Check-in [50168f46c0]
Overview
SHA1:50168f46c0073269dc3be5f7116304448cb36aca
Date: 2011-03-01 22:34:18
User: rmiller
Comment:Move a bunch of includes to packetbl.h, and also fix what appears to be a small signing problem (THIS one doesn't break anything)
Timelines: family | ancestors | descendants | both | trunk
Downloads: Tarball | ZIP archive
Other Links: files | file ages | folders | manifest
Tags And Properties
Context
2011-03-06
01:57
[9a13922db2] it compiles and links properly. I don't guarantee ANYTHING else. This is a very major change - I have removed dotconf and am replacing with libconfig. Also did some cleanup along with it. Some parts are messy. I hope it's functional. (user: rmiller, tags: trunk)
2011-03-01
22:34
[50168f46c0] Move a bunch of includes to packetbl.h, and also fix what appears to be a small signing problem (THIS one doesn't break anything) (user: rmiller, tags: trunk)
2011-02-28
22:23
[d9110d0335] Under FC14, libnfnetlink needs to be explicitly checked for. This is due to some kind of DSO linker change. Oh well. (user: rmiller, tags: trunk)
Changes

Modified packetbl.c from [cd3b07c2c0] to [6783fc984d].

72
73
74
75
76
77
78


79
80
81
82
83
84
85
...
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
...
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
....
1155
1156
1157
1158
1159
1160
1161

1162
1163
1164
1165
1166
1167
1168
1169
....
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
# define PBL_HANDLE nfq_q_handle
# define PBL_SET_MODE nfq_set_mode
# define PBL_COPY_PACKET NFQNL_COPY_PACKET
# define PBL_ID_T u_int32_t
# define PBL_ERRSTR ""

#define DEBUG(x, y) if (conf.debug >= x) { printf(y "\n"); }


struct packet_info {

	uint8_t b1;
	uint8_t b2;
	uint8_t b3;
	uint8_t b4;

................................................................................
	fprintf(stderr, "[error] %s\n", msg);
	return 1;

}

/*
 * SYNOPSIS:
 *   void daeomize(void);
 *
 * NOTES:
 *   This function accomplishes everything needed to become a daemon.
 *   Including closing standard in/out/err and forking.
 *   It returns nothing, on failure the program must abort.
 *
 */
................................................................................

static int pbl_callback(struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
        struct nfq_data *nfa, void *data) {

	int ret;
	int id;
	struct nfqnl_msg_packet_hdr *ph;
	char *nfdata;
	struct packet_info ip;

	DEBUG(2, "Entering callback");

	if (ph = nfq_get_msg_packet_hdr(nfa)) {
		id = ntohl(ph->packet_id);
	}
................................................................................
 *   This routine is rather tortured, but it works and is believed
 *   correct.  Please don't mess with it without a good reason.
 *
 */
int parse_cidr(struct config_entry *ce) {

	int sep = 0;			// which separator we're on.

	char *counter, *c1;
	char number[BUFFERSIZE];

	if (ce == NULL) {
		return -1;
	}

	c1 = ce->string; // initialize state counter
................................................................................
			counter++) {
		switch (*counter) {
			case '.':
			case '/':
				// separator
				strncpy(number, c1, (int)(counter - c1));
				number[(int)(counter - c1)] = '\0';
				switch(sep) {
					case 0:
						ce->ip.b1 = atoi(number);
						if (ce->ip.b1 < 0 ||
							ce->ip.b1 > 255) {
							return -1;
						}
						break;
					case 1:
						ce->ip.b2 = atoi(number);
						if (ce->ip.b2 < 0 ||
							ce->ip.b2 > 255) {
							return -1;
						}
						break;
					case 2:
						ce->ip.b3 = atoi(number);
						if (ce->ip.b3 < 0 ||
							ce->ip.b3 > 255) {
							return -1;
						}
						break;
					case 3:
						ce->ip.b4 = atoi(number);
						if (ce->ip.b4 < 0 ||
							ce->ip.b4 > 255) {
							return -1;
						}
						break;
				}
				sep++;
				c1 = counter + 1;
				break;
			case '0':
			case '1':
			case '2':







>
>







 







|







 







|







 







>
|







 







|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<
<
<
<
<
<







72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
...
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
...
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
....
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
....
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205






1206
1207
1208
1209
1210
1211
1212
# define PBL_HANDLE nfq_q_handle
# define PBL_SET_MODE nfq_set_mode
# define PBL_COPY_PACKET NFQNL_COPY_PACKET
# define PBL_ID_T u_int32_t
# define PBL_ERRSTR ""

#define DEBUG(x, y) if (conf.debug >= x) { printf(y "\n"); }
#define INVALID_OCTET(x) x < 0 || x > 255

struct packet_info {

	uint8_t b1;
	uint8_t b2;
	uint8_t b3;
	uint8_t b4;

................................................................................
	fprintf(stderr, "[error] %s\n", msg);
	return 1;

}

/*
 * SYNOPSIS:
 *   void daemonize(void);
 *
 * NOTES:
 *   This function accomplishes everything needed to become a daemon.
 *   Including closing standard in/out/err and forking.
 *   It returns nothing, on failure the program must abort.
 *
 */
................................................................................

static int pbl_callback(struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
        struct nfq_data *nfa, void *data) {

	int ret;
	int id;
	struct nfqnl_msg_packet_hdr *ph;
	unsigned char *nfdata;
	struct packet_info ip;

	DEBUG(2, "Entering callback");

	if (ph = nfq_get_msg_packet_hdr(nfa)) {
		id = ntohl(ph->packet_id);
	}
................................................................................
 *   This routine is rather tortured, but it works and is believed
 *   correct.  Please don't mess with it without a good reason.
 *
 */
int parse_cidr(struct config_entry *ce) {

	int sep = 0;			// which separator we're on.
	int i = 0;
	char *counter, *c1, *numptr;
	char number[BUFFERSIZE];

	if (ce == NULL) {
		return -1;
	}

	c1 = ce->string; // initialize state counter
................................................................................
			counter++) {
		switch (*counter) {
			case '.':
			case '/':
				// separator
				strncpy(number, c1, (int)(counter - c1));
				number[(int)(counter - c1)] = '\0';
				i = atoi(number);
				switch(sep) {
					case 0:
						numptr = &ce->ip.b1;
						break;
					case 1:
						numptr = &ce->ip.b2;
						break;
					case 2:
						numptr = &ce->ip.b3;
						break;
					case 3:
						numptr = &ce->ip.b4;
						break;
					default:
						/* shouldn't happen.
						FIXME: add error */
						;
						
				}
				ce->ip.b1 = i;
				if (INVALID_OCTET(*numptr)) {
					return -1;






				}
				sep++;
				c1 = counter + 1;
				break;
			case '0':
			case '1':
			case '2':