KAN-10 load network and log files from config file (#3)

* KAN-10 load network and log files from config file
* KAN-10 take config file name as an argument
* KAN-10 add dependencies in github action makefile


---------

Co-authored-by: ahlyel-amine <[email protected]>

.github/workflows/checks.yml

@@ -43,7 +43,7 @@
 
         - name: Create Makefile for testing
           run: |
-            echo -e 'SRCS= $(shell find . -type f -name "*.c")\nINCLUDES= $(shell find . -type f -name "*.h")\nOBJS= $(SRCS:.c=.o)\nCC= cc\nCFLAGS= -Wall -Wextra -Werror\nNAME= uniq_name_][\nall: $(NAME)\n$(NAME): $(OBJS)\n\t$(CC) $(OBJS) -o $(NAME)\n%.o: %.c $(INCLUDES)\n\t$(CC) $(CFLAGS)  -c $< -o $@' > Makefile
+            echo -e 'SRCS= $(shell find . -type f -name "*.c")\nINCLUDES= -Iinclude\nOBJS= $(SRCS:.c=.o)\nDEPS= $(SRCS:.c=.d)\nCC= cc\nCFLAGS=\nDEPSFLAGS= -MMD -MP\nNAME= uniq_name_][\nall: $(NAME)\n$(NAME): $(OBJS)\n\t$(CC) $(OBJS) -o $(NAME)\n%.o: %.c\n\t$(CC) $(CFLAGS) $(DEPSFLAGS) $(INCLUDES) -c $< -o $@\n-include $(DEPS)' > Makefile
         - name: Run Services
           run: |
             make

config/lsse.conf

@@ -0,0 +1,35 @@
+[log_files]
+
+auth_log=/var/log/auth.log
+syslog=/var/log/syslog
+
+[network]
+
+interface=eth0
+ip=192
+mask=255
+
+[alerts]
+# list of email addresses to send alerts to
+# format: <email>
+# email: the email address to send alerts to
+
+
+
+[rules]
+
+# list of rules to monitor for failed login attempts
+# format: <rule> = <action>
+# rule: the rule to monitor for failed login attempts
+# action: the action to take when the rule is triggered
+# possible actions: lock, report, alert, disable, delete, report_to_authorities, alert_to_authorities, disable_to_authorities, delete_to_authorities
+# example: ssh = lock
+# example: ssh = report
+# example: ssh = alert
+# example: ssh = disable
+# example: ssh = delete
+# example: ssh = report_to_authorities
+# example: ssh = alert_to_authorities
+# example: ssh = disable_to_authorities
+# example: ssh = delete_to_authorities
+

include/config.h

@@ -1,20 +1,57 @@
 #ifndef CONFIG_H
 # define CONFIG_H
+
 # include <stdbool.h>
 # include <stdio.h>
 # include <stdlib.h>
 # include <string.h>
 
-#define MAX_CONFIG_LINE_LENGTH 256
-#define MAX_CONFIG_KEY_LENGTH 50
-#define MAX_CONFIG_VALUE_LENGTH 200
+# define MAX_CONFIG_LINE_LENGTH 256
+# define MAX_CONFIG_KEY_LENGTH 50
+# define MAX_CONFIG_VALUE_LENGTH 200
+# define MAX_NETWORK_COUNT 5
+# define MAX_LOG_COUNT 5
+
+typedef struct s_network_entry {
+    char interface[50]; // network interface to monitor for network traffic 
+    char ip[50]; // ip address of the machine running the program
+    char mask[50]; // subnet mask of the machine running the program
+} t_network_entry;
+
+typedef struct s_log_entry {
+    char file[50]; // path to the log file to monitor
+    char alias[50]; // name of the log file to monitor
+} t_log_entry;
+
+typedef struct s_detection_entry {
+    int threshold; // number of failed login attempts before an intrusion is detected
+    int interval; // time interval in seconds to monitor for failed login attempts
+    int lock_time; // time in seconds to lock the account after an intrusion is detected
+    int lock_threshold; // number of intrusions before the account is locked
+    int report_threshold; // number of intrusions before a report is generated
+} t_detection_entry;
+
+typedef struct s_report_entry {
+    char report_dir[50]; // path to the directory to write the intrusion report
+    char report_mail[50]; // email address to send the intrusion report
+    int interval;   // time interval in seconds to generate the intrusion report
+} t_report_entry;
+
+typedef struct s_config_entry{
+    t_network_entry network[MAX_NETWORK_COUNT];
+    t_log_entry log[MAX_LOG_COUNT];
+    t_detection_entry detection;
+    t_report_entry report;
+} t_config_entry;
+
+static t_config_entry config_entries;
+static int config_entry_count;
+int load_config(const char *filepath);
 
