forbidhosts/forbidhosts.h

/**
 * @PROJECT		ForbidHosts
 * @COPYRIGHT		See COPYING in the top level directory
 * @FILE		forbidhosts.h
 * @PURPOSE		Tool for checking IPv4 & IPv6 failed connections
 * @DEVELOPERS		Pierre Schweitzer <pierre@reactos.org>
 *			Rafal Kupiec <belliash@asiotec.eu.org>
 */

#define MAXATTEMPTS 5
#define HOSTEXPIRE 10
#define FAILUREPENALTY 1
#define DENYFILE "/etc/hosts.deny"
#define LOGFILE "/var/log/auth.log"
#define PIDFILE "/var/run/forbidhosts.pid"

#define FHVERSION "1.6"

#define assertHard(e) if (!(e)) assertException(__FILE__, __LINE__, #e, true)
#define assertSoft(e) if (!(e)) assertException(__FILE__, __LINE__, #e, false)

using namespace std;

struct hf_t {
	unsigned int max_attempts;
	unsigned int host_expire;
	unsigned int failure_penalty;
	string banned_names;
	string debug;
	string deny_file;
	string log_file;
	string pid_file;
	string protocol;
};
hf_t global;

struct banned_t {
	string ipaddr;
	time_t expires;

	banned_t(time_t date, const string &address) {
		ipaddr = address;
		expires = date + 12 * 60 * 60;
	}
};

struct host_t {
	string ipaddr;
	unsigned int attempts;
	time_t first_seen;
	time_t expires;

	host_t(time_t date, const string &address) {
		attempts = 1;
		ipaddr = address;
		first_seen = date;
		expires = date + global.host_expire * 60;
	}
};

int logfile;

void assertException(const char *file, unsigned int line, const char *assert, bool critical);
void assignGlobalVars();
bool compare(const host_t &lhs, const host_t &rhs);
void daemonize(string workdir);
void debug(const char *msg, ...);
void denyHost(string host);
void printVersion();
unsigned int readLine(int file, vector<host_t> &hosts, vector<banned_t> &banned);
void shutdown(int code);
void signalHandler(int signal);
bool updateHost(const string &host, vector<host_t> &hosts, vector<banned_t> &banned, unsigned int repeated, bool loggedin);
bool validateEntry(char *entry, char **address, unsigned int *length, bool *loggedin);
unsigned int validateRepeated(char *line);