1 | #ifndef READ_ACCESS_CONTROL 2 | #define READ_ACCESS_CONTROL 3 | 4 | /*************************************** 5 | $Revision: 1.9 $ 6 | 7 | Access Control module (ac). 8 | 9 | Status: NOT REVUED, NOT TESTED 10 | 11 | +html+ <DL COMPACT> 12 | +html+ <DT>Online References: 13 | +html+ <DD><UL> 14 | +html+ </UL> 15 | +html+ </DL> 16 | +html+ <PRE> 17 | +html+ </PRE> 18 | 19 | ******************/ /****************** 20 | Copyright (c) 1999 RIPE NCC 21 | 22 | All Rights Reserved 23 | 24 | Permission to use, copy, modify, and distribute this software and its 25 | documentation for any purpose and without fee is hereby granted, 26 | provided that the above copyright notice appear in all copies and that 27 | both that copyright notice and this permission notice appear in 28 | supporting documentation, and that the name of the author not be 29 | used in advertising or publicity pertaining to distribution of the 30 | software without specific, written prior permission. 31 | 32 | THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING 33 | ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS; IN NO EVENT SHALL 34 | AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY 35 | DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 36 | AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 37 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 38 | ***************************************/ 39 | 40 | #include "erroutines.h" 41 | #include "iproutines.h" 42 | #include "rxroutines.h" 43 | 44 | 45 | #ifdef AC_IMPL 46 | #define EXTDEF 47 | #else 48 | #define EXTDEF extern 49 | #endif 50 | 51 | /* Access control structure */ 52 | typedef struct { 53 | int maxbonus; /* (before temporary denial) -1 == unlimited */ 54 | int maxpublic; /* max# of public objects, -1 == unlimited (default) */ 55 | short maxdenials; /* before the permanent ban is set */ 56 | char deny; /* THE ban itself */ 57 | char trustpass; /* has power to pass ip addresses */ 58 | } acl_st; 59 | 60 | 61 | /* Accounting == counters */ 62 | typedef struct { 63 | int connections; 64 | int addrpasses; 65 | int denials; 66 | int queries; 67 | int public_objects; 68 | int private_objects; 69 | int private_bonus; /* maintained only in runtime tree */ 70 | } acc_st; 71 | 72 | 73 | #define ACC_PLUS 0 74 | #define ACC_MINUS 1 75 | 76 | er_ret_t AC_build(void); 77 | er_ret_t AC_fetch_acc( ip_addr_t *, acc_st * ); 78 | er_ret_t AC_check_acl( ip_addr_t *, acc_st *, acl_st *); 79 | void AC_acc_addup(acc_st *, acc_st *, int); 80 | er_ret_t AC_commit(ip_addr_t *, acc_st *,acl_st * ); 81 | er_ret_t AC_acc_load(void); 82 | er_ret_t AC_decay(void); 83 | 84 | /* interface to modifications on the fly */ 85 | er_ret_t AC_asc_ban_set(char *addrstr, char *text, int denyflag); 86 | 87 | 88 | /* printing */ 89 | char *AC_to_string(GList *leafptr); 90 | char *AC_credit_to_string(acc_st *a); 91 | er_ret_t AC_rxwalkhook_print(rx_node_t *node, int level, int nodecounter, void *con); 92 | er_ret_t AC_rxwalkhook_print_acl(rx_node_t *node, int level, int nodecounter, void *con); 93 | char *AC_to_string_header(void); 94 | char *AC_acl_to_string_header(void); 95 | 96 | /* declare global accounting trees */ 97 | EXTDEF rx_tree_t *act_runtime; 98 | EXTDEF rx_tree_t *act_hour; 99 | EXTDEF rx_tree_t *act_minute; 100 | 101 | /* declare global access control list tree */ 102 | EXTDEF rx_tree_t *act_acl; 103 | 104 | #undef EXTDEF 105 | #endif /* READ_ACCESS_CONTROL */