1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
#include "white_list.h"
#include "ipset.h"
#include "ifw.h"
#include <stdio.h>
#include <stdlib.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/socket.h>
void white_list_init(white_list_t *list) {
INIT_LIST_HEAD(list);
}
void white_list_add(white_list_t *list, u_int32_t addr) {
white_list_cell_t *cell;
cell = malloc(sizeof(white_list_cell_t));
if (!cell) {
fprintf(stderr, "unable to alloc enough memory for white list cell, skipping\n");
return;
}
cell->addr = addr;
INIT_LIST_HEAD(&cell->list);
list_add_tail(&cell->list, list);
ipset_whitelist_add(cell->addr);
white_list_save(list, IFW_WHITELIST_FILENAME);
}
white_list_cell_t *white_list_find(white_list_t *list, u_int32_t addr) {
struct list_head *entry;
__list_for_each(entry, list) {
white_list_cell_t *cell;
cell = list_entry(entry, white_list_cell_t, list);
if (cell->addr == addr) {
return cell;
}
}
return NULL;
}
void white_list_remove(white_list_t *list, u_int32_t addr) {
white_list_cell_t *cell, *n, *prev;
ipset_whitelist_remove(addr);
prev = NULL;
list_for_each_entry_safe(cell, n, list, list) {
if (prev)
free(prev);
if (cell->addr == addr) {
list_del(&cell->list);
prev = cell;
} else {
prev = NULL;
}
}
if (prev)
free(prev);
white_list_save(list, IFW_WHITELIST_FILENAME);
}
void white_list_print(white_list_t *list) {
struct list_head *entry;
printf("* white list {\n");
__list_for_each(entry, list) {
white_list_cell_t *cell;
struct in_addr addr;
cell = list_entry(entry, white_list_cell_t, list);
addr.s_addr = cell->addr;
printf("%s,\n", inet_ntoa(addr));
}
printf("} white list *\n");
}
void white_list_load(white_list_t *list, const char *filepath) {
FILE *fp;
fp = fopen(filepath, "r");
if (fp) {
char addr_str[16];
struct in_addr addr;
while (fscanf(fp, "%15s\n", addr_str) > 0) {
if (inet_aton(addr_str, &addr)) {
white_list_add(list, addr.s_addr);
printf("adding IP address in white list: %s\n", addr_str);
} else {
fprintf(stderr, "unable to parse IP address in white list: %s\n", addr_str);
}
}
fclose(fp);
} else {
fprintf(stderr, "unable to open white list file\n");
}
}
void white_list_save(white_list_t *list, const char *filepath) {
FILE *fp;
struct list_head *entry;
fp = fopen(filepath, "w+");
if (fp) {
__list_for_each(entry, list) {
white_list_cell_t *cell;
struct in_addr addr;
cell = list_entry(entry, white_list_cell_t, list);
addr.s_addr = cell->addr;
fprintf(fp, "%15s\n", inet_ntoa(addr));
printf("adding IP address in white list: %s\n", inet_ntoa(addr));
}
fclose(fp);
} else {
fprintf(stderr, "unable to write white list file\n");
}
}
|
