Index: ChangeLog
==================================================================
--- ChangeLog
+++ ChangeLog
@@ -1,5 +1,10 @@
+3/6/2011
+- Many changes
+- ripped out dotconf and replaced with libconfig
+- cleanup
+
7/25/04
- Changed over to autoconf
(thanks to Roy Keene (packetbl at rkeene dot org) for his assistance,
even though this was in the works before he sent his patch, I was able to
use many of his tests)
Index: INSTALL
==================================================================
--- INSTALL
+++ INSTALL
@@ -13,16 +13,11 @@
you should refer to
http://wiki.duskglow.com/index.php/Packetbl
for authoritative information.
II. PREREQUISITES
- 1. Dot.conf (required)
- Dot.conf is used to handle the configuration data and is
- required for PacketBL to operate. It can be obtained from:
- http://www.azzit.de/dotconf/
- Dot.conf uses "Apache-style" configuration files so logical
- hierarchal configuration files can be used.
+ 1. libconfig (required)
2. iptables (required)
Iptables' library "ipq" (IP Queuing library) is required, it
provides the necessary hooks to allow PacketBL to accept
packets from the QUEUE target and process them.
@@ -60,93 +55,11 @@
domain socket that is used for communications between
the PacketBL daemon and the "packetbl_getstat" process.
Default is /tmp/.packetbl.sock.
IV. CONFIGURATION
- 1. The configuration file (packetbl.conf) is in "Apache-style" format.
- An example configuration file might look something like this:
-
- BlackListBL dnsbl.sorbs.net
- BlackListBL relay.ordb.org
- WhiteList 127.0.0.0/8
-
- FallthroughAccept yes
- AllowNonPort25 no
- AllowNonSyn no
- DryRun no
- CacheSize 8192
- CacheTTL 3600
- LogFacility daemon
- Quiet no
-
- 2. Explanation of configuration elements:
- a.
- This element begins the HOST section of the
- configuration. You must define your Blacklists DNS
- RBLs and Whitelist addresses in the HOST section.
- b. BlackListBL dnsbl.sorbs.net
- The "BlackListBL" element defines a DNS RBL which is
- checked to determine whether or not packets are
- dropped. This particular example configures
- "dnsbl.sorbs.net" as an RBL to use.
- c. WhiteList 127.0.0.0/8
- The "WhiteList" element defines a range in (CIDR
- format) of IP address to always accept and never check
- the configured "BlackListBL" elements. You should
- usually leave at least "127.0.0.0/8" there for safety.
- d. FallthroughAccept yes
- The "FallthroughAccept" element tells PacketBL how to
- handle packets that are neither listed in a configured
- DNS RBL ("BlackListBL" element) nor match a configured
- whitelist ("WhiteList" element). Usually you should
- leave this as "yes" (the default).
- e. AllowNonPort25 no
- The "AllowNonPort25" element controls whether or not
- PacketBL will examine packets that are passed it that
- do not have a "Destination Port" of 25 (SMTP). This
- is probably not something you want, leaving it "no"
- is safe. Enabling this and mis-configuring your
- iptables configuration could cause a LOT of load on the
- configured DNS RBLs and may cause you to lose access to
- them!
- f. AllowNonSyn no
- The "AllowNonSyn" element controls whether or not
- PacketBL will examine packets that are passed it that
- do not have the SYN flag set (i.e, incoming TCP
- connections). This is probably not something you want,
- leaving it "no" is safe. Enabling this and
- mis-configuring your iptables configuration could cause
- a LOT of load on the configured DNS RBLs and may cause
- you to lose access to them!
- g. DryRun no
- The "DryRun" element controls whether or not PacketBL
- actually rejects (DROPs) the packets that match a
- configured DNS RBL. Setting this to "yes" will cause
- all packets to be ACCEPTed. The default is "no"
- which causes normal operation.
- h. CacheSize 8192
- The "CacheSize" element determines the size of the
- cache (in entries, not bytes or bits) if cache has
- been enabled at compile time. A setting of "0" causes
- caching to be disabled. The largest reasonable value
- is currently 21675, anything above that will be wasted.
- i. CacheTTL 3600
- The "CacheTTL" element determines the length of time
- (in seconds) that cached entries are considered valid.
- Once an entry is looked up through a configured DNS RBL
- it will not need to be looked up again until after its
- "Time To Live" has been exceeded.
