3 * $Id: inet.c,v 1.4 2002/01/13 14:49:56 mdw Exp $
5 * Protocol specific definitions for IPv4 sockets
7 * (c) 1999 Straylight/Edgeware
10 /*----- Licensing notice --------------------------------------------------*
12 * This file is part of the `fw' port forwarder.
14 * `fw' is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * `fw' is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with `fw'; if not, write to the Free Software Foundation,
26 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
29 /*----- Revision history --------------------------------------------------*
32 * Revision 1.4 2002/01/13 14:49:56 mdw
33 * Conditional compilation for @getnetbyname@, since Cygwin doesn't have
36 * Revision 1.3 2000/08/01 17:59:56 mdw
37 * Switch over to using `size_t' for socket address lengths.
39 * Revision 1.2 1999/07/27 18:30:53 mdw
40 * Various minor portability fixes.
42 * Revision 1.1 1999/07/26 23:34:11 mdw
43 * New socket address types.
47 /*----- Header files ------------------------------------------------------*/
57 #include <sys/types.h>
60 #include <sys/socket.h>
61 #include <netinet/in.h>
62 #include <arpa/inet.h>
65 #include <mLib/alloc.h>
66 #include <mLib/dstr.h>
67 #include <mLib/report.h>
78 /*----- Data structures ---------------------------------------------------*/
80 typedef struct inet_addrx
{
82 struct sockaddr_in sin
;
85 typedef struct inet_opts
{
91 /*----- Protocol operations -----------------------------------------------*/
95 static addr
*inet_read(scanner
*sc
, unsigned type
)
97 inet_addrx
*ia
= xmalloc(sizeof(*ia
));
99 ia
->a
.ops
= &inet_ops
;
100 ia
->a
.sz
= sizeof(struct sockaddr_in
);
101 memset(&ia
->sin
, 0, sizeof(ia
->sin
));
102 ia
->sin
.sin_family
= AF_INET
;
104 /* --- Read the host address part --- */
108 if (sc
->t
== CTOK_WORD
&& strcmp(sc
->d
.buf
, "port") == 0)
110 ia
->sin
.sin_addr
.s_addr
= htonl(INADDR_ANY
);
115 conf_name(sc
, '.', &d
);
116 if ((h
= gethostbyname(d
.buf
)) == 0)
117 error(sc
, "couldn't resolve Internet address `%s'", d
.buf
);
118 memcpy(&ia
->sin
.sin_addr
, h
->h_addr
, sizeof(struct in_addr
));
125 /* --- Read the port number --- */
130 if (sc
->t
!= CTOK_WORD
)
131 error(sc
, "parse error, TCP port expected");
132 if (isdigit((unsigned char)sc
->d
.buf
[0]))
133 ia
->sin
.sin_port
= htons(atoi(sc
->d
.buf
));
134 else if ((s
= getservbyname(sc
->d
.buf
, "tcp")) == 0)
135 error(sc
, "unknown tcp service `%s'", sc
->d
.buf
);
137 ia
->sin
.sin_port
= s
->s_port
;
144 /* --- @destroy@ --- */
146 static void inet_destroy(addr
*a
)
148 inet_addrx
*ia
= (inet_addrx
*)a
;
152 /* --- @print@ --- */
154 static void inet_print(addr
*a
, unsigned type
, dstr
*d
)
156 inet_addrx
*ia
= (inet_addrx
*)a
;
159 dstr_putf(d
, "inet:%u", (unsigned)ntohs(ia
->sin
.sin_port
));
162 dstr_putf(d
, "inet:%s:%u",
163 inet_ntoa(ia
->sin
.sin_addr
),
164 (unsigned)ntohs(ia
->sin
.sin_port
));
169 /* --- @initopts@ --- */
171 static addr_opts
*inet_initopts(void)
173 inet_opts
*io
= CREATE(inet_opts
);
175 io
->acltail
= &io
->acl
;
179 /* --- @option@ --- */
181 static int inet_option(scanner
*sc
, addr_opts
*ao
)
183 inet_opts
*io
= (inet_opts
*)ao
;
185 CONF_BEGIN(sc
, "inet", "Internet socket")
189 /* --- Access control limitations --- */
191 if ((strcmp(sc
->d
.buf
, "allow") == 0 && (act
= ACL_ALLOW
, 1)) ||
192 (strcmp(sc
->d
.buf
, "deny") == 0 && (act
= ACL_DENY
, 1))) {
198 /* --- Find the host or network address --- */
201 if (sc
->t
== CTOK_WORD
&& strcmp(sc
->d
.buf
, "from") == 0)
203 conf_name(sc
, '.', &d
);
204 #ifdef HAVE_GETNETBYNAME
205 if ((n
= getnetbyname(d
.buf
)) != 0)
206 a
.s_addr
= htonl(n
->n_net
);
209 if ((h
= gethostbyname(d
.buf
)) == 0)
210 error(sc
, "couldn't resolve address `%s'", d
.buf
);
212 memcpy(&a
, h
->h_addr
, sizeof(struct in_addr
));
214 /* --- Find the netmask, if any --- */
221 conf_name(sc
, '.', &d
);
222 if (strchr(d
.buf
, '.') == 0) {
227 m
.s_addr
= htonl((~0ul << (32 - n
)) & 0xffffffff);
229 #ifdef HAVE_INET_ATON
230 if (!inet_aton(d
.buf
, &m
))
231 error(sc
, "bad netmask `%s'", d
.buf
);
233 m
.s_addr
= inet_addr(d
.buf
);
239 /* --- Add the access control entry --- */
241 acl_add(io ?
&io
->acltail
: 0, act
, a
, m
);
245 /* --- Anything unrecognized --- */
250 /* --- @accept@ --- */
252 static reffd
*inet_accept(int fd
, addr_opts
*ao
, const char *desc
)
254 inet_opts
*io
= (inet_opts
*)ao
;
257 size_t lsinsz
= sizeof(q
.lsin
), rsinsz
= sizeof(q
.rsin
);
259 /* --- Accept the new connection --- */
261 if ((nfd
= accept(fd
, (struct sockaddr
*)&q
.rsin
, &rsinsz
)) < 0)
263 if (getsockname(nfd
, (struct sockaddr
*)&q
.lsin
, &lsinsz
)) {
268 q
.r
= reffd_init(nfd
);
270 /* --- Find out whether this connection is allowed --- */
272 if (!acl_check(io
->acl
, q
.rsin
.sin_addr
)) {
274 if (!(io
->ao
.f
& ADDRF_NOLOG
))
280 /* --- Everything seems to be OK --- */
283 if (!(io
->ao
.f
& ADDRF_NOLOG
))
288 /* --- @freeopts@ --- */
290 static void inet_freeopts(addr_opts
*ao
)
292 inet_opts
*io
= (inet_opts
*)ao
;
297 /* --- Ops table --- */
299 addr_ops inet_ops
= {
301 inet_read
, inet_destroy
, inet_print
,
302 inet_initopts
, inet_option
, inet_accept
, inet_freeopts
, 0, 0
305 /*----- That's all, folks -------------------------------------------------*/