Go to the source code of this file.
Typedefs | |
| typedef enum _t_fw_marks | t_fw_marks |
Enumerations | |
| enum | _t_fw_marks { FW_MARK_PROBATION = 1, FW_MARK_KNOWN = 2, FW_MARK_LOCKED = 254 } |
Functions | |
| int | fw_init (void) |
| Initialize the firewall. | |
| void | fw_clear_authservers (void) |
| Clears the authservers list. | |
| void | fw_set_authservers (void) |
| Sets the authservers list. | |
| int | fw_destroy (void) |
| Destroy the firewall. | |
| int | fw_allow (char *ip, char *mac, int profile) |
| Allow a user through the firewall. | |
| int | fw_deny (char *ip, char *mac, int profile) |
| Deny a client access through the firewall. | |
| void | fw_sync_with_authserver (void) |
| Refreshes the entire client list. | |
| char * | arp_get (char *req_ip) |
| Get an IP's MAC address from the ARP cache. | |
| void | icmp_ping (char *host) |
| ICMP Ping an IP. | |
| unsigned short | rand16 (void) |
| cheap random | |
Variables | |
| int | icmp_fd |
Definition in file firewall.h.
| typedef enum _t_fw_marks t_fw_marks |
Used by fw_iptables.c
| enum _t_fw_marks |
Used by fw_iptables.c
| FW_MARK_PROBATION |
The client is in probation period and must be authenticated.
|
| FW_MARK_KNOWN | The client is known to the firewall. |
| FW_MARK_LOCKED | The client has been locked out. |
Definition at line 33 of file firewall.h.
| char* arp_get | ( | char * | req_ip | ) |
Get an IP's MAC address from the ARP cache.
Get an IP's MAC address from the ARP cache. Go through all the entries in /proc/net/arp until we find the requested IP address and return the MAC address bound to it.
Definition at line 122 of file firewall.c.
References safe_strdup().
| int fw_allow | ( | char * | ip, | |
| char * | mac, | |||
| int | fw_connection_state | |||
| ) |
Allow a user through the firewall.
Allow a client access through the firewall by adding a rule in the firewall to MARK the user's packets with the proper rule by providing his IP and MAC address
| ip | IP address to allow | |
| mac | MAC address to allow | |
| fw_connection_state | fw_connection_state Tag |
Definition at line 92 of file firewall.c.
References debug, and FW_ACCESS_ALLOW.
| void fw_clear_authservers | ( | void | ) |
Clears the authservers list.
Remove all auth server firewall whitelist rules
Definition at line 189 of file firewall.c.
References debug.
| int fw_deny | ( | char * | ip, | |
| char * | mac, | |||
| int | fw_connection_state | |||
| ) |
Deny a client access through the firewall.
Deny a client access through the firewall.
| ip | IP address to deny | |
| mac | MAC address to deny | |
| fw_connection_state | fw_connection_state Tag |
Definition at line 107 of file firewall.c.
References debug, and FW_ACCESS_DENY.
| int fw_destroy | ( | void | ) |
Destroy the firewall.
Remove the firewall rules This is used when we do a clean shutdown of WiFiDog.
Definition at line 209 of file firewall.c.
| int fw_init | ( | void | ) |
Initialize the firewall.
Initialize the firewall rules
Definition at line 153 of file firewall.c.
References client_get_first_client(), debug, t_client::fw_connection_state, icmp_fd, t_client::ip, LOCK_CLIENT_LIST, t_client::mac, t_client::next, restart_orig_pid, and UNLOCK_CLIENT_LIST.
| void fw_set_authservers | ( | void | ) |
Sets the authservers list.
Add the necessary firewall rules to whitelist the authservers
Definition at line 198 of file firewall.c.
References debug.
| void fw_sync_with_authserver | ( | void | ) |
Refreshes the entire client list.
Probably a misnomer, this function actually refreshes the entire client list's traffic counter, re-authenticates every client with the central server and update's the central servers traffic counters and notifies it if a client has logged-out.
Definition at line 224 of file firewall.c.
References AUTH_ALLOWED, AUTH_DENIED, AUTH_ERROR, auth_server_request(), s_config::auth_servers, AUTH_VALIDATION, AUTH_VALIDATION_FAILED, t_authresponse::authcode, s_config::checkinterval, client_get_first_client(), client_list_delete(), client_list_find(), s_config::clienttimeout, config, config_get_config(), t_client::counters, debug, t_client::fw_connection_state, FW_MARK_KNOWN, FW_MARK_PROBATION, t_counters::incoming, t_client::ip, t_counters::last_updated, LOCK_CLIENT_LIST, t_client::mac, t_client::next, t_counters::outgoing, REQUEST_TYPE_COUNTERS, REQUEST_TYPE_LOGOUT, safe_strdup(), t_client::token, and UNLOCK_CLIENT_LIST.
| void icmp_ping | ( | char * | host | ) |
| unsigned short rand16 | ( | void | ) |
1.5.3