PERFORCE change 135602 for review
Aaron Meihm
alm at FreeBSD.org
Sun Feb 17 14:44:51 PST 2008
http://perforce.freebsd.org/chv.cgi?CH=135602
Change 135602 by alm at alm_praetorian on 2008/02/17 22:44:28
Clean up component and configuration file parsing, beginning of
support for src network components.
Affected files ...
.. //depot/projects/trustedbsd/netauditd/netauditd.c#4 edit
.. //depot/projects/trustedbsd/netauditd/netauditd.conf#2 edit
.. //depot/projects/trustedbsd/netauditd/netauditd.h#2 edit
Differences ...
==== //depot/projects/trustedbsd/netauditd/netauditd.c#4 (text+ko) ====
@@ -52,8 +52,9 @@
int (*c_func)(args_t *);
} conftab[] = {
{ "src", "pipe", 4, conf_parse_src_pipe },
+ { "src", "net", 5, conf_parse_net },
{ "dst", "trail", 5, conf_parse_dst_trail },
- { "dst", "net", 6, conf_parse_dst_net },
+ { "dst", "net", 6, conf_parse_net },
{ NULL, NULL, 0, NULL }
};
@@ -64,6 +65,77 @@
TAILQ_HEAD(au_dstlist, au_cmpnt) au_dstlist;
struct au_cmpnt *
+component_init(int is_src, char *type, char *name)
+{
+ struct au_cmpnt *new;
+
+ new = malloc(sizeof(struct au_cmpnt));
+ if (new == NULL)
+ return (NULL);
+ memset(new, 0, sizeof(struct au_cmpnt));
+ if (is_src) {
+ if (strcmp(type, "net") == 0)
+ new->ac_type = NETAUDIT_SRC_NET;
+ else if (strcmp(type, "pipe") == 0)
+ new->ac_type = NETAUDIT_SRC_PIPE;
+ else {
+ free(new);
+ return (NULL);
+ }
+ }
+ else {
+ if (strcmp(type, "net") == 0)
+ new->ac_type = NETAUDIT_DST_NET;
+ else if (strcmp(type, "trail") == 0)
+ new->ac_type = NETAUDIT_DST_TRAIL;
+ else {
+ free(new);
+ return (NULL);
+ }
+ }
+ if ((new->ac_name = strdup(name)) == NULL) {
+ free(new);
+ return (NULL);
+ }
+ TAILQ_INIT(&new->ac_oq);
+ return (new);
+}
+
+int
+component_clear_oq(struct au_cmpnt *ptr)
+{
+ struct au_queue_ent *a, *b;
+
+ if (TAILQ_EMPTY(&ptr->ac_oq))
+ return (0);
+ TAILQ_FOREACH_SAFE(a, &ptr->ac_oq, aq_glue, b) {
+ TAILQ_REMOVE(&ptr->ac_oq, a, aq_glue);
+ a->aq_ptr->ar_refcount--;
+ if (a->aq_ptr->ar_refcount == 0) {
+ free(a->aq_ptr->ar_sbuf);
+ free(a->aq_ptr);
+ }
+ free(a);
+ }
+ return (1);
+}
+
+void
+component_destroy(struct au_cmpnt *ptr)
+{
+ if (ptr->ac_name != NULL)
+ free(ptr->ac_name);
+ if (ptr->ac_path != NULL)
+ free(ptr->ac_path);
+ if (ptr->ac_ainfo != NULL)
+ freeaddrinfo(ptr->ac_ainfo);
+ if (ptr->ac_consumers != NULL)
+ free(ptr->ac_consumers);
+ component_clear_oq(ptr);
+ free(ptr);
+}
+
+struct au_cmpnt *
conf_get_src(char *name)
{
struct au_cmpnt *ret;
@@ -76,12 +148,53 @@
}
int
+conf_parse_net(args_t *a)
+{
+ struct addrinfo hints;
+ struct au_cmpnt *new;
+ char *host, *svc;
+ int is_src = 0;
+
+ if (strcmp(a->args[0], "src") == 0)
+ is_src = 1;
+ else if (strcmp(a->args[0], "dst") != 0)
+ return (-1);
+ host = a->args[3];
+ svc = a->args[4];
+ if ((new = component_init(is_src, a->args[2], a->args[1])) == NULL)
+ exit(2);
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = PF_UNSPEC;
+ hints.ai_socktype = SOCK_STREAM;
+ if (is_src) {
+ hints.ai_flags = AI_PASSIVE;
+ new->ac_type = NETAUDIT_SRC_NET;
+ }
+ else
+ new->ac_type = NETAUDIT_DST_NET;
+ if (getaddrinfo(host, svc, &hints, &new->ac_ainfo) != 0) {
+ free(new);
+ return (-1);
+ }
+ if (is_src)
+ TAILQ_INSERT_TAIL(&au_srclist, new, ac_glue);
+ else {
+ if (conf_link_consumers(new, a, 5) == -1) {
+ component_destroy(new);
+ return (-1);
+ }
+ TAILQ_INSERT_TAIL(&au_dstlist, new, ac_glue);
+ }
+ return (0);
+}
+
+int
conf_link_consumers(struct au_cmpnt *ac, args_t *a, int start)
{
struct au_cmpnt *ptr;
- int i, j;
+ int i;
- for (j = 0, i = start; i < a->args_n; i++) {
+ for (i = start; i < a->args_n; i++) {
if ((ptr = conf_get_src(a->args[i])) == NULL)
return (-1);
dprintf("%s <- %s\n", ac->ac_name, ptr->ac_name);
@@ -104,13 +217,8 @@
{
struct au_cmpnt *new;
- new = malloc(sizeof(struct au_cmpnt));
- if (new == NULL)
+ if ((new = component_init(1, a->args[2], a->args[1])) == NULL)
exit(2);
- memset(new, 0, sizeof(struct au_cmpnt));
- if ((new->ac_name = strdup(a->args[1])) == NULL)
- exit(2);
- new->ac_type = NETAUDIT_SRC_PIPE;
if ((new->ac_path = strdup(a->args[3])) == NULL)
exit(2);
TAILQ_INSERT_TAIL(&au_srclist, new, ac_glue);
@@ -122,18 +230,14 @@
{
struct au_cmpnt *new;
- new = malloc(sizeof(struct au_cmpnt));
- if (new == NULL)
+ if ((new = component_init(0, a->args[2], a->args[1])) == NULL)
exit(2);
- memset(new, 0, sizeof(struct au_cmpnt));
- if ((new->ac_name = strdup(a->args[1])) == NULL)
- exit(2);
- new->ac_type = NETAUDIT_DST_TRAIL;
if ((new->ac_path = strdup(a->args[3])) == NULL)
exit(2);
- if (conf_link_consumers(new, a, 4) == -1)
+ if (conf_link_consumers(new, a, 4) == -1) {
+ component_destroy(new);
return (-1);
- TAILQ_INIT(&new->ac_oq);
+ }
TAILQ_INSERT_TAIL(&au_dstlist, new, ac_glue);
return (0);
}
==== //depot/projects/trustedbsd/netauditd/netauditd.conf#2 (text+ko) ====
@@ -1,6 +1,7 @@
# $Id: netauditd.conf,v 1.3 2008/02/14 05:13:47 alm Exp $
src src0 pipe /dev/auditpipe
+#src src1 net 0.0.0.0 9999
dst dst0 trail /tmp/src0/trail src0
==== //depot/projects/trustedbsd/netauditd/netauditd.h#2 (text+ko) ====
@@ -32,6 +32,7 @@
#define NETAUDIT_DELAY_TIMER 100000
#define NETAUDIT_SRC_PIPE 1
+#define NETAUDIT_SRC_NET 2
#define NETAUDIT_DST_TRAIL 1
#define NETAUDIT_DST_NET 2
@@ -66,13 +67,18 @@
int args_n;
} args_t;
+int component_clear_oq(struct au_cmpnt *);
+void component_destroy(struct au_cmpnt *);
+struct au_cmpnt *component_init(int, char *, char *);
struct au_cmpnt *conf_get_src(char *);
void conf_load(char *);
-int conf_link_consumer(struct au_cmpnt *, args_t *, int);
+int conf_link_consumers(struct au_cmpnt *, args_t *, int);
void conf_parse(char *, int);
int conf_parse_src_pipe(args_t *);
int conf_parse_dst_trail(args_t *);
int conf_parse_dst_net(args_t *);
+int conf_parse_src_net(args_t *);
+int conf_parse_net(args_t *);
args_t *conf_parse_args(char *);
void conf_free_args(args_t *);
void dprintf(char *, ...);
More information about the p4-projects
mailing list