addrlist.java

sifi-0.1.6.tar.gz 出自http://www.ifi.unizh.ch/ikm/SINUS/firewall/ 一个linux的防火墙工具。

/* ----------------------------------------------------------------------
   The SINUS Firewall -- a TCP/IP packet filter for Linux

   Written within the SINUS project at the University of Zurich,
   SWITCH, Telekurs Payserv AG, ETH Zurich.
   originally based on the sf Firewall Software (C) 1996 by Robert
   Muchsel and Roland Schmid.

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License as published by
   the Free Software Foundation; either version 2 of the License, or
   (at your option) any later version.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   GNU General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; if not, write to the Free Software
   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.

   SINUS Firewall resources:
   SINUS Homepage: http://www.ifi.unizh.ch/ikm/SINUS/
   Firewall Homepage: http://www.ifi.unizh.ch/ikm/SINUS/firewall.html
   Frequently asked questions: http://www.ifi.unizh.ch/ikm/SINUS/sf_faq.html
   Mailing list for comments, questions, bug reports: firewall@ifi.unizh.ch
   ----------------------------------------------------------------------  */



package sfclasses;

import java.awt.*;
import java.awt.event.*;
import java.util.*;
import java.io.*;
import corejava.*;

/**
 * <b>List of IP addresses</b><br>
 * This class implements a list of IP addresses. The addresses are stored
 * in a vector of AddrObj objects. AddrObj is a private class declared in
 * this file. Each IP address consists of a four byte address and a four
 * byte netmask. This file also declares the private class AddrPanel which
 * is used to edit an address list.
 * @version 1.0 14 Dec 1996
 * @author Roland E. Schmid
 */

public class AddrList implements Persistent {

  /**
   * Initialize an empty address list 
   */
  public AddrList() {
    Addresses = new Vector(5,3);
  }

  /**
   * Add a new address to the address list. If the address already exists,
   * it is removed from the list before adding the new one. Two addresses
   * with equal address parts are equal regardless of their netmasks.
   * @param adr Address object to add
   */
  protected void addAddress(AddrObj adr) {
    Addresses.removeElement(adr);
    Addresses.addElement(adr);
  }

  /**
   * Add a new address to the address list. If the address already exists,
   * it is removed from the list before adding the new one. Two addresses
   * with equal address parts are equal regardless of their netmasks. The
   * given address and netmask are converted to an address object before
   * adding.
   * @param addr Byte array containing the IP address
   * @param mask Byte array containing the netmask
   */
  public void addAddress(byte[] addr, byte[] mask) {
    if (addr.length != 4 || mask.length != 4)
      return;
    AddrObj adr = new AddrObj(addr, mask);
    Addresses.removeElement(adr);
    Addresses.addElement(adr);
  }

  /**
   * Add a new address to the address list. If the address already exists,
   * it is removed from the list before adding the new one. Two addresses
   * with equal address parts are equal regardless of their netmasks. The
   * given string is converted to an address object before adding. The string
   * must be of the format <tt>"aaa.aaa.aaa.aaa[/mmm.mmm.mmm.mmm]"</tt>.
   * @param str string containing the IP address and optionally the netmask.
   */
  public void addAddress(String str) {
    AddrObj adr = new AddrObj(str);
    Addresses.removeElement(adr);
    Addresses.addElement(adr);
  }

  /** 
   * Delete an address from the address list. 
   * @param addr Byte array containing the address to delete.
   * @return true if successful, false if the parameter isn't a valid IP 
   * address or if the address is not in the list.
   */
  public boolean deleteAddress(byte[] addr) {
    if (addr.length != 4)
      return false;
    AddrObj adr = new AddrObj(addr, null);
    return Addresses.removeElement(adr);
  }

  /**
   * Create a graphical panel to edit the address list. The panel can
   * be included in frames or dialog boxes.
   * @return Panel containing the address list editor
   */
  public Panel editPanel() {
    return new AddrPanel(this);
  }

  /**
   * Get the first address of the address list. This method is called whenever
   * the software needs to know the address of a firewall it should use to
   * connect to.
   * @return IP address in byte array format or null if the list is empty
   */
  public byte[] getFirstAddress() {
    try {
      return ((AddrObj)Addresses.firstElement()).getAddr();
    }
    catch (NoSuchElementException e) {
      return null;
    }
  }

