#!/usr/bin/perl -w ##=====================================================================## ## Copyright (C) 2001-2004 Stephen Zarkos. All rights reserved. ## Obsid@Sentry.net ## ## Please see file: COPYRIGHT for further copyright information and ## disclaimer. Or online at http://www.SentryFirewall.com/files/COPYRIGHT ##=====================================================================## ## File: process_conf.pl ## &process_conf: Takes global "@conf", parses it, and shoves it into %prefs. ## &do_include: Retrieve "include" directives from %prefs($prefs{'include'} ## and calls process_conf() to utilize any new values. $ENV{PATH} = "/bin:/sbin"; umask 022; ##-------------------------------------------------------------------------## ## Sub process_conf() ## This function simply takes the global variable @conf, parses it, ## and shoves it into the global %prefs hash. It will also parse and ## utilize the "=>" and "|=" directives. sub process_conf { my ($src,$dst,$var,$value,$dval) = ''; foreach $dval (@conf) { next if ("$dval" eq ''); chomp($dval); $dval =~ s/#.*//; $dval =~ s/\"+//g; $dval =~ s/\'+//g; $dval =~ s/\`+//g; $dval =~ s/\*+//g; ## Make a directory. ## Syntax is mkdir $dirname:mask. if ($dval =~ /^mkdir[\s\t]+/) { &create_dir("$dval"); $dval = ''; next; } $dval =~ s/[\s\t]+//g; ## Copy file. ## We format this in the $dst=$src sequence so that we can move on and shove ## it into %prefs(). The copy will actually occur somewhere toward the end ## of do_config(). if ($dval =~ /\|=/) { ($src,$dst) = split(/\|=/, $dval, 2); if (($src ne '') && ($dst ne '')) { $dval = "$dst" . '=' . "$src"; } else { next; } } ## Symlink file. if ($dval =~ /=>/) { ($src,$dst) = split(/=>/, $dval, 2); if (($src ne '') && ($dst ne '')) { symlink("$dst", "$src") or &do_log("ERROR: Unable to create symlink ${src} to ${dst}, $!."); } } ## Throw the rest into %prefs(). elsif ($dval =~ /=/) { ($var,$value) = split(/=/, $dval, 2); if ($var ne '') { ## $var cannot be blank, but $value can be in some cases(%services). $prefs{$var} = "$value"; } } elsif (($dval ne '') && ($dval =~ /\:/)) { ## Likely a service or daemon, defined in %services. $var = "$dval"; $value = ''; $prefs{$var} = "$value"; } $dval = ''; } ## End foreach loop. ## Set debug directive(avoid possible errors). if (!(exists($prefs{'debug'}))) { $prefs{'debug'} = 0; } @conf = (); ## Empty @conf, no more use for it. return 1; } ## End sub process_conf(). ##-------------------------------------------------------------------------## ##-------------------------------------------------------------------------## ## Sub do_include() ## Processes the "include" directive - retrieves new sentry.conf file and ## calls process_conf() to parse the new configuration file. ## Any new directives processed and placed in %prefs will clobber any ## previously declared directives. sub do_include { my $status = 0; my @conf_tst = (); return 0 if (!(exists($prefs{'include'}))); &do_log("INFO: Processing \'include\' directive..."); if ((exists($prefs{'debug'})) && ($prefs{'debug'} eq '1')) { &do_log("DEBUG: include = $prefs{include}"); } if ($prefs{'include'} eq '') { delete($prefs{'include'}); return 0; } $status = &vrfy_file('include'); if ($status != 1) { delete($prefs{'include'}); return 0; } if (open(FH,"<$prefs{'include'}")) { flock(FH,1); @conf = ; close(FH); if ($prefs{'include'} =~ /^\/tmp\//) { unlink("$prefs{'include'}"); } delete($prefs{'include'}); @conf_tst = @conf; &process_conf; ## Process global @conf info global %prefs. } else { ## $prefs{'include'} may be incorrect or just garbage. &do_log("ERROR: unable to open $prefs{include}."); delete($prefs{'include'}); return 0; } ## Set up networking. if ($status == 1) { foreach (@conf_tst) { if ($_ =~ /device[0-9]{1,2}[\s\t=]/) { $net += (&networking('NET_UP')); last; } } } if (exists($prefs{'include'})) { &do_include; } return 1; } ## End sub do_include(). ##-------------------------------------------------------------------------## return 1; ## _EOF_ ##