-typedef struct s_config{
-    char key[MAX_CONFIG_KEY_LENGTH];
-    char value[MAX_CONFIG_VALUE_LENGTH];
-} t_config;
+void load_network_config(FILE *file);
+void load_log_config(FILE *file);
+void load_detection_config(FILE *file);
+void load_report_config(FILE *file);
 
-static t_config config_entries[100];
-static int config_entry_count = 0;
 
 #endif

include/init.h

@@ -1,7 +1,6 @@
 #ifndef INIT_H
 # define INIT_H
 
-void	initialize(void);
-
+void	initialize(int ac, char **av);
 
 #endif

src/config/load_config.c

@@ -1,10 +1,17 @@
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
 #include "config.h"
 
-int load_config(const char *filepath)
-{
+/**
+ * @brief Loads the configuration from the specified file.
+ *
+ * This function reads the configuration file line by line and processes each line based on its content.
+ * It skips lines starting with '#' or empty lines.
+ * If a line starts with '[', it identifies the section and calls the corresponding load function.
+ *
+ * @param filepath The path to the configuration file.
+ * @return 0 if the configuration is successfully loaded, -1 otherwise.
+ */
+int load_config(const char *filepath) {
+
     FILE *file = fopen(filepath, "r");
     if (!file) {
         perror("Failed to open config file");
@@ -13,26 +20,31 @@ int load_config(const char *filepath)
 
     char line[MAX_CONFIG_LINE_LENGTH];
     while (fgets(line, sizeof(line), file)) {
-        char *key = strtok(line, "=");
-        char *value = strtok(NULL, "\n");
-
-        if (key && value) {
-            strncpy(config_entries[config_entry_count].key, key, MAX_CONFIG_KEY_LENGTH);
-            strncpy(config_entries[config_entry_count].value, value, MAX_CONFIG_VALUE_LENGTH);
-            config_entry_count++;
+        if(line[0] == '#') {
+            continue;
+        }
+        if (line[0] == '\n') {
+            continue;
+        }
+        if (line[0] == '[') {
+            printf("Line: %s\n", line);
+            char *section = strtok(line, "[]");
+            if (strcmp(section, "network") == 0) {
+                load_network_config(file);
+                if (line[0] == '[') 
+                    section = strtok(line, "[]");
+            }
+            if (strcmp(section, "log") == 0) {
+                load_log_config(file);
+            }
+            if (strcmp(section, "rules") == 0) {
+                load_detection_config(file);
+            }
+            if (strcmp(section, "alerts") == 0) {
+                load_report_config(file);
+            }
         }
     }
-
     fclose(file);
     return 0;
 }
-
-const char* get_config_value(const char *key)
-{
-    for (int i = 0; i < config_entry_count; i++) {
-        if (strcmp(config_entries[i].key, key) == 0) {
-            return config_entries[i].value;
-        }
-    }
-    return NULL;
-}

src/config/load_detection_config.c

@@ -0,0 +1,26 @@
+#include "config.h"
+
+void load_detection_config(FILE *file)
+{
+    char    line[MAX_CONFIG_LINE_LENGTH];
+    char    *key, *value;
+
+    while (fgets(line, sizeof(line), file))
+    {
+        printf("Line: %s\n", line);
+        if (line[0] == '\n' || line[0] == '#') // skip empty lines and comments
+        {
+            continue;
+        }
+        if (line[0] == '[')
+        {
+            break;
+        }
+        key = strtok(line, "="); // get key
+        value = strtok(NULL, "\n"); // get value
+        if (key && value)
+        {
+            ;
+        }
+    }
+}

