $(LIBSRC)/binprint.c $(INCDEP) @@ -120,16 +129,12 @@ $(DEST)/count4bits.o: $(LIBSRC)/count4bits.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/count4bits.c -o $@ $(DEST)/debug.o: $(LIBSRC)/debug.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/debug.c -o $@ -$(DEST)/extras.o: $(LIBSRC)/extras.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/extras.c -o $@ $(DEST)/facpri.o: $(LIBSRC)/facpri.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/facpri.c -o $@ $(DEST)/fill6bits.o: $(LIBSRC)/fill6bits.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/fill6bits.c -o $@ $(DEST)/flags.o: $(LIBSRC)/flags.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/flags.c -o $@ -$(DEST)/genmask.o: $(LIBSRC)/genmask.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/genmask.c -o $@ $(DEST)/getline.o: $(LIBSRC)/getline.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/getline.c -o $@ $(DEST)/gethost.o: $(LIBSRC)/gethost.c $(INCDEP) @@ -146,14 +151,8 @@ $(DEST)/getproto.o: $(LIBSRC)/getproto.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/getproto.c -o $@ $(DEST)/getsumd.o: $(LIBSRC)/getsumd.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/getsumd.c -o $@ -$(DEST)/hexdump.o: $(LIBSRC)/hexdump.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/hexdump.c -o $@ -$(DEST)/hostmask.o: $(LIBSRC)/hostmask.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/hostmask.c -o $@ $(DEST)/hostname.o: $(LIBSRC)/hostname.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/hostname.c -o $@ -$(DEST)/hostnum.o: $(LIBSRC)/hostnum.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/hostnum.c -o $@ $(DEST)/icmpcode.o: $(LIBSRC)/icmpcode.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/icmpcode.c -o $@ $(DEST)/ipoptsec.o: $(LIBSRC)/ipoptsec.c $(INCDEP) @@ -184,14 +183,20 @@ $(DEST)/kmemcpywrap.o: $(LIBSRC)/kmemcpywrap.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/kmemcpywrap.c -o $@ $(DEST)/kvatoname.o: $(LIBSRC)/kvatoname.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/kvatoname.c -o $@ +$(DEST)/load_file.o: $(LIBSRC)/load_file.c $(INCDEP) + $(CC) $(CCARGS) -c $(LIBSRC)/load_file.c -o $@ $(DEST)/load_hash.o: $(LIBSRC)/load_hash.c $(INCDEP) $(TOP)/ip_htable.h $(CC) $(CCARGS) -c $(LIBSRC)/load_hash.c -o $@ $(DEST)/load_hashnode.o: $(LIBSRC)/load_hashnode.c $(INCDEP) $(TOP)/ip_htable.h $(CC) $(CCARGS) -c $(LIBSRC)/load_hashnode.c -o $@ +$(DEST)/load_http.o: $(LIBSRC)/load_http.c $(INCDEP) + $(CC) $(CCARGS) -c $(LIBSRC)/load_http.c -o $@ $(DEST)/load_pool.o: $(LIBSRC)/load_pool.c $(INCDEP) $(TOP)/ip_pool.h $(CC) $(CCARGS) -c $(LIBSRC)/load_pool.c -o $@ $(DEST)/load_poolnode.o: $(LIBSRC)/load_poolnode.c $(INCDEP) $(TOP)/ip_pool.h $(CC) $(CCARGS) -c $(LIBSRC)/load_poolnode.c -o $@ +$(DEST)/load_url.o: $(LIBSRC)/load_url.c $(INCDEP) + $(CC) $(CCARGS) -c $(LIBSRC)/load_url.c -o $@ $(DEST)/make_range.o: $(LIBSRC)/make_range.