| << | < | > | >>
SFLVersion 2.11
|
| iMatix home page | << | < | > | >> |
SFL Version 2.11 |
#include "sflsock.h" Bool socket_is_permitted (const char *address, const char *mask)
Compares the specified address with a mask and returns TRUE if the address matches the mask, or FALSE if it does not. The address is formatted as a string "xxx.xxx.xxx.xxx". The mask is formatted as zero or more patterns, delimited by whitespace or commas. A pattern is an address string, with zero or more of the last components replaced by '*'. The pattern may also be prefixed by '!' to indicate exclusion. This is an example of a mask: "127.0.0.1, 253.34.*, !253.35.*". This mask allows all addresses: "*". To get the string address for a remote socket, use socket_peer_address().
{
char
*addrptr, /* Pointer into address */
*maskptr; /* Pointer into mask */
Bool
negate, /* If !pattern */
feedback = FALSE; /* False unless matched */
ASSERT (address);
ASSERT (mask);
maskptr = (char *) mask;
while (*maskptr)
{
while (isspace (*maskptr) || *maskptr == ',')
maskptr++;
/* Get negation if necessary */
if (*maskptr == '!')
{
negate = TRUE;
maskptr++;
}
else
negate = FALSE;
/* Compare pattern with address up to the end of the pattern */
for (addrptr = (char *) address; *addrptr; addrptr++)
{
if (*maskptr == '*') /* Matched address up to * */
return (!negate); /* So either accepted or failed */
else
if (*maskptr == '\0') /* Did not match address */
return (negate); /* so fail unless negated */
else
if (*addrptr != *maskptr) /* Some difference */
break; /* so stop comparing */
maskptr++;
}
if (*addrptr == '\0' /* Matched exact address? */
&& (*maskptr == '\0' || isspace (*maskptr) || *maskptr == ','))
return (!negate); /* Either accepted or failed */
until (*maskptr == '\0' || isspace (*maskptr) || *maskptr == ',')
maskptr++; /* Skip to end of this pattern */
}
return (feedback);
}
| | << | < | > | >> |
Copyright © 1996-2000 iMatix Corporation |