1 /* -*- mode: c; c-basic-offset: 4; tab-width: 4; indent-tabs-mode: t -*-
3 * tcp-portmon.c - libtcp-portmon hooks
5 * Copyright (C) 2008 Phil Sutter <Phil@nwl.cc>
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
19 * vim: ts=4 sw=4 noet ai cindent syntax=c
24 #include "tcp-portmon.h"
25 #include "libtcp-portmon.h"
27 static tcp_port_monitor_collection_t *pmc = NULL;
28 static tcp_port_monitor_args_t pma;
30 int tcp_portmon_init(const char *arg, struct tcp_port_monitor_data *pmd)
32 int argc, port_begin, port_end, item, connection_index;
35 memset(itembuf, 0, sizeof(itembuf));
37 /* massive argument checking */
39 CRIT_ERR(NULL, NULL, "tcp_portmon: needs arguments");
41 argc = sscanf(arg, "%d %d %31s %d", &port_begin, &port_end, itembuf,
43 if ((argc != 3) && (argc != 4)) {
44 CRIT_ERR(NULL, NULL, "tcp_portmon: requires 3 or 4 arguments");
46 if ((port_begin < 1) || (port_begin > 65535) || (port_end < 1)
47 || (port_end > 65535)) {
48 CRIT_ERR(NULL, NULL, "tcp_portmon: port values must be from 1 to 65535");
50 if (port_begin > port_end) {
51 CRIT_ERR(NULL, NULL, "tcp_portmon: starting port must be <= ending port");
53 if (strncmp(itembuf, "count", 31) == EQUAL) {
55 } else if (strncmp(itembuf, "rip", 31) == EQUAL) {
57 } else if (strncmp(itembuf, "rhost", 31) == EQUAL) {
59 } else if (strncmp(itembuf, "rport", 31) == EQUAL) {
61 } else if (strncmp(itembuf, "rservice", 31) == EQUAL) {
63 } else if (strncmp(itembuf, "lip", 31) == EQUAL) {
65 } else if (strncmp(itembuf, "lhost", 31) == EQUAL) {
67 } else if (strncmp(itembuf, "lport", 31) == EQUAL) {
69 } else if (strncmp(itembuf, "lservice", 31) == EQUAL) {
72 CRIT_ERR(NULL, NULL, "tcp_portmon: invalid item specified");
74 if ((argc == 3) && (item != COUNT)) {
75 CRIT_ERR(NULL, NULL, "tcp_portmon: 3 argument form valid only for \"count\" "
78 if ((argc == 4) && (connection_index < 0)) {
79 CRIT_ERR(NULL, NULL, "tcp_portmon: connection index must be non-negative");
81 /* ok, args looks good. save the text object data */
82 pmd->port_range_begin = (in_port_t) port_begin;
83 pmd->port_range_end = (in_port_t) port_end;
85 pmd->connection_index = connection_index;
87 /* if the port monitor collection hasn't been created,
88 * we must create it */
90 pmc = create_tcp_port_monitor_collection();
92 CRIT_ERR(NULL, NULL, "tcp_portmon: unable to create port monitor "
97 /* if a port monitor for this port does not exist,
98 * create one and add it to the collection */
99 if (find_tcp_port_monitor(pmc, port_begin, port_end) == NULL) {
100 tcp_port_monitor_t *p_monitor = create_tcp_port_monitor(port_begin,
104 CRIT_ERR(NULL, NULL, "tcp_portmon: unable to create port monitor");
106 /* add the newly created monitor to the collection */
107 if (insert_tcp_port_monitor_into_collection(pmc, p_monitor) != 0) {
108 CRIT_ERR(NULL, NULL, "tcp_portmon: unable to add port monitor to "
115 int tcp_portmon_action(char *p, int p_max_size, struct tcp_port_monitor_data *pmd)
117 tcp_port_monitor_t *p_monitor;
119 /* grab a pointer to this port monitor */
120 p_monitor = find_tcp_port_monitor(pmc, pmd->port_range_begin,
121 pmd->port_range_end);
124 snprintf(p, p_max_size, "monitor not found");
128 /* now grab the text of interest */
129 if (peek_tcp_port_monitor(p_monitor, pmd->item,
130 pmd->connection_index, p, p_max_size) != 0) {
131 snprintf(p, p_max_size, "monitor peek error");
137 int tcp_portmon_update(void)
139 update_tcp_port_monitor_collection(pmc);
143 int tcp_portmon_clear(void)
145 destroy_tcp_port_monitor_collection(pmc);
150 int tcp_portmon_set_max_connections(int max)
153 pma.max_port_monitor_connections =
154 MAX_PORT_MONITOR_CONNECTIONS_DEFAULT;
156 pma.max_port_monitor_connections = max;
158 return (max < 0) ? 1 : 0;