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/make_range.c -o $@ $(DEST)/mutex_emul.o: $(LIBSRC)/mutex_emul.c $(INCDEP) @@ -203,8 +208,6 @@ $(DEST)/nat_setgroupmap.o: $(LIBSRC)/nat_setgroupmap.c $(TOP)/ip_compat.h \ $(CC) $(CCARGS) -c $(LIBSRC)/nat_setgroupmap.c -o $@ $(DEST)/ntomask.o: $(LIBSRC)/ntomask.c $(TOP)/ip_compat.h $(CC) $(CCARGS) -c $(LIBSRC)/ntomask.c -o $@ -$(DEST)/loglevel.o: $(LIBSRC)/loglevel.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/loglevel.c -o $@ $(DEST)/optname.o: $(LIBSRC)/optname.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/optname.c -o $@ $(DEST)/optprint.o: $(LIBSRC)/optprint.c $(INCDEP) @@ -233,16 +236,25 @@ $(DEST)/printfraginfo.o: $(LIBSRC)/printfraginfo.c $(TOP)/ip_fil.h $(CC) $(CCARGS) -c $(LIBSRC)/printfraginfo.c -o $@ $(DEST)/printhash.o: $(LIBSRC)/printhash.c $(TOP)/ip_fil.h $(TOP)/ip_htable.h $(CC) $(CCARGS) -c $(LIBSRC)/printhash.c -o $@ +$(DEST)/printhashdata.o: $(LIBSRC)/printhash.c $(TOP)/ip_fil.h $(TOP)/ip_htable.h + $(CC) $(CCARGS) -c $(LIBSRC)/printhashdata.c -o $@ $(DEST)/printhashnode.o: $(LIBSRC)/printhashnode.c $(TOP)/ip_fil.h \ $(TOP)/ip_htable.h $(TOP)/ip_lookup.h $(CC) $(CCARGS) -c $(LIBSRC)/printhashnode.c -o $@ +$(DEST)/printhash_live.o: $(LIBSRC)/printhash_live.c $(TOP)/ip_fil.h $(TOP)/ip_htable.h + $(CC) $(CCARGS) -c $(LIBSRC)/printhash_live.c -o $@ $(DEST)/printip.o: $(LIBSRC)/printip.c $(TOP)/ip_fil.h $(CC) $(CCARGS) -c $(LIBSRC)/printip.c -o $@ $(DEST)/printpool.o: $(LIBSRC)/printpool.c $(TOP)/ip_fil.h $(TOP)/ip_pool.h $(CC) $(CCARGS) -c $(LIBSRC)/printpool.c -o $@ +$(DEST)/printpooldata.o: $(LIBSRC)/printpooldata.c $(TOP)/ip_fil.h $(TOP)/ip_pool.h + $(CC) $(CCARGS) -c $(LIBSRC)/printpooldata.c -o $@ $(DEST)/printpoolnode.o: $(LIBSRC)/printpoolnode.c $(TOP)/ip_fil.h \ $(TOP)/ip_pool.h $(TOP)/ip_lookup.h $(CC) $(CCARGS) -c $(LIBSRC)/printpoolnode.c -o $@ +$(DEST)/printpool_live.o: $(LIBSRC)/printpool_live.c $(TOP)/ip_fil.h \ + $(TOP)/ip_pool.h $(TOP)/ip_lookup.h + $(CC) $(CCARGS) -c $(LIBSRC)/printpool_live.c -o $@ $(DEST)/printproto.o: $(LIBSRC)/printproto.c $(TOP)/ip_fil.h $(CC) $(CCARGS) -c $(LIBSRC)/printproto.c -o $@ $(DEST)/printhostmap.o: $(LIBSRC)/printhostmap.c $(TOP)/ip_fil.h @@ -267,12 +279,10 @@ $(DEST)/printsbuf.o: $(LIBSRC)/printsbuf.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/printsbuf.c -o $@ $(DEST)/printstate.o: $(LIBSRC)/printstate.c $(INCDEP) $(TOP)/ip_state.h $(CC) $(CCARGS) -c $(LIBSRC)/printstate.c -o $@ +$(DEST)/printtqtable.o: $(LIBSRC)/printtqtable.c $(INCDEP) + $(CC) $(CCARGS) -c $(LIBSRC)/printtqtable.c -o $@ $(DEST)/printtunable.o: $(LIBSRC)/printtunable.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/printtunable.c -o $@ -$(DEST)/ratoi.o: $(LIBSRC)/ratoi.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/ratoi.c -o $@ -$(DEST)/ratoui.o: $(LIBSRC)/ratoui.