src/config/load_log_config.c

@@ -0,0 +1,37 @@
+#include "config.h"
+
+/**
+ * @brief Loads the network configuration from a file.
+ *
+ * This function reads the network configuration from the specified file and applies it to the system.
+ *
+ * @param file A pointer to the file containing the network configuration.
+ */
+void load_log_config(FILE *file)
+{
+    char    line[MAX_CONFIG_LINE_LENGTH];
+    int     max_log_count = 0;
+    char    *key, *value;
+
+    while (fgets(line, sizeof(line), file))
+    {
+        printf("Line: %s\n", line);
+        if (line[0] == '\n' || line[0] == '#') // skip empty lines and comments
+        {
+            continue;
+        }
+        if (line[0] == '[' || max_log_count == MAX_LOG_COUNT) // check if max log count is reached
+        {
+            break;
+        }
+        key = strtok(line, "="); // get key
+        value = strtok(NULL, "\n"); // get value
+        max_log_count++;
+        if (key && value)
+        {
+            strncpy(config_entries.log[max_log_count].alias, key, MAX_CONFIG_KEY_LENGTH);
+            strncpy(config_entries.log[max_log_count].file, value, MAX_CONFIG_KEY_LENGTH);
+            printf("Alias: %s, File: %s\n", config_entries.log[max_log_count].alias, config_entries.log[max_log_count].file);
+        }
+    }
+}

src/config/load_network_config.c

@@ -0,0 +1,72 @@
+#include "config.h"
+
+/**
+ * @brief Loads the network configuration from a file.
+ *
+ * This function reads the network configuration from the specified file and applies it to the system.
+ *
+ * @param file A pointer to the file containing the network configuration.
+ */
+void load_network_config(FILE *file)
+{
+    bool    interface_found = false, ip_found = false, mask_found = false;
+    char    line[MAX_CONFIG_LINE_LENGTH];
+    int     max_network_count = 0;
+    char    *key, *value;
+
+    while (fgets(line, sizeof(line), file))
+    {
+        if (line[0] == '\n' || line[0] == '#') // skip empty lines and comments
+        {
+            continue;
+        }
+        if (line[0] == '[' || max_network_count == MAX_NETWORK_COUNT) // check if max network count is reached
+        {
+            break;
+        }
+        key = strtok(line, "="); // get key
+        value = strtok(NULL, "\n"); // get value
+        if (mask_found) // check if all values are found and reset flags
+        {
+            interface_found = false;
+            ip_found = false;
+            mask_found = false;
+            max_network_count++;
+        }
+        if (key && value)
+        {
+            if (strcmp(key, "interface") == 0)
+            {
+                interface_found = true;
+                strncpy(config_entries.network[max_network_count].interface, value, MAX_CONFIG_KEY_LENGTH);
+            }
+            if (strcmp(key, "ip") == 0)
+            {
+                if (!interface_found)
+                {
+
+                    fprintf(stderr, "Error: IP address found before interface\n");
+
+                    exit (EXIT_FAILURE);
+                }
+                ip_found = true;
+                strncpy(config_entries.network[max_network_count].ip, value, MAX_CONFIG_KEY_LENGTH);
+            }
+            if (strcmp(key, "mask") == 0)
+            {
+                if (!ip_found)
+                {
+                    fprintf(stderr, "Error: Subnet mask found before IP address\n");
+                    exit (EXIT_FAILURE);
+                }
+                if (!interface_found)
+                {
+                    fprintf(stderr, "Error: Subnet mask found before interface\n");
+                    exit (EXIT_FAILURE);
+                }
+                mask_found = true;
+                strncpy(config_entries.network[max_network_count].mask, value, MAX_CONFIG_KEY_LENGTH);
+            }
+        }
+    }
+}

src/config/load_report_config.c

@@ -0,0 +1,27 @@
+#include "config.h"
+
+void load_report_config(FILE *file)
+{
+    char    line[MAX_CONFIG_LINE_LENGTH];
+    int     max_report_count = 0;
+    char    *key, *value;
+
+    while (fgets(line, sizeof(line), file))
+    {
+        if (line[0] == '\n' || line[0] == '#') // skip empty lines and comments
+        {
+            continue;
+        }
+        if (line[0] == '[') // check if max report count is reached
+        {
+            break;
+        }
+        key = strtok(line, "="); // get key
+        value = strtok(NULL, "\n"); // get value
+        max_report_count++;
+        if (key && value)
+        {
+            ;
+        }
+    }
+}