| /** @file |
| |
| A brief file description |
| |
| @section license License |
| |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| */ |
| |
| #include "AclFiltering.h" |
| #include "HTTP.h" |
| |
| // =============================================================================== |
| // acl_filter_rule |
| // =============================================================================== |
| |
| void |
| acl_filter_rule::reset() |
| { |
| int i; |
| for (i = (argc = 0); i < ACL_FILTER_MAX_ARGV; i++) { |
| argv[i] = static_cast<char *>(ats_free_null(argv[i])); |
| } |
| method_restriction_enabled = false; |
| for (i = 0; i < HTTP_WKSIDX_METHODS_CNT; i++) { |
| standard_method_lookup[i] = false; |
| } |
| nonstandard_methods.clear(); |
| for (i = (src_ip_cnt = 0); i < ACL_FILTER_MAX_SRC_IP; i++) { |
| src_ip_array[i].reset(); |
| } |
| src_ip_valid = 0; |
| for (i = (in_ip_cnt = 0); i < ACL_FILTER_MAX_IN_IP; i++) { |
| in_ip_array[i].reset(); |
| } |
| in_ip_valid = 0; |
| internal = 0; |
| } |
| |
| acl_filter_rule::acl_filter_rule() : allow_flag(1), src_ip_valid(0), active_queue_flag(0), internal(0) |
| { |
| standard_method_lookup.resize(HTTP_WKSIDX_METHODS_CNT); |
| ink_zero(argv); |
| reset(); |
| } |
| |
| acl_filter_rule::~acl_filter_rule() |
| { |
| reset(); |
| name(); |
| } |
| |
| int |
| acl_filter_rule::add_argv(int _argc, char *_argv[]) |
| { |
| int real_cnt = 0; |
| if (likely(_argv)) { |
| for (int i = 0; i < _argc && argc < ACL_FILTER_MAX_ARGV; i++) { |
| if (likely(_argv[i] && (argv[argc] = ats_strdup(_argv[i])) != nullptr)) { |
| real_cnt++; |
| argc++; |
| } |
| } |
| } |
| return real_cnt; |
| } |
| |
| void |
| acl_filter_rule::name(const char *_name) |
| { |
| filter_name = static_cast<char *>(ats_free_null(filter_name)); |
| if (_name) { |
| filter_name = ats_strdup(_name); |
| } |
| } |
| |
| void |
| acl_filter_rule::print() |
| { |
| int i; |
| printf("-----------------------------------------------------------------------------------------\n"); |
| printf("Filter \"%s\" status: allow_flag=%s, src_ip_valid=%s, in_ip_valid=%s, internal=%s, active_queue_flag=%d\n", |
| filter_name ? filter_name : "<NONAME>", allow_flag ? "true" : "false", src_ip_valid ? "true" : "false", |
| in_ip_valid ? "true" : "false", internal ? "true" : "false", static_cast<int>(active_queue_flag)); |
| printf("standard methods="); |
| for (i = 0; i < HTTP_WKSIDX_METHODS_CNT; i++) { |
| if (standard_method_lookup[i]) { |
| printf("0x%x ", HTTP_WKSIDX_CONNECT + i); |
| } |
| } |
| printf("\n"); |
| printf("nonstandard methods="); |
| for (const auto &nonstandard_method : nonstandard_methods) { |
| printf("%s ", nonstandard_method.c_str()); |
| } |
| printf("\n"); |
| printf("src_ip_cnt=%d\n", src_ip_cnt); |
| for (i = 0; i < src_ip_cnt; i++) { |
| ip_text_buffer b1, b2; |
| printf("%s - %s, ", src_ip_array[i].start.toString(b1, sizeof(b1)), src_ip_array[i].end.toString(b2, sizeof(b2))); |
| } |
| printf("\n"); |
| printf("in_ip_cnt=%d\n", in_ip_cnt); |
| for (i = 0; i < in_ip_cnt; i++) { |
| ip_text_buffer b1, b2; |
| printf("%s - %s, ", in_ip_array[i].start.toString(b1, sizeof(b1)), in_ip_array[i].end.toString(b2, sizeof(b2))); |
| } |
| printf("\n"); |
| for (i = 0; i < argc; i++) { |
| printf("argv[%d] = \"%s\"\n", i, argv[i]); |
| } |
| } |
| |
| acl_filter_rule * |
| acl_filter_rule::find_byname(acl_filter_rule *list, const char *_name) |
| { |
| int _name_size = 0; |
| acl_filter_rule *rp = nullptr; |
| if (likely(list && _name && (_name_size = strlen(_name)) > 0)) { |
| for (rp = list; rp; rp = rp->next) { |
| if (strcasecmp(rp->filter_name, _name) == 0) { |
| break; |
| } |
| } |
| } |
| return rp; |
| } |
| |
| void |
| acl_filter_rule::delete_byname(acl_filter_rule **rpp, const char *_name) |
| { |
| int _name_size = 0; |
| acl_filter_rule *rp; |
| if (likely(rpp && _name && (_name_size = strlen(_name)) > 0)) { |
| for (; (rp = *rpp) != nullptr; rpp = &rp->next) { |
| if (strcasecmp(rp->filter_name, _name) == 0) { |
| *rpp = rp->next; |
| delete rp; |
| break; |
| } |
| } |
| } |
| } |
| |
| void |
| acl_filter_rule::requeue_in_active_list(acl_filter_rule **list, acl_filter_rule *rp) |
| { |
| if (likely(list && rp)) { |
| if (rp->active_queue_flag == 0) { |
| acl_filter_rule *r, **rpp; |
| for (rpp = list; ((r = *rpp) != nullptr); rpp = &(r->next)) { |
| if (r == rp) { |
| *rpp = r->next; |
| break; |
| } |
| } |
| for (rpp = list; ((r = *rpp) != nullptr); rpp = &(r->next)) { |
| if (r->active_queue_flag == 0) { |
| break; |
| } |
| } |
| (*rpp = rp)->next = r; |
| rp->active_queue_flag = 1; |
| } |
| } |
| } |
| |
| void |
| acl_filter_rule::requeue_in_passive_list(acl_filter_rule **list, acl_filter_rule *rp) |
| { |
| if (likely(list && rp)) { |
| if (rp->active_queue_flag) { |
| acl_filter_rule **rpp; |
| for (rpp = list; *rpp; rpp = &((*rpp)->next)) { |
| if (*rpp == rp) { |
| *rpp = rp->next; |
| break; |
| } |
| } |
| for (rpp = list; *rpp; rpp = &((*rpp)->next)) { |
| ; |
| } |
| (*rpp = rp)->next = nullptr; |
| rp->active_queue_flag = 0; |
| } |
| } |
| } |