File: access.tcl

package info (click to toggle)
pcproxy 1.1.1-2
  • links: PTS
  • area: main
  • in suites: etch, etch-m68k, sarge
  • size: 508 kB
  • ctags: 35
  • sloc: sh: 2,866; tcl: 1,336; makefile: 77
file content (84 lines) | stat: -rw-r--r-- 2,404 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
 
# Access control procedures for PCProxy
#
# $Id: access.tcl,v 1.5 2004/03/11 09:30:03 kees Exp $
#
########################################################################
#    Copyright (C) 2001-2003  Kees Leune
#
#    This program is free software; you can redistribute it and/or modify
#    it under the terms of the GNU General Public License as published by
#    the Free Software Foundation; either version 2 of the License, or
#    (at your option) any later version.
#
#    This program is distributed in the hope that it will be useful,
#    but WITHOUT ANY WARRANTY; without even the implied warranty of
#    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#    GNU General Public License for more details.
#
#    You should have received a copy of the GNU General Public License
#    along with this program; if not, write to the Free Software
#    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
#

proc initACL {} {
    global ACL SETTINGS

    if {[info exists SETTINGS(access)] && 
        ![string match $SETTINGS(access) ""]} {

        set count 0
        cprint "Loading access control list from $SETTINGS(access)"
        if {[catch {
            set f [open $SETTINGS(access) r]
        }]} {
            cprint "Unable to load access control list."
            return
        }

        while {![eof $f]} {
            if {[catch {
                gets $f line
            }]} {
                break
            }
            
            if {$line == ""} { continue }

            if {[regexp {^[;#]} $line x]} { continue }

            if {[regexp {^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+} $line x]} {
                incr count
                lappend ACL $line
            } else {
                cprint "Ignoring ACL entry $line (invalid format)"
            }
        }
        cprint "Allowing $count hosts to connect"

        close $f
        return
    }
}

proc checkACL {ip ch} {
    global ACL SETTINGS

    if {![info exists SETTINGS(access)]} {
        return 0
    }

    if {[info exists ACL] && \
        [lsearch -exact $ACL $ip] != -1} {
        # if there is no ACL, or if there is one and we are on it, allow
        # access.
        return 0
    } 

    catch {
        uprint $ch "You are not allowed to connect to this port. Goodbye."
        flush $ch
        disconnect $ch
    }
    debug "Refusing $ip"
    return 1
}