- j. LogFacility daemon
- The "LogFacility" element controls which syslog facility
- PacketBL sends its information to. The default is
- probably fine for most people.
- k. Quiet no
- The "Quiet" element controls whether PacketBL writes
- a message to syslog() every time it accepts or rejects
- a packet. The safe choice (and default) is "no"
- meaning that PacketBL writes a message to syslog about
- every packet.
+ To be replaced. A sample config file is provided.
V. COMMAND LINE ARGUMENTS
1. PacketBL supports a minimal number of command line arguments, since
most configuration should be done in the configuration file (see
previous section). The following is a complete list of supported
Index: autom4te.cache/output.0
==================================================================
--- autom4te.cache/output.0
+++ autom4te.cache/output.0
@@ -1,8 +1,8 @@
@%:@! /bin/sh
@%:@ Guess values for system-dependent variables and create Makefiles.
-@%:@ Generated by GNU Autoconf 2.66 for packetbl 0.6-beta4.
+@%:@ Generated by GNU Autoconf 2.66 for packetbl 0.7-beta1.
@%:@
@%:@
@%:@ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
@%:@ 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
@%:@ Foundation, Inc.
@@ -547,12 +547,12 @@
MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='packetbl'
PACKAGE_TARNAME='packetbl'
-PACKAGE_VERSION='0.6-beta4'
-PACKAGE_STRING='packetbl 0.6-beta4'
+PACKAGE_VERSION='0.7-beta1'
+PACKAGE_STRING='packetbl 0.7-beta1'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
# Factoring default headers for most tests.
ac_includes_default="\
@@ -1215,11 +1215,11 @@
#
if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures packetbl 0.6-beta4 to adapt to many kinds of systems.
+\`configure' configures packetbl 0.7-beta1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
@@ -1281,11 +1281,11 @@
_ACEOF
fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of packetbl 0.6-beta4:";;
+ short | recursive ) echo "Configuration of packetbl 0.7-beta1:";;
esac
cat <<\_ACEOF
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
@@ -1369,11 +1369,11 @@
fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-packetbl configure 0.6-beta4
+packetbl configure 0.7-beta1
generated by GNU Autoconf 2.66
Copyright (C) 2010 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
@@ -1667,11 +1667,11 @@
} @%:@ ac_fn_c_check_header_compile
cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by packetbl $as_me 0.6-beta4, which was
+It was created by packetbl $as_me 0.7-beta1, which was
generated by GNU Autoconf 2.66. Invocation command line was
$ $0 $@
_ACEOF
@@ -4623,11 +4623,11 @@
cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# Save the log message, to keep $0 and so on meaningful, and to
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by packetbl $as_me 0.6-beta4, which was
+This file was extended by packetbl $as_me 0.7-beta1, which was
generated by GNU Autoconf 2.66. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
CONFIG_HEADERS = $CONFIG_HEADERS
CONFIG_LINKS = $CONFIG_LINKS
@@ -4685,11 +4685,11 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-packetbl config.status 0.6-beta4
+packetbl config.status 0.7-beta1
configured by $0, generated by GNU Autoconf 2.66,
with options \\"\$ac_cs_config\\"
Copyright (C) 2010 Free Software Foundation, Inc.
This config.status script is free software; the Free Software Foundation
Index: autom4te.cache/requests
==================================================================
--- autom4te.cache/requests
+++ autom4te.cache/requests
@@ -13,29 +13,29 @@
'/usr/share/autoconf/autoconf/autoconf.m4f',
'aclocal.m4',
'configure.in'
],
{
- '_LT_AC_TAGCONFIG' => 1,
'AM_PROG_F77_C_O' => 1,
- 'AC_INIT' => 1,
+ '_LT_AC_TAGCONFIG' => 1,
'm4_pattern_forbid' => 1,
- 'AC_CANONICAL_TARGET' => 1,
+ 'AC_INIT' => 1,
'_AM_COND_IF' => 1,
- 'AC_SUBST' => 1,
+ 'AC_CANONICAL_TARGET' => 1,
'AC_CONFIG_LIBOBJ_DIR' => 1,
- 'AC_FC_SRCEXT' => 1,
+ 'AC_SUBST' => 1,
'AC_CANONICAL_HOST' => 1,
+ 'AC_FC_SRCEXT' => 1,
'AC_PROG_LIBTOOL' => 1,
'AM_INIT_AUTOMAKE' => 1,
'AC_CONFIG_SUBDIRS' => 1,
'AM_AUTOMAKE_VERSION' => 1,
'LT_CONFIG_LTDL_DIR' => 1,
- 'AC_CONFIG_LINKS' => 1,
'AC_REQUIRE_AUX_FILE' => 1,
- 'm4_sinclude' => 1,
+ 'AC_CONFIG_LINKS' => 1,
'LT_SUPPORTED_TAG' => 1,
+ 'm4_sinclude' => 1,
'AM_MAINTAINER_MODE' => 1,
'AM_GNU_GETTEXT_INTL_SUBDIR' => 1,
'_m4_warn' => 1,
'AM_PROG_CXX_C_O' => 1,
'_AM_COND_ENDIF' => 1,
@@ -44,25 +44,25 @@
'AC_CONFIG_FILES' => 1,
'include' => 1,
'LT_INIT' => 1,
'AM_GNU_GETTEXT' => 1,
'AC_LIBSOURCE' => 1,
- 'AC_CANONICAL_BUILD' => 1,
'AM_PROG_FC_C_O' => 1,
+ 'AC_CANONICAL_BUILD' => 1,
'AC_FC_FREEFORM' => 1,
'AH_OUTPUT' => 1,
- 'AC_CONFIG_AUX_DIR' => 1,
'_AM_SUBST_NOTMAKE' => 1,
- 'sinclude' => 1,
+ 'AC_CONFIG_AUX_DIR' => 1,
+ 'AM_PROG_CC_C_O' => 1,
'm4_pattern_allow' => 1,
- 'AM_PROG_CC_C_O' => 1,
- 'AC_CANONICAL_SYSTEM' => 1,
+ 'sinclude' => 1,
'AM_CONDITIONAL' => 1,
+ 'AC_CANONICAL_SYSTEM' => 1,
'AC_CONFIG_HEADERS' => 1,
'AC_DEFINE_TRACE_LITERAL' => 1,
'm4_include' => 1,
'_AM_COND_ELSE' => 1,
'AC_SUBST_TRACE' => 1
}
], 'Autom4te::Request' )
);
Index: autom4te.cache/traces.0
==================================================================
--- autom4te.cache/traces.0
+++ autom4te.cache/traces.0
@@ -1,6 +1,6 @@
-m4trace:configure.in:2: -1- AC_INIT([packetbl], [0.6-beta4])
+m4trace:configure.in:2: -1- AC_INIT([packetbl], [0.7-beta1])
m4trace:configure.in:2: -1- m4_pattern_forbid([^_?A[CHUM]_])
m4trace:configure.in:2: -1- m4_pattern_forbid([_AC_])
m4trace:configure.in:2: -1- m4_pattern_forbid([^LIBOBJS$], [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs LIBOBJS'])
m4trace:configure.in:2: -1- m4_pattern_allow([^AS_FLAGS$])
m4trace:configure.in:2: -1- m4_pattern_forbid([^_?m4_])
Index: config
==================================================================
--- config
+++ config
@@ -1,10 +1,20 @@
options: {
allow_nonport25 = false;
dryrun = false;
- queueno = 2;
+ queueno = 1;
quiet = false;
- debug = 2;
+ debug = 0;
+};
+
+cache: {
+ // don't use these values, they're just a placeholder
+ // ttl = 1
+ // len = 1
+};
+
+log: {
+ facility = "daemon";
};
blacklist = [ "127.0.0.1" ];
Index: config.h.in
==================================================================
--- config.h.in
+++ config.h.in
@@ -1,13 +1,10 @@
/* config.h.in. Generated from configure.in by autoheader. */
/* Define to 1 if you have the header file. */
#undef HAVE_CTYPE_H
-/* Enable if you have the required dotconf library. */
-#undef HAVE_DOTCONF
-
/* Define to 1 if you have the header file. */
#undef HAVE_DOTCONF_H
/* Enable if you have the optional firedns library */
#undef HAVE_FIREDNS
@@ -15,10 +12,13 @@
/* Define to 1 if you have the header file. */
#undef HAVE_GETOPT_H
/* Define to 1 if you have the header file. */
#undef HAVE_INTTYPES_H
+
+/* Enable if you have the required libconfig library. */
+#undef HAVE_LIBCONFIG
/* Define to 1 if you have the header file. */
#undef HAVE_LIBIPQ_H
/* Define to 1 if you have the header file. */
@@ -40,13 +40,10 @@
#undef HAVE_NFNETLINK
/* Enable if you have nfqueue */
#undef HAVE_NFQUEUE
-/* Enable if you have the required pool library */
-#undef HAVE_POOL
-
/* Define if you have POSIX threads libraries and header files. */
#undef HAVE_PTHREAD
/* Define to 1 if you have the header file. */
#undef HAVE_RESOLV_H
Index: configure
==================================================================
--- configure
+++ configure
@@ -1,8 +1,8 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.66 for packetbl 0.6-beta4.
