tango-maat/scanner/ip_matcher/ip_matcher.h

/*
 *
 * Copyright (c) 2020
 * String Algorithms Research Group
 * Institute of Information Engineering, Chinese Academy of Sciences (IIE-CAS)
 * National Engineering Laboratory for Information Security Technologies (NELIST)
 * All rights reserved
 *
 * Written by: LU YUHAI    (luyuhai@iie.ac.cn)
 * Last modification: 2020-04-20
 *
 * This code is the exclusive and proprietary property of IIE-CAS and NELIST. 
 * Usage for direct or indirect commercial advantage is not allowed without 
 * written permission from the authors.
 *
 */

#ifndef H_IP_MATCHER_H
#define H_IP_MATCHER_H

#include <stddef.h>

#include "../../deps/log/log.h"

#ifdef __cplusplus
extern "C"
{
#endif

enum IP_TYPE {
    IPv4 = 4,
    IPv6 = 6
};

struct ipv4_range {
    unsigned int start_ip; /* lower boundary(network-order) */
    unsigned int end_ip;   /* upper boundary(network-order) */
};

struct ipv6_range {
    unsigned int start_ip[4]; /* lower boundary(network-order) */
    unsigned int end_ip[4];   /* upper boundary(network-order) */
};

/* common type for ip rule */
struct ip_rule {
    enum IP_TYPE type; /* IPv4 or IPv6 */
    long long rule_id; /* rule id */
    void *user_tag;    /* point to user-defined data which will return with hit results */
    union {
        struct ipv4_range ipv4_rule;
        struct ipv6_range ipv6_rule;
    };
};

/* common type for scan data */
struct ip_data {
    enum IP_TYPE type; /* IPv4 or IPv6 */
    union {
        unsigned int ipv4;    /* network order */
        unsigned int ipv6[4]; /* network order */
    };
};

/* data type for scan result */
struct scan_result {
    long long rule_id; /* rule id */
    void *tag;         /* point to the same address as user_tag in struct ip_rule which has same rule_id */
};

struct ip_matcher;

/**
 * @brief create an ip_matcher instance
 *
 * @param rules[input]:    a set of ip rules
 * @param rule_num[input]: the number of ip rules
 * @param mem_use[output]: memory used by ip_matcher
 */
struct ip_matcher *ip_matcher_new(struct ip_rule *rules, size_t rule_num,
                                  size_t *mem_use);

/**
 * @brief scan ip_data to find out if has matched rules in ip_matcher
 *
 * @param matcher[intput]: ip_matcher which created by ip_matcher_new
 * @param data[intput]:    ip_data to be scanned
 * @param result[input]:   result array to store the rule_id and user_tag if there are matching rules
 * @param size[input]:     result array size
 */
int ip_matcher_match(struct ip_matcher *matcher, struct ip_data *data,
                     struct scan_result *result, size_t size);

/**
 * @brief destroy ip_matcher instance
 */
void ip_matcher_free(struct ip_matcher *matcher);

#ifdef __cplusplus
}
#endif

#endif /* !defined(H_IP_MATCHER_H) */
ipmatcher rule_id -> long long & scanner engine centralization 2023-03-01 09:32:36 +08:00			`/*`
			`*`
			`* Copyright (c) 2020`
			`* String Algorithms Research Group`
			`* Institute of Information Engineering, Chinese Academy of Sciences (IIE-CAS)`
			`* National Engineering Laboratory for Information Security Technologies (NELIST)`
			`* All rights reserved`
			`*`
			`* Written by: LU YUHAI (luyuhai@iie.ac.cn)`
			`* Last modification: 2020-04-20`
			`*`
			`* This code is the exclusive and proprietary property of IIE-CAS and NELIST.`
			`* Usage for direct or indirect commercial advantage is not allowed without`
			`* written permission from the authors.`
			`*`
			`*/`

			`#ifndef H_IP_MATCHER_H`
			`#define H_IP_MATCHER_H`

			`#include <stddef.h>`

			`#include "../../deps/log/log.h"`

			`#ifdef __cplusplus`
			`extern "C"`
			`{`
			`#endif`

[BUGFIX]fix maat_compile_state_free null pointer 2023-05-23 17:50:53 +08:00			`enum IP_TYPE {`
			`IPv4 = 4,`
			`IPv6 = 6`
			`};`

			`struct ipv4_range {`
			`unsigned int start_ip; /* lower boundary(network-order) */`
			`unsigned int end_ip; /* upper boundary(network-order) */`
			`};`

			`struct ipv6_range {`
			`unsigned int start_ip[4]; /* lower boundary(network-order) */`
			`unsigned int end_ip[4]; /* upper boundary(network-order) */`
			`};`

			`/* common type for ip rule */`
			`struct ip_rule {`
			`enum IP_TYPE type; /* IPv4 or IPv6 */`
			`long long rule_id; /* rule id */`
			`void user_tag; / point to user-defined data which will return with hit results */`
			`union {`
			`struct ipv4_range ipv4_rule;`
			`struct ipv6_range ipv6_rule;`
			`};`
			`};`

			`/* common type for scan data */`
			`struct ip_data {`
			`enum IP_TYPE type; /* IPv4 or IPv6 */`
			`union {`
			`unsigned int ipv4; /* network order */`
			`unsigned int ipv6[4]; /* network order */`
			`};`
			`};`

			`/* data type for scan result */`
			`struct scan_result {`
			`long long rule_id; /* rule id */`
			`void tag; / point to the same address as user_tag in struct ip_rule which has same rule_id */`
			`};`

			`struct ip_matcher;`

			`/**`
			`* @brief create an ip_matcher instance`
			`*`
			`* @param rules[input]: a set of ip rules`
			`* @param rule_num[input]: the number of ip rules`
			`* @param mem_use[output]: memory used by ip_matcher`
			`*/`
			`struct ip_matcher ip_matcher_new(struct ip_rule rules, size_t rule_num,`
			`size_t *mem_use);`

			`/**`
			`* @brief scan ip_data to find out if has matched rules in ip_matcher`
			`*`
			`* @param matcher[intput]: ip_matcher which created by ip_matcher_new`
			`* @param data[intput]: ip_data to be scanned`
			`* @param result[input]: result array to store the rule_id and user_tag if there are matching rules`
			`* @param size[input]: result array size`
			`*/`
			`int ip_matcher_match(struct ip_matcher matcher, struct ip_data data,`
			`struct scan_result *result, size_t size);`

			`/**`
			`* @brief destroy ip_matcher instance`
			`*/`
			`void ip_matcher_free(struct ip_matcher *matcher);`
ipmatcher rule_id -> long long & scanner engine centralization 2023-03-01 09:32:36 +08:00
			`#ifdef __cplusplus`
			`}`
			`#endif`

			`#endif /* !defined(H_IP_MATCHER_H) */`