.\" openfwtk project: hostmatch.3 1-Nov-2000
.TH hostmatch 3
.SH NAME
hostmatch() \- see if given host matches netperm-table host entry
.SH SYNOPSIS
.nf	
#include "fwfunc.h"
.fi
.sp 
int \fBhostmatch\fP(char *pattern,char *name)
.SH DESCRIPTION
\fIhostmatch\fP is generic host pattern match function used when determining
if source or destination addresses match vaules configured in netperm-table.
.PP
\fBname\fP can be fqdn or dot-delimited ip as text string. 
.PP
if the name is dot-delimited ip and the pattern is fqdn-based,
a reverse lookup and attempt to resolve returned name are performed.
if some of those fail, '\fBunknown\fP' is assumed for matching function
as name.
.SH RETURN VALUES
the function returns 0 if host does not match (incuding all
error conditions, unresolvable name and so on) or 1 if it does.
.SH SECURITY CONDITIONS
name or pattern too long (exceed builtin limit, currently 512
characters),
.PP
\fBaction:\fP fwtkcfgerr is generated, 0 returned
.PP
address entry returned by name lookup exceeds sizeof appropriate
structure,
\fBaction:\fP 'invalid host address length'
securityalert is generated, 0 returned.
.PP
no ip addresses of hostnames returned by lookup match name initially specified,
.PP
\fBaction:\fP match as '\fBunknown\fP' is performed, a 'possible spoof'
securityalert is generated.
.SH SEE ALSO
getpeername(3),ip2name(3),peername(3),namatch(3)
.SH HISTORY
present in fwtk since v1