1    | #ifndef READ_ACCESS_CONTROL
2    | #define READ_ACCESS_CONTROL
3    | 
4    | /***************************************
5    |   $Revision: 1.9 $
6    | 
7    |   Access Control module (ac).
8    | 
9    |   Status: NOT REVUED, NOT TESTED
10   | 
11   |   +html+ <DL COMPACT>
12   |   +html+ <DT>Online References:
13   |   +html+ <DD><UL>
14   |   +html+ </UL>
15   |   +html+ </DL>
16   |   +html+ <PRE>
17   |   +html+ </PRE>
18   |  
19   |   ******************/ /******************
20   |   Copyright (c) 1999                              RIPE NCC
21   |  
22   |   All Rights Reserved
23   |   
24   |   Permission to use, copy, modify, and distribute this software and its
25   |   documentation for any purpose and without fee is hereby granted,
26   |   provided that the above copyright notice appear in all copies and that
27   |   both that copyright notice and this permission notice appear in
28   |   supporting documentation, and that the name of the author not be
29   |   used in advertising or publicity pertaining to distribution of the
30   |   software without specific, written prior permission.
31   |   
32   |   THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
33   |   ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS; IN NO EVENT SHALL
34   |   AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
35   |   DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
36   |   AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
37   |   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
38   |   ***************************************/
39   | 
40   | #include "erroutines.h"
41   | #include "iproutines.h"
42   | #include "rxroutines.h"
43   | 
44   | 
45   | #ifdef AC_IMPL
46   | #define EXTDEF 
47   | #else
48   | #define EXTDEF extern
49   | #endif
50   | 
51   | /* Access control structure */
52   | typedef struct {
53   |   int      maxbonus;    /* (before temporary denial) -1 == unlimited */
54   |   int      maxpublic;   /* max# of public objects, -1 == unlimited (default) */
55   |   short    maxdenials;  /* before the permanent ban is set */
56   |   char     deny;        /* THE ban itself */
57   |   char     trustpass;   /* has power to pass ip addresses */
58   | } acl_st;
59   | 
60   | 
61   | /* Accounting == counters */
62   | typedef struct {
63   |   int connections;
64   |   int addrpasses;
65   |   int denials;
66   |   int queries;
67   |   int public_objects;     
68   |   int private_objects;    
69   |   int private_bonus;      /* maintained only in runtime tree */
70   | } acc_st;
71   | 
72   | 
73   | #define ACC_PLUS 0
74   | #define ACC_MINUS 1
75   | 
76   | er_ret_t AC_build(void);
77   | er_ret_t AC_fetch_acc( ip_addr_t *, acc_st * );
78   | er_ret_t AC_check_acl( ip_addr_t *, acc_st *, acl_st *);
79   | void AC_acc_addup(acc_st *, acc_st *, int);
80   | er_ret_t AC_commit(ip_addr_t *, acc_st *,acl_st * );
81   | er_ret_t AC_acc_load(void);
82   | er_ret_t AC_decay(void);
83   | 
84   | /* interface to modifications on the fly */
85   | er_ret_t AC_asc_ban_set(char *addrstr, char *text, int denyflag);
86   | 
87   | 
88   | /* printing */
89   | char *AC_to_string(GList *leafptr);
90   | char *AC_credit_to_string(acc_st *a);
91   | er_ret_t AC_rxwalkhook_print(rx_node_t *node, int level, int nodecounter, void *con);
92   | er_ret_t AC_rxwalkhook_print_acl(rx_node_t *node, int level, int nodecounter, void *con);
93   | char *AC_to_string_header(void);
94   | char *AC_acl_to_string_header(void);
95   | 
96   | /* declare global accounting trees */
97   | EXTDEF rx_tree_t  *act_runtime;
98   | EXTDEF rx_tree_t  *act_hour;
99   | EXTDEF rx_tree_t  *act_minute;
100  | 
101  | /* declare global access control list tree */
102  | EXTDEF rx_tree_t  *act_acl;
103  | 
104  | #undef EXTDEF
105  | #endif /* READ_ACCESS_CONTROL */