#include "plugin.h"
#include "control.h"
-char const *cvs_id = "$Id: garden.c,v 1.7 2004/06/28 02:43:13 fred_nerk Exp $";
+/* walled garden */
+
+char const *cvs_id = "$Id: garden.c,v 1.10 2004/11/05 02:39:35 bodea Exp $";
int __plugin_api_version = 1;
static struct pluginfuncs *p = 0;
static int iam_master = 0; // We're all slaves! Slaves I tell you!
char *up_commands[] = {
- "iptables -t nat -N garden >/dev/null 2>&1", // Create a chain that all gardened users will go through
+ "iptables -t nat -N garden >/dev/null 2>&1", // Create a chain that all gardened users will go through
"iptables -t nat -F garden",
- ". " PLUGINCONF "/build-garden", // Populate with site-specific DNAT rules
- "iptables -t nat -N garden_users >/dev/null 2>&1",// Empty chain, users added/removed by garden_session
+ ". " PLUGINCONF "/build-garden", // Populate with site-specific DNAT rules
+ "iptables -t nat -N garden_users >/dev/null 2>&1", // Empty chain, users added/removed by garden_session
"iptables -t nat -F garden_users",
- "iptables -t nat -A PREROUTING -j garden_users", // DNAT any users on the garden_users chain
+ "iptables -t nat -A PREROUTING -j garden_users", // DNAT any users on the garden_users chain
"sysctl -w net.ipv4.ip_conntrack_max=256000 >/dev/null", // lots of entries
NULL,
};
// Ignore if user authentication was successful
if (data->auth_allowed) return PLUGIN_RET_OK;
- p->log(3, 0, 0, 0, "Walled Garden allowing login\n");
+ p->_log(3, 0, 0, 0, "Walled Garden allowing login\n");
data->auth_allowed = 1;
data->s->walled_garden = 1;
return PLUGIN_RET_OK;
sprintf((data->response + data->response_length), "%s", errormsg);
data->response_length += strlen(errormsg) + 1;
- p->log(3, 0, 0, 0, "Unknown session %d\n", session);
+ p->_log(3, 0, 0, 0, "Unknown session %d\n", session);
return PLUGIN_RET_STOP;
}
*(short *)(data->response + 2) = ntohs(PKT_RESP_OK);
for (i = 0; up_commands[i] && *up_commands[i]; i++)
{
- p->log(3, 0, 0, 0, "Running %s\n", up_commands[i]);
+ p->_log(3, 0, 0, 0, "Running %s\n", up_commands[i]);
system(up_commands[i]);
}
if (flag == 1)
{
- p->log(2, 0, 0, s->tunnel, "Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
- snprintf(cmd, 2048, "iptables -t nat -A garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
- p->log(3, 0, 0, s->tunnel, "%s\n", cmd);
+ p->_log(2, 0, 0, s->tunnel, "Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
+ snprintf(cmd, sizeof(cmd), "iptables -t nat -A garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
+ p->_log(3, 0, 0, s->tunnel, "%s\n", cmd);
system(cmd);
s->walled_garden = 1;
}
int count = 40;
// Normal User
- p->log(2, 0, 0, s->tunnel, "Un-Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
+ p->_log(2, 0, 0, s->tunnel, "Un-Garden user %s (%s)\n", s->user, p->inet_toa(htonl(s->ip)));
// Kick off any duplicate usernames
// but make sure not to kick off ourself
if (s->ip && !s->die && (other = p->get_session_by_username(s->user)) && s != p->get_session_by_id(other)) {
s->cin = s->cout = 0;
s->pin = s->pout = 0;
- snprintf(cmd, 2048, "iptables -t nat -D garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
- p->log(3, 0, 0, s->tunnel, "%s\n", cmd);
+ snprintf(cmd, sizeof(cmd), "iptables -t nat -D garden_users -s %s -j garden", p->inet_toa(htonl(s->ip)));
+ p->_log(3, 0, 0, s->tunnel, "%s\n", cmd);
while (--count)
{
int status = system(cmd);
int i;
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
- p->log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
+ p->_log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
system(down_commands[i]);
}
}
for (i = 0; down_commands[i] && *down_commands[i]; i++)
{
- p->log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
+ p->_log(3, 0, 0, 0, "Running %s\n", down_commands[i]);
system(down_commands[i]);
}
}