Arp.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /* DEBUG: section 28 Access Control */
10 
11 #include "squid.h"
12 
13 #if USE_SQUID_EUI
14 
15 #include "acl/Arp.h"
16 #include "acl/FilledChecklist.h"
17 #include "Debug.h"
18 #include "eui/Eui48.h"
19 #include "globals.h"
20 #include "ip/Address.h"
21 
22 #include <algorithm>
23 
24 ACL *
26 {
27  return new ACLARP(*this);
28 }
29 
30 ACLARP::ACLARP (char const *theClass) : class_ (theClass)
31 {}
32 
33 ACLARP::ACLARP (ACLARP const & old) : class_ (old.class_), aclArpData(old.aclArpData)
34 {
35 }
36 
37 char const *
39 {
40  return class_;
41 }
42 
43 bool
44 ACLARP::empty () const
45 {
46  return aclArpData.empty();
47 }
48 
49 /* ==== BEGIN ARP ACL SUPPORT ============================================= */
50 
51 /*
52  * From: dale@server.ctam.bitmcnit.bryansk.su (Dale)
53  * To: wessels@nlanr.net
54  * Subject: Another Squid patch... :)
55  * Date: Thu, 04 Dec 1997 19:55:01 +0300
56  * ============================================================================
57  *
58  * Working on setting up a proper firewall for a network containing some
59  * Win'95 computers at our Univ, I've discovered that some smart students
60  * avoid the restrictions easily just changing their IP addresses in Win'95
61  * Contol Panel... It has been getting boring, so I took Squid-1.1.18
62  * sources and added a new acl type for hard-wired access control:
63  *
64  * acl <name> arp <Ethernet address> ...
65  *
66  * For example,
67  *
68  * acl students arp 00:00:21:55:ed:22 00:00:21:ff:55:38
69  *
70  * NOTE: Linux code by David Luyer <luyer@ucs.uwa.edu.au>.
71  * Original (BSD-specific) code no longer works.
72  * Solaris code by R. Gancarz <radekg@solaris.elektrownia-lagisza.com.pl>
73  */
74 
75 Eui::Eui48 *
76 aclParseArpData(const char *t)
77 {
78  char buf[256];
79  Eui::Eui48 *q = new Eui::Eui48;
80  debugs(28, 5, "aclParseArpData: " << t);
81 
82  if (sscanf(t, "%[0-9a-fA-F:]", buf) != 1) {
83  debugs(28, DBG_CRITICAL, "aclParseArpData: Bad ethernet address: '" << t << "'");
84  delete q;
85  return NULL;
86  }
87 
88  if (!q->decode(buf)) {
89  debugs(28, DBG_CRITICAL, "" << cfg_filename << " line " << config_lineno << ": " << config_input_line);
90  debugs(28, DBG_CRITICAL, "aclParseArpData: Ignoring invalid ARP acl entry: can't parse '" << buf << "'");
91  delete q;
92  return NULL;
93  }
94 
95  return q;
96 }
97 
98 /*******************/
99 /* aclParseArpList */
100 /*******************/
101 void
103 {
104  while (const char *t = ConfigParser::strtokFile()) {
105  if (Eui::Eui48 *q = aclParseArpData(t)) {
106  aclArpData.insert(*q);
107  delete q;
108  }
109  }
110 }
111 
112 int
114 {
115  ACLFilledChecklist *checklist = Filled(cl);
116 
117  /* IPv6 does not do ARP */
118  if (!checklist->src_addr.isIPv4()) {
119  debugs(14, 3, "ACLARP::match: IPv4 Required for ARP Lookups. Skipping " << checklist->src_addr );
120  return 0;
121  }
122 
123  Eui::Eui48 lookingFor;
124  lookingFor.lookup(checklist->src_addr);
125  return (aclArpData.find(lookingFor) != aclArpData.end());
126 }
127 
128 SBufList
130 {
131  SBufList sl;
132  for (auto i = aclArpData.begin(); i != aclArpData.end(); ++i) {
133  char buf[48];
134  i->encode(buf,48);
135  sl.push_back(SBuf(buf));
136  }
137  return sl;
138 }
139 
140 /* ==== END ARP ACL SUPPORT =============================================== */
141 
142 #endif /* USE_SQUID_EUI */
143 
bool decode(const char *asc)
Definition: Eui48.cc:97
virtual char const * typeString() const
Definition: Arp.cc:38
Definition: Arp.h:22
Definition: SBuf.h:87
char const * class_
Definition: Arp.h:40
Ip::Address src_addr
ACLFilledChecklist * Filled(ACLChecklist *checklist)
convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*>
int i
Definition: membanger.c:49
Definition: Acl.h:39
#define DBG_CRITICAL
Definition: Debug.h:44
virtual SBufList dump() const
Definition: Arp.cc:129
AclArpData_t aclArpData
Definition: Arp.h:42
bool lookup(const Ip::Address &c)
Definition: Eui48.cc:135
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:123
int config_lineno
const char * cfg_filename
virtual ACL * clone() const
Definition: Arp.cc:25
ACLARP(char const *)
Definition: Arp.cc:30
bool isIPv4() const
Definition: Address.cc:151
std::list< SBuf > SBufList
Definition: forward.h:26
void const char * buf
Definition: stub_helper.cc:16
char config_input_line[BUFSIZ]
static char * strtokFile()
Definition: ConfigParser.cc:82
virtual void parse()
parses node represenation in squid.conf; dies on failures
Definition: Arp.cc:102
Eui::Eui48 * aclParseArpData(const char *t)
Definition: Arp.cc:76
virtual bool empty() const
Definition: Arp.cc:44
virtual int match(ACLChecklist *checklist)
Matches the actual data in checklist against this ACL.
Definition: Arp.cc:113
#define NULL
Definition: types.h:166

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors