1    | #ifndef READ_ACCESS_CONTROL
2    | #define READ_ACCESS_CONTROL
3    | 
4    | /***************************************
5    |   $Revision: 1.11 $
6    | 
7    |   Access Control module (ac) - the header file.
8    | 
9    |   Status: NOT REVUED, NOT TESTED
10   |  
11   |   Design and implementation by: Marek Bukowy
12   | 
13   |   ******************/ /******************
14   |   Copyright (c) 1999                              RIPE NCC
15   |  
16   |   All Rights Reserved
17   |   
18   |   Permission to use, copy, modify, and distribute this software and its
19   |   documentation for any purpose and without fee is hereby granted,
20   |   provided that the above copyright notice appear in all copies and that
21   |   both that copyright notice and this permission notice appear in
22   |   supporting documentation, and that the name of the author not be
23   |   used in advertising or publicity pertaining to distribution of the
24   |   software without specific, written prior permission.
25   |   
26   |   THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
27   |   ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS; IN NO EVENT SHALL
28   |   AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
29   |   DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
30   |   AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
31   |   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
32   |   ***************************************/
33   | 
34   | #include "erroutines.h"
35   | #include "iproutines.h"
36   | #include "rxroutines.h"
37   | 
38   | 
39   | #ifdef AC_IMPL
40   | #define EXTDEF 
41   | #else
42   | #define EXTDEF extern
43   | #endif
44   | 
45   | /* Access control structure */
46   | typedef struct {
47   |                         /* max bonus values before temporary denial,
48   | 			 * -1 == unlimited: */
49   |   int      maxprivate;  /* --  private objects */
50   |   int      maxpublic;   /* --  public objects */
51   |   short    maxdenials;  /* before the permanent ban is set */
52   |   char     deny;        /* THE ban itself */
53   |   char     trustpass;   /* has power to pass ip addresses */
54   | } acl_st;
55   | 
56   | 
57   | /* Accounting == counters */
58   | typedef struct {
59   |   int connections;
60   |   int addrpasses;
61   |   int denials;
62   |   int queries;
63   |   int public_objects;     
64   |   int private_objects;    
65   |   int public_bonus;       /* those two are .. */
66   |   int private_bonus;      /* .. maintained only in the runtime tree */
67   | } acc_st;
68   | 
69   | 
70   | #define ACC_PLUS 0
71   | #define ACC_MINUS 1
72   | 
73   | 
74   | /* prototypes */
75   | er_ret_t AC_build(void);
76   | er_ret_t AC_fetch_acc( ip_addr_t *, acc_st * );
77   | er_ret_t AC_check_acl( ip_addr_t *, acc_st *, acl_st *);
78   | void AC_acc_addup(acc_st *, acc_st *, int);
79   | er_ret_t AC_commit(ip_addr_t *, acc_st *,acl_st * );
80   | er_ret_t AC_acc_load(void);
81   | er_ret_t AC_decay(void);
82   | 
83   | /* interface to modifications on the fly */
84   | er_ret_t AC_asc_ban_set(char *addrstr, char *text, int denyflag);
85   | 
86   | 
87   | /* printing */
88   | char *AC_to_string(GList *leafptr);
89   | char *AC_credit_to_string(acc_st *a);
90   | er_ret_t AC_rxwalkhook_print(rx_node_t *node, int level, int nodecounter, void *con);
91   | er_ret_t AC_rxwalkhook_print_acl(rx_node_t *node, int level, int nodecounter, void *con);
92   | char *AC_to_string_header(void);
93   | char *AC_acl_to_string_header(void);
94   | 
95   | /* declare global accounting trees */
96   | EXTDEF rx_tree_t  *act_runtime;
97   | EXTDEF rx_tree_t  *act_hour;
98   | EXTDEF rx_tree_t  *act_minute;
99   | 
100  | /* declare global access control list tree */
101  | EXTDEF rx_tree_t  *act_acl;
102  | 
103  | #undef EXTDEF
104  | #endif /* READ_ACCESS_CONTROL */