1 /* @(#) $Id: syslog.c,v 1.17 2009/06/24 18:53:07 dcid Exp $ */
3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 3) as published by the FSF - Free Software
15 #include "os_net/os_net.h"
21 /* OS_IPNotAllowed, v0.1, 2005/02/11
22 * Checks if an IP is not allowed.
24 static int OS_IPNotAllowed(char *srcip)
26 if(logr.denyips != NULL)
28 if(OS_IPFoundList(srcip, logr.denyips))
33 if(logr.allowips != NULL)
35 if(OS_IPFoundList(srcip, logr.allowips))
41 /* If the ip is not allowed, it will be denied */
46 /** void HandleSyslog() v0.2
47 * Handle syslog connections
51 char buffer[OS_SIZE_1024 +2];
52 char srcip[IPSIZE +1];
54 char *buffer_pt = NULL;
58 struct sockaddr_in peer_info;
62 /* setting peer size */
63 peer_size = sizeof(peer_info);
66 /* Initializing some variables */
67 memset(buffer, '\0', OS_SIZE_1024 +2);
70 /* Connecting to the message queue
73 if((logr.m_queue = StartMQ(DEFAULTQUEUE,WRITE)) < 0)
75 ErrorExit(QUEUE_FATAL,ARGV0, DEFAULTQUEUE);
79 /* Infinite loop in here */
82 /* Receiving message */
83 recv_b = recvfrom(logr.sock, buffer, OS_SIZE_1024, 0,
84 (struct sockaddr *)&peer_info, &peer_size);
86 /* Nothing received */
91 /* null terminating the message */
92 buffer[recv_b] = '\0';
95 /* Removing new line */
96 if(buffer[recv_b -1] == '\n')
98 buffer[recv_b -1] = '\0';
101 /* Setting the source ip */
102 strncpy(srcip, inet_ntoa(peer_info.sin_addr), IPSIZE);
103 srcip[IPSIZE] = '\0';
106 /* Removing syslog header */
109 buffer_pt = strchr(buffer+1, '>');
124 /* Checking if IP is allowed here */
125 if(OS_IPNotAllowed(srcip))
127 merror(DENYIP_WARN,ARGV0,srcip);
130 else if(SendMSG(logr.m_queue, buffer_pt, srcip,
133 merror(QUEUE_ERROR,ARGV0,DEFAULTQUEUE, strerror(errno));
134 if((logr.m_queue = StartMQ(DEFAULTQUEUE,READ)) < 0)
136 ErrorExit(QUEUE_FATAL,ARGV0,DEFAULTQUEUE);