1 /*- 2 * Copyright (c) 1999-2004 Andrey Simonenko 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * @(#)$Id: ipa_rules.h,v 1.2 2011/01/23 18:42:35 simon Exp $ 27 */ 28 29 #ifndef IPA_RULES_H 30 #define IPA_RULES_H 31 32 #include "ipa_limits.h" 33 #include "ipa_thresholds.h" 34 35 #ifndef RULEPAT_NSIZE 36 # define RULEPAT_NSIZE 10 37 #endif 38 #ifndef RULEPAT_NALLOC 39 # define RULEPAT_NALLOC 10 40 #endif 41 42 /* 43 * rulepat{} section. 44 */ 45 struct rulepat { 46 STAILQ_ENTRY(rulepat) link; /* For list building. */ 47 48 char *pat; /* Regular expression string. */ 49 regex_t re; /* Compiled regular expression. */ 50 unsigned int no; /* Ordinal number of this section. */ 51 52 const struct tevent *update_tevent; /* { update_time } */ 53 const struct tevent *append_tevent; /* { append_time } */ 54 55 const struct worktime *worktime;/* { worktime } */ 56 57 const struct ac_list *ac_list; /* { ac_list } */ 58 const struct db_list *db_list; /* { db_list } */ 59 60 signed char debug_exec; /* { debug_exec } */ 61 signed char check_next; /* { check_next_rulepat } */ 62 63 #ifdef WITH_LIMITS 64 signed char debug_limit; /* { debug_limit } */ 65 signed char debug_limit_init; /* { debug_limit_init } */ 66 struct limits_list limits; /* All { limit {}} */ 67 #endif 68 69 #ifdef WITH_THRESHOLDS 70 signed char debug_threshold; /* { debug_threshold } */ 71 signed char debug_threshold_init; /* { debug_threshold_init } */ 72 struct thresholds_list thresholds; /* All { threshold {}} */ 73 #endif 74 75 #ifdef CTL_CHECK_CREDS 76 const struct ctl_acl_class *ctl_rule_acl; /* { ctl_rule_acl } */ 77 #endif 78 79 struct cmds_rule rc[2]; /* { startup } and { shutdown } */ 80 }; 81 82 /* 83 * List of all rulepat{} sections. 84 */ 85 STAILQ_HEAD(rulepats_list, rulepat); 86 87 extern struct rulepats_list rulepats_list; 88 89 extern ipa_mzone *rulepat_mzone; 90 91 #ifdef WITH_RULES 92 93 struct rule; 94 95 /* 96 * Element in reverse list for "ac_gather_*" parameters. 97 */ 98 struct acg { 99 SLIST_ENTRY(acg) link; /* Link for list of acg for rule. */ 100 struct rule *rule; /* Pointer to rule, in which current 101 rule matches ac_gather_* value. */ 102 char addition; /* If non-zero, then add statistics. */ 103 }; 104 105 #define ACG_NSIZE RULE_NSIZE 106 #define ACG_NALLOC RULE_NALLOC 107 108 extern ipa_mzone *acg_mzone; 109 110 SLIST_HEAD(acg_list, rule); 111 112 extern signed char has_ac_gather; 113 extern struct acg_list acg_list; 114 115 extern int init_acg(struct rule *); 116 117 #endif /* WITH_RULES */ 118 119 #ifndef RULE_NSIZE 120 # define RULE_NSIZE 30 121 #endif 122 123 #ifndef RULE_NALLOC 124 # define RULE_NALLOC 20 125 #endif 126 127 #define RULE_FLAG_ACTIVE 0x01 /* Rule is active. */ 128 #define RULE_FLAG_QUEUED 0x02 /* Rule is in [in]active queue. */ 129 #ifdef WITH_LIMITS 130 # define RULE_FLAG_FREE_LIMITS 0x04 /* Free memory in limits. */ 131 #endif 132 #ifdef WITH_THRESHOLDS 133 # define RULE_FLAG_FREE_THRESHOLDS 0x08 /* Free memory in thresholds. */ 134 #endif 135 #define RULE_FLAG_DYNAMIC 0x10 /* Dynamic rule. */ 136 #define RULE_FLAG_IPACTL 0x20 /* Dynamic rule created by ipactl. */ 137 138 #define RULE_IS_ACTIVE(x) ((x)->rule_flags & RULE_FLAG_ACTIVE) 139 #define RULE_IS_INACTIVE(x) (!RULE_IS_ACTIVE(x)) 140 #define RULE_IS_QUEUED(x) ((x)->rule_flags & RULE_FLAG_QUEUED) 141 142 #define RULE_SET_ACTIVE(x) ((x)->rule_flags |= RULE_FLAG_ACTIVE) 143 #define RULE_SET_INACTIVE(x) ((x)->rule_flags &= ~RULE_FLAG_ACTIVE) 144 #define RULE_SET_QUEUED(x) ((x)->rule_flags |= RULE_FLAG_QUEUED) 145 146 #define RULE_IS_DYNAMIC(x) ((x)->rule_flags & RULE_FLAG_DYNAMIC) 147 #define RULE_SET_DYNAMIC(x) ((x)->rule_flags |= RULE_FLAG_DYNAMIC) 148 149 /* 150 * rule{} section. 