7 require './access_list.pl';
14 vec($bits, fileno($fh), 1) = 1;
19 open LOG, ">>", "mbd.log";
21 my @ports = mbd::find_all_ports();
23 # Open a socket for each port
25 my $udp = getprotobyname("udp");
28 socket($sock, PF_INET, SOCK_DGRAM, $udp);
29 bind($sock, sockaddr_in($p, INADDR_ANY));
33 my $sendsock = Net::RawIP->new({udp => {}});
35 print "Listening on " . scalar @ports . " ports.\n";
39 my $rin = fhbits(@socks);
42 my $nfound = select($rout=$rin, undef, undef, undef);
43 for my $sock (@socks) {
44 next unless (vec($rout, fileno($sock), 1) == 1);
47 my $addr = recv($sock, $data, 8192, 0); # jumbo broadcast! :-P
48 my ($sport, $saddr) = sockaddr_in($addr);
49 my ($dport, $daddr) = sockaddr_in(getsockname($sock));
50 my $size = length($data);
52 # We don't get the packet's destination address, but I guess this should do...
53 # Check against the ACL.
55 for my $rule (@Config::access_list) {
56 next unless (mbd::match_ranges($dport, $rule->{'ports'}));
57 next unless (mbd::match_ranges($size, $rule->{'sizes'}));
59 if ($rule->{'filter'}) {
60 next unless ($rule->{'filter'}($data));
67 print LOG "$dport $size $pass\n";
70 print "$dport, $size bytes => filtered\n";
75 for my $net (@Config::networks) {
76 next if (Net::CIDR::cidrlookup(inet_ntoa($saddr), $net));
78 my ($range) = Net::CIDR::cidr2range($net);
82 print inet_ntoa($saddr), ", $dport, $size bytes => $broadcast\n";
86 saddr => inet_ntoa($saddr),