}
}
-int _link_add_default_acl(knet_handle_t knet_h, struct knet_link *kh_link)
-{
- return check_add(knet_h, kh_link->outsock, kh_link->transport_type,
- &kh_link->dst_addr, &kh_link->dst_addr, CHECK_TYPE_ADDRESS, CHECK_ACCEPT);
-}
-
-int _link_rm_default_acl(knet_handle_t knet_h, struct knet_link *kh_link)
-{
- return check_rm(knet_h, kh_link->outsock, kh_link->transport_type,
- &kh_link->dst_addr, &kh_link->dst_addr, CHECK_TYPE_ADDRESS, CHECK_ACCEPT);
-}
-
/*
* return 0 to reject and 1 to accept a packet
*/
-int _generic_filter_packet_by_acl(knet_handle_t knet_h, int sockfd, struct sockaddr_storage *checkip)
+int check_validate(knet_handle_t knet_h, int sockfd, struct sockaddr_storage *checkip)
{
switch(transport_get_proto(knet_h, knet_h->knet_transport_fd_tracker[sockfd].transport)) {
case LOOPBACK:
*/
return 0;
}
+
+int _link_add_default_acl(knet_handle_t knet_h, struct knet_link *kh_link)
+{
+ return check_add(knet_h, kh_link->outsock, kh_link->transport_type,
+ &kh_link->dst_addr, &kh_link->dst_addr, CHECK_TYPE_ADDRESS, CHECK_ACCEPT);
+}
+
+int _link_rm_default_acl(knet_handle_t knet_h, struct knet_link *kh_link)
+{
+ return check_rm(knet_h, kh_link->outsock, kh_link->transport_type,
+ &kh_link->dst_addr, &kh_link->dst_addr, CHECK_TYPE_ADDRESS, CHECK_ACCEPT);
+}
struct sockaddr_storage *ip1, struct sockaddr_storage *ip2,
check_type_t type, check_acceptreject_t acceptreject);
void check_rmall(knet_handle_t knet_h, int sock, uint8_t transport);
+int check_validate(knet_handle_t knet_h, int sockfd, struct sockaddr_storage *checkip);
+
int _link_add_default_acl(knet_handle_t knet_h, struct knet_link *kh_link);
int _link_rm_default_acl(knet_handle_t knet_h, struct knet_link *kh_link);
-int _generic_filter_packet_by_acl(knet_handle_t knet_h, int sockfd, struct sockaddr_storage *checkip);
#endif
*/
if ((knet_h->use_access_lists) &&
(transport_get_acl_type(knet_h, transport) == USE_GENERIC_ACL)) {
- if (!_generic_filter_packet_by_acl(knet_h, sockfd, msg[i].msg_hdr.msg_name)) {
+ if (!check_validate(knet_h, sockfd, msg[i].msg_hdr.msg_name)) {
char src_ipaddr[KNET_MAX_HOST_LEN];
char src_port[KNET_MAX_PORT_LEN];
log_debug(knet_h, KNET_SUB_TRANSP_SCTP, "Incoming: received connection from: %s port: %s",
addr_str, port_str);
if (knet_h->use_access_lists) {
- if (!_generic_filter_packet_by_acl(knet_h, listen_sock, &ss)) {
+ if (!check_validate(knet_h, listen_sock, &ss)) {
savederrno = EINVAL;
err = -1;
log_debug(knet_h, KNET_SUB_TRANSP_SCTP, "Connection rejected from %s/%s", addr_str, port_str);