  /**
   * This method adds all addresses from the parameter address list,
   * that are not yet stored in the list. If both the list and the paramter
   * contain an address, the address with the shorter netmask is used.<br>
   * This method is used by the autoconfiguration algorithms.
   * @param al List containing the new addresses
   */
  public void union(AddrList al) {
    Enumeration en1;
    Enumeration en2 = al.getAddresses().elements();
    AddrObj ao1, ao2;
    byte ao1addr[], ao1mask[], ao2addr[], ao2mask[];
    outer_loop: while (en2.hasMoreElements()) { 
      ao2 = (AddrObj)en2.nextElement();
      ao2addr = ao2.getAddr();
      ao2mask = ao2.getMask();
      en1 = Addresses.elements();
      while (en1.hasMoreElements()) {
        ao1 = (AddrObj)en1.nextElement();
        ao1addr = ao1.getAddr();
        ao1mask = ao1.getMask();
        if (AddrObj.equalIP(AddrObj.And(ao1.AndMask(),ao2mask),
                            AddrObj.And(ao2.AndMask(),ao1mask))) {
          // addresses match
          if (AddrObj.maskLess(ao2mask, ao1mask)) { // new address more general, replace
            ao1.set(ao2addr, ao2mask);
          }
          continue outer_loop;
        }
      }
      // no match, add new address
      addAddress(ao2addr, ao2mask);
    }
  }

  /**
   * Get all addresses contained in the address list.
   * @return Vector containing the address objects
   */
  protected Vector getAddresses() {
    return Addresses;
  }

  /**
   * Check if the address list is empty
   * @return true, if the list is empty, false otherwise
   */
  public boolean empty() {
    return Addresses.isEmpty();
  }

  /**
   * Check if the list contains a network address 
	 * (i.e. all host bits set to zero)
   * @return true, if a network address exists, false otherwise
   */
  public boolean hasNetworkAddr() {

		boolean retval = false;
		AddrObj ao;
		byte[] addr = new byte[4];
		byte[] mask = new byte[4];
		Enumeration en = Addresses.elements();
		while (en.hasMoreElements()) {
			ao = (AddrObj)en.nextElement();
			addr = ao.getAddr();
			mask = ao.getMask();

			if (!AddrObj.equalZero(AddrObj.Not(mask))) 		// net mask
				if (AddrObj.equalZero(AddrObj.And(addr,AddrObj.Not(mask))))
					retval = true;
		}
		return retval;
  }

  /**
   * Check if the list contains a host address 
	 * (i.e. netmask 255.255.255.255)
   * @return true, if a host address exists, false otherwise
   */
  public boolean hasHostAddr() {

		boolean retval = false;
		AddrObj ao;
		byte[] addr = new byte[4];
		byte[] mask = new byte[4];
		Enumeration en = Addresses.elements();
		while (en.hasMoreElements()) {
			ao = (AddrObj)en.nextElement();
			addr = ao.getAddr();
			mask = ao.getMask();

			if (AddrObj.equalZero(AddrObj.Not(mask))) 		// host mask
				retval = true;
		}
		return retval;
  }


  /**
   * Check if the lists contains a broadcast address 
	 * (i.e. all host bits set to one)
   * @return true, if a broadcast address exists, false otherwise
   */
  public boolean hasBroadcastAddr() {
		boolean retval = false;
		AddrObj ao;
		byte[] addr = new byte[4];
		byte[] mask = new byte[4];
		int address;
		Enumeration en = Addresses.elements();
		while (en.hasMoreElements()) {
			ao = (AddrObj)en.nextElement();
			addr = ao.getAddr();
			mask = ao.getMask();

			if (!AddrObj.equalZero(AddrObj.Not(mask))) 		// net mask
				if (AddrObj.equalIP(AddrObj.Not(mask), AddrObj.And(addr,AddrObj.Not(mask))))
					retval = true;
		}
		return retval;
  }

  /**
   * Format all addresses contained in the list.<br>
   * The format of the strings is <tt>"aaa.aaa.aaa.aaa/mmm.mmm.mmm.mmm"</tt>
   * @return Array of strings containing the formatted addresses
   */ 
  public String[] printAddresses() {
    String str[] = new String[Addresses.size()];
    Enumeration en = Addresses.elements();
    AddrObj ao;
    int i=0;
    while (en.hasMoreElements()) {
      ao = (AddrObj)en.nextElement();
      str[i] = ao.toString();
      i++;
    }
    return str;
  }

  /**
   * Format all addresses and write them to the specified print stream.
   * The output format is conforming to the firewall configuration file syntax.
   * @param ps PrintStream to write the output to
   * @indent Number of spaces to prepend to each line
   * @port Port parameter to append to the addresses
   * @prend End value for a port range
   */
  public void printAddressesFormatted(PrintWriter ps, int indent, int port, int prend) {
    String indentString = new String();
    for (int i=0; i < indent; i++)
      indentString += " ";

