Cross Reference: /freebsd-11.0-release/contrib/tcp_wrappers/tcpdchk.c

Deleted Added

sdiff udiff text old ( 51495 ) new ( 56977 )

full compact

tcpdchk.c (51495)	tcpdchk.c (56977)
1 /* 2 * tcpdchk - examine all tcpd access control rules and inetd.conf entries 3 * 4 * Usage: tcpdchk [-a] [-d] [-i inet_conf] [-v] 5 * 6 * -a: complain about implicit "allow" at end of rule. 7 * 8 * -d: rules in current directory. 9 * 10 * -i: location of inetd.conf file. 11 * 12 * -v: show all rules. 13 * 14 * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. 15 *	1 /* 2 * tcpdchk - examine all tcpd access control rules and inetd.conf entries 3 * 4 * Usage: tcpdchk [-a] [-d] [-i inet_conf] [-v] 5 * 6 * -a: complain about implicit "allow" at end of rule. 7 * 8 * -d: rules in current directory. 9 * 10 * -i: location of inetd.conf file. 11 * 12 * -v: show all rules. 13 * 14 * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. 15 *
16 * $FreeBSD: head/contrib/tcp_wrappers/tcpdchk.c 51495 1999-09-21 09:09:57Z sheldonh $	16 * $FreeBSD: head/contrib/tcp_wrappers/tcpdchk.c 56977 2000-02-03 10:27:03Z shin $
17 / 18 19#ifndef lint 20static char sccsid[] = "@(#) tcpdchk.c 1.8 97/02/12 02:13:25"; 21#endif 22 23/ System libraries. */ 24 25#include <sys/types.h> 26#include <sys/stat.h>	17 / 18 19#ifndef lint 20static char sccsid[] = "@(#) tcpdchk.c 1.8 97/02/12 02:13:25"; 21#endif 22 23/ System libraries. */ 24 25#include <sys/types.h> 26#include <sys/stat.h>
	27#ifdef INET6 28#include <sys/socket.h> 29#endif
27#include <netinet/in.h> 28#include <arpa/inet.h> 29#include <stdio.h> 30#include <syslog.h> 31#include <setjmp.h> 32#include <errno.h> 33#include <netdb.h> 34#include <string.h> --- 363 unchanged lines hidden (view full) --- 398 } else if (STR_EQ(pat, "FAIL")) { /* obsolete / 399* tcpd_warn("FAIL is no longer recognized"); 400 tcpd_warn("(use EXCEPT or DENY instead)"); 401 } else if (reserved_name(pat)) { 402 tcpd_warn("%s: user name may be reserved word", pat); 403 } 404} 405	30#include <netinet/in.h> 31#include <arpa/inet.h> 32#include <stdio.h> 33#include <syslog.h> 34#include <setjmp.h> 35#include <errno.h> 36#include <netdb.h> 37#include <string.h> --- 363 unchanged lines hidden (view full) --- 401 } else if (STR_EQ(pat, "FAIL")) { /* obsolete / 402* tcpd_warn("FAIL is no longer recognized"); 403 tcpd_warn("(use EXCEPT or DENY instead)"); 404 } else if (reserved_name(pat)) { 405 tcpd_warn("%s: user name may be reserved word", pat); 406 } 407} 408
	409#ifdef INET6 410static int is_inet6_addr(pat) 411 char pat; 412{ 413* struct in6_addr addr; 414 int len, ret; 415 char ch; 416 417 if (pat != '[') 418* return (0); 419 len = strlen(pat); 420 if ((ch = pat[len - 1]) != ']') 421 return (0); 422 pat[len - 1] = '\0'; 423 ret = inet_pton(AF_INET6, pat + 1, &addr); 424 pat[len - 1] = ch; 425 return (ret == 1); 426} 427#endif 428
406/* check_host - criticize host pattern / 407* 408static int check_host(pat) 409char pat; 410{ 411* char buf[BUFSIZ]; 412 char mask; 413* int addr_count = 1; --- 30 unchanged lines hidden (view full) --- 444 check_host(cp); 445 } 446 tcpd_context = saved_context; 447 fclose(fp); 448 } else if (errno != ENOENT) { 449 tcpd_warn("open %s: %m", pat); 450 } 451 } else if (mask = split_at(pat, '/')) { /* network/netmask */	429/* check_host - criticize host pattern / 430* 431static int check_host(pat) 432char pat; 433{ 434* char buf[BUFSIZ]; 435 char mask; 436* int addr_count = 1; --- 30 unchanged lines hidden (view full) --- 467 check_host(cp); 468 } 469 tcpd_context = saved_context; 470 fclose(fp); 471 } else if (errno != ENOENT) { 472 tcpd_warn("open %s: %m", pat); 473 } 474 } else if (mask = split_at(pat, '/')) { /* network/netmask */
	475#ifdef INET6 476 int mask_len; 477 478 if ((dot_quad_addr(pat) == INADDR_NONE 479 \|\| dot_quad_addr(mask) == INADDR_NONE) 480 && (!is_inet6_addr(pat) 481 \|\| ((mask_len = atoi(mask)) < 0 \|\| mask_len > 128))) 482#else
452 if (dot_quad_addr(pat) == INADDR_NONE 453 \|\| dot_quad_addr(mask) == INADDR_NONE)	483 if (dot_quad_addr(pat) == INADDR_NONE 484 \|\| dot_quad_addr(mask) == INADDR_NONE)
	485#endif
454 tcpd_warn("%s/%s: bad net/mask pattern", pat, mask); 455 } else if (STR_EQ(pat, "FAIL")) { /* obsolete / 456* tcpd_warn("FAIL is no longer recognized"); 457 tcpd_warn("(use EXCEPT or DENY instead)"); 458 } else if (reserved_name(pat)) { /* other reserved / 459* /* void */ ;	486 tcpd_warn("%s/%s: bad net/mask pattern", pat, mask); 487 } else if (STR_EQ(pat, "FAIL")) { /* obsolete / 488* tcpd_warn("FAIL is no longer recognized"); 489 tcpd_warn("(use EXCEPT or DENY instead)"); 490 } else if (reserved_name(pat)) { /* other reserved / 491* /* void */ ;
	492#ifdef INET6 493 } else if (is_inet6_addr(pat)) { /* IPv6 address / 494* addr_count = 1; 495#endif
460 } else if (NOT_INADDR(pat)) { /* internet name / 461* if (pat[strlen(pat) - 1] == '.') { 462 tcpd_warn("%s: domain or host name ends in dot", pat); 463 } else if (pat[0] != '.') { 464 addr_count = check_dns(pat); 465 } 466 } else { /* numeric form / 467* if (STR_EQ(pat, "0.0.0.0") \|\| STR_EQ(pat, "255.255.255.255")) { --- 21 unchanged lines hidden ---	496 } else if (NOT_INADDR(pat)) { /* internet name / 497* if (pat[strlen(pat) - 1] == '.') { 498 tcpd_warn("%s: domain or host name ends in dot", pat); 499 } else if (pat[0] != '.') { 500 addr_count = check_dns(pat); 501 } 502 } else { /* numeric form / 503* if (STR_EQ(pat, "0.0.0.0") \|\| STR_EQ(pat, "255.255.255.255")) { --- 21 unchanged lines hidden ---