OK I will try to put the essential code:
This is the C++ methods that parse the command linea and call the execution of the operation:
To notice the while 1 in the down part of code
If I cancel the while programs works well!If I leave the while : the firse cycle goes well the second segementation fault when do_iptables try to to inizialise the table with iptc_init(tablename)
Code:
void Parser_d::parse() //PARSING
{
isUp_struct param;
optind = 1; // essenziale: altrimenti getopt funziona solo per il primo parser
int c;
bool exec = false;
while (1) {
int option_index = 0;
static struct option long_options[] = {
{"daemon",0,0,'d'},
{"ipman",1,0,0},
{"onport",0,0,0},
{0, 0, 0, 0}
};
c = getopt_long (arg_number, arguments, ":d0",
long_options, &option_index);
if (c == -1)
break;
switch (c) {
case 0:
if (strncmp (long_options[option_index].name,"ipman",5) ==0) {
param.ip=optarg;
}
if (strncmp (long_options[option_index].name,"onport",6) ==0) //disattivata , per ora è 40004
param.port_to = atoi( optarg);
break;
case 'd':
exec = true;
break;
default:
{}
}
}
bool par = false;
param.port_to = 40004;
par = oper ->setParam( ¶m); //se i parametri non sono validi deve ritornare false
if (exec == true && par == true ) {
while(1) oper ->execute(); // attiva il processo deamon che ascolta per le richieste del server e risponde
}
}
This is the body of oper->execute: it's wait on the socket udp and than execut the do_iptables command who is the function riadapted of iptables-restore.c
Code:
void Operazione_ascolta::execute() //attende un messaggio dal manager e ritorna la tabella di routing
{
printf ("Waiting for request... \n");
/*
* quando gli risponde
* stampa la risposta e invia la tabella di routing
* in par -> ip c'e' l'ip del manager
* la porta su cui rispondere al manager è fissa: 40004
*/
command_hdr *risposta;
risposta = (command_hdr *) pm->waitMessage (par->ip);
int cmd_id ;
int *l;
l = (int *)risposta;
int lenght = (*(l+1));
cmd_id = risposta->cmd_id;
unsigned char * query = new unsigned char (lenght);
unsigned char * tmp_payload = (unsigned char * )risposta ;
tmp_payload += sizeof ( command_hdr) ; //point to the string payload
memcpy ( query, tmp_payload,lenght);
printf("%s", query);
printf ("\nArrivata Richiesta: \ncmd_id = \t%d \nlenght = \t%d \npayload = \t%s\n", cmd_id, lenght ,query); /// è bloccante
int lun = strlen((const char *)query);
do_iptables(query, lun );
char * mess = "iptables ricevuto";
pm->setPayload((unsigned char *)mess,strlen(mess));
pm->setHeader(2);
pm->buildPacket(); //! cipher
pm->send(par->ip,40004);
}
Thi is the code adaptdr from iptables-restore.c to take a string and do the command:
Code:
void do_iptables(unsigned char * stringa, int lenght)
{
iptc_handle_t handle = NULL;
char buffer[10240];
int c;
char curtable[IPT_TABLE_MAXNAMELEN + 1];
FILE *in;
const char *modprobe = 0;
int in_table = 0, testing = 0;
program_name = "iptables-restore";
program_version = IPTABLES_VERSION;
line = 0;
lib_dir = getenv("IPTABLES_LIB_DIR");
if (!lib_dir)
lib_dir = IPT_LIB_DIR;
const char * s = getString(stringa , lenght);
printf("stringa da passare a iptabels resotre= %s",s);
printf("\n");
char * table = "filter";
strncpy(curtable, table, IPT_TABLE_MAXNAMELEN);
curtable[IPT_TABLE_MAXNAMELEN] = '\0';
if (handle)
iptc_free(&handle);
handle = create_handle(table, modprobe);
int ret = 1;
in_table = 1;
int a;
char *ptr = s;
char *pcnt = NULL;
char *bcnt = NULL;
char *parsestart;
/* the parser */
char *param_start, *curchar;
int quote_open;
/* reset the newargv */
newargc = 0;
/* start command parsing at start of line */
parsestart = s;
add_argv("./iptables-restore");
add_argv("-t");
add_argv((char *) &curtable);
/* After fighting with strtok enough, here's now
* a 'real' parser. According to Rusty I'm now no
* longer a real hacker, but I can live with that */
quote_open = 0;
param_start = parsestart;
for (curchar = parsestart; *curchar; curchar++) {
if (*curchar == '"') {
/* quote_open cannot be true if there
* was no previous character. Thus,
* curchar-1 has to be within bounds */
if (quote_open &&
*(curchar-1) != '\\') {
quote_open = 0;
*curchar = ' ';
} else {
quote_open = 1;
param_start++;
}
}
if (*curchar == ' '
|| *curchar == '\t'
|| * curchar == '\n') {
char param_buffer[1024];
int param_len = curchar-param_start;
if (quote_open)
continue;
if (!param_len) {
/* two spaces? */
param_start++;
continue;
}
/* end of one parameter */
strncpy(param_buffer, param_start,
param_len);
*(param_buffer+param_len) = '\0';
/* check if table name specified */
if (!strncmp(param_buffer, "-t", 3)
|| !strncmp(param_buffer, "--table", 8)) {
exit_error(PARAMETER_PROBLEM,
"Line %u seems to have a "
"-t table option.\n", line);
exit(1);
}
add_argv(param_buffer);
param_start += param_len + 1;
} else {
/* regular character, skip */
}
}
ret = do_command(newargc, newargv,
&newargv[2], &handle);
free_argv();
ret = iptc_commit(&handle);
}
Bookmarks