simple iptables based packet limiter to deflect DoS attacks on our clients
[svn/Prometheus-QoS/.git] / parsehosts.c
1 /* Modified by: xChaos, 20131029 */
2
3 #include "cll1-0.6.2.h"
4 #include "ipstruct.h"
5
6 #define FIRSTGROUPID 1024
7 #define FIRSTIPCLASS 2048
8
9 /* globals declared in prometheus.c */
10 extern struct IP *ips, *ip, *sharedip, *networks;
11 extern struct Group *groups, *group;
12 extern struct Keyword *keyword, *defaultkeyword, *keywords;
13 extern int class_count;
14 extern int ip_count;
15 extern int found_lmsid;
16 extern int free_min;
17 extern const int highest_priority;
18 extern char *ip6prefix;
19
20 void update_network(char *look_for, struct IP* ip);
21 /* implemented in networks.c */
22
23 /* This must be object oriented! This looks almost like constructor ;-) */
24 void TheIP(char *ipaddr, int is_network)
25 {
26 create(ip,IP);
27 ip->name = "";
28 ip->addr = ipaddr;
29 ip->sharing = NULL;
30 ip->prio = highest_priority+1;
31 ip->lmsid = -1;
32 ip->fixedprio = \
33 ip->mark = \
34 ip->min = \
35 ip->max = \
36 ip->desired = \
37 ip->credit = \
38 ip->upload = \
39 ip->proxy = \
40 ip->direct = \
41 ip->traffic = \
42 ip->pktsup = \
43 ip->pps_limit = \
44 ip->pktsdown = 0;
45 ip->keyword = keywords;
46 ip->v6 = (strchr(ip->addr,':')!=NULL);
47 ip->mask = ((ip->v6)?64:32);
48 if(is_network)
49 {
50 push(ip, networks);
51 }
52 else
53 {
54 push(ip, ips);
55 }
56 ip_count++;
57 }
58
59 struct IP *lastIP6;
60
61 /* == This function strips extra characters after IPv4 address and stores it = */
62 void parse_and_append_ip(char *str, struct IP *listhead)
63 {
64 char *ptr, *ipaddr, *ip6range = NULL, *ipname = NULL, *lmsid = NULL;
65
66 if(ip6prefix) /* Try this only if IPv6 subsystem is active... */
67 {
68 ptr = strstr(str, "::");
69 if(ptr && ptr-str > 4)
70 {
71 ptr -= 4;
72 duplicate(ptr, ip6range);
73 ptr = strstr(ip6range, "::");
74 if(ptr)
75 {
76 *(ptr+2) = 0;
77 }
78 }
79 }
80
81 ptr = strchr(str, '{');
82 if(ptr)
83 {
84 lmsid = ++ptr;
85 while(*ptr and *ptr != '}')
86 {
87 ptr++;
88 }
89 *ptr = 0;
90 }
91
92 ptr = str;
93 while(*ptr and *ptr!=' ' and *ptr!=9)
94 {
95 ptr++;
96 }
97
98 *ptr = 0;
99 ipaddr = str;
100 ptr++;
101 while(*ptr and (*ptr==' ' or *ptr==9))
102 {
103 ptr++;
104 }
105 ipname=ptr;
106 while(*ptr and *ptr!=' ' and *ptr!=9)
107 {
108 ptr++;
109 }
110 *ptr=0;
111
112 if(ip6range)
113 {
114 concatenate(ip6prefix,ip6range,ptr);
115 ip6range=ptr;
116 if_exists(ip, ips, eq(ip->addr,ip6range));
117 else
118 {
119 TheIP(ip6range, FALSE);
120 }
121 ip->name = ip6range;
122 ip->keyword = defaultkeyword; /* settings for default keyword */
123 if(lmsid)
124 {
125 ip->lmsid = atoi(lmsid);
126 }
127 lastIP6 = ip;
128 }
129 else
130 {
131 lastIP6 = NULL;
132 }
133
134 if_exists(ip, listhead, eq(ip->addr,ipaddr));
135 else
136 {
137 TheIP(ipaddr, (listhead==networks));
138 }
139 ip->name = ipname;
140 if(lmsid)
141 {
142 ip->lmsid = atoi(lmsid);
143 found_lmsid = TRUE;
144 }
145 }
146
147 /* == This function parses hosts style main configuration file == */
148 void parse_hosts(char *hosts)
149 {
150 int groupidx = FIRSTGROUPID;
151 char *str, *ptr;
152 char *substring;
153 struct IP *network;
154
155 parse(hosts)
156 {
157 str=_;
158
159 if(*str < '0' or *str > '9')
160 {
