mirror of https://github.com/moparisthebest/sslh
Added log_level option to configuration file, which switches off log at each connection
This commit is contained in:
Yves Rutschle
parent
24612835c3
commit
2cb424c646
|
|
@ -9,6 +9,9 @@ vNEXT:
|
||||||
no longer required, 'name' field can now contain
|
no longer required, 'name' field can now contain
|
||||||
'sni' or 'regex', with corresponding options (see
|
'sni' or 'regex', with corresponding options (see
|
||||||
example.org)
|
example.org)
|
||||||
|
Added 'log_level' option to each protocol, which
|
||||||
|
allows to turn off generation of log at each
|
||||||
|
connection.
|
||||||
|
|
||||||
v1.17: 09MAR2015
|
v1.17: 09MAR2015
|
||||||
Support RFC5952-style IPv6 addresses, e.g. [::]:443.
|
Support RFC5952-style IPv6 addresses, e.g. [::]:443.
|
||||||
|
|
|
||||||
|
|
@ -23,7 +23,7 @@ protocols:
|
||||||
{ name: "openvpn"; host: "localhost"; port: "1194"; },
|
{ name: "openvpn"; host: "localhost"; port: "1194"; },
|
||||||
{ name: "xmpp"; host: "localhost"; port: "5222"; },
|
{ name: "xmpp"; host: "localhost"; port: "5222"; },
|
||||||
{ name: "http"; host: "localhost"; port: "80"; },
|
{ name: "http"; host: "localhost"; port: "80"; },
|
||||||
{ name: "ssl"; host: "localhost"; port: "443"; },
|
{ name: "ssl"; host: "localhost"; port: "443"; log_level: 0; },
|
||||||
{ name: "anyprot"; host: "localhost"; port: "443"; }
|
{ name: "anyprot"; host: "localhost"; port: "443"; }
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
|
||||||
3
common.c
3
common.c
|
|
@ -431,6 +431,9 @@ void log_connection(struct connection *cnx)
|
||||||
local[MAX_NAMELENGTH], target[MAX_NAMELENGTH];
|
local[MAX_NAMELENGTH], target[MAX_NAMELENGTH];
|
||||||
int res;
|
int res;
|
||||||
|
|
||||||
|
if (cnx->proto->log_level < 1)
|
||||||
|
return;
|
||||||
|
|
||||||
addr.ai_addr = (struct sockaddr*)&ss;
|
addr.ai_addr = (struct sockaddr*)&ss;
|
||||||
addr.ai_addrlen = sizeof(ss);
|
addr.ai_addrlen = sizeof(ss);
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -46,8 +46,8 @@ protocols:
|
||||||
{ name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; },
|
{ name: "ssh"; service: "ssh"; host: "localhost"; port: "22"; },
|
||||||
{ name: "http"; host: "localhost"; port: "80"; },
|
{ name: "http"; host: "localhost"; port: "80"; },
|
||||||
|
|
||||||
{ name: "sni"; host: "localhost"; port: "993"; sni_hostnames: [ "mail.rutschle.net", "mail.englishintoulouse.com" ]; },
|
{ name: "sni"; host: "localhost"; port: "993"; sni_hostnames: [ "mail.rutschle.net", "mail.englishintoulouse.com" ]; log_level: 0; },
|
||||||
{ name: "sni"; host: "localhost"; port: "xmpp-client"; sni_hostnames: [ "im.rutschle.net", "im.englishintoulouse.com" ]; },
|
{ name: "sni"; host: "localhost"; port: "xmpp-client"; sni_hostnames: [ "im.rutschle.net", "im.englishintoulouse.com" ]; log_level: 0;},
|
||||||
|
|
||||||
# OpenVPN
|
# OpenVPN
|
||||||
{ name: "regex"; host: "localhost"; port: "1194"; regex_patterns: [ "^\x00[\x0D-\xFF]$", "^\x00[\x0D-\xFF]\x38" ]; },
|
{ name: "regex"; host: "localhost"; port: "1194"; regex_patterns: [ "^\x00[\x0D-\xFF]$", "^\x00[\x0D-\xFF]\x38" ]; },
|
||||||
|
|
|
||||||
20
probe.c
20
probe.c
|
|
@ -41,16 +41,16 @@ static int is_true(const char *p, int len, struct proto* proto) { return 1; }
|
||||||
/* Table of protocols that have a built-in probe
|
/* Table of protocols that have a built-in probe
|
||||||
*/
|
*/
|
||||||
static struct proto builtins[] = {
|
static struct proto builtins[] = {
