* Improve CNAME reporting to use original (alias) names. This seems the most normal and intuitive. * CLI interface improvements (cli.*): - help message - gripe about invalid switches. - return exit code 1 in iptraffic for invalid configuration. * Expand Makefile * Update DPAKmaster
@@ -1,16 +1,29 @@ | |||||
O=-s | |||||
# cm-20220225 testing controlpanel messages with symbols left in | |||||
#O=-s | |||||
### Program Targets ### | ### Program Targets ### | ||||
.PHONY: all controlpanel/trafficctrl | |||||
all: iptraffic trafficmon/badtrafficrpt trafficmon/dnsblacklist trafficmon/domblacklist trafficmon/trafficmon controlpanel/trafficctrl | |||||
controlpanel/trafficctrl: | |||||
cd controlpanel && make trafficctrl | |||||
iptraffic: iptraffic.cpp strutil.o data.o config.o cli.o miniini.o | iptraffic: iptraffic.cpp strutil.o data.o config.o cli.o miniini.o | ||||
g++ $O -o $@ $@.cpp strutil.o data.o config.o cli.o miniini.o | g++ $O -o $@ $@.cpp strutil.o data.o config.o cli.o miniini.o | ||||
trafficmon/trafficmon: trafficmon/trafficmon.cpp strutil.o data.o config.o cli.o miniini.o | |||||
g++ $O -o $@ $@.cpp strutil.o data.o config.o cli.o miniini.o -lcppdb | |||||
trafficmon/badtrafficrpt: trafficmon/badtrafficrpt.cpp cli.o miniini.o strutil.o trafficmon/appbase.o | |||||
g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||||
trafficmon/dnsblacklist: trafficmon/dnsblacklist.cpp cli.o miniini.o strutil.o trafficmon/appbase.o | |||||
g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||||
trafficmon/badtrafficrpt: trafficmon/badtrafficrpt.cpp cli.o miniini.o strutil.o | |||||
g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o -lcppdb | |||||
trafficmon/domblacklist: trafficmon/domblacklist.cpp cli.o miniini.o strutil.o trafficmon/appbase.o | |||||
g++ $O -o $@ $@.cpp strutil.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||||
trafficmon/trafficmon: trafficmon/trafficmon.cpp strutil.o data.o config.o cli.o miniini.o trafficmon/appbase.o | |||||
g++ $O -o $@ $@.cpp strutil.o data.o config.o cli.o miniini.o trafficmon/appbase.o -lcppdb | |||||
@@ -31,14 +44,17 @@ miniini.o: miniini.cpp miniini.h strutil.o | |||||
strutil.o: strutil.cpp strutil.h | strutil.o: strutil.cpp strutil.h | ||||
g++ $O -c -o $@ strutil.cpp | g++ $O -c -o $@ strutil.cpp | ||||
trafficmon/appbase.o: trafficmon/appbase.cpp trafficmon/appbase.h cli.o miniini.o | |||||
g++ $O -c -o $@ trafficmon/appbase.cpp | |||||
### Source Maintenance ### | ### Source Maintenance ### | ||||
.PHONY: clean distclean | .PHONY: clean distclean | ||||
clean: | clean: | ||||
rm *.o || true | |||||
rm *.o */*.o || true | |||||
distclean: clean | distclean: clean | ||||
rm iptraffic trafficmon/trafficmon trafficmon/badtrafficrpt || true | |||||
rm iptraffic trafficmon/trafficmon trafficmon/badtrafficrpt trafficmon/dnsblacklist trafficmon/domblacklist || true | |||||
rm *.deb || true | rm *.deb || true | ||||
cd controlpanel && make distclean | cd controlpanel && make distclean |
@@ -26,6 +26,12 @@ cBaseApp &cBaseApp::init(int argc, char **argv) { | |||||
unsigned cBaseApp::do_switch(const char *arg) { | |||||
throw CLIerror("Invalid switch '"+std::string(arg)+"'"); | |||||
} | |||||
int cBaseApp::main() { | int cBaseApp::main() { | ||||
int i, ct; | int i, ct; | ||||
char *p; | char *p; | ||||
@@ -68,6 +74,15 @@ int cBaseApp::main() { | |||||
int cBaseApp::help() { | |||||
std::cerr << | |||||
"Invalid command line arguments and the developer didn't provide any help." | |||||
<< std::endl; | |||||
return ExitCode = 1; | |||||
} | |||||
int cBaseApp::crash(const std::exception &e) { | int cBaseApp::crash(const std::exception &e) { | ||||
std::cerr << "Application crashed: " << e.what() << std::endl; | std::cerr << "Application crashed: " << e.what() << std::endl; | ||||
return 216; // just a weird number hopefully not conflicting with anything else. | return 216; // just a weird number hopefully not conflicting with anything else. | ||||
@@ -93,7 +93,7 @@ struct cBaseApp { | |||||
// | // | ||||
// how many args needed for val | // how many args needed for val | ||||
virtual unsigned do_switch(const char *arg) { return 0; } | |||||
virtual unsigned do_switch(const char *arg); | |||||
// proccess a val for switch | // proccess a val for switch | ||||
virtual void do_switch_arg(const char *sw, const std::string &val) { } | virtual void do_switch_arg(const char *sw, const std::string &val) { } | ||||
// process a non-switch arg. | // process a non-switch arg. | ||||
@@ -127,6 +127,16 @@ struct cBaseApp { | |||||
virtual int main(); | virtual int main(); | ||||
/// Provide help text for CLI arg parse errors | |||||
// | |||||
// This is intended to show a command line help message on the terminal | |||||
// about what the proper CLI syntax is. The return is the desired exit | |||||
// code. The default is 1. This implementation will provide the app meta | |||||
// data, if present. This simplified method is used so an exception is | |||||
// not required to call it. | |||||
virtual int help(); | |||||
/// Catch exceptions /// | /// Catch exceptions /// | ||||
// | // | ||||
// This is called by the boiler plate main() (see bottom) when an excpetion | // This is called by the boiler plate main() (see bottom) when an excpetion | ||||
@@ -211,12 +211,40 @@ bool LogAnalyzer::line(const std::string &in) { | |||||
/// DNS query result /// | /// DNS query result /// | ||||
// TODO: need to get more specific on tying us + them + time to DNS | // TODO: need to get more specific on tying us + them + time to DNS | ||||
// TODO: doesn't seem that CNAMEs are getting attached to requests properly. | |||||
// the logs are cryptic on this front. | |||||
if(ln.count>8 && strncmp(ln.fields[4], "dnsmasq[", 8)==0) { | if(ln.count>8 && strncmp(ln.fields[4], "dnsmasq[", 8)==0) { | ||||
if(ln[5]=="reply" || ln[5]=="cached") { | if(ln[5]=="reply" || ln[5]=="cached") { | ||||
name = ln[6]; | name = ln[6]; | ||||
address = ln[8]; | address = ln[8]; | ||||
/* NOTE: CNAME resolution seems to follow this order in logs: | |||||
1. A result line (reply/cached) with an address of <CNAME> | |||||
2. One or more consecutive result lines for the canonical name | |||||
Looking over the logs it doesn't appear that dnsmasq will log | |||||
anything between the original and CNAME resolutions. The exception | |||||
is if a CNAME record is cached and it has to resolve what it | |||||
points to. In this case there would be a "cached" and then a | |||||
"forwarded" record eventually followed by "reply ... <CNAME>". | |||||
In that case we want to operate on the reply. | |||||
*/ | |||||
/* record we're handling a CNAME cycle */ | |||||
if(address=="<CNAME>") { | |||||
alias = name; | |||||
