3 * $Id: inet.c,v 1.1 1999/07/26 23:34:11 mdw Exp $
5 * Protocol specific definitions for IPv4 sockets
7 * (c) 1999 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of the `fw' port forwarder.
14 * `fw' is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * `fw' is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with `fw'; if not, write to the Free Software Foundation,
26 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
29 /*----- Revision history --------------------------------------------------*
32 * Revision 1.1 1999/07/26 23:34:11 mdw
33 * New socket address types.
37 /*----- Header files ------------------------------------------------------*/
47 #include <sys/types.h>
50 #include <sys/socket.h>
51 #include <netinet/in.h>
52 #include <arpa/inet.h>
55 #include <mLib/alloc.h>
56 #include <mLib/dstr.h>
57 #include <mLib/report.h>
68 /*----- Data structures ---------------------------------------------------*/
70 typedef struct inet_addrx {
72 struct sockaddr_in sin;
75 typedef struct inet_opts {
81 /*----- Protocol operations -----------------------------------------------*/
85 static addr *inet_read(scanner *sc, unsigned type)
87 inet_addrx *ia = xmalloc(sizeof(*ia));
89 ia->a.ops = &inet_ops;
90 ia->a.sz = sizeof(struct sockaddr_in);
91 ia->sin.sin_family = AF_INET;
93 /* --- Read the host address part --- */
97 if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "port") == 0)
99 ia->sin.sin_addr.s_addr = htonl(INADDR_ANY);
104 conf_name(sc, '.', &d);
105 if ((h = gethostbyname(d.buf)) == 0)
106 error(sc, "couldn't resolve Internet address `%s'", d.buf);
107 memcpy(&ia->sin.sin_addr, h->h_addr, sizeof(struct in_addr));
114 /* --- Read the port number --- */
119 if (sc->t != CTOK_WORD)
120 error(sc, "parse error, TCP port expected");
121 if (isdigit((unsigned char)sc->d.buf[0]))
122 ia->sin.sin_port = htons(atoi(sc->d.buf));
123 else if ((s = getservbyname(sc->d.buf, "tcp")) == 0)
124 error(sc, "unknown tcp service `%s'", sc->d.buf);
126 ia->sin.sin_port = s->s_port;
133 /* --- @destroy@ --- */
135 static void inet_destroy(addr *a)
137 inet_addrx *ia = (inet_addrx *)a;
141 /* --- @print@ --- */
143 static void inet_print(addr *a, unsigned type, dstr *d)
145 inet_addrx *ia = (inet_addrx *)a;
148 dstr_putf(d, "inet:%u", (unsigned)ntohs(ia->sin.sin_port));
151 dstr_putf(d, "inet:%s:%u",
152 inet_ntoa(ia->sin.sin_addr),
153 (unsigned)ntohs(ia->sin.sin_port));
158 /* --- @initopts@ --- */
160 static addr_opts *inet_initopts(void)
162 inet_opts *io = CREATE(inet_opts);
164 io->acltail = &io->acl;
168 /* --- @option@ --- */
170 static int inet_option(scanner *sc, addr_opts *ao)
172 inet_opts *io = (inet_opts *)ao;
174 CONF_BEGIN(sc, "inet", "Internet socket")
178 /* --- Access control limitations --- */
180 if ((strcmp(sc->d.buf, "allow") == 0 && (act = ACL_ALLOW, 1)) ||
181 (strcmp(sc->d.buf, "deny") == 0 && (act = ACL_DENY, 1))) {
187 /* --- Find the host or network address --- */
190 if (sc->t == CTOK_WORD && strcmp(sc->d.buf, "from") == 0)
192 conf_name(sc, '.', &d);
193 if ((n = getnetbyname(d.buf)) != 0)
194 a.s_addr = htonl(n->n_net);
195 else if ((h = gethostbyname(d.buf)) == 0)
196 error(sc, "couldn't resolve address `%s'", d.buf);
198 memcpy(&a, h->h_addr, sizeof(struct in_addr));
200 /* --- Find the netmask, if any --- */
207 conf_name(sc, '.', &d);
208 if (strchr(d.buf, '.') == 0) {
213 m.s_addr = htonl((~0ul << (32 - n)) & 0xffffffff);
215 #ifdef HAVE_INET_ATON
216 if (!inet_aton(d.buf, &m))
217 error(sc, "bad netmask `%s'", d.buf);
219 m.s_addr = inet_addr(d.buf);
225 /* --- Add the access control entry --- */
227 acl_add(io ? &io->acltail : 0, act, a, m);
231 /* --- Anything unrecognized --- */
236 /* --- @accept@ --- */
238 static reffd *inet_accept(int fd, addr_opts *ao, const char *desc)
240 inet_opts *io = (inet_opts *)ao;
243 int lsinsz = sizeof(q.lsin), rsinsz = sizeof(q.rsin);
245 /* --- Accept the new connection --- */
247 if ((nfd = accept(fd, (struct sockaddr *)&q.rsin, &rsinsz)) < 0)
249 if (getsockname(nfd, (struct sockaddr *)&q.lsin, &lsinsz)) {
254 q.r = reffd_init(nfd);
256 /* --- Find out whether this connection is allowed --- */
258 if (!acl_check(io->acl, q.rsin.sin_addr)) {
260 if (!(io->ao.f & ADDRF_NOLOG))
266 /* --- Everything seems to be OK --- */
269 if (!(io->ao.f & ADDRF_NOLOG))
274 /* --- @freeopts@ --- */
276 static void inet_freeopts(addr_opts *ao)
278 inet_opts *io = (inet_opts *)ao;
283 /* --- Ops table --- */
285 addr_ops inet_ops = {
287 inet_read, inet_destroy, inet_print,
288 inet_initopts, inet_option, inet_accept, inet_freeopts, 0, 0
291 /*----- That's all, folks -------------------------------------------------*/