|
||||||
/* description service saddr probe */
|
/* description service saddr log_level probe */
|
||||||
{ "ssh", "sshd", NULL, is_ssh_protocol},
|
{ "ssh", "sshd", NULL, 1, is_ssh_protocol},
|
||||||
{ "openvpn", NULL, NULL, is_openvpn_protocol },
|
{ "openvpn", NULL, NULL, 1, is_openvpn_protocol },
|
||||||
{ "tinc", NULL, NULL, is_tinc_protocol },
|
{ "tinc", NULL, NULL, 1, is_tinc_protocol },
|
||||||
{ "xmpp", NULL, NULL, is_xmpp_protocol },
|
{ "xmpp", NULL, NULL, 1, is_xmpp_protocol },
|
||||||
{ "http", NULL, NULL, is_http_protocol },
|
{ "http", NULL, NULL, 1, is_http_protocol },
|
||||||
{ "ssl", NULL, NULL, is_tls_protocol },
|
{ "ssl", NULL, NULL, 1, is_tls_protocol },
|
||||||
{ "tls", NULL, NULL, is_tls_protocol },
|
{ "tls", NULL, NULL, 1, is_tls_protocol },
|
||||||
{ "adb", NULL, NULL, is_adb_protocol },
|
{ "adb", NULL, NULL, 1, is_adb_protocol },
|
||||||
{ "anyprot", NULL, NULL, is_true }
|
{ "anyprot", NULL, NULL, 1, is_true }
|
||||||
};
|
};
|
||||||
|
|
||||||
static struct proto *protocols;
|
static struct proto *protocols;
|
||||||
|
|
|
||||||
3
probe.h
3
probe.h
|
|
@ -20,6 +20,9 @@ struct proto {
|
||||||
const char* description; /* a string that says what it is (for logging and command-line parsing) */
|
const char* description; /* a string that says what it is (for logging and command-line parsing) */
|
||||||
const char* service; /* service name to do libwrap checks */
|
const char* service; /* service name to do libwrap checks */
|
||||||
struct addrinfo *saddr; /* list of addresses to try and switch that protocol */
|
struct addrinfo *saddr; /* list of addresses to try and switch that protocol */
|
||||||
|
int log_level; /* 0: No logging of connection
|
||||||
|
* 1: Log incoming connection
|
||||||
|
*/
|
||||||
|
|
||||||
/* function to probe that protocol; parameters are buffer and length
|
/* function to probe that protocol; parameters are buffer and length
|
||||||
* containing the data to probe, and a pointer to the protocol structure */
|
* containing the data to probe, and a pointer to the protocol structure */
|
||||||
|
|
|
||||||
|
|
@ -119,10 +119,11 @@ static void printsettings(void)
|
||||||
|
|
||||||
for (p = get_first_protocol(); p; p = p->next) {
|
for (p = get_first_protocol(); p; p = p->next) {
|
||||||
fprintf(stderr,
|
fprintf(stderr,
|
||||||
"%s addr: %s. libwrap service: %s family %d %d\n",
|
"%s addr: %s. libwrap service: %s log_level: %d family %d %d\n",
|
||||||
p->description,
|
p->description,
|
||||||
sprintaddr(buf, sizeof(buf), p->saddr),
|
sprintaddr(buf, sizeof(buf), p->saddr),
|
||||||
p->service,
|
p->service,
|
||||||
|
p->log_level,
|
||||||
p->saddr->ai_family,
|
p->saddr->ai_family,
|
||||||
p->saddr->ai_addr->sa_family);
|
p->saddr->ai_addr->sa_family);
|
||||||
}
|
}
|
||||||
|
|
@ -271,6 +272,10 @@ static int config_protocols(config_t *config, struct proto **prots)
|
||||||
p->description = name;
|
p->description = name;
|
||||||
config_setting_lookup_string(prot, "service", &(p->service));
|
config_setting_lookup_string(prot, "service", &(p->service));
|
||||||
|
|
||||||
|
if (config_setting_lookup_int(prot, "log_level", &p->log_level) == CONFIG_FALSE) {
|
||||||
|
p->log_level = 1;
|
||||||
|
}
|
||||||
|
|
||||||
resolve_split_name(&(p->saddr), hostname, port);
|
resolve_split_name(&(p->saddr), hostname, port);
|
||||||
|
|
||||||
p->probe = get_probe(name);
|
p->probe = get_probe(name);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue