1 | #ifndef READ_ACCESS_CONTROL 2 | #define READ_ACCESS_CONTROL 3 | 4 | /*************************************** 5 | $Revision: 1.11 $ 6 | 7 | Access Control module (ac) - the header file. 8 | 9 | Status: NOT REVUED, NOT TESTED 10 | 11 | Design and implementation by: Marek Bukowy 12 | 13 | ******************/ /****************** 14 | Copyright (c) 1999 RIPE NCC 15 | 16 | All Rights Reserved 17 | 18 | Permission to use, copy, modify, and distribute this software and its 19 | documentation for any purpose and without fee is hereby granted, 20 | provided that the above copyright notice appear in all copies and that 21 | both that copyright notice and this permission notice appear in 22 | supporting documentation, and that the name of the author not be 23 | used in advertising or publicity pertaining to distribution of the 24 | software without specific, written prior permission. 25 | 26 | THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING 27 | ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS; IN NO EVENT SHALL 28 | AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY 29 | DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN 30 | AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 31 | OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 32 | ***************************************/ 33 | 34 | #include "erroutines.h" 35 | #include "iproutines.h" 36 | #include "rxroutines.h" 37 | 38 | 39 | #ifdef AC_IMPL 40 | #define EXTDEF 41 | #else 42 | #define EXTDEF extern 43 | #endif 44 | 45 | /* Access control structure */ 46 | typedef struct { 47 | /* max bonus values before temporary denial, 48 | * -1 == unlimited: */ 49 | int maxprivate; /* -- private objects */ 50 | int maxpublic; /* -- public objects */ 51 | short maxdenials; /* before the permanent ban is set */ 52 | char deny; /* THE ban itself */ 53 | char trustpass; /* has power to pass ip addresses */ 54 | } acl_st; 55 | 56 | 57 | /* Accounting == counters */ 58 | typedef struct { 59 | int connections; 60 | int addrpasses; 61 | int denials; 62 | int queries; 63 | int public_objects; 64 | int private_objects; 65 | int public_bonus; /* those two are .. */ 66 | int private_bonus; /* .. maintained only in the runtime tree */ 67 | } acc_st; 68 | 69 | 70 | #define ACC_PLUS 0 71 | #define ACC_MINUS 1 72 | 73 | 74 | /* prototypes */ 75 | er_ret_t AC_build(void); 76 | er_ret_t AC_fetch_acc( ip_addr_t *, acc_st * ); 77 | er_ret_t AC_check_acl( ip_addr_t *, acc_st *, acl_st *); 78 | void AC_acc_addup(acc_st *, acc_st *, int); 79 | er_ret_t AC_commit(ip_addr_t *, acc_st *,acl_st * ); 80 | er_ret_t AC_acc_load(void); 81 | er_ret_t AC_decay(void); 82 | 83 | /* interface to modifications on the fly */ 84 | er_ret_t AC_asc_ban_set(char *addrstr, char *text, int denyflag); 85 | 86 | 87 | /* printing */ 88 | char *AC_to_string(GList *leafptr); 89 | char *AC_credit_to_string(acc_st *a); 90 | er_ret_t AC_rxwalkhook_print(rx_node_t *node, int level, int nodecounter, void *con); 91 | er_ret_t AC_rxwalkhook_print_acl(rx_node_t *node, int level, int nodecounter, void *con); 92 | char *AC_to_string_header(void); 93 | char *AC_acl_to_string_header(void); 94 | 95 | /* declare global accounting trees */ 96 | EXTDEF rx_tree_t *act_runtime; 97 | EXTDEF rx_tree_t *act_hour; 98 | EXTDEF rx_tree_t *act_minute; 99 | 100 | /* declare global access control list tree */ 101 | EXTDEF rx_tree_t *act_acl; 102 | 103 | #undef EXTDEF 104 | #endif /* READ_ACCESS_CONTROL */