modify ip_table and ip_plugin_table

src/inc_internal/maat_utils.h

@@ -71,8 +71,7 @@ enum ip_format {
 };
 
 enum ip_format ip_format_str2int(const char *format);
-int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2, 
-                    uint32_t range_begin[], uint32_t range_end[]);
+int ip_format2range(const char *ip_str, int ip_type, uint32_t range_begin[], uint32_t range_end[]);
 
 #define UNUSED	__attribute__((unused))
 

src/json2iris.c

@@ -524,31 +524,14 @@ write_ip_line(cJSON *region_json, struct iris_description *p_iris,
 
 	json_cmd[cmd_cnt].json_string = "group_id";
 	json_cmd[cmd_cnt].json_type = cJSON_Number;
-	cmd_cnt++;
-	
-	json_cmd[cmd_cnt].json_string = "addr_type";
-	json_cmd[cmd_cnt].json_type = cJSON_String;
-	json_cmd[cmd_cnt].str2int_flag = 1;
-	cmd_cnt++;
-
-	json_cmd[cmd_cnt].json_string = "addr_format";
-	json_cmd[cmd_cnt].json_type = cJSON_String;
-	json_cmd[cmd_cnt].empty_allowed = 1;
-	json_cmd[cmd_cnt].default_string = "mask";	
 	cmd_cnt++;	
 
-	json_cmd[cmd_cnt].json_string = "ip1";
+	json_cmd[cmd_cnt].json_string = "ip";
 	json_cmd[cmd_cnt].json_type = cJSON_String;
 	json_cmd[cmd_cnt].empty_allowed = 1;
 	json_cmd[cmd_cnt].default_string = "0.0.0.0";
 	cmd_cnt++;
 
-	json_cmd[cmd_cnt].json_string = "ip2";
-	json_cmd[cmd_cnt].json_type = cJSON_String;
-	json_cmd[cmd_cnt].empty_allowed = 1;
-	json_cmd[cmd_cnt].default_string = "255.255.255.255";
-	cmd_cnt++;
-
 	json_cmd[cmd_cnt].json_string = "port";
 	json_cmd[cmd_cnt].json_type = cJSON_String;
 	json_cmd[cmd_cnt].empty_allowed = 1;

src/maat_ip.c

@@ -26,10 +26,7 @@
 struct ip_schema {
     int item_id_column;
     int group_id_column;
-    int addr_type_column;
-    int addr_format_column;
-    int ip1_column;
-    int ip2_column;
+    int ip_column;
     int table_id;
     int port_column;
     struct table_manager *ref_tbl_mgr;
@@ -53,7 +50,6 @@ struct ip_item {
         struct ipv4_item_rule ipv4;
         struct ipv6_item_rule ipv6;
     };
-    enum ip_format ip_format;
     int port_start;
     int port_end;
 };
@@ -121,42 +117,12 @@ void *ip_schema_new(cJSON *json, struct table_manager *tbl_mgr,
         goto error;
     }
 
-    custom_item = cJSON_GetObjectItem(item, "addr_type");
+    custom_item = cJSON_GetObjectItem(item, "ip");
     if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        ip_schema->addr_type_column = custom_item->valueint;
+        ip_schema->ip_column = custom_item->valueint;
     } else {
         log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> schema has no add_type column", 
-                  __FUNCTION__, __LINE__, table_name);
-        goto error;
-    }
-
-    custom_item = cJSON_GetObjectItem(item, "addr_format");
-    if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        ip_schema->addr_format_column = custom_item->valueint;
-    } else {
-        log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> schema has no addr_format column", 
-                  __FUNCTION__, __LINE__, table_name);
-        goto error;
-    }
-
-    custom_item = cJSON_GetObjectItem(item, "ip1");
-    if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        ip_schema->ip1_column = custom_item->valueint;
-    } else {
-        log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> schema has no ip1 column", 
-                  __FUNCTION__, __LINE__, table_name);
-        goto error;
-    }
-
-    custom_item = cJSON_GetObjectItem(item, "ip2");
-    if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        ip_schema->ip2_column = custom_item->valueint;
-    } else {
-        log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> schema has no ip2 column", 
+                  "[%s:%d] ip table:<%s> schema has no ip column", 
                   __FUNCTION__, __LINE__, table_name);
         goto error;
     }
@@ -185,9 +151,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
 {
     size_t column_offset = 0;
     size_t column_len = 0;
-    char addr_format[16] = {0};
-    char ip1_str[40] = {0};
-    char ip2_str[40] = {0};
+    char ip_str[128] = {0};
     struct ip_item *ip_item = ALLOC(struct ip_item, 1);
     
     int ret = get_column_pos(line, ip_schema->item_id_column, &column_offset,
@@ -210,41 +174,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
     }
     ip_item->group_id = atoll(line + column_offset);
 
-    ret = get_column_pos(line, ip_schema->addr_type_column, &column_offset,
-                         &column_len);
-    if (ret < 0) {
-        log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> has no addr_type in line:%s",
-                  __FUNCTION__, __LINE__, table_name, line);
-        goto error;
-    }
-    ip_item->addr_type = atoi(line + column_offset);
-
-    if (ip_item->addr_type != IPv4 && ip_item->addr_type != IPv6) {
-        log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> has invalid addr type:%d in line:%s",
-                  __FUNCTION__, __LINE__, table_name, ip_item->addr_type, line);
-        goto error;
-    }
-
-    ret = get_column_pos(line, ip_schema->addr_format_column, &column_offset,
-                         &column_len);
-    if (ret < 0) {
-        log_fatal(logger, MODULE_IP,
-                  "[%s:%d] ip table:<%s> has no addr_format in line:%s",
-                  __FUNCTION__, __LINE__, table_name, line);
-        goto error;
-    }
-    memcpy(addr_format, (line + column_offset), column_len);
-    if (IP_FORMAT_UNKNOWN == ip_format_str2int(addr_format)) {
-        log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> has invalid addr_format, "
-                  "should be single/range/CIDR/mask in line:%s",
-                  __FUNCTION__, __LINE__, table_name, line);
-        goto error;
-    }
-
-    ret = get_column_pos(line, ip_schema->ip1_column, &column_offset,
+    ret = get_column_pos(line, ip_schema->ip_column, &column_offset,
                          &column_len);
     if (ret < 0) {
         log_fatal(logger, MODULE_IP, 
@@ -252,21 +182,16 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
                   __FUNCTION__, __LINE__, table_name, line);
         goto error;
     }
-    memcpy(ip1_str, (line + column_offset), column_len);
+    memcpy(ip_str, (line + column_offset), column_len);
 