151 */ 152 struct rule { 153 TAILQ_ENTRY(rule) queue; /* Active/inactive rules queue link. */ 154 LIST_ENTRY(rule) hlink; /* One hash bucket link. */ 155 156 unsigned int no; /* Rule ordinal number. */ 157 unsigned int orderno; /* Ordinal number in queues. */ 158 159 unsigned int check_sec; /* Time when to check rule. */ 160 unsigned int append_sec; /* Time when to append new record. */ 161 unsigned int inactive_sec; /* Time when to set rule inactive. */ 162 163 uint64_t cnt; /* Counter. */ 164 uint64_t cnt_neg; /* Negative counter. */ 165 char newstat; /* Newstat flag for rule. */ 166 167 unsigned int rule_flags; /* ORed RULE_FLAG_xxx */ 168 169 const struct tevent *update_tevent; /* { update_time } */ 170 const struct tevent *append_tevent; /* { append_time } */ 171 const struct worktime *worktime;/* { worktime } */ 172 173 const struct ac_list *ac_list; /* { ac_list } */ 174 const struct db_list *db_list; /* { db_list } */ 175 176 #ifdef WITH_RULES 177 char *acg_add_pat; /* { ac_gather_add } */ 178 char *acg_sub_pat; /* { ac_gather_sub } */ 179 regex_t acg_add_re; /* Compiled acg_add_pat. */ 180 regex_t acg_sub_re; /* Compiled acg_sub_pat. */ 181 SLIST_ENTRY(rule) acg_link; /* Link rules with "ac_gather_*". */ 182 SLIST_HEAD(EMPTY, acg) acgs; /* List of reverse "ac_gather_*". */ 183 #endif 184 185 signed char debug_exec; /* { debug_exec } */ 186 187 #ifdef WITH_LIMITS 188 signed char debug_limit; /* { debug_limit } */ 189 signed char debug_limit_init; /* { debug_limit_init } */ 190 struct limits_list limits; /* All { limit {}} */ 191 #endif 192 193 #ifdef WITH_THRESHOLDS 194 signed char debug_threshold; /* { debug_threshold } */ 195 signed char debug_threshold_init; /* { debug_threshold_init } */ 196 struct thresholds_list thresholds; /* All { threshold {}} */ 197 #endif 198 199 #ifdef CTL_CHECK_CREDS 200 const struct ctl_acl_class *ctl_rule_acl; /* All { ctl_rule_acl } */ 201 #endif 202 203 TAILQ_ENTRY(rule) list; /* All rules list. */ 204 205 char *name; /* Name of this rule. */ 206 char *info; /* { info } */ 207 unsigned int name_hash; /* Hashed value of rule's name. */ 208 209 #ifdef WITH_AUTORULES 210 unsigned int autoruleno; /* Autorule number of this rule. */ 211 #endif 212 213 struct cmds_rule rc[2]; /* { startup } and { shutdown } */ 214 }; 215 216 /* 217 * List of all rules. 218 */ 219 TAILQ_HEAD(rules_list, rule); 220 221 /* 222 * Active/inactive rules queue. 223 */ 224 TAILQ_HEAD(rules_queue, rule); 225 226 extern unsigned int nstatrules; 227 228 extern signed char keep_rules_order; 229 230 extern struct rules_list rules_list; 231 extern ipa_mzone *rule_mzone; 232 233 extern unsigned int rules_inactive_check_sec; 234 235 extern struct rules_queue rules_active; 236 extern struct rules_queue rules_inactive; 237 238 extern int set_rule_active(struct rule *); 239 extern int set_rule_inactive(struct rule *); 240 extern void queue_active_rule(struct rule *); 241 extern void sort_inactive_rules(void); 242 extern int check_inactive_rules(void); 243 244 extern int init_rules(int); 245 extern int deinit_rules(void); 246 extern int deinit_rule(struct rule *); 247 extern void free_rule(struct rule *); 248 extern void free_rules(void); 249 extern void rule_init_cmds(struct rule *); 250 extern int rule_inherit(struct rule *); 251 252 extern int rule_add_chunk(struct rule *, const uint64_t *); 253 extern int rule_sub_chunk(struct rule *, const uint64_t *); 254 255 extern struct rule *rule_by_name(const char *); 256 extern void rules_hash_init(void); 257 extern void rules_hash_add(struct rule *); 258 extern void rules_hash_rem(struct rule *); 259 extern int rules_hash_is_empty(void); 260 261 extern void set_rules_for_check(void); 262 263 extern int mod_set_rule_active(struct rule *, int); 264 265 extern void rulepats_inherit(void); 266 extern void free_rulepats(void); 267 268 extern int mod_rule_inherit(const struct rulepat *, const struct rule *); 269 270 #ifdef WITH_RULES 271 extern void init_active_rules(void); 272 extern int rules_inherit(void); 273 #endif 274 275 #endif /* !IPA_RULES_H */ 276