Browse Source

* refactor jail flags and statefile handling

master
Alex 'AdUser' Z 4 years ago
parent
commit
e9f6b82d14
  1. 38
      src/jail.c
  2. 11
      src/jail.h

38
src/jail.c

@ -136,6 +136,10 @@ f2b_jail_apply_config(f2b_jail_t *jail, f2b_config_section_t *section) {
assert(section->type == t_jail || section->type == t_defaults); assert(section->type == t_jail || section->type == t_defaults);
for (param = section->param; param != NULL; param = param->next) { for (param = section->param; param != NULL; param = param->next) {
if (strcmp(param->name, "state") == 0) {
jail->flags |= JAIL_HAS_STATE;
continue;
}
if (strcmp(param->name, "source") == 0) { if (strcmp(param->name, "source") == 0) {
f2b_jail_parse_compound_value(param->value, name, init); f2b_jail_parse_compound_value(param->value, name, init);
jail->source = f2b_source_create(name, init); jail->source = f2b_source_create(name, init);
@ -151,6 +155,7 @@ f2b_jail_apply_config(f2b_jail_t *jail, f2b_config_section_t *section) {
if (strcmp(param->name, "backend") == 0) { if (strcmp(param->name, "backend") == 0) {
f2b_jail_parse_compound_value(param->value, name, init); f2b_jail_parse_compound_value(param->value, name, init);
jail->backend = f2b_backend_create(name, init); jail->backend = f2b_backend_create(name, init);
jail->flags |= JAIL_HAS_BACKEND;
continue; continue;
} }
if (f2b_jail_set_param(jail, param->name, param->value)) if (f2b_jail_set_param(jail, param->name, param->value))
@ -405,6 +410,14 @@ f2b_jail_init(f2b_jail_t *jail, f2b_config_t *config) {
assert(jail != NULL); assert(jail != NULL);
assert(config != NULL); assert(config != NULL);
if (jail->flags & JAIL_HAS_STATE) {
jail->sfile = f2b_statefile_create(appconfig.statedir_path, jail->name);
if (jail->sfile == NULL) {
f2b_log_msg(log_debug, "jail '%s': can't create statefile", jail->name);
goto cleanup0;
}
}
if (jail->flags & JAIL_HAS_SOURCE) { if (jail->flags & JAIL_HAS_SOURCE) {
if ((section = f2b_config_section_find(config->sources, jail->source->name)) == NULL) { if ((section = f2b_config_section_find(config->sources, jail->source->name)) == NULL) {
f2b_log_msg(log_error, "jail '%s': no source with name '%s'", jail->name, jail->source->name); f2b_log_msg(log_error, "jail '%s': no source with name '%s'", jail->name, jail->source->name);
@ -454,6 +467,7 @@ f2b_jail_init(f2b_jail_t *jail, f2b_config_t *config) {
goto cleanup3; goto cleanup3;
} }
jail->flags |= JAIL_CONFIGURED;
f2b_log_msg(log_debug, "jail '%s' init complete", jail->name); f2b_log_msg(log_debug, "jail '%s' init complete", jail->name);
return true; return true;
@ -473,6 +487,7 @@ f2b_jail_init(f2b_jail_t *jail, f2b_config_t *config) {
f2b_source_destroy(jail->source); f2b_source_destroy(jail->source);
jail->source = NULL; jail->source = NULL;
} }
cleanup0:
return false; return false;
} }
@ -484,15 +499,8 @@ f2b_jail_start(f2b_jail_t *jail) {
assert(jail != NULL); assert(jail != NULL);
if (jail->flags & JAIL_HAS_STATE) { if (jail->flags & JAIL_HAS_STATE)
jail->sfile = f2b_statefile_create(appconfig.statedir_path, jail->name);
if (jail->sfile == NULL) {
/* error occured, must be already logged, just drop flag */
jail->flags &= ~JAIL_HAS_STATE;
} else {
jail->ipaddrs = f2b_statefile_load(jail->sfile); jail->ipaddrs = f2b_statefile_load(jail->sfile);
}
}
for (f2b_ipaddr_t *addr = jail->ipaddrs; addr != NULL; addr = addr->next) { for (f2b_ipaddr_t *addr = jail->ipaddrs; addr != NULL; addr = addr->next) {
hostc++; hostc++;
@ -527,13 +535,17 @@ f2b_jail_stop(f2b_jail_t *jail) {
f2b_log_msg(log_info, "jail '%s': gracefull shutdown", jail->name); f2b_log_msg(log_info, "jail '%s': gracefull shutdown", jail->name);
if (jail->flags & JAIL_HAS_SOURCE) {
if (!f2b_source_stop(jail->source)) { if (!f2b_source_stop(jail->source)) {
f2b_log_msg(log_error, "jail '%s': action 'stop' for source failed", jail->name); f2b_log_msg(log_error, "jail '%s': action 'stop' for source failed", jail->name);
errors = true; errors = true;
} }
f2b_source_destroy(jail->source); f2b_source_destroy(jail->source);
}
if (jail->flags & JAIL_HAS_FILTER) {
f2b_filter_destroy(jail->filter); f2b_filter_destroy(jail->filter);
}
for (f2b_ipaddr_t *addr = jail->ipaddrs; addr != NULL; addr = addr->next) { for (f2b_ipaddr_t *addr = jail->ipaddrs; addr != NULL; addr = addr->next) {
if (!addr->banned) if (!addr->banned)
@ -544,11 +556,19 @@ f2b_jail_stop(f2b_jail_t *jail) {
} }
f2b_addrlist_destroy(jail->ipaddrs); f2b_addrlist_destroy(jail->ipaddrs);
if (jail->flags & JAIL_HAS_BACKEND) {
if (!f2b_backend_stop(jail->backend)) { if (!f2b_backend_stop(jail->backend)) {
f2b_log_msg(log_error, "jail '%s': action 'stop' for backend failed", jail->name); f2b_log_msg(log_error, "jail '%s': action 'stop' for backend failed", jail->name);
errors = true; errors = true;
} }
f2b_backend_destroy(jail->backend);
}
if (jail->flags & JAIL_HAS_STATE) {
f2b_statefile_destroy(jail->sfile);
}
jail->flags &= ~JAIL_CONFIGURED;
return errors; return errors;
} }

11
src/jail.h

@ -13,10 +13,13 @@
*/ */
/* jail flags */ /* jail flags */
#define JAIL_ENABLED 0x01 #define JAIL_CONFIGURED 1 /* loaded all modules */
#define JAIL_HAS_STATE 0x02 #define JAIL_ENABLED 2 /* poll for new events? */
#define JAIL_HAS_FILTER 0x04 /* reserved : 4 */
#define JAIL_HAS_SOURCE 0x08 #define JAIL_HAS_STATE 8
#define JAIL_HAS_SOURCE 16
#define JAIL_HAS_FILTER 32
#define JAIL_HAS_BACKEND 64
/** jail metadata struct */ /** jail metadata struct */
typedef struct f2b_jail_t { typedef struct f2b_jail_t {

Loading…
Cancel
Save