-    ret = get_column_pos(line, ip_schema->ip2_column, &column_offset,
-                         &column_len);
-    if (ret < 0) {
-        log_fatal(logger, MODULE_IP, 
-                  "[%s:%d] ip table:<%s> has no ip2 in line:%s",
-                  __FUNCTION__, __LINE__, table_name, line);
-        goto error;
+    if (strchr(ip_str, ':') != NULL) {
+		ip_item->addr_type = IPV6;
+	} else {
+		ip_item->addr_type = IPV4;
     }
-    memcpy(ip2_str, (line + column_offset), column_len);
 
     if (IPv4 == ip_item->addr_type) {
-        ret = ip_format2range(ip_item->addr_type, ip_format_str2int(addr_format),
-                              ip1_str, ip2_str, &ip_item->ipv4.min_ip, &ip_item->ipv4.max_ip);
+        ret = ip_format2range(ip_str, ip_item->addr_type, &ip_item->ipv4.min_ip, &ip_item->ipv4.max_ip);
         if (ret < 0) {
             log_fatal(logger, MODULE_IP, 
                       "[%s:%d] ip table:<%s> ip_format2range(ip4) failed in line:%s",
@@ -275,8 +200,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
         }
     } else {
         //ipv6
-        ret = ip_format2range(ip_item->addr_type, ip_format_str2int(addr_format),
-                              ip1_str, ip2_str, ip_item->ipv6.min_ip, ip_item->ipv6.max_ip);
+        ret = ip_format2range(ip_str, ip_item->addr_type, ip_item->ipv6.min_ip, ip_item->ipv6.max_ip);
         if (ret < 0) {
             log_fatal(logger, MODULE_IP, 
                       "[%s:%d] ip table:<%s> ip_format2range(ip6) failed in line:%s",
@@ -284,6 +208,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
             goto error;
         }
     }
+
     if(ip_schema->port_column>0)
     {
         ret = get_column_pos(line, ip_schema->port_column, &column_offset,

src/maat_ip_plugin.c

@@ -23,10 +23,7 @@
 
 struct ip_plugin_schema {
     int item_id_column;
-	int ip_type_column;
-	int start_ip_column;
-	int end_ip_column;
-    int addr_format_column;
+	int ip_column;
 	int rule_tag_column;
     int gc_timeout_s;
     int table_id;
@@ -85,31 +82,9 @@ void *ip_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr,
         goto error;
     }
 
-    custom_item = cJSON_GetObjectItem(item, "ip_type");
+    custom_item = cJSON_GetObjectItem(item, "ip");
     if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        schema->ip_type_column = custom_item->valueint;
-    } else {
-        log_fatal(logger, MODULE_IP_PLUGIN, 
-                  "[%s:%d] ip_plugin table:<%s> schema has no"
-                  " ip_type column", 
-                  __FUNCTION__, __LINE__, table_name);
-        goto error;
-    }
-
-    custom_item = cJSON_GetObjectItem(item, "start_ip");
-    if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        schema->start_ip_column = custom_item->valueint;
-    } else {
-        log_fatal(logger, MODULE_IP_PLUGIN, 
-                  "[%s:%d] ip_plugin table:<%s> schema has no"
-                  " start_ip column", __FUNCTION__, __LINE__,
-                  table_name);
-        goto error;
-    }
-
-    custom_item = cJSON_GetObjectItem(item, "end_ip");
-    if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        schema->end_ip_column = custom_item->valueint;
+        schema->ip_column = custom_item->valueint;
     } else {
         log_fatal(logger, MODULE_IP_PLUGIN, 
                   "[%s:%d] ip_plugin table:<%s> schema has no"
@@ -118,11 +93,6 @@ void *ip_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr,
         goto error;
     }
 
-    custom_item = cJSON_GetObjectItem(item, "addr_format");
-    if (custom_item != NULL && custom_item->type == cJSON_Number) {
-        schema->addr_format_column = custom_item->valueint;
-    }
-
     // rule_tag is optional
     custom_item = cJSON_GetObjectItem(item, "rule_tag");
     if (custom_item != NULL && custom_item->type == cJSON_Number) {
@@ -206,9 +176,7 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name,
 
     size_t column_offset = 0;
     size_t column_len = 0;
-    char start_ip_str[40] = {0};
-    char end_ip_str[40] = {0};
-    char addr_format[16] = {"range"};
+    char ip_str[128] = {0};
     struct ip_rule *ip_plugin_rule = ALLOC(struct ip_rule, 1);
 
     ret = get_column_pos(line, schema->item_id_column,
@@ -220,58 +188,8 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name,
         goto error;
     }
     ip_plugin_rule->rule_id = atoll(line + column_offset);
-
-    ret = get_column_pos(line, schema->ip_type_column,
-                         &column_offset, &column_len);
-    if (ret < 0) {
-        log_fatal(logger, MODULE_IP_PLUGIN, 
-                  "[%s:%d] ip_plugin table:<%s> has no ip_type in line:%s",
-                  __FUNCTION__, __LINE__, table_name, line);
-        goto error;
-    }
-    ip_plugin_rule->type = atoi(line + column_offset);
-    if (ip_plugin_rule->type != IPv4 &&
-        ip_plugin_rule->type != IPv6) {
-        log_fatal(logger, MODULE_IP_PLUGIN, 
-                  "[%s:%d] ip_plugin table:<%s> ip_type[%d] invalid"
-                  " in line:%s", __FUNCTION__, __LINE__, table_name,
-                  ip_plugin_rule->type, line);
-        goto error;
-    }
-
-    if (schema->addr_format_column > 0) {
-        ret = get_column_pos(line, schema->addr_format_column,
-                             &column_offset, &column_len);
-        if (ret < 0) {
-            log_fatal(logger, MODULE_IP_PLUGIN,
-                      "[%s:%d] ip_plugin table:<%s> has no addr_format column in line:%s",
-                      __FUNCTION__, __LINE__, table_name, line);
-            goto error;
-        }
-
-        memset(addr_format, 0, sizeof(addr_format));
-        memcpy(addr_format, (line + column_offset), column_len);
-    }
-
-    if (IP_FORMAT_UNKNOWN == ip_format_str2int(addr_format)) {
-        log_fatal(logger, MODULE_IP_PLUGIN,
-                  "[%s:%d] ip_plugin table(table_id:%d) has invalid addr_format,"
-                  " should be range/CIDR, line:%s",
-                  __FUNCTION__, __LINE__, schema->table_id, line);
-        goto error;
-    }
-
-    ret = get_column_pos(line, schema->start_ip_column,
-                         &column_offset, &column_len);
-    if (ret < 0) {
-        log_fatal(logger, MODULE_IP_PLUGIN, 
-                  "[%s:%d] ip_plugin table:<%s> has no start_ip in line:%s",
-                  __FUNCTION__, __LINE__, table_name, line);
-        goto error;
-    }
-    strncpy(start_ip_str, line + column_offset, column_len);
     
-    ret = get_column_pos(line, schema->end_ip_column,
+    ret = get_column_pos(line, schema->ip_column,
                          &column_offset, &column_len);
     if (ret < 0) {
         log_fatal(logger, MODULE_IP_PLUGIN, 
@@ -279,13 +197,16 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name,
                   __FUNCTION__, __LINE__, table_name, line);
         goto error;
     }
-    strncpy(end_ip_str, line + column_offset, column_len);
+    strncpy(ip_str, line + column_offset, column_len);
+
+    if (strchr(ip_str, ':') != NULL) {
+		ip_plugin_rule->type = IPV6;
+	} else {
+		ip_plugin_rule->type = IPV4;
+    }
 
     if (IPv4 == ip_plugin_rule->type) {
-        ret = ip_format2range(ip_plugin_rule->type, ip_format_str2int(addr_format),
-                              start_ip_str, end_ip_str, 
-                              &ip_plugin_rule->ipv4_rule.start_ip, 
-                              &ip_plugin_rule->ipv4_rule.end_ip);
+        ret = ip_format2range(ip_str, ip_plugin_rule->type, &ip_plugin_rule->ipv4_rule.start_ip, &ip_plugin_rule->ipv4_rule.end_ip);
         if (ret < 0) {
             log_fatal(logger, MODULE_IP_PLUGIN, 
                       "[%s:%d] ip_plugin table:<%s>> ip_format2range(ip4)"
@@ -295,10 +216,7 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name,
         }
     } else {
         //ipv6
-        ret = ip_format2range(ip_plugin_rule->type, ip_format_str2int(addr_format),
-                              start_ip_str, end_ip_str, 
-                              ip_plugin_rule->ipv6_rule.start_ip,
-                              ip_plugin_rule->ipv6_rule.end_ip);
+        ret = ip_format2range(ip_str, ip_plugin_rule->type, ip_plugin_rule->ipv6_rule.start_ip, ip_plugin_rule->ipv6_rule.end_ip);
         if (ret < 0) {
             log_fatal(logger, MODULE_IP_PLUGIN, 
                       "[%s:%d] ip_plugin table:<%s> ip_format2range(ip6)"

src/maat_utils.c

@@ -453,7 +453,7 @@ size_t memcat(void **dest, size_t offset, size_t *n_dest, const void *src, size_
 	return n_src;
 }
 
-enum ip_format ip_format_str2int(const char *format)
+enum ip_format ip_format_str2int(const char *format)//TODO: need to delete?
 {
     if (0 == strcasecmp(format, "single")) {
         return IP_FORMAT_SINGLE;
@@ -469,117 +469,124 @@ enum ip_format ip_format_str2int(const char *format)
 	return IP_FORMAT_UNKNOWN;
 }
 
-int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2,
-                    uint32_t range_begin[], uint32_t range_end[])
+int ip_format2range(const char *ip_str, int ip_type, uint32_t range_begin[], uint32_t range_end[])
 {
-	int cidr = 0;
 	int ret = 0;
+	enum ip_format format = IP_FORMAT_UNKNOWN;
 
-	if (ip_type != IPV4 && ip_type != IPV6) {
-		assert(0);
-		return -1;
+	if (strchr(ip_str, '-') != NULL) {
+		format = IP_FORMAT_RANGE;
+	} else if (strchr(ip_str, '/') != NULL) {
+		format = IP_FORMAT_CIDR;
+	} else {
+		format = IP_FORMAT_SINGLE;
 	}
 
 	if (ip_type == IPV4) {
-        uint32_t ipv4_addr = 0;
-		ret = inet_pton(AF_INET, ip1, &ipv4_addr);
-		if (ret <= 0) {
-			return -1;
-		}
-
-		ipv4_addr = ntohl(ipv4_addr);
-        uint32_t ipv4_range_end = 0;
-        uint32_t ipv4_mask = 0;
+		uint32_t ipv4_addr_start = 0;
+		uint32_t ipv4_addr_end = 0;
+		char start_ip_str[16] = {0};
+		char end_ip_str[16] = {0};
+		int prefix_length = 0;
 		switch (format) {
-            case IP_FORMAT_SINGLE:
-			case IP_FORMAT_RANGE:
-				range_begin[0] = ipv4_addr;
-				ret = inet_pton(AF_INET, ip2, &ipv4_range_end);
-				if (ret <= 0) {
-					return -1;
-				}				
-				ipv4_range_end = ntohl(ipv4_range_end);
-				range_end[0] = ipv4_range_end;
-				break;
-            case IP_FORMAT_MASK:
-                ret = inet_pton(AF_INET, ip2, &ipv4_mask);
+			case IP_FORMAT_SINGLE:
+				ret = inet_pton(AF_INET, ip_str, &ipv4_addr_start);
 				if (ret <= 0) {
 					return -1;
 				}
-				ipv4_mask = ntohl(ipv4_mask);
-				range_begin[0] = ipv4_addr & ipv4_mask;
-				range_end[0] = ipv4_addr | ~ipv4_mask;
+				range_begin[0] = ntohl(ipv4_addr_start);
+				range_end[0] = range_begin[0];
+				break;
+			case IP_FORMAT_RANGE:
+				sscanf(ip_str, "%15[^-]-%15s", start_ip_str, end_ip_str);
+				ret = inet_pton(AF_INET, start_ip_str, &ipv4_addr_start);
+				if (ret <= 0) {
+					return -1;
+				}
+				ret = inet_pton(AF_INET, end_ip_str, &ipv4_addr_end);
+				if (ret <= 0) {
+					return -1;
+				}
+				range_begin[0] = ntohl(ipv4_addr_start);
+				range_end[0] = ntohl(ipv4_addr_end);
 				break;
 			case IP_FORMAT_CIDR:
-				cidr = atoi(ip2);
-				if (cidr > 32 || cidr < 0) {
+				sscanf(ip_str, "%15[^/]/%d", start_ip_str, &prefix_length);
+				if (prefix_length > 32 || prefix_length < 0) {
 					return -1;
 				}
-				ipv4_mask = (0xFFFFFFFFUL << (32 - cidr)) & 0xFFFFFFFFUL;
-				range_begin[0] = ipv4_addr & ipv4_mask;
-				range_end[0] = ipv4_addr | ~ipv4_mask;
+				ret = inet_pton(AF_INET, start_ip_str, &ipv4_addr_start);
+				if (ret <= 0) {
+					return -1;
+				}
+				ipv4_addr_start = ntohl(ipv4_addr_start);
+				uint32_t ipv4_mask = (0xFFFFFFFFUL << (32 - prefix_length)) & 0xFFFFFFFFUL;
+				range_begin[0] = ipv4_addr_start & ipv4_mask;
+				range_end[0] = ipv4_addr_start | ~ipv4_mask;
 				break;
 			default:
 				assert(0);
+		
 		}
 	} else {
-        //ipv6
-        int i = 0;
-        uint32_t ipv6_addr[4] = {0};
-        uint32_t ipv6_mask[4] = {0};
-        uint32_t ipv6_range_end[4] = {0};
-
-		ret = inet_pton(AF_INET6, ip1, ipv6_addr);
-		if (ret <= 0) {
-			return -1;
-		}
-		ipv6_ntoh(ipv6_addr);
-
+		//ipv6
+		uint32_t ipv6_addr_start[4] = {0};
+		uint32_t ipv6_mask[4] = {0};
+		uint32_t ipv6_addr_end[4] = {0};
+		char start_ip_str[40] = {0};
+		char end_ip_str[40] = {0};
+		int prefix_length = 0;
+		int i = 0;
 		switch (format) {
-            case IP_FORMAT_SINGLE:
-			case IP_FORMAT_RANGE:
-				ret = inet_pton(AF_INET6, ip2, ipv6_range_end);
+			case IP_FORMAT_SINGLE:
+				ret = inet_pton(AF_INET6, ip_str, ipv6_addr_start);
 				if (ret <= 0) {
 					return -1;
 				}
-				ipv6_ntoh(ipv6_range_end);
-
-				memcpy(range_begin, ipv6_addr, sizeof(ipv6_addr));				
-				memcpy(range_end, ipv6_range_end, sizeof(ipv6_range_end));
+				ipv6_ntoh(ipv6_addr_start);
+				memcpy(range_begin, ipv6_addr_start, sizeof(ipv6_addr_start));
+				memcpy(range_end, ipv6_addr_start, sizeof(ipv6_addr_start));
 				break;
-            case IP_FORMAT_MASK:
-				ret = inet_pton(AF_INET6, ip2, ipv6_mask);
+			case IP_FORMAT_RANGE:
+				sscanf(ip_str, "%39[^-]-%39s", start_ip_str, end_ip_str);
+				ret = inet_pton(AF_INET6, start_ip_str, ipv6_addr_start);
 				if (ret <= 0) {
 					return -1;
 				}
-				ipv6_ntoh(ipv6_mask);
-                
-				for (i = 0; i < 4; i++) {
-					range_begin[i]=ipv6_addr[i] & ipv6_mask[i];	
-					range_end[i] = ipv6_addr[i] | ~ipv6_mask[i];
+				ret = inet_pton(AF_INET6, end_ip_str, ipv6_addr_end);
+				if (ret <= 0) {
+					return -1;
 				}
+				ipv6_ntoh(ipv6_addr_start);
+				ipv6_ntoh(ipv6_addr_end);
+				memcpy(range_begin, ipv6_addr_start, sizeof(ipv6_addr_start));
+				memcpy(range_end, ipv6_addr_end, sizeof(ipv6_addr_end));
 				break;
 			case IP_FORMAT_CIDR:
-				cidr = atoi(ip2);
-				if (cidr > 128 || cidr < 0) {
+				sscanf(ip_str, "%39[^/]/%d", start_ip_str, &prefix_length);
+				if (prefix_length > 128 || prefix_length < 0) {
 					return -1;
 				}
-
+				ret = inet_pton(AF_INET6, start_ip_str, ipv6_addr_start);
+				if (ret <= 0) {
+					return -1;
+				}
+				ipv6_ntoh(ipv6_addr_start);
 				for (i = 0; i < 4; i++) {
-					int bit32 = 128 - cidr - 32 * (3 - i);
+					int bit32 = 128 - prefix_length - 32 * (3 - i);
 					if (bit32 < 0) {
-                        bit32 = 0;
-                    }
-                    
+						bit32 = 0;
+					}
 					ipv6_mask[i] = (0xFFFFFFFFUL << bit32) & 0xFFFFFFFFUL;
-					range_begin[i] = ipv6_addr[i] & ipv6_mask[i];	
-					range_end[i] = ipv6_addr[i] | ~ipv6_mask[i];
+					range_begin[i] = ipv6_addr_start[i] & ipv6_mask[i];
+					range_end[i] = ipv6_addr_start[i] | ~ipv6_mask[i];
 				}
 				break;
 			default:
 				assert(0);
 		}
 	}
+
 	return 0;
 }
 

test/file_test_tableinfo.conf

@@ -63,14 +63,12 @@
         "table_id":5,
         "table_name":"NTC_UNIVERSAL_IP",
         "table_type":"ip",
-        "valid_column":7,
+        "valid_column":5,
         "custom": {
             "item_id":1,
             "group_id":2,
-            "addr_type":3,
-            "addr_format":4,
-            "ip1":5,
-            "ip2":6
+            "ip":3,
+            "port":4
         }
     },
     {
@@ -89,14 +87,12 @@
         "table_id":7,
         "table_name":"WHITE_LIST_IP",
         "table_type":"ip",
-        "valid_column":7,
+        "valid_column":5,
         "custom": {
             "item_id":1,
             "group_id":2,
-            "addr_type":3,
-            "addr_format":4,
-            "ip1":5,
-            "ip2":6
+            "ip":3,
+            "port":4
         }
     },
     {

test/ip_matcher_gtest.cpp

@@ -10,19 +10,18 @@
 struct log_handle *g_logger = NULL;
 
 TEST(ipv4_matcher_match, OneSingleIPv4Rule) {
-    const char *ip1_str = "192.168.0.1";
+    const char *ip_str = "192.168.0.1";
     struct ip_rule rule;
     rule.rule_id = 100;
     rule.type = IPv4;
-    int ret = ip_format2range(4, IP_FORMAT_RANGE, ip1_str, ip1_str, 
-                              &rule.ipv4_rule.start_ip, &rule.ipv4_rule.end_ip);
+    int ret = ip_format2range(ip_str, IPV4, &rule.ipv4_rule.start_ip, &rule.ipv4_rule.end_ip);
     size_t mem_size = 0;
     struct ip_matcher *matcher = ip_matcher_new(&rule, 1, &mem_size);
     ASSERT_TRUE(matcher != NULL);
 
     struct ip_data data;
     data.type = IPv4;
-    inet_pton(AF_INET, ip1_str, &data.ipv4);
+    inet_pton(AF_INET, ip_str, &data.ipv4);
     data.ipv4 = ntohl(data.ipv4);
 
     struct scan_result results[MAX_ARRAY_SIZE];
@@ -38,20 +37,17 @@ TEST(ipv4_matcher_match, MultiSingleIPv4Rule) {
     struct ip_rule rule[3];
     rule[0].rule_id = 100;
     rule[0].type = IPv4;
-    int ret = ip_format2range(4, IP_FORMAT_RANGE, ip1_str, ip1_str, 
-                              &rule[0].ipv4_rule.start_ip, &rule[0].ipv4_rule.end_ip);
+    int ret = ip_format2range(ip1_str, IPV4, &rule[0].ipv4_rule.start_ip, &rule[0].ipv4_rule.end_ip);
     EXPECT_EQ(ret, 0);
 
     rule[1].rule_id = 200;
     rule[1].type = IPv4;
-    ret = ip_format2range(4, IP_FORMAT_RANGE, ip2_str, ip2_str, 
-                              &rule[1].ipv4_rule.start_ip, &rule[1].ipv4_rule.end_ip);
+    ret = ip_format2range(ip2_str, IPV4, &rule[1].ipv4_rule.start_ip, &rule[1].ipv4_rule.end_ip);
     EXPECT_EQ(ret, 0);
 
     rule[2].rule_id = 300;
     rule[2].type = IPv4;
-    ret = ip_format2range(4, IP_FORMAT_RANGE, ip3_str, ip3_str, 
-                              &rule[2].ipv4_rule.start_ip, &rule[2].ipv4_rule.end_ip);
+    ret = ip_format2range(ip3_str, IPV4, &rule[2].ipv4_rule.start_ip, &rule[2].ipv4_rule.end_ip);
     EXPECT_EQ(ret, 0);
 
     size_t mem_size = 0;
@@ -84,13 +80,11 @@ TEST(ipv4_matcher_match, MultiSingleIPv4Rule) {
 }
 
 TEST(ipv6_matcher_match, OneSingleIPv6Rule) {
-    const char *ip1_str = "1001:da8:205:1::101";
-    const char *ip2_str = "1001:da8:205:1::101";
+    const char *ip1_str = "1001:da8:205:1::101-1001:da8:205:1::101";
     struct ip_rule rule;
     rule.rule_id = 100;
     rule.type = IPv6;
-    int ret = ip_format2range(6, IP_FORMAT_RANGE, ip1_str, ip2_str, 
-                              rule.ipv6_rule.start_ip, rule.ipv6_rule.end_ip);
+    int ret = ip_format2range(ip1_str, IPV6, rule.ipv6_rule.start_ip, rule.ipv6_rule.end_ip);
     EXPECT_EQ(ret, 0);
 
     size_t mem_size = 0;
@@ -115,20 +109,17 @@ TEST(ipv6_matcher_match, MultiSingleIPv6Rule) {
     struct ip_rule rule[3];
     rule[0].rule_id = 100;
     rule[0].type = IPv6;
-    int ret = ip_format2range(6, IP_FORMAT_RANGE, ip1_str, ip1_str, 
-                              rule[0].ipv6_rule.start_ip, rule[0].ipv6_rule.end_ip);
+    int ret = ip_format2range(ip1_str, IPV6, rule[0].ipv6_rule.start_ip, rule[0].ipv6_rule.end_ip);
     EXPECT_EQ(ret, 0);
 
     rule[1].rule_id = 200;
     rule[1].type = IPv6;
-    ret = ip_format2range(6, IP_FORMAT_RANGE, ip2_str, ip2_str, 
-                          rule[1].ipv6_rule.start_ip, rule[1].ipv6_rule.end_ip);
+    ret = ip_format2range(ip2_str, IPV6, rule[1].ipv6_rule.start_ip, rule[1].ipv6_rule.end_ip);
     EXPECT_EQ(ret, 0);
 
     rule[2].rule_id = 300;
     rule[2].type = IPv6;
-    ret = ip_format2range(6, IP_FORMAT_RANGE, ip3_str, ip3_str, 
-                          rule[2].ipv6_rule.start_ip, rule[2].ipv6_rule.end_ip);
+    ret = ip_format2range(ip3_str, IPV6, rule[2].ipv6_rule.start_ip, rule[2].ipv6_rule.end_ip);
     EXPECT_EQ(ret, 0);
 
     size_t mem_size = 0;

test/maat_framework_gtest.cpp

@@ -3077,7 +3077,7 @@ TEST_F(IPScan, RuleUpdates) {
     /* ip table add line */
     long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
-                            group_id, IPv4, "100.100.100.100", "100.100.100.100", 0);
+                            group_id, "100.100.100.100", 0);
     EXPECT_EQ(ret, 1);
 
     sleep(WAIT_FOR_EFFECTIVE_S);
@@ -3096,7 +3096,7 @@ TEST_F(IPScan, RuleUpdates) {
 
     /* ip table del line */
     ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_DEL, item_id,
-                            group_id, IPv4, "100.100.100.100", "100.100.100.100", 0);
+                            group_id, "100.100.100.100", 0);
     EXPECT_EQ(ret, 1);
 
     /* group2compile table del line */
@@ -3150,7 +3150,7 @@ TEST_F(IPScan, RuleChangeClauseId) {
     /* ip table add line */
     long long item_id1 = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, phy_ip_table_name, MAAT_OP_ADD, item_id1,
-                            group_id1, IPv4, "1.1.1.1", "1.1.1.1", 0);
+                            group_id1, "1.1.1.1", 0);
     EXPECT_EQ(ret, 1);
 
     /* group2compile table add line */
@@ -3162,7 +3162,7 @@ TEST_F(IPScan, RuleChangeClauseId) {
     /* ip table add line */
     long long item_id2 = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, phy_ip_table_name, MAAT_OP_ADD, item_id2,
-                            group_id2, IPv4, "11.11.11.11", "11.11.11.11", 0);
+                            group_id2, "11.11.11.11", 0);
     EXPECT_EQ(ret, 1);
 
     sleep(WAIT_FOR_EFFECTIVE_S);
@@ -5483,7 +5483,7 @@ void ip_plugin_ex_new_cb(const char *table_name, int table_id, const char *key,
 
 	ud->rule_id = atoll(table_line + column_offset);
 
-	ret = get_column_pos(table_line, 5, &column_offset, &column_len);	
+	ret = get_column_pos(table_line, 4, &column_offset, &column_len);	
 	EXPECT_EQ(ret, 0);
 
 	ud->buffer = ALLOC(char, column_len + 1);
@@ -7379,10 +7379,9 @@ TEST_F(MaatCmd, SetIP) {
 
     /* item table add line */
     const char *ip1 = "172.0.0.1";
-    const char *ip2 = "172.0.0.1";
     long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item_id,
-                            group_id, IPv4, ip1, ip2, 0);
+                            group_id, ip1, 0);
     EXPECT_EQ(ret, 1);
 
     sleep(WAIT_FOR_EFFECTIVE_S);
@@ -8567,15 +8566,15 @@ TEST_F(MaatCmd, UpdateIPPlugin) {
 	struct maat *maat_inst = MaatCmd::_shared_maat_inst;
     int *ex_data_counter = MaatCmd::_ex_data_counter;
 	const char *table_line_add[TEST_CMD_LINE_NUM] = {
-        "101\t4\t192.168.30.98\t31\tSomething-like-json\t1\tCIDR",
-		"102\t4\t192.168.30.90\t192.168.30.128\tBigger-range-should-in-the-back\t1\trange",
-        "103\t6\t2001:db8:1234::\t2001:db8:1235::\tBigger-range-should-in-the-back\t1\trange",
-		"104\t6\t2001:db8:1234::1\t2001:db8:1234::5210\tSomething-like-json\t1\trange"};
+        "101\t4\t192.168.30.98/31\tSomething-like-json\t1",
+		"102\t4\t192.168.30.90-192.168.30.128\tBigger-range-should-in-the-back\t1",
+        "103\t6\t2001:db8:1234::-2001:db8:1235::\tBigger-range-should-in-the-back\t1",
+		"104\t6\t2001:db8:1234::1-2001:db8:1234::5210\tSomething-like-json\t1"};
     const char *table_line_del[TEST_CMD_LINE_NUM] = {
-        "101\t4\t192.168.30.98\t31\tSomething-like-json\t0\tcidr",
-		"102\t4\t192.168.30.90\t192.168.30.128\tBigger-range-should-in-the-back\t0\trange",
-        "103\t6\t2001:db8:1234::\t2001:db8:1235::\tBigger-range-should-in-the-back\t0\trange",
-		"104\t6\t2001:db8:1234::1\t2001:db8:1234::5210\tSomething-like-json\t0\trange"};
+        "101\t4\t192.168.30.98/31\tSomething-like-json\t0",
+		"102\t4\t192.168.30.90-192.168.30.128\tBigger-range-should-in-the-back\t0",
+        "103\t6\t2001:db8:1234::-2001:db8:1235::\tBigger-range-should-in-the-back\t0",
+		"104\t6\t2001:db8:1234::1-2001:db8:1234::5210\tSomething-like-json\t0"};
 
     int table_id = maat_get_table_id(maat_inst, table_name);
     ASSERT_GT(table_id, 0);
@@ -9014,7 +9013,7 @@ TEST_F(MaatCmd, HitGroup) {
     long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
-                            group3_id, IPv4, "220.181.38.150", "220.181.38.151", 0);
+                            group3_id, "220.181.38.150-220.181.38.151", 0);
     EXPECT_EQ(ret, 1);
 
     char temp[1024]={0};
@@ -9295,7 +9294,7 @@ TEST_F(MaatCmd, HitPathBasic) {
     long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
-                            group3_id, IPv4, "220.181.38.148", "220.181.38.149", 0);
+                            group3_id, "220.181.38.148-220.181.38.149", 0);
     EXPECT_EQ(ret, 1);
 
     char temp[1024]={0};
@@ -9608,7 +9607,7 @@ TEST_F(MaatCmd, HitPathAdvanced) {
     long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
-                            group3_id, IPv4, "220.181.38.168", "220.181.38.169", 0);
+                            group3_id, "220.181.38.168-220.181.38.169", 0);
     EXPECT_EQ(ret, 1);
 
     ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
@@ -9956,7 +9955,7 @@ TEST_F(MaatCmd, HitPathHasNotGroup) {
     long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
-                            group3_id, IPv4, "220.181.38.158", "220.181.38.159", 0);
+                            group3_id, "220.181.38.158-220.181.38.159", 0);
     EXPECT_EQ(ret, 1);
 
     char temp[1024]={0};
@@ -10300,7 +10299,7 @@ TEST_F(MaatCmd, SameScanStatusWhenClauseUpdate_TSG6419) {
 
     long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
-                            group11_id, IPv4, "192.168.2.1", "192.168.2.4", 0);
+                            group11_id, "192.168.2.1-192.168.2.4", 0);
     EXPECT_EQ(ret, 1);
 
     long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
@@ -10409,7 +10408,7 @@ TEST_F(MaatCmd, GroupEdit) {
 
     long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
-                            group11_id, IPv4, "192.168.3.1", "192.168.3.4", 0);
+                            group11_id, "192.168.3.1-192.168.3.4", 0);
     EXPECT_EQ(ret, 1);
 
     long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
@@ -10548,7 +10547,7 @@ TEST_F(MaatCmd, CompileDelete_TSG6548) {
 
     long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
-                            group11_id, IPv4, "192.168.73.163", "192.168.73.180", 0);
+                            group11_id, "192.168.73.163-192.168.73.180", 0);
     EXPECT_EQ(ret, 1);
 
     sleep(WAIT_FOR_EFFECTIVE_S * 2);
@@ -10862,7 +10861,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) {
     long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
-                            group2_id, IPv4, "100.100.100.1", "100.100.100.1", 0);
+                            group2_id, "100.100.100.1", 0);
     EXPECT_EQ(ret, 1);
 
     ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
@@ -10964,8 +10963,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenFullUpdate) {
     long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD,
-                            item2_id, group2_id, IPv4, "100.100.100.2",
-                            "100.100.100.2", 0);
+                            item2_id, group2_id, "100.100.100.2", 0);
     EXPECT_EQ(ret, 1);
 
     ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
@@ -11065,7 +11063,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) {
     long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
-                            group2_id, IPv4, "100.100.100.1", "100.100.100.1", 0);
+                            group2_id, "100.100.100.1", 0);
     EXPECT_EQ(ret, 1);
 
     ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
@@ -11165,7 +11163,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenFullupdate) {
     long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
     ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
-                            group2_id, IPv4, "100.100.100.3", "100.100.100.3", 0);
+                            group2_id, "100.100.100.3", 0);
     EXPECT_EQ(ret, 1);
 
     ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,

test/maat_framework_perf_gtest.cpp

@@ -70,7 +70,7 @@ test_add_ip_command(struct maat *maat_inst, const char *table_name,
 
     long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
     ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
-                            group_id, IPv4, ip, ip, 0);
+                            group_id, ip, 0);
     EXPECT_EQ(ret, 1);
 }
 

test/maat_json.json

@@ -107,10 +107,7 @@
                     "table_type":"ip",
                     "table_name": "IP_PLUS_CONFIG",
                     "table_content": {
-                        "addr_type": "ipv4",
-                        "addr_format": "single",
-                        "ip1": "192.168.50.24",
-                        "ip2": "192.168.50.24"
+                        "ip": "192.168.50.24"
                     }
                 }
             ]
@@ -154,10 +151,7 @@
                     "table_type":"ip",
                     "table_name": "IP_PLUS_CONFIG",
                     "table_content": {
-                        "addr_type": "ipv4",
-                        "addr_format": "single",
-                        "ip1": "192.168.58.19",
-                        "ip2": "192.168.58.19"
+                        "ip": "192.168.58.19"
                     }
                 }
             ]
@@ -170,10 +164,7 @@
                     "table_type":"ip",
                     "table_name": "IP_PLUS_CONFIG",
                     "table_content": {
-                        "addr_type": "ipv4",
-                        "addr_format": "range",
-                        "ip1": "10.0.1.20",
-                        "ip2": "10.0.1.25"
+                        "ip": "10.0.1.20-10.0.1.25"
                     }
                 }
             ]
@@ -186,10 +177,7 @@
                     "table_name": "IP_CONFIG",
                     "table_type":"ip",
                     "table_content": {
-                        "addr_type": "ipv4",
-                        "addr_format": "mask",
-                        "ip1": "192.168.40.88",
-                        "ip2": "255.255.255.255"
+                        "ip": "192.168.40.88/32"
                     }
                 }
             ]
@@ -202,10 +190,7 @@
                     "table_name": "IP_PLUS_CONFIG",
                     "table_type":"ip",
                     "table_content": {
-                        "addr_type": "ipv4",
-                        "addr_format": "mask",
-                        "ip1": "192.168.40.88",
-                        "ip2": "255.255.255.255"
+                        "ip": "192.168.40.88/32"
                     }
                 }
             ]
@@ -218,10 +203,7 @@
                     "table_name": "IP_PLUS_CONFIG",
                     "table_type":"ip",
                     "table_content": {
-                        "addr_type": "ipv4",
-                        "addr_format": "mask",
-                        "ip1": "192.168.40.88",
-                        "ip2": "255.255.255.255"
+                        "ip": "192.168.40.88/32"
                     }
                 }
             ]
@@ -262,20 +244,14 @@
                             "table_name": "IP_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "mask",
-                                "ip1": "10.0.6.201",
-                                "ip2": "255.255.255.255"
+                                "ip": "10.0.6.201/32"
                             }
                         },
                         {
                             "table_name": "IP_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv6",
-                                "addr_format": "mask",
-                                "ip1": "2001:da8:205:1::101",
-                                "ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:0000"
+                                "ip": "2001:da8:205:1::101/112"
                             }
                         }
                     ]
@@ -1387,10 +1363,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "range",
-                                "ip1": "10.0.7.100",
-                                "ip2": "10.0.7.101"
+                                "ip": "10.0.7.100-10.0.7.101"
                             }
                         }
                     ] 
@@ -1416,10 +1389,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv6",
-                                "addr_format": "range",
-                                "ip1": "1001:da8:205:1::101",
-                                "ip2": "1001:da8:205:1::102"
+                                "ip": "1001:da8:205:1::101-1001:da8:205:1::102"
                             }
                         }
                     ]
@@ -1501,10 +1471,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "CIDR",
-                                "ip1": "192.168.0.1",
-                                "ip2": "32"
+                                "ip": "192.168.0.1/32"
                             }
                         }
                     ]
@@ -1529,10 +1496,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv6",
-                                "addr_format": "CIDR",
-                                "ip1": "2001:db8::",
-                                "ip2": "120"
+                                "ip": "2001:db8::/120"
                             }
                         }
                     ]
@@ -1740,10 +1704,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "CIDR",
-                                "ip1": "192.168.23.1",
-                                "ip2": "24"
+                                "ip": "192.168.23.1/24"
                             }
                         }
                     ]
@@ -1859,10 +1820,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "CIDR",
-                                "ip1": "100.64.3.1",
-                                "ip2": "32"
+                                "ip": "100.64.3.1/32"
                             }
                         }                      
                     ]
@@ -1888,10 +1846,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "CIDR",
-                                "ip1": "192.168.40.10",
-                                "ip2": "32"
+                                "ip": "192.168.40.10/32"
                             }
                         }
                     ]
@@ -1917,10 +1872,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "CIDR",
-                                "ip1": "192.168.231.46",
-                                "ip2": "32"
+                                "ip": "192.168.231.46/32"
                             }
                         }
                     ]
@@ -2105,10 +2057,7 @@
                             "table_name": "IP_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv6",
-                                "addr_format": "mask",
-                                "ip1": "::",
-                                "ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"
+                                "ip": "::/128"
                             }
                         }
                     ]
@@ -2193,10 +2142,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "single",
-                                "ip1": "10.0.8.186",
-                                "ip2": "10.0.8.186"
+                                "ip": "10.0.8.186"
                             }
                         }
                     ]
@@ -2240,10 +2186,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "single",
-                                "ip1": "10.0.8.187",
-                                "ip2": "10.0.8.187"
+                                "ip": "10.0.8.187"
                             }
                         }
                     ]
@@ -2287,10 +2230,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "single",
-                                "ip1": "10.0.8.188",
-                                "ip2": "10.0.8.188"
+                                "ip": "10.0.8.188"
                             }
                         }
                     ]
@@ -2743,10 +2683,7 @@
                                     "table_type":"ip",
                                     "table_name": "IP_PLUS_CONFIG",
                                     "table_content": {
-                                        "addr_type": "ipv4",
-                                        "addr_format": "range",
-                                        "ip1": "100.64.1.0",
-                                        "ip2": "100.64.1.20"
+                                        "ip": "100.64.1.0-100.64.1.20"
                                     }
                                 }
                             ]
@@ -2760,10 +2697,7 @@
                                     "table_type":"ip",
                                     "table_name": "IP_PLUS_CONFIG",
                                     "table_content": {
-                                        "addr_type": "ipv4",
-                                        "addr_format": "range",
-                                        "ip1": "100.64.1.6",
-                                        "ip2": "100.64.1.10"
+                                        "ip": "100.64.1.6-100.64.1.10"
                                     }
                                 }
                             ]
@@ -2777,10 +2711,7 @@
                                     "table_type":"ip",
                                     "table_name": "IP_PLUS_CONFIG",
                                     "table_content": {
-                                        "addr_type": "ipv4",
-                                        "addr_format": "range",
-                                        "ip1": "100.64.1.11",
-                                        "ip2": "100.64.1.20"
+                                        "ip": "100.64.1.11-100.64.1.20"
                                     }
                                 }
                             ]
@@ -2808,10 +2739,7 @@
                             "table_name": "IP_PLUS_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "range",
-                                "ip1": "192.168.50.43",
-                                "ip2": "192.168.50.43"
+                                "ip": "192.168.50.43-192.168.50.43"
                             }
 
                         }
@@ -2827,10 +2755,7 @@
                             "table_name": "IP_PLUS_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "range",
-                                "ip1": "47.92.108.93",
-                                "ip2": "47.92.108.93"
+                                "ip": "47.92.108.93-47.92.108.93"
                             }
                         }
                     ]
@@ -2898,10 +2823,7 @@
                             "table_name": "IP_PLUS_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "range",
-                                "ip1": "100.64.2.0",
-                                "ip2": "100.64.2.5"
+                                "ip": "100.64.2.0-100.64.2.5"
                             }
 
                         }
@@ -2917,10 +2839,7 @@
                             "table_name": "IP_PLUS_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "range",
-                                "ip1": "100.64.2.6",
-                                "ip2": "100.64.2.10"
+                                "ip": "100.64.2.6-100.64.2.10"
                             }
                         }
                     ]
@@ -3094,10 +3013,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "range",
-                                "ip1": "10.0.7.100",
-                                "ip2": "10.0.7.106"
+                                "ip": "10.0.7.100-10.0.7.106"
                             }
                         }
                     ]
@@ -3149,10 +3065,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv6",
-                                "addr_format": "CIDR",
-                                "ip1": "::",
-                                "ip2": "0"
+                                "ip": "::/0"
                             }
                         }
                     ]
@@ -3178,10 +3091,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PERF_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "range",
-                                "ip1": "10.0.0.1",
-                                "ip2": "10.0.0.6"
+                                "ip": "10.0.0.1-10.0.0.6"
                             }
                         }
                     ]
@@ -3960,10 +3870,7 @@
                             "table_name": "IP_CONFIG",
                             "table_type":"ip",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "mask",
-                                "ip1": "192.168.101.102",
-                                "ip2": "255.255.255.255"
+                                "ip": "192.168.101.102/32"
                             }
                         }
                     ]
@@ -4016,10 +3923,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv6",
-                                "addr_format": "CIDR",
-                                "ip1": "2607:5d00:2:2::32:28",
-                                "ip2": "128",
+                                "ip": "2607:5d00:2:2::32:28/128",
                                 "port":"80-443"
                             }
                         }
@@ -4045,10 +3949,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv6",
-                                "addr_format": "CIDR",
-                                "ip1": "2607:5d00:2:2::32:28",
-                                "ip2": "128",
+                                "ip": "2607:5d00:2:2::32:28/128",
                                 "port":"80"
                             }
                         }
@@ -4074,10 +3975,7 @@
                             "table_type":"ip",
                             "table_name": "IP_PLUS_CONFIG",
                             "table_content": {
-                                "addr_type": "ipv4",
-                                "addr_format": "CIDR",
-                                "ip1": "192.168.30.44",
-                                "ip2": "32",
+                                "ip": "192.168.30.44/32",
                                 "port": "80"
                             }
                         }
@@ -4179,11 +4077,11 @@
         {
             "table_name": "TEST_IP_PLUGIN_WITH_EXDATA",
             "table_content": [
-                "101\t4\t192.168.30.99\t192.168.30.101\tSomething-like-json\t1",
-                "102\t4\t192.168.30.90\t192.168.30.128\tBigger-range-should-in-the-back\t1",
-                "103\t6\t2001:db8:1234::\t2001:db8:1235::\tBigger-range-should-in-the-back\t1",
-                "104\t6\t2001:db8:1234::1\t2001:db8:1234::5210\tSomething-like-json\t1",
-                "105\t6\t2620:100:3000::\t2620:0100:30ff:ffff:ffff:ffff:ffff:ffff\tBugreport-liumengyan-20210517\t1"
+                "101\t4\t192.168.30.99-192.168.30.101\tSomething-like-json\t1",
+                "102\t4\t192.168.30.90-192.168.30.128\tBigger-range-should-in-the-back\t1",
+                "103\t6\t2001:db8:1234::-2001:db8:1235::\tBigger-range-should-in-the-back\t1",
+                "104\t6\t2001:db8:1234::1-2001:db8:1234::5210\tSomething-like-json\t1",
+                "105\t6\t2620:100:3000::-2620:0100:30ff:ffff:ffff:ffff:ffff:ffff\tBugreport-liumengyan-20210517\t1"
             ]
         },
         {

