67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
# define PBL_SET_MODE nfq_set_mode
# define PBL_COPY_PACKET NFQNL_COPY_PACKET
# define PBL_ID_T u_int32_t
# define PBL_ERRSTR ""
#define DEBUG(x, y) if (conf.debug >= x) { printf(y "\n"); }
#define INVALID_OCTET(x) x < 0 || x > 255
struct packet_info {
uint8_t b1;
uint8_t b2;
uint8_t b3;
uint8_t b4;
|
>
>
>
>
>
>
>
|
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
# define PBL_SET_MODE nfq_set_mode
# define PBL_COPY_PACKET NFQNL_COPY_PACKET
# define PBL_ID_T u_int32_t
# define PBL_ERRSTR ""
#define DEBUG(x, y) if (conf.debug >= x) { printf(y "\n"); }
#define INVALID_OCTET(x) x < 0 || x > 255
#define DPRINT(format, args...) if (conf.debug == 0) { \
syslog(LOG_INFO, format , ## args); \
} else { \
fprintf(stderr, format , ## args); \
}
#define DPRINTQ(format, args...) if (!conf.quiet) { DPRINT(format, ## args) };
struct packet_info {
uint8_t b1;
uint8_t b2;
uint8_t b3;
uint8_t b4;
|
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
struct config_entry {
char *string;
struct config_entry *next;
struct packet_info ip;
struct cidr cidr;
};
char msgbuf[BUFFERSIZE];
|
>
<
<
|
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
struct config_entry {
char *string;
struct config_entry *next;
struct packet_info ip;
struct cidr cidr;
int index;
};
struct config {
int allow_non25;
int allow_nonsyn;
int default_accept;
int dryrun;
int log_facility;
int queueno;
|
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
|
struct packet_cache_t {
uint32_t ipaddr;
time_t expires;
int action;
};
struct packet_cache_t *packet_cache = NULL;
uint32_t packet_cache_len = USE_CACHE_DEF_LEN;
uint16_t packet_cache_ttl = USE_CACHE_DEF_TTL;
#endif
struct config_entry *hostlistcache = NULL;
int get_packet_info(char *payload, struct packet_info *ip);
int check_packet_list(const struct packet_info *ip, struct config_entry *list);
int check_packet_dnsbl(const struct packet_info *ip, struct config_entry *list);
int parse_cidr(struct config_entry *ce);
/* int validate_blacklist(char *); */
void parse_config(void);
void parse_arguments(int argc, char **argv);
void pbl_init_sockstat(void);
static void get_ip_string(const struct packet_info *ip);
|
|
|
|
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
|
struct packet_cache_t {
uint32_t ipaddr;
time_t expires;
int action;
};
struct packet_cache_t *packet_cache = NULL;
uint32_t packet_cache_len = USE_CACHE_DEF_LEN;
uint32_t packet_cache_ttl = USE_CACHE_DEF_TTL;
#endif
struct config_entry *hostlistcache = NULL;
int get_packet_info(char *payload, struct packet_info *ip);
int check_packet_list(const struct packet_info *ip, struct config_entry *list);
int check_packet_dnsbl(const struct packet_info *ip, struct config_entry *list);
int parse_cidr(struct config_entry *ce);
/* int validate_blacklist(char *); */
void parse_config(void);
void parse_arguments(int argc, char **argv);
void pbl_init_sockstat(void);
char * get_ip_string(const struct packet_info *ip);
static void pbl_set_verdict(struct PBL_HANDLE *h, PBL_ID_T id,
unsigned int verdict);
static int pbl_callback(struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
struct nfq_data *nfa, void *data);
typedef struct facility {
|