NetBSD/dist/ipf/samples/userauth.c

60 lines
1.4 KiB
C

/* $NetBSD: userauth.c,v 1.1.1.1 1999/12/11 22:24:12 veego Exp $ */
#include <sys/types.h>
#include <sys/socket.h>
#include <fcntl.h>
#include <sys/ioctl.h>
#include <stdio.h>
#include <stdlib.h>
#include <netinet/in.h>
#include <net/if.h>
#include "ip_compat.h"
#include "ip_fil.h"
#include "ip_auth.h"
extern int errno;
main()
{
struct frauth fra;
fr_info_t *fin = &fra.fra_info;
fr_ip_t *fi = &fin->fin_fi;
char yn[16];
int fd;
fd = open(IPL_NAME, O_RDWR);
while (ioctl(fd, SIOCAUTHW, &fra) == 0) {
if (fra.fra_info.fin_out)
fra.fra_pass = FR_OUTQUE;
else
fra.fra_pass = FR_INQUE;
printf("%s ", inet_ntoa(fi->fi_src));
if (fi->fi_fl & FI_TCPUDP)
printf("port %d ", fin->fin_data[0]);
printf("-> %s ", inet_ntoa(fi->fi_dst));
if (fi->fi_fl & FI_TCPUDP)
printf("port %d ", fin->fin_data[1]);
printf("\n");
printf("Allow packet through ? [y/n]");
fflush(stdout);
if (!fgets(yn, sizeof(yn), stdin))
break;
fflush(stdin);
if (yn[0] == 'n' || yn[0] == 'N')
fra.fra_pass |= FR_BLOCK;
else if (yn[0] == 'y' || yn[0] == 'Y') {
fra.fra_pass |= FR_PASS;
if (fra.fra_info.fin_fi.fi_fl & FI_TCPUDP)
fra.fra_pass |= FR_KEEPSTATE;
} else
fra.fra_pass |= FR_NOMATCH;
printf("answer = %c (%x), id %d idx %d\n", yn[0],
fra.fra_pass, fra.fra_info.fin_id, fra.fra_index);
if (ioctl(fd, SIOCAUTHR, &fra) != 0)
perror("SIOCAUTHR");
}
fprintf(stderr, "errno=%d \n", errno);
perror("frauth-SIOCAUTHW");
}