1 /* @(#) $Id: remoted.c,v 1.34 2009/06/24 18:53:07 dcid Exp $ */
3 /* Copyright (C) 2009 Trend Micro Inc.
6 * This program is a free software; you can redistribute it
7 * and/or modify it under the terms of the GNU General Public
8 * License (version 3) as published by the FSF - Free Software
11 * License details at the LICENSE file included with OSSEC or
12 * online at: http://www.ossec.net/en/licensing.html
18 * Listen to remote packets and forward them to the analysis
24 #include "os_net/os_net.h"
30 /** void HandleRemote(int position, int uid) v0.2 2005/11/09
31 * Handle remote connections
35 void HandleRemote(int position, int uid)
37 /* If syslog connection and allowips is not defined, exit */
38 if(logr.conn[position] == SYSLOG_CONN)
40 if(logr.allowips == NULL)
42 ErrorExit(NO_SYSLOG, ARGV0);
48 tmp_ips = logr.allowips;
51 verbose("%s: Remote syslog allowed from: '%s'",
52 ARGV0, (*tmp_ips)->ip);
60 if(logr.proto[position] == TCP_PROTO)
63 OS_Bindporttcp(logr.port[position],logr.lip[position])) < 0)
65 ErrorExit(BIND_ERROR, ARGV0, logr.port[position]);
70 /* Using UDP. Fast, unreliable.. perfect */
72 OS_Bindportudp(logr.port[position], logr.lip[position])) < 0)
74 ErrorExit(BIND_ERROR, ARGV0, logr.port[position]);
80 /* Revoking the privileges */
81 if(Privsep_SetUser(uid) < 0)
83 ErrorExit(SETUID_ERROR,ARGV0, REMUSER);
88 if(CreatePID(ARGV0, getpid()) < 0)
90 ErrorExit(PID_ERROR,ARGV0);
94 /* Start up message */
95 verbose(STARTUP_MSG, ARGV0, (int)getpid());
98 /* If Secure connection, deal with it */
99 if(logr.conn[position] == SECURE_CONN)
104 else if(logr.proto[position] == TCP_PROTO)
109 /* If not, deal with syslog */