+# Generated by GNU Autoconf 2.66 for packetbl 0.7-beta1.
#
#
# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
# Foundation, Inc.
@@ -547,12 +547,12 @@
MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='packetbl'
PACKAGE_TARNAME='packetbl'
-PACKAGE_VERSION='0.6-beta4'
-PACKAGE_STRING='packetbl 0.6-beta4'
+PACKAGE_VERSION='0.7-beta1'
+PACKAGE_STRING='packetbl 0.7-beta1'
PACKAGE_BUGREPORT=''
PACKAGE_URL=''
# Factoring default headers for most tests.
ac_includes_default="\
@@ -1215,11 +1215,11 @@
#
if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures packetbl 0.6-beta4 to adapt to many kinds of systems.
+\`configure' configures packetbl 0.7-beta1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
To assign environment variables (e.g., CC, CFLAGS...), specify them as
VAR=VALUE. See below for descriptions of some of the useful variables.
@@ -1281,11 +1281,11 @@
_ACEOF
fi
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of packetbl 0.6-beta4:";;
+ short | recursive ) echo "Configuration of packetbl 0.7-beta1:";;
esac
cat <<\_ACEOF
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
@@ -1369,11 +1369,11 @@
fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-packetbl configure 0.6-beta4
+packetbl configure 0.7-beta1
generated by GNU Autoconf 2.66
Copyright (C) 2010 Free Software Foundation, Inc.
This configure script is free software; the Free Software Foundation
gives unlimited permission to copy, distribute and modify it.
@@ -1667,11 +1667,11 @@
} # ac_fn_c_check_header_compile
cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by packetbl $as_me 0.6-beta4, which was
+It was created by packetbl $as_me 0.7-beta1, which was
generated by GNU Autoconf 2.66. Invocation command line was
$ $0 $@
_ACEOF
@@ -4623,11 +4623,11 @@
cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# Save the log message, to keep $0 and so on meaningful, and to
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by packetbl $as_me 0.6-beta4, which was
+This file was extended by packetbl $as_me 0.7-beta1, which was
generated by GNU Autoconf 2.66. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
CONFIG_HEADERS = $CONFIG_HEADERS
CONFIG_LINKS = $CONFIG_LINKS
@@ -4685,11 +4685,11 @@
_ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-packetbl config.status 0.6-beta4
+packetbl config.status 0.7-beta1
configured by $0, generated by GNU Autoconf 2.66,
with options \\"\$ac_cs_config\\"
Copyright (C) 2010 Free Software Foundation, Inc.
This config.status script is free software; the Free Software Foundation
Index: configure.in
==================================================================
--- configure.in
+++ configure.in
@@ -1,7 +1,7 @@
-AC_INIT(packetbl, 0.6-beta4)
+AC_INIT(packetbl, 0.7-beta1)
AC_ARG_WITH(firedns,
AC_HELP_STRING([--with-firedns], [If enabled, firedns is used for the name resolution]),
[ac_cv_use_firedns=yes], [ac_cv_use_firedns=no])
Index: packetbl.c
==================================================================
--- packetbl.c
+++ packetbl.c
@@ -643,11 +643,11 @@
int i = 0;
const char *facstr = NULL;
config = &cf;
config_init(config);
- result = config_read_file(config, "test.config");
+ result = config_read_file(config, "CONFIGFILE");
if (result == CONFIG_FALSE) {
if (config_error_type(config) == CONFIG_ERR_PARSE) {
fprintf (stderr, "Error parsing config file %s, line %d: %s\n",
config_error_file(config),
config_error_line(config),