55 	struct acl_list* acl = (struct acl_list*)calloc(1,  in acl_list_create()  local
57 	if(!acl)  in acl_list_create()
59 	acl->region = regional_create();  in acl_list_create()
60 	if(!acl->region) {  in acl_list_create()
61 		acl_list_delete(acl);  in acl_list_create()
64 	return acl;  in acl_list_create()
68 acl_list_delete(struct acl_list* acl)  in acl_list_delete()  argument
70 	if(!acl)  in acl_list_delete()
72 	regional_destroy(acl->region);  in acl_list_delete()
73 	free(acl);  in acl_list_delete()
78 acl_list_insert(struct acl_list* acl, struct sockaddr_storage* addr,  in acl_list_insert()  argument
82 	struct acl_addr* node = regional_alloc_zero(acl->region,  in acl_list_insert()
87 	if(!addr_tree_insert(&acl->tree, &node->node, addr, addrlen, net)) {  in acl_list_insert()
89 			verbose(VERB_QUERY, "duplicate acl address ignored.");  in acl_list_insert()
123 acl_list_str_cfg(struct acl_list* acl, const char* str, const char* s2,  in acl_list_str_cfg()  argument
137 	if(!acl_list_insert(acl, &addr, addrlen, net, control,  in acl_list_str_cfg()
147 acl_find_or_create_str2addr(struct acl_list* acl, const char* str,  in acl_find_or_create_str2addr()  argument
166 	if(!(node=(struct acl_addr*)addr_tree_find(&acl->tree, &addr,  in acl_find_or_create_str2addr()
170 		if(!(node=(struct acl_addr*)acl_list_insert(acl, &addr,  in acl_find_or_create_str2addr()
181 acl_find_or_create(struct acl_list* acl, struct sockaddr_storage* addr,  in acl_find_or_create()  argument
187 	if(!(node=(struct acl_addr*)addr_tree_find(&acl->tree, addr,  in acl_find_or_create()
191 		if(!(node=(struct acl_addr*)acl_list_insert(acl, addr,  in acl_find_or_create()
211 		log_err("cannot update ACL on non-configured interface: %s %d",  in acl_interface_str_cfg()
229 acl_list_tags_cfg(struct acl_list* acl, const char* str, uint8_t* bitmap,  in acl_list_tags_cfg()  argument
233 	if(!(node=acl_find_or_create_str2addr(acl, str, is_interface, port))) {  in acl_list_tags_cfg()
239 	node->taglist = regional_alloc_init(acl->region, bitmap, bitmaplen);  in acl_list_tags_cfg()
249 acl_list_view_cfg(struct acl_list* acl, const char* str, const char* str2,  in acl_list_view_cfg()  argument
253 	if(!(node=acl_find_or_create_str2addr(acl, str, is_interface, port))) {  in acl_list_view_cfg()
269 acl_list_tag_action_cfg(struct acl_list* acl, struct config_file* cfg,  in acl_list_tag_action_cfg()  argument
276 	if(!(node=acl_find_or_create_str2addr(acl, str, is_interface, port))) {  in acl_list_tag_action_cfg()
283 		node->tag_actions = (uint8_t*)regional_alloc_zero(acl->region,  in acl_list_tag_action_cfg()
362 acl_list_tag_data_cfg(struct acl_list* acl, struct config_file* cfg,  in acl_list_tag_data_cfg()  argument
369 	if(!(node=acl_find_or_create_str2addr(acl, str, is_interface, port))) {  in acl_list_tag_data_cfg()
377 			acl->region, sizeof(*node->tag_datas)*cfg->num_tags);  in acl_list_tag_data_cfg()
401 	dupdata = regional_strdup(acl->region, data);  in acl_list_tag_data_cfg()
406 	if(!cfg_region_strlist_insert(acl->region,  in acl_list_tag_data_cfg()
416 read_acl_list(struct acl_list* acl, struct config_str2list* acls)  in read_acl_list()  argument
421 		if(!acl_list_str_cfg(acl, p->str, p->str2, 1))  in read_acl_list()
427 /** read acl view config */
429 read_acl_view(struct acl_list* acl, struct config_str2list** acl_view,  in read_acl_view()  argument
436 		if(!acl_list_view_cfg(acl, p->str, p->str2, v, 0, 0)) {  in read_acl_view()
450 /** read acl tags config */
452 read_acl_tags(struct acl_list* acl, struct config_strbytelist** acl_tags)  in read_acl_tags()  argument
458 		if(!acl_list_tags_cfg(acl, p->str, p->str2, p->str2len, 0, 0)) {  in read_acl_tags()
472 /** read acl tag actions config */
474 read_acl_tag_actions(struct acl_list* acl, struct config_file* cfg,  in read_acl_tag_actions()  argument
482 		if(!acl_list_tag_action_cfg(acl, cfg, p->str, p->str2,  in read_acl_tag_actions()
498 /** read acl tag datas config */
500 read_acl_tag_datas(struct acl_list* acl, struct config_file* cfg,  in read_acl_tag_datas()  argument
508 		if(!acl_list_tag_data_cfg(acl, cfg, p->str, p->str2, p->str3,  in read_acl_tag_datas()
525 acl_list_apply_cfg(struct acl_list* acl, struct config_file* cfg,  in acl_list_apply_cfg()  argument
528 	regional_free_all(acl->region);  in acl_list_apply_cfg()
529 	addr_tree_init(&acl->tree);  in acl_list_apply_cfg()
530 	if(!read_acl_list(acl, cfg->acls))  in acl_list_apply_cfg()
532 	if(!read_acl_view(acl, &cfg->acl_view, v))  in acl_list_apply_cfg()
534 	if(!read_acl_tags(acl, &cfg->acl_tags))  in acl_list_apply_cfg()
536 	if(!read_acl_tag_actions(acl, cfg, &cfg->acl_tag_actions))  in acl_list_apply_cfg()
538 	if(!read_acl_tag_datas(acl, cfg, &cfg->acl_tag_datas))  in acl_list_apply_cfg()
542 	if(!acl_list_str_cfg(acl, "127.0.0.0/8", "allow", 0))  in acl_list_apply_cfg()
545 		if(!acl_list_str_cfg(acl, "::1", "allow", 0))  in acl_list_apply_cfg()
547 		if(!acl_list_str_cfg(acl, "::ffff:127.0.0.1", "allow", 0))  in acl_list_apply_cfg()
550 	addr_tree_init_parents(&acl->tree);  in acl_list_apply_cfg()
600 /** read acl view config for interface */
636 /** read acl tags config for interface */
671 /** read acl tag actions config for interface*/
709 /** read acl tag datas config for interface */
771 acl_get_control(struct acl_addr* acl)  in acl_get_control()  argument
773 	if(acl) return acl->control;  in acl_get_control()
778 acl_addr_lookup(struct acl_list* acl, struct sockaddr_storage* addr,  in acl_addr_lookup()  argument
781 	return (struct acl_addr*)addr_tree_lookup(&acl->tree,  in acl_addr_lookup()
786 acl_list_get_mem(struct acl_list* acl)  in acl_list_get_mem()  argument
788 	if(!acl) return 0;  in acl_list_get_mem()
789 	return sizeof(*acl) + regional_get_mem(acl->region);  in acl_list_get_mem()
792 const char* acl_access_to_str(enum acl_access acl)  in acl_access_to_str()  argument
794 	switch(acl) {  in acl_access_to_str()
809 	socklen_t addrlen, enum acl_access acl, struct acl_addr* acladdr)  in log_acl_action()  argument
820 			acl_access_to_str(acl));  in log_acl_action()