NAME
blacklist_open,
blacklist_close,
blacklist_r,
blacklist,
blacklist_sa blacklist_sa_r —
Blacklistd notification library
LIBRARY
library “libblacklist”
SYNOPSIS
#include <blacklist.h>
struct blacklist *
blacklist_open(
void);
void
blacklist_close(
struct
blacklist *cookie);
int
blacklist(
int
action,
int fd,
const char *msg);
int
blacklist_r(
struct
blacklist *cookie,
int
action,
int fd,
const char *msg);
int
blacklist_sa(
int
action,
int fd,
const struct sockaddr *sa,
socklen_t salen,
const char *msg);
int
blacklist_sa_r(
struct
blacklist *cookie,
int
action,
int fd,
const struct sockaddr *sa,
socklen_t salen,
const char *msg);
DESCRIPTION
These functions can be used by daemons to notify
blacklistd(8) about
successful and failed remote connections so that blacklistd can block or
release port access to prevent Denial of Service attacks.
The function
blacklist_open() creates the necessary state to
communicate with
blacklistd(8) and returns a
pointer to it, or
NULL
on failure.
The
blacklist_close() function frees all memory and resources
used.
The
blacklist() function sends a message to
blacklistd(8), with an
action argument specifying
1
for
a failed connection or
0
for a successful connection,
a file descriptor
fd specifying the accepted file
descriptor connected to the client, and an optional message in the
msg argument.
The
blacklist_r() function is more efficient because it keeps
the blacklist state around.
The
blacklist_sa() and
blacklist_sa_r()
functions can be used with unconnected sockets, where
getpeername(2) will not
work, the server will pass the peer name in the message.
All functions log errors to
syslogd(8).
RETURN VALUES
The function
blacklist_open() returns a cookie on success and
NULL
on failure setting
errno
to an appropriate value.
The functions
blacklist(),
blacklist_sa(),
and
blacklist_sa_r() return
0
on
success and
-1
on failure setting
errno
to an appropriate value.
SEE ALSO
blacklistd.conf(5),
blacklistd(8)
AUTHORS
Christos Zoulas