]>
git.ipfire.org Git - people/stevee/guardian.git/blob - modules/Config.pm
1 package Guardian
::Config
;
5 use Exporter
qw(import);
7 our @EXPORT_OK = qw(CheckConfig UseConfig);
9 # The default config file which is used, if no one has been specified.
10 my $configfile = "/etc/guardian/guardian.conf";
12 # The maximum amount of chars, which a line in the configfile is allowed to contain.
15 # Hash with default settings. They may be overwritten by settings of the config file.
18 "LogFacility" => "syslog",
20 "BlockTime" => "86400",
21 "FirewallEngine" => "none",
25 ## UseConfig configuration function.
27 ## This function does the main work. It is responsible for calling the subfunction
28 ## to read the given config file (or use the default one if none has been specified),
29 ## and push the returned object to the validate subfunction. Finally the validated
30 ## settings will be merged with the default ones (existing defaults will be overwritten).
35 # If not file has been specified, use the default one.
40 # Call subfunction to get the settings from config file.
41 # Store the options and values in a temporary hash.
42 my %temp = &ReadConfig
($file);
44 # Validate config settings.
45 my $error = &CheckConfig
(\
%temp);
47 # As long, as no error message is returned, the config is valid.
49 # Merge hash with contains the default
50 # and temporary config hash. If both hashes contains
51 # the same keys, the keys+values of the first one (%defaults)
52 # will be overwritten.
53 my %config = (%defaults, %temp);
55 # Return the final configuration hash.
58 # If an error message is returned, exit and print the error message.
60 die "Invalid configuration: $error";
65 ## ReadConfig (configfile) function.
67 ## This function is used to read a given configuration file and store the
68 ## values into a hash which will be returned.
73 # Hash to store the read-in configuration options and values.
76 # Check if the configfile exists and is read-able.
78 die "The given configfile ($file) does not exist, or is not read-able: $!";
81 # Open the config file and read-in all configuration options and values.
82 open(CONF
, "$file") or die "Could not open $file: $!";
84 # Process line by line.
85 while (my $line = <CONF
>) {
87 next if ($line =~ /\#/);
90 next if ($line =~ /^\s*$/);
92 # Remove any newlines.
95 # Check line lenght, skip it, if it is longer than, the
97 my $length = length("$line");
98 next if ($length gt $maxlength);
100 # Remove any whitespaces.
103 # Splitt line into two parts.
104 my ($option, $value) = split (/=/, $line);
106 # Add config option and value to the config hash.
107 $config{$option} = $value;
110 # Close the config file.
113 # Return the configuration hash.
118 ## The CheckConfig function.
120 ## This function is responsible to validate configure options which has
121 ## to be passed as a hash. It will return an error message which provides some
122 ## deeper details, if any problems have been detected.
124 sub CheckConfig
(\
%) {
125 # Dereference the given hash-ref and store
126 # them into a new temporary hash.
127 my %config = %{ $_[0] };
129 # If a BlockTime has been configured, check if the value is a natural number.
130 if (exists($config{BlockTime
})) {
131 # Get the configured value for "BlockTime".
132 my $value = $config{BlockTime
};
134 # Call subroutine for validation.
135 my $error = &check_number
("$value");
137 # If the check fails, immediately return an error message.
139 return "Invalid BlockTime: $error";
143 # If a BlockCount has been configured, check if the value is a natural number.
144 if (exists($config{BlockCount
})) {
145 # Get the configured value for "BlockCount".
146 my $value = $config{BlockCount
};
148 # Call subroutine for validation.
149 my $error = &check_number
("$value");
151 # If the check fails, immediately return an error message.
153 return "Invalid BlockCount: $error";
157 # Gather details about supported log levels.
158 my %supported_loglevels = &Guardian
::Logger
::GetLogLevels
();
160 # Check if the configured log level is valid.
161 unless (exists ($supported_loglevels{$config{LogLevel
}})) {
162 return "Invalid LogLevel: $config{LogLevel}";
165 # Check if an optional configured SocketOwner is valid.
166 if (exists($config{SocketOwner
})) {
167 my ($user, $group) = split(/:/, $config{SocketOwner
});
169 # Get the ID for the given user name.
170 my $uid = getpwnam($user) or return "The user $user does not exist.";
172 # Get the ID for given group name.
173 my $gid = getgrnam($group) or return "The group $group does not exist.";
176 # The config looks good, so return nothing (no error message).
181 ## The check_number subroutine.
183 ## This simple subroutine is used to check if a given string is numeric
184 ## and contains a natural number which has to be greater than zero.
186 sub check_number
($) {
189 # Check if the input is a natural number.
190 unless ($input =~ /^\d+$/) {
191 return "$input is not a natural number";
194 # Check if the number is greater than zero.
195 unless ($input gt "0") {
196 return "$input has to be greater than zero";
199 # Input is okay, return no error message (nothing).