addrobj.java

sifi-0.1.6.tar.gz 出自http://www.ifi.unizh.ch/ikm/SINUS/firewall/ 一个linux的防火墙工具。

/* ----------------------------------------------------------------------
   The SINUS Firewall -- a TCP/IP packet filter for Linux

   Written within the SINUS project at the University of Zurich,
   SWITCH, Telekurs Payserv AG, ETH Zurich.
   originally based on the sf Firewall Software (C) 1996 by Robert
   Muchsel and Roland Schmid.

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

   SINUS Firewall resources:
   SINUS Homepage: http://www.ifi.unizh.ch/ikm/SINUS/
   Firewall Homepage: http://www.ifi.unizh.ch/ikm/SINUS/firewall.html
   Frequently asked questions: http://www.ifi.unizh.ch/ikm/SINUS/sf_faq.html
   Mailing list for comments, questions, bug reports: firewall@ifi.unizh.ch
   ----------------------------------------------------------------------  */



package sfclasses;

import java.awt.*;
import java.awt.event.*;
import java.util.*;
import java.io.*;
import corejava.*;


// class to store an IP address together with its netmask
class AddrObj implements Persistent {

  // create an uninitialized address object, used when loading
  // data from an persistent input stream
  public AddrObj() {
  }

  // initialize object with given address and mask
  public AddrObj(byte[] addr, byte[] mask) {
    address = addr;
    netmask = mask;
    if (!equalZero(And(address,Not(netmask))))
      netmask = defaultMask(address);
  }

  // initialize object with the address given in str
  public AddrObj(String str) {
    int slashIndex = str.indexOf('/');
    String addrstr;
    if (slashIndex == -1)
      addrstr = str;
    else
      addrstr = str.substring(0, slashIndex);
    address = Communicator.resolve(addrstr);
    if (address == null)
      return;
    if (slashIndex != -1) {
      addrstr = str.substring(slashIndex + 1);
      netmask = Communicator.resolve(addrstr);
      if (!equalZero(And(address,Not(netmask)))) // host part of address is not zero
        netmask = null;                         // use default mask
      if (netmask == null) {
        netmask = new byte[4];
        slashIndex = -1; // use default mask
      }
    }
    else
      netmask = new byte[4];
    if (slashIndex == -1) 
      netmask = defaultMask(address);
  }

  // return bitwise AND of address and netmask
  public byte[] AndMask() {
    return And(address, netmask);
  }

  // return address
  public byte[] getAddr() {
    return address;
  }

  // return netmask
  public byte[] getMask() {
    return netmask;
  }

  // set address and netmask to given values
  public void set(byte addr[], byte mask[]) {
    address = addr;
    netmask = mask;
    if (!equalZero(And(address,Not(netmask))))
      netmask = defaultMask(address);
  }

  // compare to objects, ignoring the netmask (overrides Object.equals)
  public boolean equals(Object obj) { // ignore netmask
    byte[] cmp = ((AddrObj)obj).getAddr();
    return equalIP(address, cmp);
  }

  // convert object to string
  public String toString() {
    if (address == null)
      return "";
    StringBuffer stb = new StringBuffer(35);
    int j;
    for (j = 0; j < address.length; j++) {
      if (j != 0)
        stb.append(".");
      stb.append(Utils.unsign(address[j]));
    }
    if (netmask == null)
      return stb.toString();
    stb.append("/");
    for (j = 0; j < netmask.length; j++) {
      if (j != 0)
        stb.append(".");
      stb.append(Utils.unsign(netmask[j]));
    }
    return stb.toString();
  }

  // static methods

  // calculate default netmask
  public static byte[] defaultMask(byte a[]) {
    if (a.length != 4)
      return null;
    byte retval[] = new byte[4];
    long a0 = Utils.unsign(a[0]);
    retval[0] = -1; // 255
    if (a0 > 127)
      retval[1] = -1;
    if (a0 > 191)
      retval[2] = -1;
    if (a0 > 223)
      retval[3] = -1;
    if (!equalZero(And(a,Not(retval)))) // host address
      for (int i=0; i < 4; i++)
        retval[i] = -1;
    return retval;
  }

  // check if m1 is less than m2, i.e. m1 is more general than m2
  public static boolean maskLess(byte m1[], byte m2[]) {
    if (m1.length != 4 || m2.length != 4)
      return false;
    long l1, l2;
    for (int i=0; i < 4; i++) {
      l1 = Utils.unsign(m1[i]);
      l2 = Utils.unsign(m2[i]);
      if (l1 < l2)
        return true;
    }
    return false;
  }

  // bitwise AND of two IP addresses
  public static byte[] And(byte a1[], byte a2[]) {
    if (a1.length != 4 || a2.length != 4) 
      return null; 
    byte retval[] = new byte[4];
    for (int i = 0; i < 4; i++)
      retval[i] = (byte)(a1[i] & a2[i]);
    return retval;
  }

  // bitwise NOT of an IP address
  public static byte[] Not(byte a[]) {
    if (a.length != 4)
      return null;
    byte retval[] = new byte[4];
    for (int i=0; i < 4; i++)
      retval[i] = (byte)(~a[i]);
    return retval;
  }

  // test if two IP addresses are equal
  public static boolean equalIP(byte a1[], byte a2[]) {
    if (a1.length != a2.length)
      return false;
    for (int i=0; i < a1.length; i++)
      if (a1[i] != a2[i])
        return false;
    return true;
  }

  // test if IP address is zero
  public static boolean equalZero(byte a[]) {
    if (a.length != 4)
      return false;
    for (int i=0; i < 4; i++)
      if (a[i] != 0)
        return false;
    return true;
  }

  // Persistence
  /**
   * Write object data to a persistent output stream
   * @param ps Stream
   * @see PersistentOutputStream
   */
  public void write(PersistentOutputStream ps) {
  String s;
	int i;
		
    if ((address == null) || (address.length != 4))
      ps.writeString("Address=", "0");
    else {
			s = ("" + Utils.unsign(address[0]));
      for (i=1; i < 4; i++)
        s += ("." + Utils.unsign(address[i]));
			ps.writeString("Address=", s);
    }
    if ((netmask == null) || (netmask.length != 4))
      ps.writeString("Netmask=", "0");
    else {
			s = ("" + Utils.unsign(netmask[0]));
      for (i=1; i < 4; i++)
        s += ("." + Utils.unsign(netmask[i]));
			ps.writeString("Netmask=", s);
    }
  }

  /**
   * Read object data from a persistent input stream
   * @param ps Stream
   * @see PersistentInputStream
   */
  public void read(PersistentInputStream ps) throws java.io.IOException {

	StringTokenizer st;
	String s;
	int i;
	int a=0;
	
		s = ps.readString("Address=");
    if (s.length() == 1)
      address = null;
    else {
			st = new StringTokenizer(s, ".");
			if (st.countTokens() == 4) {
      	address = new byte[4];
      	for (i=0; i < 4; i++) {
					a = Format.atoi(st.nextToken());
					if (a > 127)
						a -= 256;
        	address[i] = (byte)a;
				}
			}
			else
				address = null;
    }
		s = ps.readString("Netmask=");
    if (s.length() == 1)
      netmask = null;
    else {
			st = new StringTokenizer(s, ".");
			if (st.countTokens() == 4) {
      	netmask = new byte[4];
      	for (i=0; i < 4; i++) {
					a = Format.atoi(st.nextToken());
					if (a > 127)
						a -= 256;
        	netmask[i] = (byte)a;
				}
			}
			else
				netmask = null;
    }
  }


  private byte[] address;
  private byte[] netmask;
}