diff options
author | Olivier Blin <oblin@mandriva.org> | 2005-09-28 12:52:36 +0000 |
---|---|---|
committer | Olivier Blin <oblin@mandriva.org> | 2005-09-28 12:52:36 +0000 |
commit | 36c0bad1fa4d61860a9cb4688759a49fa22cde67 (patch) | |
tree | 44f4c1dcb29c5fa37a46aa2eb76bdeadedf06647 /src/plugins/ifw/ipset.c | |
parent | 1ed8ad88617b996a1dc37deddd2f44dd36adf4af (diff) | |
download | mandi-36c0bad1fa4d61860a9cb4688759a49fa22cde67.tar mandi-36c0bad1fa4d61860a9cb4688759a49fa22cde67.tar.gz mandi-36c0bad1fa4d61860a9cb4688759a49fa22cde67.tar.bz2 mandi-36c0bad1fa4d61860a9cb4688759a49fa22cde67.tar.xz mandi-36c0bad1fa4d61860a9cb4688759a49fa22cde67.zip |
Diffstat (limited to 'src/plugins/ifw/ipset.c')
-rw-r--r-- | src/plugins/ifw/ipset.c | 89 |
1 files changed, 89 insertions, 0 deletions
diff --git a/src/plugins/ifw/ipset.c b/src/plugins/ifw/ipset.c new file mode 100644 index 0000000..74ca06e --- /dev/null +++ b/src/plugins/ifw/ipset.c @@ -0,0 +1,89 @@ +#include "ipset.h" + +#include <stdio.h> +#include <stdlib.h> +#include <netinet/in.h> + +#define CMD_MAX_SIZE 1024 + +#ifdef IPSET_DEBUG +#define DPRINTF(s) printf("%s\n", s) +#else +#define DPRINTF(s) +#endif + +void ipset_init() { + char cmd[CMD_MAX_SIZE]; + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -N " IPSET_BLACKLIST_NAME " iptree --timeout " IPSET_BLACKLIST_TIMEOUT); + DPRINTF(cmd); + system(cmd); + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -N " IPSET_WHITELIST_NAME " iptree"); + DPRINTF(cmd); + system(cmd); +} + +void ipset_destroy() { + char cmd[CMD_MAX_SIZE]; + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -X " IPSET_BLACKLIST_NAME); + DPRINTF(cmd); + system(cmd); + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -X " IPSET_WHITELIST_NAME); + DPRINTF(cmd); + system(cmd); +} + +/* void ipset_blacklist_load(char *filename) { */ +/* char cmd[CMD_MAX_SIZE]; */ +/* snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -R < %s", filename); */ +/* DPRINTF(cmd); */ +/* system(cmd); */ +/* } */ + +/* void ipset_blacklist_save(char *filename) { */ +/* char cmd[CMD_MAX_SIZE]; */ +/* snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -S " IPSET_BLACKLIST_NAME " > %s", filename); */ +/* DPRINTF(cmd); */ +/* system(cmd); */ +/* } */ + +/* void ipset_whitelist_load(char *filename) { */ +/* char cmd[CMD_MAX_SIZE]; */ +/* snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -R < %s", filename); */ +/* DPRINTF(cmd); */ +/* system(cmd); */ +/* } */ + +/* void ipset_whitelist_save(char *filename) { */ +/* char cmd[CMD_MAX_SIZE]; */ +/* snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -S " IPSET_WHITELIST_NAME " > %s", filename); */ +/* DPRINTF(cmd); */ +/* system(cmd); */ +/* } */ + +void ipset_blacklist_add(u_int32_t addr) { + char cmd[CMD_MAX_SIZE]; + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -A " IPSET_BLACKLIST_NAME " %u", ntohl(addr)); + DPRINTF(cmd); + system(cmd); +} + +void ipset_blacklist_remove(u_int32_t addr) { + char cmd[CMD_MAX_SIZE]; + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -D " IPSET_BLACKLIST_NAME " %u", ntohl(addr)); + DPRINTF(cmd); + system(cmd); +} + +void ipset_whitelist_add(u_int32_t addr) { + char cmd[CMD_MAX_SIZE]; + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -A " IPSET_WHITELIST_NAME " %u", ntohl(addr)); + DPRINTF(cmd); + system(cmd); +} + +void ipset_whitelist_remove(u_int32_t addr) { + char cmd[CMD_MAX_SIZE]; + snprintf(cmd, CMD_MAX_SIZE, IPSET_CMD " -D " IPSET_WHITELIST_NAME " %u", ntohl(addr)); + DPRINTF(cmd); + system(cmd); +} |