1 /* 2 * logsurfer.h 3 * 4 * definition of types and some defines 5 * 6 */ 7 8 #ifndef LOGSURFER_H 9 #define LOGSURFER_H 10 11 #include <stdio.h> 12 13 #if HAVE_LIMITS_H 14 #include <limits.h> 15 #endif 16 17 #if TIME_WITH_SYS_TIME 18 #include <sys/time.h> 19 #include <time.h> 20 #else 21 #if HAVE_SYS_TIME_H 22 #include <sys/time.h> 23 #else 24 #include <time.h> 25 #endif 26 #endif 27 28 #ifndef CONFFILE 29 #define CONFFILE "/usr/local/etc/logsurfer.conf" 30 #endif 31 32 #ifndef DUMPFILE 33 #define DUMPFILE "/var/tmp/logsurfer.dump" 34 #endif 35 36 37 #ifdef SENDMAIL_FLUSH 38 #define FLUSH_DELAY 30 39 #endif 40 41 #define ACTION_UNKNOWN 0 42 #define ACTION_IGNORE 1 43 #define ACTION_EXEC 2 44 #define ACTION_PIPE 3 45 #define ACTION_OPEN 4 46 #define ACTION_DELETE 5 47 #define ACTION_REPORT 6 48 #define ACTION_RULE 7 49 #define ACTION_ECHO 8 50 #define ACTION_SYSLOG 9 51 52 53 struct context_line { 54 long linenumber; /* the linenumber */ 55 long timestamp; /* timestamp (in seconds) */ 56 char *content; /* the logline */ 57 long link_counter; /* number of links to this line */ 58 }; 59 60 struct context_body { 61 struct context_line *this_line; /* one context line */ 62 struct context_body *next; /* the next context line */ 63 }; 64 65 struct action_tokens { 66 char *this_word; /* one token from the action */ 67 struct action_tokens *next; /* next token */ 68 }; 69 70 struct context { 71 struct re_pattern_buffer *match_regex; /* regular expression to match */ 72 char *match_regex_str;/* the ascii string of regex */ 73 struct re_pattern_buffer *match_not_regex; 74 char *match_not_regex_str; 75 long max_lines; /* maximum number of bodylines */ 76 long min_lines; /* minimum number of bodylines */ 77 long timeout_abs; /* absolut timeout */ 78 long timeout_rel; /* relativ timeout */ 79 long timeout_rel_offset; /* from the config line */ 80 int action_type; /* type of default action */ 81 struct action_tokens *action_tokens; /* content(s) of the action */ 82 83 struct context_body *body; /* content of the context */ 84 long lines; /* number of current lines */ 85 struct context_body *last; /* pointer to last bidyline */ 86 87 struct context *next; /* next context */ 88 struct context *previous; /* previous context */ 89 }; 90 91 struct rule { 92 struct re_pattern_buffer *match_regex; /* regular expression to match */ 93 char *match_regex_str; /* for debugging */ 94 struct re_pattern_buffer *match_not_regex; 95 char *match_not_regex_str; 96 struct re_pattern_buffer *stop_regex; /* delete rule */ 97 char *stop_regex_str; /* for debugging */ 98 struct re_pattern_buffer *stop_not_regex; 99 char *stop_not_regex_str; 100 long timeout; /* timeout for this rule */ 101 int do_continue; /* continue flag */ 102 103 int action_type; /* which action follows */ 104 char *action_body; /* body (if any) */ 105 106 struct rule *next; /* pointer to next rule */ 107 struct rule *previous; /* pointer to previous rule */ 108 }; 109 110 111 #endif /* LOGSURFER_H */ 112 113