Hosts files

Many programs require lists of hosts on a network, along with some information about what to do with them. Suppose that you were writing a network monitor like Nagios, and you needed to perform certain checks on hosts on a network. You might ping a host to make sure it's still up and running, you might connect to an HTTP server to check that it is running, you might try to open a POP3 connection with an email server, or you might try a number of other things. What would a list of hosts look like? Let's look at a possible XML format for it, hosts.xml:

<hostlist>
  <host name="Kestrel">
     <ip>12.34.65.212</ip>
     <description>email server</description>
     <checks>
        <check>ping</check>
        <check>pop3</check>
        <check>imap</check>
        <check>smtp</check>
     </checks>
  </host>

  <host name="Pokey">
     <ip>114.43.1.12</ip>
     <description>A desktop computer</description>
     <checks>
        <check>ping</check>
     </checks>
  </host>
</hostlist>

This defines two hosts, Kestrel and Pokey. Kestrel is an email server and should be checked extensively. Pokey is just a desktop computer and should just be pinged regularly to make sure it's running. Both have IP addresses specified.

How would we validate this? Let's start by looking at the format of the hosts file. A hostlist is made up of one or more hosts, each of which has a name attribute which is composed of alphanumeric characters and no spaces or special symbols, an ip child tag with an IP address, an optional description and a list of checks. We can write a basic validator like this:

(use-package :xml-psychiatrist)
(use-package :xmls-utilities)

(toplevel-match
 (tag "hostlist" ()
      (tag+ "host" ((attr "name" :matches-regexp "[a-zA-Z]+"))
            (tag "ip" ()
                 (pcdata :matches-regexp "^[0-9][0-9]?[0-9]?\.
[0-9][0-9]?[0-9]?\.[0-9][0-9]?
[0-9]?\.[0-9][0-9]?[0-9]?$"))
            (tag? "description" ()
                  (pcdata))
            (tag "checks" ()
                 (tag+ "check" ()
                       (pcdata)))))
 (parse-xml-file "hosts.xml"))

This handles most problems. If the XML file doesn't have any checks defined, it will tell you that. If the XML file misspells a tag, it will tell you. But there are a few small problems with this validator which could be exploited by a properly evil and intelligent person:

1. That impenetrable regular expression for matching IP addresses just makes sure that there are four numbers, each containing 1-3 digits, separated by dots. An IP address, though, consists of four numbers between 0 and 255 separated by dots. Perhaps we could match this with a regular expression, but it wouldn't be very pleasant.

2. The contents of the check tags should be checked to ensure that they are valid checks. Your network monitor should not have to puzzle over the meaning of <check>mak shur evrythings wrking haha LoL!!!</check>. This can be done simply by specifying :possible-values for the PCDATA matcher in the check tags. If we wanted to, we could also check to make sure that none of the checks was repeated, but this isn't worth the trouble. Repeating a check is just telling you again to do it.