引入FQDN Engine，以支持FQDN Plugin。

src/inc_internal/FQDN_engine.h

@@ -0,0 +1,69 @@
+/*
+ *
+ * Copyright (c) 2020
+ * String Algorithms Research Group
+ * Institute of Information Engineering, Chinese Academy of Sciences (IIE-CAS)
+ * National Engineering Laboratory for Information Security Technologies (NELIST)
+ * All rights reserved
+ *
+ * Written by: LIU YANBING    (liuyanbing@iie.ac.cn)
+ * Last modification: 2020-09-01
+ *
+ * This code is the exclusive and proprietary property of IIE-CAS and NELIST. 
+ * Usage for direct or indirect commercial advantage is not allowed without 
+ * written permission from the authors.
+ *
+ */
+
+#ifndef H_FQDN_ENGINE_H
+#define H_FQDN_ENGINE_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+    #include <stddef.h>
+
+    struct FQDN_rule
+    {
+              unsigned int id;
+              int is_suffix_match; /* is_suffix_match==0: exact match; is_suffix_match==1: longest suffix matching. */
+              size_t len;
+              char * FQDN;         /* Non-ASCII character is allowed. */
+              void * user_tag;     /* A transparent user tag for convenient accessing, the caller is responsible for its memory management. */
+    };
+
+    struct FQDN_engine;
+
+    struct FQDN_engine * FQDN_engine_new(const struct FQDN_rule * rules, size_t n_rule);
+
+    struct FQDN_match
+    {
+              unsigned int id;
+              unsigned int offset;  /* offset==0 for exact matching; offset>0 for longest suffix matching. */
+              void * user_tag;
+    };
+
+    /*
+    *Function:
+    *        Search FQDN in the rule base
+    *Paramters:
+    *        instance[in]: Instance of FQDN engine
+    *        FQDN[in]: FQDN for search
+    *        FQDN_len[in]: Length of FQDN
+    *        results[out]: An array to store matched FQDNs
+    *        n_result[in]: Number of element in the result array
+    * Return:
+    *        0:  No matched FQDN;
+    *        >0: Number of matched FQNDs which were stored in results;
+    *        <0: Error.
+    */
+    int FQDN_engine_search(struct FQDN_engine * instance, const char * FQDN, size_t FQDN_len, struct FQDN_match * results, size_t n_result);
+
+    void FQDN_engine_free(struct FQDN_engine * instance);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif

src/inc_internal/Maat_rule_internal.h

@@ -16,6 +16,7 @@
 #include "stream_fuzzy_hash.h"
 #include "gram_index_engine.h"
 #include "alignment_int64.h"
+#include "FQDN_engine.h"
 #include <pthread.h>
 #include <iconv.h>
 #include <openssl/md5.h>
@@ -78,6 +79,15 @@ struct db_digest_rule
 	short confidence_degree;
 	int is_valid;
 };
+struct db_fqdn_rule
+{
+	int region_id;
+	int group_id;
+	int is_suffix_match;
+	char* fqdn;
+	int is_valid;
+};
+
 struct Maat_rule_head
 {
 	int 	config_id;

src/inc_internal/Maat_table.h

@@ -36,7 +36,9 @@ enum MAAT_TABLE_TYPE
 	TABLE_TYPE_COMPILE,
 	TABLE_TYPE_PLUGIN,
 	TABLE_TYPE_IP_PLUGIN,
-	TABLE_TYPE_INTERVAL_PLUS
+	TABLE_TYPE_INTERVAL_PLUS,
+	TABLE_TYPE_FQDN,
+	TABLE_TYPE_FQDN_PLUGIN
 };
 
 struct compile_ex_data_idx

src/inc_internal/Maat_table_runtime.h

@@ -4,6 +4,7 @@
 
 #include "IPMatcher.h"
 #include "gram_index_engine.h"
+#include "FQDN_engine.h"
 #include "alignment_int64.h"
 #include "dynamic_array.h"
 #include <MESA/MESA_htable.h>
@@ -14,7 +15,14 @@ struct similar_runtime
 	GIE_handle_t*	gie_handle;
 	MESA_lqueue_head update_q;
 };
-
+struct fqdn_runtime
+{
+	struct FQDN_engine* fqdn_engine;
+	struct FQDN_engine* old_fqdn_engine;
+	struct EX_data_rt* ex_data_rt;	//for fqdn_plugin ONLY
+	struct Maat_garbage_bin* bin;
+	int changed_flag;
+};
 struct plugin_runtime
 {
 	struct EX_data_rt* ex_data_rt;
@@ -51,6 +59,7 @@ struct Maat_table_runtime
 	union
 	{	
 		struct similar_runtime similar;	//for digest and similarity
+		struct fqdn_runtime fqdn;//for fqdn and fqdn_plugin
 		struct plugin_runtime plugin;		
 		struct ip_plugin_runtime ip_plugin;
 		struct expr_runtime expr;