cname = ""; | |||||
return 0; | |||||
} | |||||
/* If in cname _mode_: */ | |||||
if(alias!="") { | |||||
if(cname=="") { | |||||
cname = name; /* This is our target name */ | |||||
name = alias; /* substitute the alias */ | |||||
} else if(cname==name) { | |||||
name = alias; /* substitute the alias */ | |||||
} else { | |||||
cname = ""; /* These are different records reset */ | |||||
name = ""; | |||||
} | |||||
} | |||||
// Hmm... is this reply an address? | // Hmm... is this reply an address? | ||||
if(pre_match(dns_ignore, address)) return 0; // nope | if(pre_match(dns_ignore, address)) return 0; // nope | ||||
if(pre_match(dns_del, address)) return 0; // does not exist reply | if(pre_match(dns_del, address)) return 0; // does not exist reply | ||||
@@ -227,6 +255,9 @@ bool LogAnalyzer::line(const std::string &in) { | |||||
rdns[address] = name; | rdns[address] = name; | ||||
//dlog("Added "+address+" = "+name); | //dlog("Added "+address+" = "+name); | ||||
return 0; | return 0; | ||||
} else if(alias!="") { | |||||
alias = ""; /* we've fallen out of CNAME resolution. */ | |||||
cname = ""; | |||||
} | } | ||||
} | } | ||||
@@ -101,6 +101,8 @@ struct LogAnalyzer { | |||||
NameVal rdns; // Reverse DNS lookup cache | NameVal rdns; // Reverse DNS lookup cache | ||||
Conn conn; // Last connection worked on | Conn conn; // Last connection worked on | ||||
Splits ln; // Work buffer for line processing | Splits ln; // Work buffer for line processing | ||||
std::string alias; // The name requiring CNAME resolution | |||||
std::string cname; // The cname alias was pointing to. | |||||
LogAnalyzer(); | LogAnalyzer(); | ||||
// Process a log line. Returns "true" if it were a netfilter entry. | // Process a log line. Returns "true" if it were a netfilter entry. | ||||
@@ -78,11 +78,11 @@ struct IPtraffic: public cBaseApp { | |||||
// TODO: elaborate | // TODO: elaborate | ||||
void help() { | |||||
int help() { | |||||
cerr << | cerr << | ||||
"\n" | "\n" | ||||
"iptraffic -c {config file} [-o {output file}] [{input file} [...]]\n"; | "iptraffic -c {config file} [-o {output file}] [{input file} [...]]\n"; | ||||
ExitCode = 1; | |||||
return ExitCode = 1; | |||||
} | } | ||||
@@ -149,7 +149,7 @@ struct IPtraffic: public cBaseApp { | |||||
} | } | ||||
} | } | ||||
*out << flush; // make sure all data gets written. | *out << flush; // make sure all data gets written. | ||||
cerr << "\nLines: " << line_no | |||||
cerr << "Lines: " << line_no | |||||
<< "\nIgnored: " << ict | << "\nIgnored: " << ict | ||||
<< "\nTotal rDNS: " << analyze.rdns.size() << endl; | << "\nTotal rDNS: " << analyze.rdns.size() << endl; | ||||
return 0; | return 0; | ||||
@@ -13,6 +13,36 @@ Copyright: . | |||||
Origin: JFP | Origin: JFP | ||||
Packaged-For: JF Possibilities, Inc. | Packaged-For: JF Possibilities, Inc. | ||||
changelog: | changelog: | ||||
(0.6-1j) unstable; urgency=low | |||||
. | |||||
** This is an alpha release ** | |||||
. | |||||
* Change handling of CNAMEs to report the originally requested name. | |||||
. | |||||
-- Jon Foster <jon@jfpossibilities.com> Mon, 21 Mar 2022 14:56:19 -0700 | |||||
. | |||||
(0.5-2j) unstable; urgency=low | |||||
. | |||||
** This is an alpha release ** | |||||
. | |||||
This is primarily a bug fix and testing release. | |||||
. | |||||
* Leave symbols in bins to see how C++CMS reports errors. | |||||
* Don't allow "*." or "*" in the wild card entry field. It breaks | |||||
stuff! | |||||
. | |||||
-- Jon Foster <jon@jfpossibilities.com> Mon, 03 Jan 2022 14:22:30 -0800 | |||||
. | |||||
(0.5-1j) unstable; urgency=low | |||||
. | |||||
** This is an alpha release ** | |||||
. | |||||
* Minor internal restructuring of CLI apps. | |||||
* *NEW* domblacklist tool to make DNSmasq whole domain blocks. | |||||
* Also added the iptraffic log CLI log analyzer | |||||
. | |||||
-- Jon Foster <jon@jfpossibilities.com> Mon, 03 Jan 2022 14:22:30 -0800 | |||||
. | |||||
(0.4-3j) unstable; urgency=low | (0.4-3j) unstable; urgency=low | ||||
. | . | ||||
** This is an alpha release ** | ** This is an alpha release ** | ||||
@@ -52,8 +82,6 @@ changelog: | |||||
-- Jon Foster <jon@jfpossibilities.com> Thu, 02 Sep 2021 10:58:43 -0700 | -- Jon Foster <jon@jfpossibilities.com> Thu, 02 Sep 2021 10:58:43 -0700 | ||||
. | . | ||||
Build: sh | Build: sh | ||||
make trafficmon/trafficmon trafficmon/badtrafficrpt | |||||
cd controlpanel | |||||
make | make | ||||
Clean: sh | Clean: sh | ||||
make distclean | make distclean | ||||
@@ -61,12 +89,13 @@ Clean: sh | |||||
Package: poorman-ids | Package: poorman-ids | ||||
Architecture: any | Architecture: any | ||||
# I think libssl is required by cppcms. libmysqlclient18 is probably cppdb | # I think libssl is required by cppcms. libmysqlclient18 is probably cppdb | ||||
Depends: libc6, libstdc++6, cppdb (>= 0.3.1-4), cppcms, libssl1.0.0, | |||||
libmysqlclient18 | |||||
Depends: libc6, libstdc++6, cppdb (>= 0.3.1-4), cppcms, libssl1.0.0 | |||||
#Depends: [] | |||||
Recommends: libmysqlclient18 | Recommends: libmysqlclient18 | ||||
Description: . | Description: . | ||||
Install: sh | Install: sh | ||||
dpak install -sbin trafficmon/trafficmon trafficmon/badtrafficrpt | |||||
dpak install -sbin iptraffic trafficmon/trafficmon trafficmon/badtrafficrpt | |||||
dpak install -sbin trafficmon/dnsblacklist trafficmon/domblacklist | |||||
dpak install -sbin controlpanel/trafficctrl | dpak install -sbin controlpanel/trafficctrl | ||||
dpak strip | dpak strip | ||||
dpak install -conf -subdir poorman-ids sample.conf controlpanel/sample.js | dpak install -conf -subdir poorman-ids sample.conf controlpanel/sample.js | ||||
@@ -83,13 +112,15 @@ Finalize: sh | |||||
chmod -R g-s "$DPAK_ROOT" | chmod -R g-s "$DPAK_ROOT" | ||||
chmod 700 "$DPAK_ROOT/etc/poorman-ids" | chmod 700 "$DPAK_ROOT/etc/poorman-ids" | ||||
chmod 600 "$DPAK_ROOT/etc/poorman-ids/"* | chmod 600 "$DPAK_ROOT/etc/poorman-ids/"* | ||||
chmod 644 "$DPAK_ROOT/etc/default/"* | |||||
chmod 644 "$DPAK_ROOT/etc/default/"* | |||||
chmod 755 "$DPAK_ROOT/etc/init.d/"* | chmod 755 "$DPAK_ROOT/etc/init.d/"* | ||||
PostInst: sh | PostInst: sh | ||||
update-rc.d trafficmon defaults | update-rc.d trafficmon defaults | ||||
update-rc.d trafficctrl defaults | update-rc.d trafficctrl defaults | ||||
service trafficmon start || true | |||||
service trafficctrl start || true | |||||
PreRm: sh | PreRm: sh | ||||
# Shut off services so they are RAM resident after install | |||||
# Shut off services so they aren't RAM resident after install | |||||
service trafficmon stop || true | service trafficmon stop || true | ||||
service trafficctrl stop || true | service trafficctrl stop || true | ||||
PostRm: sh | PostRm: sh | ||||