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/ratoui.c -o $@ $(DEST)/remove_hash.o: $(LIBSRC)/remove_hash.c $(INCDEP) \ $(TOP)/ip_htable.h $(CC) $(CCARGS) -c $(LIBSRC)/remove_hash.c -o $@ @@ -289,8 +299,6 @@ $(DEST)/resetlexer.o: $(LIBSRC)/resetlexer.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/resetlexer.c -o $@ $(DEST)/rwlock_emul.o: $(LIBSRC)/rwlock_emul.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/rwlock_emul.c -o $@ -$(DEST)/to_interface.o: $(LIBSRC)/to_interface.c $(INCDEP) - $(CC) $(CCARGS) -c $(LIBSRC)/to_interface.c -o $@ $(DEST)/tcpflags.o: $(LIBSRC)/tcpflags.c $(INCDEP) $(CC) $(CCARGS) -c $(LIBSRC)/tcpflags.c -o $@ $(DEST)/tcp_flags.o: $(LIBSRC)/tcp_flags.c $(INCDEP) diff --git a/contrib/ipfilter/lib/alist_free.c b/contrib/ipfilter/lib/alist_free.c new file mode 100644 index 0000000..3c1a518 --- /dev/null +++ b/contrib/ipfilter/lib/alist_free.c @@ -0,0 +1,20 @@ +/* + * Copyright (C) 2006 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + * + * $Id: alist_free.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp $ + */ +#include "ipf.h" + +void +alist_free(hosts) +alist_t *hosts; +{ + alist_t *a, *next; + + for (a = hosts; a != NULL; a = next) { + next = a->al_next; + free(a); + } +} diff --git a/contrib/ipfilter/lib/alist_new.c b/contrib/ipfilter/lib/alist_new.c new file mode 100644 index 0000000..72da866 --- /dev/null +++ b/contrib/ipfilter/lib/alist_new.c @@ -0,0 +1,64 @@ +/* + * Copyright (C) 2006 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + * + * $Id: alist_new.c,v 1.1.2.2 2006/08/25 22:43:21 darrenr Exp $ + */ + +#include "ipf.h" + +alist_t * +alist_new(int v, char *host) +{ + int a, b, c, d, bits; + char *slash; + alist_t *al; + u_int mask; + + al = calloc(1, sizeof(*al)); + if (al == NULL) { + fprintf(stderr, "alist_new out of memory\n"); + return NULL; + } + + bits = -1; + slash = strchr(host, '/'); + if (slash != NULL) { + *slash = '\0'; + bits = atoi(slash + 1); + } + + a = b = c = d = -1; + sscanf(host, "%d.%d.%d.%d", &a, &b, &c, &d); + + if (bits > 0 && bits < 33) { + mask = 0xffffffff << (32 - bits); + } else if (b == -1) { + mask = 0xff000000; + b = c = d = 0; + } else if (c == -1) { + mask = 0xffff0000; + c = d = 0; + } else if (d == -1) { + mask = 0xffffff00; + d = 0; + } else { + mask = 0xffffffff; + } + + if (*host == '!') { + al->al_not = 1; + host++; + } + + if (gethost(host, &al->al_addr) == -1) { + *slash = '/'; + fprintf(stderr, "Cannot parse hostname\n"); + free(al); + return NULL; + } + al->al_mask = htonl(mask); + *slash = '/'; + return al; +} diff --git a/contrib/ipfilter/lib/load_file.c b/contrib/ipfilter/lib/load_file.c new file mode 100644 index 0000000..9bb3899 --- /dev/null +++ b/contrib/ipfilter/lib/load_file.c @@ -0,0 +1,88 @@ +/* + * Copyright (C) 2006 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + * + * $Id: load_file.