1    | #ifndef READ_ACCESS_CONTROL
2    | #define READ_ACCESS_CONTROL
3    | 
4    | /***************************************
5    |   $Revision: 1.10 $
6    | 
7    |   Access Control module (ac) - the header file.
8    | 
9    |   Status: NOT REVUED, NOT TESTED
10   |  
11   |   Design and implementation by: Marek Bukowy
12   | 
13   |   ******************/ /******************
14   |   Copyright (c) 1999                              RIPE NCC
15   |  
16   |   All Rights Reserved
17   |   
18   |   Permission to use, copy, modify, and distribute this software and its
19   |   documentation for any purpose and without fee is hereby granted,
20   |   provided that the above copyright notice appear in all copies and that
21   |   both that copyright notice and this permission notice appear in
22   |   supporting documentation, and that the name of the author not be
23   |   used in advertising or publicity pertaining to distribution of the
24   |   software without specific, written prior permission.
25   |   
26   |   THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
27   |   ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS; IN NO EVENT SHALL
28   |   AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
29   |   DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
30   |   AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
31   |   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
32   |   ***************************************/
33   | 
34   | #include "erroutines.h"
35   | #include "iproutines.h"
36   | #include "rxroutines.h"
37   | 
38   | 
39   | #ifdef AC_IMPL
40   | #define EXTDEF 
41   | #else
42   | #define EXTDEF extern
43   | #endif
44   | 
45   | /* Access control structure */
46   | typedef struct {
47   |   int      maxbonus;    /* (before temporary denial) -1 == unlimited */
48   |   int      maxpublic;   /* max# of public objects, -1 == unlimited (default) */
49   |   short    maxdenials;  /* before the permanent ban is set */
50   |   char     deny;        /* THE ban itself */
51   |   char     trustpass;   /* has power to pass ip addresses */
52   | } acl_st;
53   | 
54   | 
55   | /* Accounting == counters */
56   | typedef struct {
57   |   int connections;
58   |   int addrpasses;
59   |   int denials;
60   |   int queries;
61   |   int public_objects;     
62   |   int private_objects;    
63   |   int private_bonus;      /* maintained only in runtime tree */
64   | } acc_st;
65   | 
66   | 
67   | #define ACC_PLUS 0
68   | #define ACC_MINUS 1
69   | 
70   | 
71   | /* prototypes */
72   | er_ret_t AC_build(void);
73   | er_ret_t AC_fetch_acc( ip_addr_t *, acc_st * );
74   | er_ret_t AC_check_acl( ip_addr_t *, acc_st *, acl_st *);
75   | void AC_acc_addup(acc_st *, acc_st *, int);
76   | er_ret_t AC_commit(ip_addr_t *, acc_st *,acl_st * );
77   | er_ret_t AC_acc_load(void);
78   | er_ret_t AC_decay(void);
79   | 
80   | /* interface to modifications on the fly */
81   | er_ret_t AC_asc_ban_set(char *addrstr, char *text, int denyflag);
82   | 
83   | 
84   | /* printing */
85   | char *AC_to_string(GList *leafptr);
86   | char *AC_credit_to_string(acc_st *a);
87   | er_ret_t AC_rxwalkhook_print(rx_node_t *node, int level, int nodecounter, void *con);
88   | er_ret_t AC_rxwalkhook_print_acl(rx_node_t *node, int level, int nodecounter, void *con);
89   | char *AC_to_string_header(void);
90   | char *AC_acl_to_string_header(void);
91   | 
92   | /* declare global accounting trees */
93   | EXTDEF rx_tree_t  *act_runtime;
94   | EXTDEF rx_tree_t  *act_hour;
95   | EXTDEF rx_tree_t  *act_minute;
96   | 
97   | /* declare global access control list tree */
98   | EXTDEF rx_tree_t  *act_acl;
99   | 
100  | #undef EXTDEF
101  | #endif /* READ_ACCESS_CONTROL */