Check-in [50168f46c0]
Overview
SHA1:50168f46c0073269dc3be5f7116304448cb36aca
Date: 2011-03-01 22:34:18
User: rmiller
Comment:Move a bunch of includes to packetbl.h, and also fix what appears to be a small signing problem (THIS one doesn't break anything)
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2011-03-06
01:57
[9a13922db2] it compiles and links properly. I don't guarantee ANYTHING else. This is a very major change - I have removed dotconf and am replacing with libconfig. Also did some cleanup along with it. Some parts are messy. I hope it's functional. (user: rmiller, tags: trunk)
2011-03-01
22:34
[50168f46c0] Move a bunch of includes to packetbl.h, and also fix what appears to be a small signing problem (THIS one doesn't break anything) (user: rmiller, tags: trunk)
2011-02-28
22:23
[d9110d0335] Under FC14, libnfnetlink needs to be explicitly checked for. This is due to some kind of DSO linker change. Oh well. (user: rmiller, tags: trunk)
Changes

Modified packetbl.c from [cd3b07c2c0] to [6783fc984d].

    72     72   # define PBL_HANDLE nfq_q_handle
    73     73   # define PBL_SET_MODE nfq_set_mode
    74     74   # define PBL_COPY_PACKET NFQNL_COPY_PACKET
    75     75   # define PBL_ID_T u_int32_t
    76     76   # define PBL_ERRSTR ""
    77     77   
    78     78   #define DEBUG(x, y) if (conf.debug >= x) { printf(y "\n"); }
           79  +#define INVALID_OCTET(x) x < 0 || x > 255
           80  +
    79     81   struct packet_info {
    80     82   
    81     83   	uint8_t b1;
    82     84   	uint8_t b2;
    83     85   	uint8_t b3;
    84     86   	uint8_t b4;
    85     87   
................................................................................
   215    217   	fprintf(stderr, "[error] %s\n", msg);
   216    218   	return 1;
   217    219   
   218    220   }
   219    221   
   220    222   /*
   221    223    * SYNOPSIS:
   222         - *   void daeomize(void);
          224  + *   void daemonize(void);
   223    225    *
   224    226    * NOTES:
   225    227    *   This function accomplishes everything needed to become a daemon.
   226    228    *   Including closing standard in/out/err and forking.
   227    229    *   It returns nothing, on failure the program must abort.
   228    230    *
   229    231    */
................................................................................
   534    536   
   535    537   static int pbl_callback(struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
   536    538           struct nfq_data *nfa, void *data) {
   537    539   
   538    540   	int ret;
   539    541   	int id;
   540    542   	struct nfqnl_msg_packet_hdr *ph;
   541         -	char *nfdata;
          543  +	unsigned char *nfdata;
   542    544   	struct packet_info ip;
   543    545   
   544    546   	DEBUG(2, "Entering callback");
   545    547   
   546    548   	if (ph = nfq_get_msg_packet_hdr(nfa)) {
   547    549   		id = ntohl(ph->packet_id);
   548    550   	}
................................................................................
  1155   1157    *   This routine is rather tortured, but it works and is believed
  1156   1158    *   correct.  Please don't mess with it without a good reason.
  1157   1159    *
  1158   1160    */
  1159   1161   int parse_cidr(struct config_entry *ce) {
  1160   1162   
  1161   1163   	int sep = 0;			// which separator we're on.
  1162         -	char *counter, *c1;
         1164  +	int i = 0;
         1165  +	char *counter, *c1, *numptr;
  1163   1166   	char number[BUFFERSIZE];
  1164   1167   
  1165   1168   	if (ce == NULL) {
  1166   1169   		return -1;
  1167   1170   	}
  1168   1171   
  1169   1172   	c1 = ce->string; // initialize state counter
................................................................................
  1173   1176   			counter++) {
  1174   1177   		switch (*counter) {
  1175   1178   			case '.':
  1176   1179   			case '/':
  1177   1180   				// separator
  1178   1181   				strncpy(number, c1, (int)(counter - c1));
  1179   1182   				number[(int)(counter - c1)] = '\0';
         1183  +				i = atoi(number);
  1180   1184   				switch(sep) {
  1181   1185   					case 0:
  1182         -						ce->ip.b1 = atoi(number);
  1183         -						if (ce->ip.b1 < 0 ||
  1184         -							ce->ip.b1 > 255) {
  1185         -							return -1;
  1186         -						}
         1186  +						numptr = &ce->ip.b1;
  1187   1187   						break;
  1188   1188   					case 1:
  1189         -						ce->ip.b2 = atoi(number);
  1190         -						if (ce->ip.b2 < 0 ||
  1191         -							ce->ip.b2 > 255) {
  1192         -							return -1;
  1193         -						}
         1189  +						numptr = &ce->ip.b2;
  1194   1190   						break;
  1195   1191   					case 2:
  1196         -						ce->ip.b3 = atoi(number);
  1197         -						if (ce->ip.b3 < 0 ||
  1198         -							ce->ip.b3 > 255) {
  1199         -							return -1;
  1200         -						}
         1192  +						numptr = &ce->ip.b3;
  1201   1193   						break;
  1202   1194   					case 3:
  1203         -						ce->ip.b4 = atoi(number);
  1204         -						if (ce->ip.b4 < 0 ||
  1205         -							ce->ip.b4 > 255) {
  1206         -							return -1;
  1207         -						}
         1195  +						numptr = &ce->ip.b4;
  1208   1196   						break;
         1197  +					default:
         1198  +						/* shouldn't happen.
         1199  +						FIXME: add error */
         1200  +						;
         1201  +						
         1202  +				}
         1203  +				ce->ip.b1 = i;
         1204  +				if (INVALID_OCTET(*numptr)) {
         1205  +					return -1;
  1209   1206   				}
  1210   1207   				sep++;
  1211   1208   				c1 = counter + 1;
  1212   1209   				break;
  1213   1210   			case '0':
  1214   1211   			case '1':
  1215   1212   			case '2':