    String portString = new String();
    if (port != Macro.MACRO_FIRSTPORT || prend != Macro.MACRO_LASTPORT) {
      portString += " port "+port;
      if (port != prend)
        portString += " .. "+prend;
    }

    StringBuffer sb;
    Enumeration en = Addresses.elements();
    AddrObj ao;
    while (en.hasMoreElements()) {
      ao = (AddrObj)en.nextElement();
      sb = new StringBuffer(indentString);
      sb.append(Utils.printIP(ao.getAddr()));
      while (sb.length() < indent+15)
        sb.append(' ');
      sb.append(" mask ");
      sb.append(Utils.printIP(ao.getMask()));
      if (portString.length() > 0) {
        while (sb.length() < indent+36)
          sb.append(' ');
        sb.append(portString);
      }
      ps.print(sb.toString());
      if (en.hasMoreElements())
        ps.println(",");
      else
        ps.println();
    }
  }

  // Persistence
  /**
   * Write object data to a persistent output stream
   * @param ps Stream
   * @see PersistentOutputStream
   */
  public void write(PersistentOutputStream ps) {
    ps.writePersistentVector("Addresses=", Addresses);
  }

  /**
   * Read object data from a persistent input stream
   * @param ps Stream
   * @see PersistentInputStream
   */
  public void read(PersistentInputStream ps) throws java.io.IOException {
    Addresses = ps.readPersistentVector("Addresses=");
  }


  private Vector Addresses;
}



// graphical panel to edit an address list
class AddrPanel extends Panel implements ActionListener {

  public AddrPanel(AddrList al) {
    // implicit super() call

    AddrListObj = al;

    GridBagLayout gbl = new GridBagLayout();
    setLayout(gbl);
    
    addrlbox = new List(5, false);
    Enumeration en = al.getAddresses().elements();
    AddrObj adr;
    while (en.hasMoreElements()) {
      adr = (AddrObj)en.nextElement();
      addrlbox.add(adr.toString());
    }
    addbut = new Button("Add");
	 addbut.addActionListener(this);
    removebut = new Button("Remove");
	 removebut.addActionListener(this);
    addrtext = new TextField();
    addrlabel = new Label("Address:");
    masktext = new TextField();
    masklabel = new Label("Netmask:");

    GridBagConstraints gbc = new GridBagConstraints();
    gbc.fill = GridBagConstraints.BOTH;
    Utils.add_component(this, addrlbox, gbl, gbc, 0, 0, 4, 5, 100, 100);
    gbc.fill = GridBagConstraints.NONE;
    Utils.add_component(this, addbut, gbl, gbc, 2, 5, 1, 1, 0, 0);
    Utils.add_component(this, removebut, gbl, gbc, 1, 5, 1, 1, 0, 0);
    gbc.fill = GridBagConstraints.BOTH;
    Utils.add_component(this, addrlabel, gbl, gbc, 0, 6, 1, 1, 0, 0);
    Utils.add_component(this, addrtext, gbl, gbc, 1, 6, 3, 1, 100, 0);
    Utils.add_component(this, masklabel, gbl, gbc, 0, 7, 1, 1, 0, 0);
    Utils.add_component(this, masktext, gbl, gbc, 1, 7, 3, 1, 100, 0);
    addrtext.requestFocus();
  }

  public void actionPerformed(ActionEvent ae) {
  Object source = ae.getSource();

	 // Process addbut
    if (source == addbut) {
      String str;
      if (masktext.getText().trim().length() == 0)
        str = addrtext.getText().trim();
      else
        str = addrtext.getText().trim() + "/" + masktext.getText().trim();
      AddrObj ao = new AddrObj(str);
      if (ao.getAddr() == null) {
        UserDialog.ErrorBox("Invalid IP address or host name:\n"+str);
        return;
      }
      if (AddrListObj.getAddresses().contains(ao)) {
        int sel = AddrListObj.getAddresses().indexOf(ao);
        addrlbox.remove(sel);
      }
      AddrListObj.addAddress(ao);
      addrlbox.add(ao.toString());
      return;
    }

	 // Process removebut
    else if (source == removebut) {
      int sel = addrlbox.getSelectedIndex();
      if (sel == -1) // nothing selected
        return;
      AddrListObj.getAddresses().removeElementAt(sel);
      addrlbox.remove(sel);
      return;
    }
  } // actionPerformed

  private AddrList AddrListObj;
  private List addrlbox;
  private Button addbut;
  private Button removebut;
  private TextField addrtext;
  private TextField masktext;
  private Label addrlabel;
  private Label masklabel;
}