📄 options.c
字号:
/* linger_option - set the socket linger time (Marc Boucher <marc@cam.org>) *//* ARGSUSED */static void linger_option(value, request)char *value;struct request_info *request;{ struct linger linger; char junk; if (sscanf(value, "%d%c", &linger.l_linger, &junk) != 1 || linger.l_linger < 0) tcpd_jump("bad linger value: \"%s\"", value); if (dry_run == 0) { linger.l_onoff = (linger.l_linger != 0); if (setsockopt(request->fd, SOL_SOCKET, SO_LINGER, (char *) &linger, sizeof(linger)) < 0) tcpd_warn("setsockopt SO_LINGER %d: %m", linger.l_linger); }}/* keepalive_option - set the socket keepalive option *//* ARGSUSED */static void keepalive_option(value, request)char *value;struct request_info *request;{ static int on = 1; if (dry_run == 0 && setsockopt(request->fd, SOL_SOCKET, SO_KEEPALIVE, (char *) &on, sizeof(on)) < 0) tcpd_warn("setsockopt SO_KEEPALIVE: %m");}/* nice_option - set nice value *//* ARGSUSED */static void nice_option(value, request)char *value;struct request_info *request;{ int niceval = 10; char junk; if (value != 0 && sscanf(value, "%d%c", &niceval, &junk) != 1) tcpd_jump("bad nice value: \"%s\"", value); if (dry_run == 0 && nice(niceval) < 0) tcpd_warn("nice(%d): %m", niceval);}/* twist_option - replace process by shell command */static void twist_option(value, request)char *value;struct request_info *request;{ char *error; if (dry_run != 0) { dry_run = 0; } else { if (resident > 0) tcpd_jump("twist option in resident process"); syslog(deny_severity, "twist %s to %s", eval_client(request), value); /* Before switching to the shell, set up stdin, stdout and stderr. */#define maybe_dup2(from, to) ((from == to) ? to : (close(to), dup(from))) if (maybe_dup2(request->fd, 0) != 0 || maybe_dup2(request->fd, 1) != 1 || maybe_dup2(request->fd, 2) != 2) { error = "twist_option: dup: %m"; } else { if (request->fd > 2) close(request->fd); (void) execl("/bin/sh", "sh", "-c", value, (char *) 0); error = "twist_option: /bin/sh: %m"; } /* Something went wrong: we MUST terminate the process. */ tcpd_warn(error); clean_exit(request); }}/* rfc931_option - look up remote user name */static void rfc931_option(value, request)char *value;struct request_info *request;{ int timeout; char junk; if (value != 0) { if (sscanf(value, "%d%c", &timeout, &junk) != 1 || timeout <= 0) tcpd_jump("bad rfc931 timeout: \"%s\"", value); rfc931_timeout = timeout; } (void) eval_user(request);}/* setenv_option - set environment variable *//* ARGSUSED */static void setenv_option(value, request)char *value;struct request_info *request;{ char *var_value; if (*(var_value = value + strcspn(value, whitespace))) *var_value++ = 0; if (setenv(chop_string(value), chop_string(var_value), 1)) tcpd_jump("memory allocation failure");} /* * The severity option goes last because it comes with a huge amount of ugly * #ifdefs and tables. */struct syslog_names { char *name; int value;};static struct syslog_names log_fac[] = {#ifdef LOG_KERN "kern", LOG_KERN,#endif#ifdef LOG_USER "user", LOG_USER,#endif#ifdef LOG_MAIL "mail", LOG_MAIL,#endif#ifdef LOG_DAEMON "daemon", LOG_DAEMON,#endif#ifdef LOG_AUTH "auth", LOG_AUTH,#endif#ifdef LOG_LPR "lpr", LOG_LPR,#endif#ifdef LOG_NEWS "news", LOG_NEWS,#endif#ifdef LOG_UUCP "uucp", LOG_UUCP,#endif#ifdef LOG_CRON "cron", LOG_CRON,#endif#ifdef LOG_LOCAL0 "local0", LOG_LOCAL0,#endif#ifdef LOG_LOCAL1 "local1", LOG_LOCAL1,#endif#ifdef LOG_LOCAL2 "local2", LOG_LOCAL2,#endif#ifdef LOG_LOCAL3 "local3", LOG_LOCAL3,#endif#ifdef LOG_LOCAL4 "local4", LOG_LOCAL4,#endif#ifdef LOG_LOCAL5 "local5", LOG_LOCAL5,#endif#ifdef LOG_LOCAL6 "local6", LOG_LOCAL6,#endif#ifdef LOG_LOCAL7 "local7", LOG_LOCAL7,#endif 0,};static struct syslog_names log_sev[] = {#ifdef LOG_EMERG "emerg", LOG_EMERG,#endif#ifdef LOG_ALERT "alert", LOG_ALERT,#endif#ifdef LOG_CRIT "crit", LOG_CRIT,#endif#ifdef LOG_ERR "err", LOG_ERR,#endif#ifdef LOG_WARNING "warning", LOG_WARNING,#endif#ifdef LOG_NOTICE "notice", LOG_NOTICE,#endif#ifdef LOG_INFO "info", LOG_INFO,#endif#ifdef LOG_DEBUG "debug", LOG_DEBUG,#endif 0,};/* severity_map - lookup facility or severity value */static int severity_map(table, name)struct syslog_names *table;char *name;{ struct syslog_names *t; for (t = table; t->name; t++) if (STR_EQ(t->name, name)) return (t->value); tcpd_jump("bad syslog facility or severity: \"%s\"", name); /* NOTREACHED */}/* severity_option - change logging severity for this event (Dave Mitchell) *//* ARGSUSED */static void severity_option(value, request)char *value;struct request_info *request;{ char *level = split_at(value, '.'); allow_severity = deny_severity = level ? severity_map(log_fac, value) | severity_map(log_sev, level) : severity_map(log_sev, value);}/* get_field - return pointer to next field in string */static char *get_field(string)char *string;{ static char *last = ""; char *src; char *dst; char *ret; int ch; /* * This function returns pointers to successive fields within a given * string. ":" is the field separator; warn if the rule ends in one. It * replaces a "\:" sequence by ":", without treating the result of * substitution as field terminator. A null argument means resume search * where the previous call terminated. This function destroys its * argument. * * Work from explicit source or from memory. While processing \: we * overwrite the input. This way we do not have to maintain buffers for * copies of input fields. */ src = dst = ret = (string ? string : last); if (src[0] == 0) return (0); while (ch = *src) { if (ch == ':') { if (*++src == 0) tcpd_warn("rule ends in \":\""); break; } if (ch == '\\' && src[1] == ':') src++; *dst++ = *src++; } last = src; *dst = 0; return (ret);}/* chop_string - strip leading and trailing blanks from string */static char *chop_string(string)register char *string;{ char *start = 0; char *end; char *cp; for (cp = string; *cp; cp++) { if (!isspace(*cp)) { if (start == 0) start = cp; end = cp; } } return (start ? (end[1] = 0, start) : cp);}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -