]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/acl/Arp.cc
2 * Copyright (C) 1996-2014 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 28 Access Control */
16 #include "acl/FilledChecklist.h"
19 #include "eui/Eui48.h"
21 #include "ip/Address.h"
28 return new ACLARP(*this);
31 ACLARP::ACLARP (char const *theClass
) : class_ (theClass
)
34 ACLARP::ACLARP (ACLARP
const & old
) : class_ (old
.class_
), aclArpData(old
.aclArpData
)
43 ACLARP::typeString() const
49 ACLARP::empty () const
51 return aclArpData
.empty();
54 /* ==== BEGIN ARP ACL SUPPORT ============================================= */
57 * From: dale@server.ctam.bitmcnit.bryansk.su (Dale)
58 * To: wessels@nlanr.net
59 * Subject: Another Squid patch... :)
60 * Date: Thu, 04 Dec 1997 19:55:01 +0300
61 * ============================================================================
63 * Working on setting up a proper firewall for a network containing some
64 * Win'95 computers at our Univ, I've discovered that some smart students
65 * avoid the restrictions easily just changing their IP addresses in Win'95
66 * Contol Panel... It has been getting boring, so I took Squid-1.1.18
67 * sources and added a new acl type for hard-wired access control:
69 * acl <name> arp <Ethernet address> ...
73 * acl students arp 00:00:21:55:ed:22 00:00:21:ff:55:38
75 * NOTE: Linux code by David Luyer <luyer@ucs.uwa.edu.au>.
76 * Original (BSD-specific) code no longer works.
77 * Solaris code by R. Gancarz <radekg@solaris.elektrownia-lagisza.com.pl>
81 aclParseArpData(const char *t
)
84 Eui::Eui48
*q
= new Eui::Eui48
;
85 debugs(28, 5, "aclParseArpData: " << t
);
87 if (sscanf(t
, "%[0-9a-fA-F:]", buf
) != 1) {
88 debugs(28, DBG_CRITICAL
, "aclParseArpData: Bad ethernet address: '" << t
<< "'");
93 if (!q
->decode(buf
)) {
94 debugs(28, DBG_CRITICAL
, "" << cfg_filename
<< " line " << config_lineno
<< ": " << config_input_line
);
95 debugs(28, DBG_CRITICAL
, "aclParseArpData: Ignoring invalid ARP acl entry: can't parse '" << buf
<< "'");
103 /*******************/
104 /* aclParseArpList */
105 /*******************/
110 Eui::Eui48
*q
= NULL
;
112 while ((t
= strtokFile())) {
113 if ((q
= aclParseArpData(t
)) == NULL
)
116 aclArpData
.insert(*q
);
123 ACLARP::match(ACLChecklist
*cl
)
125 ACLFilledChecklist
*checklist
= Filled(cl
);
127 /* IPv6 does not do ARP */
128 if (!checklist
->src_addr
.isIPv4()) {
129 debugs(14, 3, "ACLARP::match: IPv4 Required for ARP Lookups. Skipping " << checklist
->src_addr
);
133 Eui::Eui48 lookingFor
;
134 lookingFor
.lookup(checklist
->src_addr
);
135 return (aclArpData
.find(lookingFor
) != aclArpData
.end());
142 for (auto i
= aclArpData
.cbegin(); i
!= aclArpData
.cend(); ++i
) {
145 sl
.push_back(SBuf(buf
));
150 /* ==== END ARP ACL SUPPORT =============================================== */
152 #endif /* USE_SQUID_EUI */