test/ntcrule/full/2018-10-09/NTC_UNIVERSAL_IP.0000050997

@@ -1,24 +1,24 @@
 0000000023
-977 962 4   mask    10.11.36.21 255.255.255.255 range   0   65535   6   1
-1000    985 4   mask    10.11.36.21 255.255.255.255 range   0   65535   6   1
-967 950 4   mask    10.11.36.21 255.255.255.255 range   0   65535   6   1
-852 835 6   mask    ::  FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range   0   65535   6   1
-992	977	4   mask    10.11.36.21 255.255.255.255 range   0   65535   6   1
-863	846	4   mask    0.0.0.0 255.255.255.255 range   0   65535   6   1
-849	832	4   mask    0.0.0.0 255.255.255.255 range   0   65535   6   1
-995	980	4   mask    10.11.36.59 255.255.255.255 range   0   65535   6   1
-931	914	4   mask    10.11.36.21 255.255.255.255 range   0   65535   6   1
-739	723	4   mask    10.11.36.26	255.255.255.255 range   0   65535   6   1
-619	603	4	mask    10.11.36.26	255.255.255.255 range   0	65535   6   1
-742	726	4	mask    10.3.57.1   255.255.255.255 range   0	65535   6   1
-938	921	4	mask    10.11.36.5	255.255.255.255 range   0	65535   6   1
-997	982	4	mask    10.11.36.59	255.255.255.255 range   0	65535   6   1
-625	609	4	mask    10.3.57.1	255.255.255.255 range   2345	65535   6   1
-847	830	6	mask    ::  FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range   0	65535   6   1
-865	848	4	mask    0.0.0.0	255.255.255.255 range   0	65535   6   1
-986	971	4	mask    10.11.36.21	255.255.255.255 range   0	65535   6   1
-628	612	4	mask    10.3.57.1	255.255.255.255 range   56345	65535   6   1
-974	959	4	mask    10.11.36.21	255.255.255.255 range   0	65535   6   1
-622	606	4	mask    10.3.57.1	255.255.255.255 range   0   65535   6   1
-867	850	6	mask    ::  FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range   0	65535   6   1
-860	843	6	mask    ::  FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range   0	65535   6   1
+977 962 10.11.36.21/32   0-65535    1
+1000    985 10.11.36.21/32  0-65535 1
+967 950 10.11.36.21/32  0-65535 1
+852 835 ::/128  0-65535 1
+992	977 10.11.36.21/32  0-65535 1
+863	846 0.0.0.0/32  0-65535 1
+849	832 0.0.0.0/32  0-65535 1
+995	980 10.11.36.59/32  0-65535 1
+931	914 10.11.36.21/32  0-65535 1
+739	723 10.11.36.26/32  0-65535 1
+619	603 10.11.36.26/32  0-65535 1
+742	726 10.3.57.1/32    0-65535 1
+938	921 10.11.36.5/32   0-65535 1
+997	982 10.11.36.59/32  0-65535 1
+625	609 10.3.57.1/32    2345-65535  1
+847	830 ::/128  0-65535 1
+865	848 0.0.0.0/32  0-65535 1
+986	971 10.11.36.21/32  0-65535 1
+628	612 10.3.57.1/32    56345-65535 1
+974	959 10.11.36.21/32  0-65535 1
+622	606 10.3.57.1/32    0-65535 1
+867	850 ::/128  0-65535 1
+860	843 ::/128  0-65535 1

test/ntcrule/full/2018-10-09/WHITE_LIST_IP.0000050997

@@ -1,2 +1,2 @@
 0000000001
-81	81	4   mask    10.11.36.7	255.255.255.255 range   22222	65535   6   1
+81	81  10.11.36.7/32   22222-65535 1

test/table_info.conf

@@ -162,14 +162,12 @@
         "table_id":12,
         "table_name":"IP_CONFIG",
         "table_type":"ip",
-        "valid_column":8,
+        "valid_column":5,
         "custom": {
             "item_id":1,
             "group_id":2,
-            "addr_type":3,
-            "addr_format":4,
-            "ip1":5,
-            "ip2":6
+            "ip":3,
+            "port":4
         }
     },
     {
@@ -323,15 +321,12 @@
         "table_id":24,
         "table_name":"IP_PLUS_CONFIG",
         "table_type":"ip",
-        "valid_column":8,
+        "valid_column":5,
         "custom": {
             "item_id":1,
             "group_id":2,
-            "addr_type":3,
-            "addr_format":4,
-            "ip1":5,
-            "ip2":6,
-            "port":7
+            "ip":3,
+            "port":4
         }
     },
     {
@@ -365,13 +360,11 @@
         "table_id":29,
         "table_name":"TEST_IP_PLUGIN_WITH_EXDATA",
         "table_type":"ip_plugin",
-        "valid_column":6,
+        "valid_column":5,
         "custom": {
             "gc_timeout_s": 3,
             "item_id":1,
-            "ip_type":2,
-            "start_ip":3,
-            "end_ip":4
+            "ip":3
         }
     },
     {
@@ -567,15 +560,12 @@
         "table_id":47,
         "table_name":"IP_PERF_CONFIG",
         "table_type":"ip",
-        "valid_column":8,
+        "valid_column":5,
         "custom": {
             "item_id":1,
             "group_id":2,
-            "addr_type":3,
-            "addr_format":4,
-            "ip1":5,
-            "ip2":6,
-            "port":7
+            "ip":3,
+            "port":4
         }
     },
     {
@@ -726,14 +716,11 @@
         "table_id":66,
         "table_name":"TEST_IP_PLUGIN_WITH_ADDR_FORMAT",
         "table_type":"ip_plugin",
-        "valid_column":6,
+        "valid_column":5,
         "custom": {
             "gc_timeout_s": 3,
             "item_id":1,
-            "ip_type":2,
-            "start_ip":3,
-            "end_ip":4,
-            "addr_format":7
+            "ip":3
         }
     }
 ]

test/test_utils.cpp

@@ -275,8 +275,7 @@ int interval_table_set_line(struct maat *maat_inst, const char *table_name,
 
 int ip_table_set_line(struct maat *maat_inst, const char *table_name,
                       enum maat_operation op, long long item_id,
-                      long long group_id, enum IP_TYPE type,
-                      const char *ip1, const char *ip2, int expire_after)
+                      long long group_id, const char *ip, int expire_after)
 {
     char table_line[1024] = {0};
     int table_id = maat_get_table_id(maat_inst, table_name);
@@ -284,13 +283,8 @@ int ip_table_set_line(struct maat *maat_inst, const char *table_name,
         return 0;
     }
 
-    int ip_type = IPV4;
-    if (type == IPv6) {
-        ip_type = IPV6;
-    }
-
-    sprintf(table_line, "%lld\t%lld\t%d\trange\t%s\t%s\t0-65535\t%d",
-            item_id, group_id, ip_type, ip1, ip2, op);
+    sprintf(table_line, "%lld\t%lld\t%s\t0-65535\t%d",
+            item_id, group_id, ip, op);
     struct maat_cmd_line line_rule;
     
     line_rule.rule_id = item_id;

test/test_utils.h

@@ -42,8 +42,7 @@ int interval_table_set_line(struct maat *maat_inst, const char *table_name,
 
 int ip_table_set_line(struct maat *maat_inst, const char *table_name,
                       enum maat_operation op, long long item_id,
-                      long long group_id, enum IP_TYPE type, const char *ip1, 
-                      const char *ip2, int expire_after);
+                      long long group_id, const char *ip, int expire_after);
 
 int flag_table_set_line(struct maat *maat_inst, const char *table_name,
                         enum maat_operation op, long long item_id,