1 files changed, 119 insertions, 0 deletions

diff --git a/src/plugins/ifw/white_list.c b/src/plugins/ifw/white_list.c
new file mode 100644
index 0000000..4318abc
--- /dev/null
+++ b/src/plugins/ifw/white_list.c
@@ -0,0 +1,119 @@
+#include "white_list.h"
+#include "ipset.h"
+#include "ifw.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <sys/socket.h>
+
+void white_list_init(white_list_t *list) {
+    INIT_LIST_HEAD(list);
+}
+
+void white_list_add(white_list_t *list, u_int32_t addr) {
+    white_list_cell_t *cell;
+
+    cell = malloc(sizeof(white_list_cell_t));
+    if (!cell) {
+        fprintf(stderr, "unable to alloc enough memory for white list cell, skipping\n");
+        return;
+    }
+    cell->addr = addr;
+    INIT_LIST_HEAD(&cell->list);
+    list_add_tail(&cell->list, list);
+
+    ipset_whitelist_add(cell->addr);
+    white_list_save(list, IFW_WHITELIST_FILENAME);
+}
+
+white_list_cell_t *white_list_find(white_list_t *list, u_int32_t addr) {
+    struct list_head *entry;
+
+    __list_for_each(entry, list) {
+        white_list_cell_t *cell;
+        cell = list_entry(entry, white_list_cell_t, list);
+        if (cell->addr == addr) {
+            return cell;
+        }
+    }
+
+    return NULL;
+}
+
+void white_list_remove(white_list_t *list, u_int32_t addr) {
+    white_list_cell_t *cell, *n, *prev;
+
+    ipset_whitelist_remove(addr);
+
+    prev = NULL;
+    list_for_each_entry_safe(cell, n, list, list) {
+        if (prev)
+            free(prev);
+        if (cell->addr == addr) {
+            list_del(&cell->list);
+            prev = cell;
+        } else {
+            prev = NULL;
+        }
+    }
+    if (prev)
+        free(prev);
+
+    white_list_save(list, IFW_WHITELIST_FILENAME);
+}
+
+
+void white_list_print(white_list_t *list) {
+    struct list_head *entry;
+
+    printf("* white list {\n");
+    __list_for_each(entry, list) {
+        white_list_cell_t *cell;
+        struct in_addr addr;
+        cell = list_entry(entry, white_list_cell_t, list);
+        addr.s_addr = cell->addr;
+        printf("%s,\n", inet_ntoa(addr));
+    }
+    printf("} white list *\n");
+}
+
+void white_list_load(white_list_t *list, const char *filepath) {
+    FILE *fp;
+
+    fp = fopen(filepath, "r");
+    if (fp) {
+        char addr_str[16];
+        struct in_addr addr;
+        while (fscanf(fp, "%15s\n", addr_str) > 0) {
+            if (inet_aton(addr_str, &addr)) {
+                white_list_add(list, addr.s_addr);
+                printf("adding IP address in white list: %s\n", addr_str);
+            } else {
+                fprintf(stderr, "unable to parse IP address in white list: %s\n", addr_str);
+            }
+        }
+    } else {
+        fprintf(stderr, "unable to open white list file\n");
+    }
+}
+
+void white_list_save(white_list_t *list, const char *filepath) {
+    FILE *fp;
+    struct list_head *entry;
+
+    fp = fopen(filepath, "w+");
+    if (fp) {
+        __list_for_each(entry, list) {
+            white_list_cell_t *cell;
+            struct in_addr addr;
+            cell = list_entry(entry, white_list_cell_t, list);
+            addr.s_addr = cell->addr;
+            fprintf(fp, "%15s\n", inet_ntoa(addr));
+            printf("adding IP address in white list: %s\n", inet_ntoa(addr));
+        }
+    } else {
+        fprintf(stderr, "unable to write white list file\n");
+    }
+}