TDE
/
kmyfirewall
mirror of https://mirror.git.trinitydesktop.org/gitea/TDE/kmyfirewall
0
0
Fork 0
Code Issues Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
kmyfirewall/KMFIPTInterface/iptchecker.cpp

235 lines
6.4 KiB
Raw Permalink Blame History

/***************************************************************************
* Copyright (C) 2005 by Christian Hubinger *
* e9806056@student.tuwien.ac.at *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with this program; if not, write to the *
* Free Software Foundation, Inc., *
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. *
***************************************************************************/
#include "iptchecker.h"
extern "C" {
#include <getopt.h>
#include <sys/errno.h>
#include <stdio.h>
#include <fcntl.h>
#include <stdlib.h>
#include <string.h>
#include <dlfcn.h>
#include <time.h>
#include <netdb.h>
#include "libiptc/libiptc.h"
#include "iptables.h"
}
/* Here begins some of the code taken from iptables-save.c **************** */
#define IP_PARTS_NATIVE(n) \
(unsigned int)((n)>>24)&0xFF, \
(unsigned int)((n)>>16)&0xFF, \
(unsigned int)((n)>>8)&0xFF, \
(unsigned int)((n)&0xFF)
IPTChecker::IPTChecker()
{
}
IPTChecker::~IPTChecker()
{
}
int IPTChecker::numChainsInTable( char *tablename ) {
int foundChain = 0;
iptc_handle_t h;
const char *chain = NULL;
h = iptc_init(tablename);
if (!h) {
printf("Can't initialize IPT Handle for table %s : %s\n", tablename, iptc_strerror(errno));
return -1;
}
for (chain = iptc_first_chain(&h); chain; chain = iptc_next_chain(&h)) {
foundChain++;
}
printf("Table %s Num: %d\n", tablename, foundChain );
return foundChain;
}
int IPTChecker::numRulesInChain( char *tablename, char *chain ) {
int foundRule = 0;
iptc_handle_t h;
const struct ipt_entry *e;
const char *ch = NULL;
h = iptc_init(tablename);
if (!h) {
printf("Can't initialize IPT Handle for table %s : %s\n", tablename, iptc_strerror(errno));
return -1;
}
if ( iptc_is_chain( chain, h ) == 0 ) {
printf("Error Chain: %s Not Found in table: %s\n", chain, tablename );
return -1;
}
for (ch = iptc_first_chain(&h); ch; ch = iptc_next_chain(&h)) {
if ( strcmp( ch, chain ) == 0 ) {
int found = 0;
for (e = iptc_first_rule(ch, &h); e && found == 0; e = iptc_next_rule(e, &h)) {
foundRule++;
}
printf("Table: %s Chain: %s Num Rules: %d\n", tablename, chain, foundRule );
return foundRule;
}
}
return -1;
}
TQStringList IPTChecker::getRuleProperties( char * table, char *chain, int ruleIndex ) {
TQStringList list;
int numRules = 0;
int found = 0;
iptc_handle_t h;
const struct ipt_entry *rule = 0;
const struct ipt_entry *my_rule = 0;
const char *ch = NULL;
h = iptc_init(table);
if (!h) {
printf("Can't initialize IPT Handle for table %s : %s\n", table, iptc_strerror(errno));
return list;
}
if ( iptc_is_chain( chain, h ) == 0 ) {
printf("Error Chain: %s Not Found in table: %s\n", chain, table );
return list;
}
int foundChain = 0;
for (ch = iptc_first_chain(&h); ch && foundChain == 0; ch = iptc_next_chain(&h)) {
if ( strcmp( ch, chain ) == 0 ) {
foundChain = 1;
for (rule = iptc_first_rule(ch, &h); rule && found == 0; rule = iptc_next_rule(rule, &h)) {
if ( numRules == ruleIndex ) {
my_rule = rule;
found = 1;
}
numRules++;
}
}
}
if ( my_rule ) {
const char *target_name;
/* Print target name */
target_name = iptc_get_target( my_rule, &h );
if ( target_name && (*target_name != '\0') ) {
list << TQString("%1").arg(target_name);
}
/* Print targinfo part */
/* struct ipt_entry_target *t;
t = ipt_get_target( (struct ipt_entry *) my_rule );
if ( t ) {
list << "Found Target:";
list << t->u.user.name;
}
if ( t->u.user.name ) {
list << TQString("TARGET2:%1").arg(t->u.user.name);
struct iptables_target *target = find_target( target_name, TRY_LOAD );
if ( ! target ) {
list << "Can't find library for target `%s'\n" << t->u.user.name;
return list;
}
if (target->save) {
target->save(&my_rule->ip, t);
} else {
// If the target size is greater than ipt_entry_target
// there is something to be saved, we just don't know
// how to print it
if (t->u.target_size != sizeof(struct ipt_entry_target)) {
fprintf(stderr, "Target `%s' is missing "
"save function\n",
t->u.user.name);
return list;
}
}
}*/
} else {
list << "ERROR";
}
return list;
}
TQStringList IPTChecker::getChainsInTable( char * table ) {
TQStringList list;
int foundRule = 0;
iptc_handle_t h;
const struct ipt_entry *e;
const char *chain = NULL;
h = iptc_init(table);
if (!h) {
printf("Can't initialize IPT Handle for table %s : %s\n", table, iptc_strerror(errno));
return list;
}
for ( chain = iptc_first_chain(&h); chain; chain = iptc_next_chain(&h) ) {
list << chain;
}
return list;
}
TQString IPTChecker::getChainPolicy( char * table, char *chain ) {
TQString policy = "";
iptc_handle_t h;
const struct ipt_entry *e;
const char *ch = NULL;
h = iptc_init(table);
if (!h) {
printf("Can't initialize IPT Handle for table %s : %s\n", table, iptc_strerror(errno));
return "";
}
for ( ch = iptc_first_chain(&h); ch; ch = iptc_next_chain(&h) ) {
if ( strcmp( ch, chain ) == 0 ) {
if ( iptc_builtin(chain, h) ) {
struct ipt_counters count;
policy = iptc_get_policy(chain, &count, &h);
/* printf("%s ",
iptc_get_policy(chain, &count, &h));
printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt);*/
} else {
// printf("- [0:0]\n");
}
}
}
return policy;
}
View Git Blame Copy Permalink