1159248Srwatson/*- 2159248Srwatson * Copyright (c) 2006 Robert N. M. Watson 3159248Srwatson * All rights reserved. 4159248Srwatson * 5159248Srwatson * This software was developed by Robert Watson for the TrustedBSD Project. 6159248Srwatson * 7159248Srwatson * Redistribution and use in source and binary forms, with or without 8159248Srwatson * modification, are permitted provided that the following conditions 9159248Srwatson * are met: 10159248Srwatson * 1. Redistributions of source code must retain the above copyright 11159248Srwatson * notice, this list of conditions and the following disclaimer. 12159248Srwatson * 2. Redistributions in binary form must reproduce the above copyright 13159248Srwatson * notice, this list of conditions and the following disclaimer in the 14159248Srwatson * documentation and/or other materials provided with the distribution. 15159248Srwatson * 16159248Srwatson * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 17159248Srwatson * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18159248Srwatson * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19159248Srwatson * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 20159248Srwatson * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21159248Srwatson * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22159248Srwatson * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23159248Srwatson * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24159248Srwatson * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25159248Srwatson * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26159248Srwatson * SUCH DAMAGE. 27159248Srwatson */ 28159248Srwatson 29159248Srwatson#define AUDITFILTERD_CONFFILE "/etc/security/audit_filter" 30159248Srwatson#define AUDITFILTERD_PIPEFILE "/dev/auditpipe" 31159248Srwatson 32159248Srwatson/* 33159248Srwatson * Limit on the number of arguments that can appear in an audit_filterd 34159248Srwatson * configuration line. 35159248Srwatson */ 36159248Srwatson#define AUDITFILTERD_CONF_MAXARGS 256 37159248Srwatson 38159248Srwatson/* 39159248Srwatson * Data structure description each instantiated module. 40159248Srwatson */ 41159248Srwatsonstruct auditfilter_module { 42159248Srwatson /* 43159248Srwatson * Fields from configuration file and dynamic linker. 44159248Srwatson */ 45159248Srwatson char *am_modulename; 46159248Srwatson char *am_arg_buffer; 47159248Srwatson int am_argc; 48159248Srwatson char **am_argv; 49159248Srwatson void *am_dlhandle; 50159248Srwatson 51159248Srwatson /* 52159248Srwatson * Fields provided by or extracted from the module. 53159248Srwatson */ 54161630Srwatson void *am_cookie; 55159248Srwatson audit_filter_attach_t am_attach; 56159248Srwatson audit_filter_reinit_t am_reinit; 57159248Srwatson audit_filter_record_t am_record; 58161630Srwatson audit_filter_rawrecord_t am_rawrecord; 59159248Srwatson audit_filter_detach_t am_detach; 60159248Srwatson 61159248Srwatson /* 62159248Srwatson * Fields for maintaining the list of modules. 63159248Srwatson */ 64159248Srwatson TAILQ_ENTRY(auditfilter_module) am_list; 65159248Srwatson}; 66159248SrwatsonTAILQ_HEAD(auditfilter_module_list, auditfilter_module); 67159248Srwatson 68159248Srwatson/* 69159248Srwatson * List of currently registered modules. 70159248Srwatson */ 71159248Srwatsonextern struct auditfilter_module_list filter_list; 72159248Srwatson 73159248Srwatson/* 74159248Srwatson * Function definitions. 75159248Srwatson */ 76159248Srwatsonint auditfilterd_conf(const char *filename, FILE *fp); 77159248Srwatsonvoid auditfilterd_conf_shutdown(void); 78