161 /* any line starting with non-number is comment ...*/
162 continue;
163 }
164
165 /* Does this IP share QoS class with some other ? */
166 substring = strstr(str, "sharing-");
167 if(substring)
168 {
169 substring += 8; /* "sharing-" */
170 parse_and_append_ip(str, ips);
171 ip->sharing = substring;
172 ip->keyword = defaultkeyword; /* settings for default keyword */
173 if(lastIP6)
174 {
175 lastIP6->sharing = substring;
176 lastIP6 = NULL;
177 }
178 while(*substring and *substring != '\n')
179 {
180 substring++;
181 }
182 *substring = 0;
183 }
184 else
185 {
186 substring = strstr(str, "#255.");
187 if(substring and not strstr(str, "#255.255.255.255")) /* do not ping /32 ranges */
188 {
189 /* netmask detected - save network*/
190 unsigned bit;
191 unsigned num, mask = 8;
192 substring += 5;
193 while(substring && *substring)
194 {
195 ptr = substring;
196 substring = strchr(substring, '.');
197 if(substring)
198 {
199 *substring = 0;
200 substring += 1;
201 }
202 num = atoi(ptr);
203 for(bit = 1; bit <=128 ; bit<<=1)
204 {
205 if(bit & num)
206 {
207 mask++;
208 }
209 }
210 }
211 parse_and_append_ip(str, networks);
212 ip->mask = mask;
213 }
214 else
215 {
216 /*Do we have to create new QoS class for this IP ? */
217 if_exists(keyword,keywords,(substring=strstr(str,keyword->key)))
218 {
219 parse_and_append_ip(str, ips);
220 if(lastIP6)
221 {
222 lastIP6->sharing = ip->name;
223 lastIP6 = NULL;
224 }
225 ip->keyword = keyword;
226 keyword->ip_count++;
227 ip->prio = keyword->default_prio;
228 substring += strlen(keyword->key)+1;
229 ptr = substring;
230 while(*ptr and *ptr != '-')
231 {
232 ptr++;
233 }
234 if(*ptr == '-')
235 {
236 *ptr=0;
237 ip->max = ip->desired = atoi(ptr+1);
238 }
239
240 ip->min = atoi(substring);
241 if(ip->min <= 0)
242 {
243 printf(" %s: Illegal value of minimum bandwidth 0 kbps, using %d kb/s\n",
244 str, free_min);
245 ip->min = free_min;
246 }
247
248 if(ip->max <= ip->min)
249 {
250 ip->fixedprio = TRUE;
251 ip->max = ip->min + ip->keyword->reserve_min;
252 }
253 else
254 {
255 ip->max -= ip->keyword->reserve_max;
256 if(ip->max < ip->min)
257 {
258 ip->max = ip->min;
259 }
260 }
261
262 /* MTU is 1450 bytes = 11600 bits ~= 12 kbit, max is in kb/s */
263 ip->pps_limit = ip->max/12;
264 ip->mark = FIRSTIPCLASS+1+class_count++;
265 update_network(ip->addr, ip);
266
267 if_exists(group,groups,(group->min == ip->min))
268 {
269 group->count++;
270 group->desired += ip->min;
271 ip->group = group->id;
272 }
273 else
274 {
275 create(group,Group);
276 group->min = ip->min;
277 group->id = groupidx++;
278 ip->group = group->id;
279
280 if(group->min < 8) group->min = 8;
281 /* Warning - this is maybe because of primitive tc namespace, can be fixed */
282 /* it is because class IDs are derived from min. bandwidth. - xCh */
283 //if(group->min>MAX_GUARANTED_KBPS) group->min=MAX_GUARANTED_KBPS;
284
285 group->count = 1;
286 group->desired = ip->min;
287 insert(group, groups, desc_order_by,min);
288 }
289 }//endif keyword-
290 }//endif netmask
291 }//endif sharing-
292 }
293 fail
294 {
295 perror(hosts);
296 exit(-1);
297 }
298 done; /* ugly macro end */
299 // TheIP("0.0.0.0", TRUE);
300 // ip->name = "TOTAL";
301 // ip->mask = 0;
302 }
This page took 0.390908 seconds and 4 git commands to generate.