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp $ + */ + +#include "ipf.h" + +alist_t * +load_file(char *filename) +{ + alist_t *a, *rtop, *rbot; + char *s, line[1024], *t; + int linenum, not; + FILE *fp; + + fp = fopen(filename + 7, "r"); + if (fp == NULL) { + fprintf(stderr, "load_file cannot open '%s'\n", filename); + return NULL; + } + + a = NULL; + rtop = NULL; + rbot = NULL; + linenum = 0; + + while (fgets(line, sizeof(line) - 1, fp)) { + line[sizeof(line) - 1] = '\0'; + linenum++; + /* + * Hunt for CR/LF. If no LF, stop processing. + */ + s = strchr(line, '\n'); + if (s == NULL) { + fprintf(stderr, "%d:%s: line too long\n", linenum, filename); + fclose(fp); + alist_free(rtop); + return NULL; + } + + *s = '\0'; + s = strchr(line, '\r'); + if (s != NULL) + *s = '\0'; + for (t = line; isspace(*t); t++) + ; + if (*t == '!') { + not = 1; + t++; + } else + not = 0; + + /* + * Remove comment markers + */ + for (s = t; *s; s++) { + if (*s == '#') + *s = '\0'; + } + if (!*t) + continue; + /* + * Trim off tailing white spaces + */ + s = strlen(t) + t - 1; + while (isspace(*s)) + *s-- = '\0'; + + if (isdigit(*t)) { + a = alist_new(4, t); + a->al_not = not; + if (rbot != NULL) + rbot->al_next = a; + else + rtop = a; + rbot = a; + } else { + fprintf(stderr, "%s: unrecognised content line %d\n", + filename, linenum); + } + } + fclose(fp); + + return rtop; +} diff --git a/contrib/ipfilter/lib/load_http.c b/contrib/ipfilter/lib/load_http.c new file mode 100644 index 0000000..164b8b4 --- /dev/null +++ b/contrib/ipfilter/lib/load_http.c @@ -0,0 +1,182 @@ +/* + * Copyright (C) 2006 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + * + * $Id: load_http.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp $ + */ + +#include "ipf.h" + +/* + * Format expected is one addres per line, at the start of each line. + */ +alist_t * +load_http(char *url) +{ + int fd, len, left, port, endhdr, removed; + char *s, *t, *u, buffer[1024], *myurl; + alist_t *a, *rtop, *rbot; + struct sockaddr_in sin; + struct hostent *host; + + /* + * More than this would just be absurd. + */ + if (strlen(url) > 512) { + fprintf(stderr, "load_http has a URL > 512 bytes?!\n"); + return NULL; + } + + fd = -1; + rtop = NULL; + rbot = NULL; + + sprintf(buffer, "GET %s HTTP/1.0\r\n", url); + + myurl = strdup(url); + if (myurl == NULL) + goto done; + + s = myurl + 7; /* http:// */ + t = strchr(s, '/'); + if (t == NULL) { + fprintf(stderr, "load_http has a malformed URL '%s'\n", url); + free(myurl); + return NULL; + } + *t++ = '\0'; + + u = strchr(s, '@'); + if (u != NULL) + s = u + 1; /* AUTH */ + + sprintf(buffer + strlen(buffer), "Host: %s\r\n\r\n", s); + + u = strchr(s, ':'); + if (u != NULL) { + *u++ = '\0'; + port = atoi(u); + if (port < 0 || port > 65535) + goto done; + } else { + port = 80; + } + + memset(&sin, 0, sizeof(sin)); + sin.sin_family = AF_INET; + sin.sin_port = htons(port); + + if (isdigit(*s)) { + if (inet_aton(s, &sin.sin_addr) == -1) { + goto done; + } + } else { + host = gethostbyname(s); + if (host == NULL) + goto done; + memcpy(&sin.sin_addr, host->h_addr_list[0], + sizeof(sin.sin_addr)); + } + + fd = socket(AF_INET, SOCK_STREAM, 0); + if (fd == -1) + goto done; + + if (connect(fd, (struct sockaddr *)&sin, sizeof(sin)) == -1) { + close(fd); + goto done; + } + + len = strlen(buffer); + if (write(fd, buffer, len) != len) { + close(fd); + goto done; + } + + s = buffer; + endhdr = 0; + left = sizeof(buffer) - 1; + + while ((len = read(fd, s, left)) > 0) { + s[len] = '\0'; + left -= len; + s += len; + + if (endhdr >= 0) { + if (endhdr == 0) { + t = strchr(buffer, ' '); + if (t == NULL) + continue; + t++; + if (*t != '2') + break; + } + + u = buffer; + while ((t = strchr(u, '\r')) != NULL) { + if (t == u) { + if (*(t + 1) == '\n') { + u = t + 2; + endhdr = -1; + break; + } else + t++; + } else if (*(t + 1) == '\n') { + endhdr++; + u = t + 2; + } else + u = t + 1; + } + if (endhdr >= 0) + continue; + removed = (u - buffer) + 1; + memmove(buffer, u, (sizeof(buffer) - left) - removed); + s -= removed; + left += removed; + } + + do { + t = strchr(buffer, '\n'); + if (t == NULL) + break; + + *t++ = '\0'; + for (u = buffer; isdigit(*u) || (*u == '.'); u++) + ; + if (*u == '/') { + char *slash; + + slash = u; + u++; + while (isdigit(*u)) + u++; + if (!isspace(*u) && *u) + u = slash; + } + *u = '\0'; + + a = alist_new(4, buffer); + if (a != NULL) { + if (rbot != NULL) + rbot->al_next = a; + else + rtop = a; + rbot = a; + } + + removed = t - buffer; + memmove(buffer, t, sizeof(buffer) - left - removed); + s -= removed; + left += removed; + + } while (1); + } + +done: + if (myurl != NULL) + free(myurl); + if (fd != -1) + close(fd); + return rtop; +} diff --git a/contrib/ipfilter/lib/load_url.c b/contrib/ipfilter/lib/load_url.c new file mode 100644 index 0000000..7709153 --- /dev/null +++ b/contrib/ipfilter/lib/load_url.c @@ -0,0 +1,31 @@ +/* + * Copyright (C) 2006 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + * + * $Id: load_url.c,v 1.1.2.1 2006/08/25 21:13:04 darrenr Exp $ + */ + +#include "ipf.h" + +alist_t * +load_url(char *url) +{ + alist_t *hosts = NULL; + + if (strncmp(url, "file://", 7) == 0) { + /* + * file:///etc/passwd + * ^------------s + */ + hosts = load_file(url); + + } else if (*url == '/' || *url == '.') { + hosts = load_file(url); + + } else if (strncmp(url, "http://", 7) == 0) { + hosts = load_http(url); + } + + return hosts; +} diff --git a/contrib/ipfilter/lib/printhash_live.c b/contrib/ipfilter/lib/printhash_live.c new file mode 100644 index 0000000..1afe632 --- /dev/null +++ b/contrib/ipfilter/lib/printhash_live.c @@ -0,0 +1,77 @@ +/* + * Copyright (C) 2002 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + */ + +#include <sys/ioctl.h> +#include "ipf.h" +#include "netinet/ipl.h" + +#define PRINTF (void)printf +#define FPRINTF (void)fprintf + + +iphtable_t *printhash_live(hp, fd, name, opts) +iphtable_t *hp; +int fd; +char *name; +int opts; +{ + iphtent_t entry, *top, *node; + ipflookupiter_t iter; + int printed, last; + ipfobj_t obj; + + if ((name != NULL) && strncmp(name, hp->iph_name, FR_GROUPLEN)) + return hp->iph_next; + + printhashdata(hp, opts); + + if ((hp->iph_flags & IPHASH_DELETE) != 0) + PRINTF("# "); + + if ((opts & OPT_DEBUG) == 0) + PRINTF("\t{"); + + obj.ipfo_rev = IPFILTER_VERSION; + obj.ipfo_type = IPFOBJ_LOOKUPITER; + obj.ipfo_ptr = &iter; + obj.ipfo_size = sizeof(iter); + + iter.ili_data = &entry; + iter.ili_type = IPLT_HASH; + iter.ili_otype = IPFLOOKUPITER_NODE; + iter.ili_ival = IPFGENITER_LOOKUP; + iter.ili_unit = hp->iph_unit; + strncpy(iter.ili_name, hp->iph_name, FR_GROUPLEN); + + last = 0; + top = NULL; + printed = 0; + + while (!last && (ioctl(fd, SIOCLOOKUPITER, &obj) == 0)) { + if (entry.ipe_next == NULL) + last = 1; + entry.ipe_next = top; + top = malloc(sizeof(*top)); + if (top == NULL) + break; + bcopy(&entry, top, sizeof(entry)); + } + + while (top != NULL) { + node = top; + (void) printhashnode(hp, node, bcopywrap, opts); + top = node->ipe_next; + free(node); + printed++; + } + + if (printed == 0) + putchar(';'); + + if ((opts & OPT_DEBUG) == 0) + PRINTF(" };\n"); + return hp->iph_next; +} diff --git a/contrib/ipfilter/lib/printhashdata.c b/contrib/ipfilter/lib/printhashdata.c new file mode 100644 index 0000000..d278c36 --- /dev/null +++ b/contrib/ipfilter/lib/printhashdata.c @@ -0,0 +1,112 @@ +/* + * Copyright (C) 2002 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + */ + +#include "ipf.h" + +#define PRINTF (void)printf +#define FPRINTF (void)fprintf + + +void printhashdata(hp, opts) +iphtable_t *hp; +int opts; +{ + + if ((opts & OPT_DEBUG) == 0) { + if ((hp->iph_type & IPHASH_ANON) == IPHASH_ANON) + PRINTF("# 'anonymous' table\n"); + if ((hp->iph_flags & IPHASH_DELETE) == IPHASH_DELETE) + PRINTF("# "); + switch (hp->iph_type & ~IPHASH_ANON) + { + case IPHASH_LOOKUP : + PRINTF("table"); + break; + case IPHASH_GROUPMAP : + PRINTF("group-map"); + if (hp->iph_flags & FR_INQUE) + PRINTF(" in"); + else if (hp->iph_flags & FR_OUTQUE) + PRINTF(" out"); + else + PRINTF(" ???"); + break; + default : + PRINTF("%#x", hp->iph_type); + break; + } + PRINTF(" role = "); + } else { + PRINTF("Hash Table %s: %s", + isdigit(*hp->iph_name) ? "Number" : "Name", + hp->iph_name); + if ((hp->iph_type & IPHASH_ANON) == IPHASH_ANON) + PRINTF("(anon)"); + putchar(' '); + PRINTF("Role: "); + } + + switch (hp->iph_unit) + { + case IPL_LOGNAT : + PRINTF("nat"); + break; + case IPL_LOGIPF : + PRINTF("ipf"); + break; + case IPL_LOGAUTH : + PRINTF("auth"); + break; + case IPL_LOGCOUNT : + PRINTF("count"); + break; + default : + PRINTF("#%d", hp->iph_unit); + break; + } + + if ((opts & OPT_DEBUG) == 0) { + if ((hp->iph_type & ~IPHASH_ANON) == IPHASH_LOOKUP) + PRINTF(" type = hash"); + PRINTF(" %s = %s size = %lu", + isdigit(*hp->iph_name) ? "number" : "name", + hp->iph_name, (u_long)hp->iph_size); + if (hp->iph_seed != 0) + PRINTF(" seed = %lu", hp->iph_seed); + putchar('\n'); + } else { + PRINTF(" Type: "); + switch (hp->iph_type & ~IPHASH_ANON) + { + case IPHASH_LOOKUP : + PRINTF("lookup"); + break; + case IPHASH_GROUPMAP : + PRINTF("groupmap Group. %s", hp->iph_name); + break; + default : + break; + } + + putchar('\n'); + PRINTF("\t\tSize: %lu\tSeed: %lu", + (u_long)hp->iph_size, hp->iph_seed); + PRINTF("\tRef. Count: %d\tMasks: %#x\n", hp->iph_ref, + hp->iph_masks); + } + + if ((opts & OPT_DEBUG) != 0) { + struct in_addr m; + int i; + + for (i = 0; i < 32; i++) { + if ((1 << i) & hp->iph_masks) { + ntomask(4, i, &m.s_addr); + PRINTF("\t\tMask: %s\n", inet_ntoa(m)); + } + } + } +} diff --git a/contrib/ipfilter/lib/printpool_live.c b/contrib/ipfilter/lib/printpool_live.c new file mode 100644 index 0000000..0588cfb --- /dev/null +++ b/contrib/ipfilter/lib/printpool_live.c @@ -0,0 +1,78 @@ +/* + * Copyright (C) 2002 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + */ + +#include <sys/ioctl.h> +#include "ipf.h" +#include "netinet/ipl.h" + +#define PRINTF (void)printf +#define FPRINTF (void)fprintf + + +ip_pool_t *printpool_live(pool, fd, name, opts) +ip_pool_t *pool; +int fd; +char *name; +int opts; +{ + ip_pool_node_t entry, *top, *node; + ipflookupiter_t iter; + int printed, last; + ipfobj_t obj; + + if ((name != NULL) && strncmp(name, pool->ipo_name, FR_GROUPLEN)) + return pool->ipo_next; + + printpooldata(pool, opts); + + if ((pool->ipo_flags & IPOOL_DELETE) != 0) + PRINTF("# "); + if ((opts & OPT_DEBUG) == 0) + PRINTF("\t{"); + + obj.ipfo_rev = IPFILTER_VERSION; + obj.ipfo_type = IPFOBJ_LOOKUPITER; + obj.ipfo_ptr = &iter; + obj.ipfo_size = sizeof(iter); + + iter.ili_data = &entry; + iter.ili_type = IPLT_POOL; + iter.ili_otype = IPFLOOKUPITER_NODE; + iter.ili_ival = IPFGENITER_LOOKUP; + iter.ili_unit = pool->ipo_unit; + strncpy(iter.ili_name, pool->ipo_name, FR_GROUPLEN); + + last = 0; + top = NULL; + printed = 0; + + while (!last && (ioctl(fd, SIOCLOOKUPITER, &obj) == 0)) { + if (entry.ipn_next == NULL) + last = 1; + entry.ipn_next = top; + top = malloc(sizeof(*top)); + if (top == NULL) + break; + bcopy(&entry, top, sizeof(entry)); + } + + while (top != NULL) { + node = top; + (void) printpoolnode(node, opts); + if ((opts & OPT_DEBUG) == 0) + putchar(';'); + top = node->ipn_next; + free(node); + printed++; + } + + if (printed == 0) + putchar(';'); + + if ((opts & OPT_DEBUG) == 0) + PRINTF(" };\n"); + return pool->ipo_next; +} diff --git a/contrib/ipfilter/lib/printpooldata.c b/contrib/ipfilter/lib/printpooldata.c new file mode 100644 index 0000000..8d8e962 --- /dev/null +++ b/contrib/ipfilter/lib/printpooldata.c @@ -0,0 +1,78 @@ +/* + * Copyright (C) 2002 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + */ + +#include "ipf.h" + +#define PRINTF (void)printf +#define FPRINTF (void)fprintf + +void printpooldata(pool, opts) +ip_pool_t *pool; +int opts; +{ + + if ((opts & OPT_DEBUG) == 0) { + if ((pool->ipo_flags & IPOOL_ANON) != 0) + PRINTF("# 'anonymous' tree %s\n", pool->ipo_name); + if ((pool->ipo_flags & IPOOL_DELETE) != 0) + PRINTF("# "); + PRINTF("table role = "); + } else { + if ((pool->ipo_flags & IPOOL_DELETE) != 0) + PRINTF("# "); + PRINTF("%s: %s", + isdigit(*pool->ipo_name) ? "Number" : "Name", + pool->ipo_name); + if ((pool->ipo_flags & IPOOL_ANON) == IPOOL_ANON) + PRINTF("(anon)"); + putchar(' '); + PRINTF("Role: "); + } + + switch (pool->ipo_unit) + { + case IPL_LOGIPF : + printf("ipf"); + break; + case IPL_LOGNAT : + printf("nat"); + break; + case IPL_LOGSTATE : + printf("state"); + break; + case IPL_LOGAUTH : + printf("auth"); + break; + case IPL_LOGSYNC : + printf("sync"); + break; + case IPL_LOGSCAN : + printf("scan"); + break; + case IPL_LOGLOOKUP : + printf("lookup"); + break; + case IPL_LOGCOUNT : + printf("count"); + break; + default : + printf("unknown(%d)", pool->ipo_unit); + } + + if ((opts & OPT_DEBUG) == 0) { + PRINTF(" type = tree %s = %s\n", + isdigit(*pool->ipo_name) ? "number" : "name", + pool->ipo_name); + } else { + putchar(' '); + + PRINTF("\tReferences: %d\tHits: %lu\n", pool->ipo_ref, + pool->ipo_hits); + if ((pool->ipo_flags & IPOOL_DELETE) != 0) + PRINTF("# "); + PRINTF("\tNodes Starting at %p\n", pool->ipo_list); + } +} diff --git a/contrib/ipfilter/lib/printproto.c b/contrib/ipfilter/lib/printproto.c index dd0ce39..e65ec11 100644 --- a/contrib/ipfilter/lib/printproto.c +++ b/contrib/ipfilter/lib/printproto.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 1993-2005 by Darren Reed. + * Copyright (C) 2005 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ @@ -8,7 +8,7 @@ #if !defined(lint) -static const char rcsid[] = "@(#)$Id: printproto.c,v 1.1.2.1 2005/06/12 07:21:53 darrenr Exp $"; +static const char rcsid[] = "@(#)$Id: printproto.c,v 1.1.2.2 2006/06/16 17:21:14 darrenr Exp $"; #endif diff --git a/contrib/ipfilter/lib/printtqtable.c b/contrib/ipfilter/lib/printtqtable.c new file mode 100644 index 0000000..67adb53 --- /dev/null +++ b/contrib/ipfilter/lib/printtqtable.c @@ -0,0 +1,25 @@ +/* + * Copyright (C) 2007 by Darren Reed. + * + * See the IPFILTER.LICENCE file for details on licencing. + */ + +#include <fcntl.h> +#include <sys/ioctl.h> +#include "ipf.h" + + +void printtqtable(table) +ipftq_t *table; +{ + int i; + + printf("TCP Entries per state\n"); + for (i = 0; i < IPF_TCP_NSTATES; i++) + printf(" %5d", i); + printf("\n"); + + for (i = 0; i < IPF_TCP_NSTATES; i++) + printf(" %5d", table[i].ifq_ref - 1); + printf("\n"); +} |
