configfile.h

Go to the documentation of this file.
00001 /*----------------------------------------------------------------------------
00002  secwatch - Copyright (C) 2006 Nic Stevens -- See COPYING for license details
00003 ------------------------------------------------------------------------------
00004  config.h - prototypes, macros, and declarations for the configuration of
00005  secwatch. 
00006 -----------------------------------------------------------------------------*/
00007 #ifndef _CONFIG_H
00008 
00009 enum {false=0,true}; // Define true and false constants
00010 
00014 typedef enum {ci_pathname, ci_integer,ci_boolean, ci_logpri, ci_logfac, ci_text,ci_flist} ci_type;
00015 
00019 typedef struct _cfgitem {
00020      char *name;                // Name of variable
00021      ci_type type;              // type of variable (ci_type, see above)
00022      union {                    // Hold the values in various formats
00023           char **a;             // array of char ptrs
00024           char *s;              // string of text
00025           int i;                // integer
00026      } val;
00027 } cfgitem_t;
00028 
00032 #ifndef SO_OBJECT
00033 extern cfgitem_t config[];
00034 #endif
00035 
00036 int readConfig(char * file, char *ebuf, size_t ebsiz);
00037 char * confVarPath(char *name, int *eptr);
00038 char * confVarText(char *name, int *eptr);
00039 int confVarSyslog(char *name, int *eptr);
00040 int confVarBool(char *name, int *eptr);
00041 int confVarInt(char *name, int *eptr);
00042 char ** confVarFlist(char *name, int *eptr);
00043 char *fixupPathName(char *val, char *path);
00044 int getBooleanValue(char *s, int *v);
00045 
00046 #ifdef CONFIG_DECL
00047 #define LOCAL
00048 
00049 LOCAL cfgitem_t *  _configTabEntry(char *name);
00050 
00051 
00052 LOCAL char * _defrej[] = {"inprej","outrej","fwdrej",NULL}; // basic firewall rejects
00053 LOCAL char * _defalw[] = {"inpalw","outalw","fwdalw",NULL}; // basic firewall allows
00054 
00060 cfgitem_t config[] = {
00061      {"patterns",       ci_pathname,    "/usr/local/etc/secwatch.patterns"},
00062      {"pidfile",        ci_pathname,    "/var/run/secwatch.pid"},
00063      {"iplist",         ci_pathname,    "/var/run/secwatch.iplist"},
00064      {"logfiles",       ci_text,        "/var/log/secure,/var/log/messages"},
00065      {"maxatt",         ci_integer,     5},
00066      {"maxage",         ci_integer,     15},
00067      {"fork",           ci_boolean,     true},
00068      {"mailto",         ci_text,        "secwatch"},
00069      {"mailfrom",       ci_text,        "secwatch"},
00070      {"sendmail",       ci_pathname,    "/usr/sbin/sendmail"},
00071      {"logpri",         ci_logpri,      LOG_INFO},
00072      {"logfac",         ci_logfac,      LOG_DAEMON},
00073      {"fwreject",       ci_flist,       _defrej},
00074      {"inprej",         ci_text,        "/sbin/iptables -I INPUT -s $i -j DROP"},
00075      {"outrej",         ci_text,        "/sbin/iptables -I OUTPUT -d $i -j DROP"},
00076      {"fwdrej",         ci_text,        "/sbin/iptables -I FORWARD -d $i -j DROP"},
00077      {"fwallow",        ci_flist,       _defalw},
00078      {"inpalw",         ci_text,        "/sbin/iptables -D INPUT -s $i -j DROP"},
00079      {"outalw",         ci_text,        "/sbin/iptables -D OUTPUT -d $i -j DROP"},
00080      {"fwdalw",         ci_text,        "/sbin/iptables -D FORWARD -d $i -j DROP"},
00081      {NULL,             0,              0}
00082 };
00083 
00084 #endif // CONFIG_DECL
00085 
00086 #endif // _CONFIG_H
Generated on Tue Oct 31 10:17:23 2006 for secwatch by  doxygen 1.4.6