-
-
Notifications
You must be signed in to change notification settings - Fork 189
/
FTL.h
233 lines (207 loc) · 4.63 KB
/
FTL.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
/* Pi-hole: A black hole for Internet advertisements
* (c) 2017 Pi-hole, LLC (https://pi-hole.net)
* Network-wide ad blocking via your own hardware.
*
* FTL Engine
* Global definitions
*
* This file is copyright under the latest version of the EUPL.
* Please see LICENSE file for your rights under this license. */
#define __USE_XOPEN
#define _GNU_SOURCE
#include <stdio.h>
// variable argument lists
#include <stdarg.h>
#include <stdlib.h>
#include <signal.h>
#include <stdbool.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <string.h>
#include <time.h>
#include <sys/time.h>
#include <sys/socket.h>
// struct sockaddr_in
#include <netinet/in.h>
// char* inet_ntoa(struct in_addr in)
#include <arpa/inet.h>
// getnameinfo();
#include <netdb.h>
#include <errno.h>
#include <pthread.h>
#include <sys/prctl.h>
//#include <math.h>
#include <pwd.h>
// syslog
#include <syslog.h>
// SQLite
#include "sqlite3.h"
// tolower()
#include <ctype.h>
#include "routines.h"
// Next we define the step size in which the struct arrays are reallocated if they
// grow too large. This number should be large enough so that reallocation does not
// have to run very often, but should be as small as possible to avoid wasting memory
#define QUERIESALLOCSTEP 10000
#define FORWARDEDALLOCSTEP 4
#define CLIENTSALLOCSTEP 10
#define DOMAINSALLOCSTEP 1000
#define OVERTIMEALLOCSTEP 100
#define SOCKETBUFFERLEN 1024
// Maximum time from now until we will parse logs that are in the past [seconds]
// Default: 86400 (24 hours)
#define MAXLOGAGE 86400
// How often do we garbage collect (to ensure we only have data fitting to the MAXLOGAGE defined above)? [seconds]
// Default: 3600 (once per hour)
#define GCinterval 3600
// Delay applied to the garbage collecting [seconds]
// Default -60 (one minute before a full hour)
#define GCdelay (-60)
// Static structs
typedef struct {
const char* conf;
const char* log;
const char* pid;
const char* port;
char* db;
} FTLFileNamesStruct;
typedef struct {
const char* log;
const char* log1;
const char* gravity;
const char* whitelist;
const char* blacklist;
const char* setupVars;
const char* wildcards;
const char* auditlist;
const char* dnsmasqconfig;
} logFileNamesStruct;
typedef struct {
int queries;
int invalidqueries;
int blocked;
int wildcardblocked;
int cached;
int unknown;
int forwarded;
int clients;
int domains;
int queries_MAX;
int forwarded_MAX;
int clients_MAX;
int domains_MAX;
int overTime_MAX;
int gravity;
int overTime;
int IPv4;
int IPv6;
int PTR;
int SRV;
int wildcarddomains;
int forwardedqueries;
} countersStruct;
typedef struct {
bool socket_listenlocal;
bool include_yesterday;
bool rolling_24h;
bool query_display;
bool analyze_AAAA;
int maxDBdays;
bool resolveIPv6;
bool resolveIPv4;
int DBinterval;
} ConfigStruct;
// Dynamic structs
typedef struct {
unsigned char magic;
int timestamp;
int timeidx;
unsigned char type;
unsigned char status;
// 0 = unknown, 1 = gravity.list (blocked), 2 = reply from upstream, 3 = cache, 4 = wildcard blocked
int domainID;
int clientID;
int forwardID;
bool valid;
bool db;
} queriesDataStruct;
typedef struct {
unsigned char magic;
int count;
char *ip;
char *name;
} forwardedDataStruct;
typedef struct {
unsigned char magic;
int count;
char *ip;
char *name;
} clientsDataStruct;
typedef struct {
unsigned char magic;
int count;
int blockedcount;
char *domain;
bool wildcard;
} domainsDataStruct;
typedef struct {
unsigned char magic;
int timestamp;
int total;
int blocked;
int cached;
int forwardnum;
int *forwarddata;
int *querytypedata;
int clientnum;
int *clientdata;
} overTimeDataStruct;
typedef struct {
int wildcarddomains;
int domainnames;
int clientips;
int clientnames;
int forwardedips;
int forwardednames;
int forwarddata;
int clientdata;
int querytypedata;
} memoryStruct;
enum { QUERIES, FORWARDED, CLIENTS, DOMAINS, OVERTIME, WILDCARD };
enum { SOCKET };
logFileNamesStruct files;
FTLFileNamesStruct FTLfiles;
countersStruct counters;
ConfigStruct config;
queriesDataStruct *queries;
forwardedDataStruct *forwarded;
clientsDataStruct *clients;
domainsDataStruct *domains;
overTimeDataStruct *overTime;
FILE *logfile;
volatile sig_atomic_t killed;
char ** setupVarsArray;
int setupVarsElements;
bool initialscan;
bool debug;
bool debugthreads;
bool debugclients;
bool debugGC;
bool debugDB;
bool threadwritelock;
bool threadreadlock;
unsigned char blockingstatus;
char ** wildcarddomains;
memoryStruct memory;
bool runtest;
char * username;
char timestamp[16];
bool flush;
bool needGC;
bool daemonmode;
bool database;
long int lastdbindex;
bool travis;
bool DBdeleteoldqueries;
bool rereadgravity;