Arp.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /* DEBUG: section 28 Access Control */
10 
11 #include "squid.h"
12 
13 #if USE_SQUID_EUI
14 
15 #include "acl/Arp.h"
16 #include "acl/FilledChecklist.h"
17 #include "cache_cf.h"
18 #include "Debug.h"
19 #include "eui/Eui48.h"
20 #include "globals.h"
21 #include "ip/Address.h"
22 
23 #include <algorithm>
24 
25 ACLARP::ACLARP (char const *theClass) : class_ (theClass)
26 {}
27 
28 char const *
30 {
31  return class_;
32 }
33 
34 bool
35 ACLARP::empty () const
36 {
37  return aclArpData.empty();
38 }
39 
40 /* ==== BEGIN ARP ACL SUPPORT ============================================= */
41 
42 /*
43  * From: dale@server.ctam.bitmcnit.bryansk.su (Dale)
44  * To: wessels@nlanr.net
45  * Subject: Another Squid patch... :)
46  * Date: Thu, 04 Dec 1997 19:55:01 +0300
47  * ============================================================================
48  *
49  * Working on setting up a proper firewall for a network containing some
50  * Win'95 computers at our Univ, I've discovered that some smart students
51  * avoid the restrictions easily just changing their IP addresses in Win'95
52  * Control Panel... It has been getting boring, so I took Squid-1.1.18
53  * sources and added a new acl type for hard-wired access control:
54  *
55  * acl <name> arp <Ethernet address> ...
56  *
57  * For example,
58  *
59  * acl students arp 00:00:21:55:ed:22 00:00:21:ff:55:38
60  *
61  * NOTE: Linux code by David Luyer <luyer@ucs.uwa.edu.au>.
62  * Original (BSD-specific) code no longer works.
63  * Solaris code by R. Gancarz <radekg@solaris.elektrownia-lagisza.com.pl>
64  */
65 
66 static Eui::Eui48 *
67 aclParseArpData(const char *t)
68 {
69  char buf[256];
70  Eui::Eui48 *q = new Eui::Eui48;
71  debugs(28, 5, "aclParseArpData: " << t);
72 
73  if (sscanf(t, "%[0-9a-fA-F:]", buf) != 1) {
74  debugs(28, DBG_CRITICAL, "aclParseArpData: Bad ethernet address: '" << t << "'");
75  delete q;
76  return NULL;
77  }
78 
79  if (!q->decode(buf)) {
80  debugs(28, DBG_CRITICAL, "" << cfg_filename << " line " << config_lineno << ": " << config_input_line);
81  debugs(28, DBG_CRITICAL, "aclParseArpData: Ignoring invalid ARP acl entry: can't parse '" << buf << "'");
82  delete q;
83  return NULL;
84  }
85 
86  return q;
87 }
88 
89 /*******************/
90 /* aclParseArpList */
91 /*******************/
92 void
94 {
95  while (const char *t = ConfigParser::strtokFile()) {
96  if (Eui::Eui48 *q = aclParseArpData(t)) {
97  aclArpData.insert(*q);
98  delete q;
99  }
100  }
101 }
102 
103 int
105 {
106  ACLFilledChecklist *checklist = Filled(cl);
107 
108  /* IPv6 does not do ARP */
109  if (!checklist->src_addr.isIPv4()) {
110  debugs(14, 3, "ACLARP::match: IPv4 Required for ARP Lookups. Skipping " << checklist->src_addr );
111  return 0;
112  }
113 
114  Eui::Eui48 lookingFor;
115  lookingFor.lookup(checklist->src_addr);
116  return (aclArpData.find(lookingFor) != aclArpData.end());
117 }
118 
119 SBufList
121 {
122  SBufList sl;
123  for (auto i = aclArpData.begin(); i != aclArpData.end(); ++i) {
124  char buf[48];
125  i->encode(buf,48);
126  sl.push_back(SBuf(buf));
127  }
128  return sl;
129 }
130 
131 /* ==== END ARP ACL SUPPORT =============================================== */
132 
133 #endif /* USE_SQUID_EUI */
134 
Ip::Address src_addr
static char * strtokFile()
Definition: ConfigParser.cc:63
std::list< SBuf > SBufList
Definition: forward.h:22
char const * class_
Definition: Arp.h:37
Definition: SBuf.h:87
bool decode(const char *asc)
Definition: Eui48.cc:97
#define DBG_CRITICAL
Definition: Debug.h:40
bool isIPv4() const
Definition: Address.cc:158
AclArpData_t aclArpData
Definition: Arp.h:39
bool lookup(const Ip::Address &c)
Definition: Eui48.cc:135
#define NULL
Definition: types.h:166
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:123
virtual SBufList dump() const
Definition: Arp.cc:120
ACLFilledChecklist * Filled(ACLChecklist *checklist)
convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*>
const char * cfg_filename
Definition: cache_cf.cc:270
static Eui::Eui48 * aclParseArpData(const char *t)
Definition: Arp.cc:67
int config_lineno
Definition: cache_cf.cc:271
virtual int match(ACLChecklist *checklist)
Matches the actual data in checklist against this ACL.
Definition: Arp.cc:104
ACLARP(char const *)
Definition: Arp.cc:25
virtual void parse()
parses node representation in squid.conf; dies on failures
Definition: Arp.cc:93
virtual char const * typeString() const
Definition: Arp.cc:29
char config_input_line[BUFSIZ]
Definition: cache_cf.cc:272
virtual bool empty() const
Definition: Arp.cc:35

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors