Changeset 510af91f4bbc80c9d2f68c4b188af3b3a63a93b4
- Timestamp:
- 07/13/12 19:10:05 (1 year ago)
- git-parent:
[994c44e9c01b368bd18681bfb1fa4faafd8aae16], [d6ffeb10c8682f44e32db2c28923cdb91ff5713a]
- Files:
-
- lib/Resmon/Config.pm (modified) (2 diffs)
- lib/Resmon/Status.pm (modified) (2 diffs)
- resmon (modified) (1 diff)
- resmon.conf.sample (modified) (1 diff)
- resources/check_resmon_metric (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
lib/Resmon/Config.pm
r7ed1a17 rd6ffeb1 6 6 use Sys::Hostname; 7 7 8 9 sub split_ip_list { 10 # this code is taken from Marcel Gruenauer's <marcel@cpan.org> CPAN module Net::IP::Match 11 my $string = shift; 12 my $allow = shift; 13 my (@result,$quad,$bits,$matchbits,$int,$mask); 14 for (split (/\s*[,\s]\s*/, $string)) { 15 ($quad, $bits) = m!^(\d+\.\d+\.\d+\.\d+)(?:/(\d+))?!g; 16 $bits = 32 unless (defined($bits) && $bits ne ''); 17 $matchbits = 32 - $bits; 18 $int = unpack("N", pack("C4", split(/\./,$quad))); 19 $mask = $int >> $matchbits; 20 push @result => {mask => $mask, bits => $matchbits, allow => $allow}; 21 print STDERR "mask=$mask,bits=$matchbits,allow=$allow\n"; 22 } 23 return \@result; 24 } 8 25 sub new { 9 26 my $class = shift; … … 131 148 $self->{authpass} = $1; 132 149 next; 150 } 151 elsif(/\s*HOSTS\s+ALLOW\s+([^;]+)\s*;\s*/) { 152 push (@{$self->{hostsallow}}, @{split_ip_list($1,1)}); 153 next; 154 } 155 elsif(/\s*HOSTS\s+DENY\s+([^;]+)\s*;\s*/) { 156 push (@{$self->{hostsallow}}, @{split_ip_list($1,0)}); 157 next; 133 158 } elsif(/\s*INCLUDE\s+(\S+)\s*;\s*/) { 134 159 my $incglob = $1; lib/Resmon/Status.pm
re892f81 rba4f134 442 442 $self->{authuser} = shift; 443 443 $self->{authpass} = shift; 444 my $hostsallow = shift; 445 444 446 if(!defined($ip) || $ip eq '' || $ip eq '*') { 445 447 $ip = INADDR_ANY; … … 470 472 my $client = $handle->accept; 471 473 next unless $client; 474 my $hersockaddr = getpeername($client); 475 my ($port, $iaddr) = sockaddr_in($hersockaddr); 476 my $denied; 477 for my $el (@{$hostsallow}) { 478 my $tmp = unpack("N",$iaddr); 479 $tmp = $tmp >> $el->{bits} if $el->{bits}; 480 if ($tmp == $el->{mask}) { 481 $denied = !$el->{allow}; 482 last; 483 } 484 } 485 if ($denied) { 486 my $response = "<html><head><title>IP denied</title></head>" . 487 "<body><h1>IP denied</h1></body></html>"; 488 $client->print(http_header(401, length($response), 'text/html', $denied)); 489 $client->print($response . "\r\n"); 490 $client->close(); 491 next 492 }; 472 493 my $req; 473 494 my $proto; resmon
rd710bcb rba4f134 85 85 $status->open(); 86 86 $status->serve_http_on($config->{interface}, $config->{port}, 87 $config->{authuser}, $config->{authpass} )87 $config->{authuser}, $config->{authpass}, $config->{hostsallow}) 88 88 if($config->{port}); 89 89 resmon.conf.sample
r0bd15e6 rba4f134 3 3 STATUSFILE /var/run/resmon-status.txt; 4 4 TIMEOUT 10; 5 6 HOSTS ALLOW 10.80.116.112, 127.0.0.1; 7 # HOSTS {ALLOW/DENY} lists are the coma or blank separated lists of 8 # a dotted decimal IPv4 addresses of the form a.b.c.d. to match incoming machineâs IP address exactly, 9 # or an 'ipaddr/n' where ipaddr is the IP address and n is the number of one bits in the netmask. 10 # the first match gives the result, if nothing matches IP is allowed. 11 HOSTS DENY 10.80.117.128/25 12 HOSTS ALLOW 10.80.116.0/23 13 HOSTS DENY 0.0.0.0/0; 5 14 6 15 # Resmon health check. Shows the hostname, svn revision and resources/check_resmon_metric
r880c6ce rcd3c2b0 375 375 376 376 if (defined $regex) { 377 if (!defined($value)) { 378 $value = ''; 379 } 377 380 if ($value =~ /$regex/) { 378 381 $state = "OK";