Reggo Demystified

1
Reggo Demystified Skand S Gupta skand_at_cs.ucsb.
edu
2
Reggo Overview

• Application firewall
• Monitors traffic between the client(s) and the
  server(s) and closes the connection, if the data
  matches specified regular expression
• Server side application
• Acts both as a client and the server
• For remote clients, it acts as a server
• For local server, it acts as a client
• Should handle multiple clients and servers

3
Reggo Configuration File

• reggo.conf specifies the port numbers to listen
  and the regular expression for the corresponding
  ports
• 80 8081 User-Agent .Safari
• 21 2221 Quote . Exec
• 21 2221 ./warez/
• ...
• Different configuration file can be specified
  with --conf option

4
Reggo Configuration File

• Listens on TCP ports 80 and 21 AND connects to
  LOCAL ports 8081 and 2221
• If the data between ports 80 and 8081 matches
  regular expression "User-Agent .Safari", the
  client-to-reggo and reggo-to-server connection is
  terminated
• If the data between ports 21 and 2021 match
  either of the two regular expression, the
  connection is terminated.

5
Reggo Things to Remember

• Monitors data, both ways (client-server and
  server-client)?
• The configuration file should be read at the
  startup and re-read at runtime if SIGUSR1 signal
  is sent to the reggo (install handler for SIGUSR1
  man signal)?
• Don't need to handle conflicting rules in the
  configuration file
• Rules for data are regular expressions

6
Reggo Things to Remember

• Enforce single instance by using file locks
• Default /tmp/reggo.lock (override --lockfile
  option)?
• Log everything in log file
• Default /var/log/reggo.log (override --logfile
  option)?
• Data between distinct port pair is handled by a
  different reggo child
• Each child should be able to handle multiple
  clients and apply the rule to each client
  separately (tip start with single client)?

7
Using select()?

• System call for polling the status of multiple
  file descriptors
• Allows a program to monitor multiple file
  descriptors, waiting until one or more become
  ready
• Very useful for implementing concurrent server
  without the overhead of a new thread/process
• int select(int nfds, fd_set readfds, fd_set
  writefds, fd_set exceptfds, struct timeval
  timeout)

8
Using select()?

• readfds, writefds, exceptfds set of file
  descriptors to monitor for reading, writing or
  exceptions
• FD_ZERO() clears a set
• FD_SET() adds a descriptor to a set
• FD_CLR() removes descriptor from a set
• FD_ISSET() test whether a descriptor belongs to
  a set
• nfds highest numbered file descriptor in any set
  plus one

9
Using select()?

• timeout Upper bound on the amount of time
  elapsed before select returns
• timeout 0 returns immediately
• timeout NULL block indefinitely
• Returns the number of ready file descriptors
• A very good example server using select()
  http//publib.boulder.ibm.com/infocenter/iseries/v
  5r3/index.jsp?topic/rzab6/rzab6xnonblock.htm

10
Concurrent Server Using select()?