#include #include #include #include #include #include #include #define LNSIZE 80 /* max length of an input line */ #define MAXRULES 30 /* max number of lines per rule */ #define BUFSIZE 4096 /* max size of a record */ #define IFCOUNT 5 /* max number of interfaces per host */ #define GRPCOUNT 50 /* max number of groups allowed per host */ /* structure contains default.W */ typedef struct rulenum { char *src[MAXRULES]; /* contains src hostname */ char *dst[MAXRULES]; /* contains dest hostname */ char *svc[MAXRULES]; /* contains service value */ char action[LNSIZE]; /* action to take */ char install[LNSIZE]; /* host to install on */ char time[LNSIZE]; /* time rule is in effect */ int rulecount; /* index to rule number */ struct rulenum *src_link, *dst_link, *svc_link, *action_link, *install_link, *time_link, *count_link; } rulenum; /* contains all the interfaces for a single object */ /* only for machines with multiple interfaces, like firewalls or gateways. */ typedef struct interface { char ipaddr[LNSIZE]; /* IP address of interface */ char netmask[LNSIZE]; /* netmask of interface */ char ifname[LNSIZE]; /* interface name (if0, nf0:1, ... ) */ } interface; /* linked list structure to store all objects in objects.C */ typedef struct objlist { int objcount; /* object number */ char *group[LNSIZE]; /* stores objects of type 'group' */ char objname[LNSIZE]; /* host, network, or group name of object */ char type[LNSIZE]; /* contains type of object */ char ipaddr[LNSIZE]; /* IP address of object */ char netmask[LNSIZE]; /* netmask of object */ char gateways[LNSIZE]; /* gateway for this object */ char broadcast[LNSIZE]; /* broadcast for this object */ struct interface iface[IFCOUNT];/* dynamic array of all object's interfaces */ struct objlist *nodelink; /* pointer to next structure element */ } objlist; /* linked list structure to store all services in objects.C */ typedef struct services { int svccount; /* current service number */ char svcname[LNSIZE]; /* service name */ char *group[LNSIZE]; /* stores services of type 'group' */ char port[LNSIZE]; /* defines ports for this service */ char type[LNSIZE]; /* defines type of service */ struct services *nodelink; /* pointer to next structure element */ } services; /* create instance for rules */ rulenum *head,*prev,*present,*next,*tail; /* defines pointers to linked list of services */ services *shead, *sprev, *spresent, *snext, *stail; /* defines pointers to linked list of each individual entry of service */ objlist *ohead, *oprev, *opresent, *onext, *otail; /* routines pertaining to gathering objects */ void parsenetobj(char *objectsC); /*void insert_obj(char *objname, char *object, int objcount);*/ void parse_obj(FILE *fp, int objcount, char *objname); void parse_svc(FILE *fp, int objcount, char *objname); void initobjects(void); void find_netobj(char *objectsC); void insert_service(char *svcname, char *serv, int svccount); void initservices(void); /* routines pertaining to breaking down each object name */ void initobjlist(void); /* create links and allocate memory for default.W structure */ void initrules(); /* print default.W structure */ void dumprules(); /* routine to add additional entries to specific rules */ /*void update_rules(char *src, char *dst, char *svc, int rulecount, int indexnum);*/ /* routine to parse default.W and split into tokens */ void find_rules(char *rulesC); /* searches the objects structure looking for specific object names */ void find_group(char *grpname); /* searches the objects structure looking for specific service names */ void find_services(char *serv); /* print combination of objects from both structures */ void dump_resolv(void); void get_source(FILE *fp, char *source[], int rule); void get_dest(FILE *fp, char *dest[], int rule); void get_service(FILE *fp, char *service[], int rule); void get_time(FILE *fp, char time[]); void get_install(FILE *fp, char install[]); void get_action(FILE *fp, char action[]); void insert_three(char *time, char *install, char *action, int rulecount); void update_source(char *src, int rulecount, int indexnum); void update_dest(char *dest, int rulecount, int indexnum); void update_service(char *service, int rulecount, int indexnum);