diff --git a/src/inc_internal/maat_utils.h b/src/inc_internal/maat_utils.h index 2df0ecd..6f61fe4 100644 --- a/src/inc_internal/maat_utils.h +++ b/src/inc_internal/maat_utils.h @@ -71,8 +71,7 @@ enum ip_format { }; enum ip_format ip_format_str2int(const char *format); -int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2, - uint32_t range_begin[], uint32_t range_end[]); +int ip_format2range(const char *ip_str, int ip_type, uint32_t range_begin[], uint32_t range_end[]); #define UNUSED __attribute__((unused)) diff --git a/src/json2iris.c b/src/json2iris.c index 3ced1b4..9650283 100644 --- a/src/json2iris.c +++ b/src/json2iris.c @@ -524,31 +524,14 @@ write_ip_line(cJSON *region_json, struct iris_description *p_iris, json_cmd[cmd_cnt].json_string = "group_id"; json_cmd[cmd_cnt].json_type = cJSON_Number; - cmd_cnt++; - - json_cmd[cmd_cnt].json_string = "addr_type"; - json_cmd[cmd_cnt].json_type = cJSON_String; - json_cmd[cmd_cnt].str2int_flag = 1; - cmd_cnt++; - - json_cmd[cmd_cnt].json_string = "addr_format"; - json_cmd[cmd_cnt].json_type = cJSON_String; - json_cmd[cmd_cnt].empty_allowed = 1; - json_cmd[cmd_cnt].default_string = "mask"; cmd_cnt++; - json_cmd[cmd_cnt].json_string = "ip1"; + json_cmd[cmd_cnt].json_string = "ip"; json_cmd[cmd_cnt].json_type = cJSON_String; json_cmd[cmd_cnt].empty_allowed = 1; json_cmd[cmd_cnt].default_string = "0.0.0.0"; cmd_cnt++; - json_cmd[cmd_cnt].json_string = "ip2"; - json_cmd[cmd_cnt].json_type = cJSON_String; - json_cmd[cmd_cnt].empty_allowed = 1; - json_cmd[cmd_cnt].default_string = "255.255.255.255"; - cmd_cnt++; - json_cmd[cmd_cnt].json_string = "port"; json_cmd[cmd_cnt].json_type = cJSON_String; json_cmd[cmd_cnt].empty_allowed = 1; diff --git a/src/maat_ip.c b/src/maat_ip.c index 90a0a54..f9f993a 100644 --- a/src/maat_ip.c +++ b/src/maat_ip.c @@ -26,10 +26,7 @@ struct ip_schema { int item_id_column; int group_id_column; - int addr_type_column; - int addr_format_column; - int ip1_column; - int ip2_column; + int ip_column; int table_id; int port_column; struct table_manager *ref_tbl_mgr; @@ -53,7 +50,6 @@ struct ip_item { struct ipv4_item_rule ipv4; struct ipv6_item_rule ipv6; }; - enum ip_format ip_format; int port_start; int port_end; }; @@ -121,42 +117,12 @@ void *ip_schema_new(cJSON *json, struct table_manager *tbl_mgr, goto error; } - custom_item = cJSON_GetObjectItem(item, "addr_type"); + custom_item = cJSON_GetObjectItem(item, "ip"); if (custom_item != NULL && custom_item->type == cJSON_Number) { - ip_schema->addr_type_column = custom_item->valueint; + ip_schema->ip_column = custom_item->valueint; } else { log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> schema has no add_type column", - __FUNCTION__, __LINE__, table_name); - goto error; - } - - custom_item = cJSON_GetObjectItem(item, "addr_format"); - if (custom_item != NULL && custom_item->type == cJSON_Number) { - ip_schema->addr_format_column = custom_item->valueint; - } else { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> schema has no addr_format column", - __FUNCTION__, __LINE__, table_name); - goto error; - } - - custom_item = cJSON_GetObjectItem(item, "ip1"); - if (custom_item != NULL && custom_item->type == cJSON_Number) { - ip_schema->ip1_column = custom_item->valueint; - } else { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> schema has no ip1 column", - __FUNCTION__, __LINE__, table_name); - goto error; - } - - custom_item = cJSON_GetObjectItem(item, "ip2"); - if (custom_item != NULL && custom_item->type == cJSON_Number) { - ip_schema->ip2_column = custom_item->valueint; - } else { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> schema has no ip2 column", + "[%s:%d] ip table:<%s> schema has no ip column", __FUNCTION__, __LINE__, table_name); goto error; } @@ -185,9 +151,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name, { size_t column_offset = 0; size_t column_len = 0; - char addr_format[16] = {0}; - char ip1_str[40] = {0}; - char ip2_str[40] = {0}; + char ip_str[128] = {0}; struct ip_item *ip_item = ALLOC(struct ip_item, 1); int ret = get_column_pos(line, ip_schema->item_id_column, &column_offset, @@ -210,41 +174,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name, } ip_item->group_id = atoll(line + column_offset); - ret = get_column_pos(line, ip_schema->addr_type_column, &column_offset, - &column_len); - if (ret < 0) { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> has no addr_type in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto error; - } - ip_item->addr_type = atoi(line + column_offset); - - if (ip_item->addr_type != IPv4 && ip_item->addr_type != IPv6) { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> has invalid addr type:%d in line:%s", - __FUNCTION__, __LINE__, table_name, ip_item->addr_type, line); - goto error; - } - - ret = get_column_pos(line, ip_schema->addr_format_column, &column_offset, - &column_len); - if (ret < 0) { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> has no addr_format in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto error; - } - memcpy(addr_format, (line + column_offset), column_len); - if (IP_FORMAT_UNKNOWN == ip_format_str2int(addr_format)) { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> has invalid addr_format, " - "should be single/range/CIDR/mask in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto error; - } - - ret = get_column_pos(line, ip_schema->ip1_column, &column_offset, + ret = get_column_pos(line, ip_schema->ip_column, &column_offset, &column_len); if (ret < 0) { log_fatal(logger, MODULE_IP, @@ -252,21 +182,16 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name, __FUNCTION__, __LINE__, table_name, line); goto error; } - memcpy(ip1_str, (line + column_offset), column_len); + memcpy(ip_str, (line + column_offset), column_len); - ret = get_column_pos(line, ip_schema->ip2_column, &column_offset, - &column_len); - if (ret < 0) { - log_fatal(logger, MODULE_IP, - "[%s:%d] ip table:<%s> has no ip2 in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto error; + if (strchr(ip_str, ':') != NULL) { + ip_item->addr_type = IPV6; + } else { + ip_item->addr_type = IPV4; } - memcpy(ip2_str, (line + column_offset), column_len); if (IPv4 == ip_item->addr_type) { - ret = ip_format2range(ip_item->addr_type, ip_format_str2int(addr_format), - ip1_str, ip2_str, &ip_item->ipv4.min_ip, &ip_item->ipv4.max_ip); + ret = ip_format2range(ip_str, ip_item->addr_type, &ip_item->ipv4.min_ip, &ip_item->ipv4.max_ip); if (ret < 0) { log_fatal(logger, MODULE_IP, "[%s:%d] ip table:<%s> ip_format2range(ip4) failed in line:%s", @@ -275,8 +200,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name, } } else { //ipv6 - ret = ip_format2range(ip_item->addr_type, ip_format_str2int(addr_format), - ip1_str, ip2_str, ip_item->ipv6.min_ip, ip_item->ipv6.max_ip); + ret = ip_format2range(ip_str, ip_item->addr_type, ip_item->ipv6.min_ip, ip_item->ipv6.max_ip); if (ret < 0) { log_fatal(logger, MODULE_IP, "[%s:%d] ip table:<%s> ip_format2range(ip6) failed in line:%s", @@ -284,6 +208,7 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name, goto error; } } + if(ip_schema->port_column>0) { ret = get_column_pos(line, ip_schema->port_column, &column_offset, diff --git a/src/maat_ip_plugin.c b/src/maat_ip_plugin.c index 64b7752..463b2bc 100644 --- a/src/maat_ip_plugin.c +++ b/src/maat_ip_plugin.c @@ -23,10 +23,7 @@ struct ip_plugin_schema { int item_id_column; - int ip_type_column; - int start_ip_column; - int end_ip_column; - int addr_format_column; + int ip_column; int rule_tag_column; int gc_timeout_s; int table_id; @@ -85,31 +82,9 @@ void *ip_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr, goto error; } - custom_item = cJSON_GetObjectItem(item, "ip_type"); + custom_item = cJSON_GetObjectItem(item, "ip"); if (custom_item != NULL && custom_item->type == cJSON_Number) { - schema->ip_type_column = custom_item->valueint; - } else { - log_fatal(logger, MODULE_IP_PLUGIN, - "[%s:%d] ip_plugin table:<%s> schema has no" - " ip_type column", - __FUNCTION__, __LINE__, table_name); - goto error; - } - - custom_item = cJSON_GetObjectItem(item, "start_ip"); - if (custom_item != NULL && custom_item->type == cJSON_Number) { - schema->start_ip_column = custom_item->valueint; - } else { - log_fatal(logger, MODULE_IP_PLUGIN, - "[%s:%d] ip_plugin table:<%s> schema has no" - " start_ip column", __FUNCTION__, __LINE__, - table_name); - goto error; - } - - custom_item = cJSON_GetObjectItem(item, "end_ip"); - if (custom_item != NULL && custom_item->type == cJSON_Number) { - schema->end_ip_column = custom_item->valueint; + schema->ip_column = custom_item->valueint; } else { log_fatal(logger, MODULE_IP_PLUGIN, "[%s:%d] ip_plugin table:<%s> schema has no" @@ -118,11 +93,6 @@ void *ip_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr, goto error; } - custom_item = cJSON_GetObjectItem(item, "addr_format"); - if (custom_item != NULL && custom_item->type == cJSON_Number) { - schema->addr_format_column = custom_item->valueint; - } - // rule_tag is optional custom_item = cJSON_GetObjectItem(item, "rule_tag"); if (custom_item != NULL && custom_item->type == cJSON_Number) { @@ -206,9 +176,7 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name, size_t column_offset = 0; size_t column_len = 0; - char start_ip_str[40] = {0}; - char end_ip_str[40] = {0}; - char addr_format[16] = {"range"}; + char ip_str[128] = {0}; struct ip_rule *ip_plugin_rule = ALLOC(struct ip_rule, 1); ret = get_column_pos(line, schema->item_id_column, @@ -220,58 +188,8 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name, goto error; } ip_plugin_rule->rule_id = atoll(line + column_offset); - - ret = get_column_pos(line, schema->ip_type_column, - &column_offset, &column_len); - if (ret < 0) { - log_fatal(logger, MODULE_IP_PLUGIN, - "[%s:%d] ip_plugin table:<%s> has no ip_type in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto error; - } - ip_plugin_rule->type = atoi(line + column_offset); - if (ip_plugin_rule->type != IPv4 && - ip_plugin_rule->type != IPv6) { - log_fatal(logger, MODULE_IP_PLUGIN, - "[%s:%d] ip_plugin table:<%s> ip_type[%d] invalid" - " in line:%s", __FUNCTION__, __LINE__, table_name, - ip_plugin_rule->type, line); - goto error; - } - - if (schema->addr_format_column > 0) { - ret = get_column_pos(line, schema->addr_format_column, - &column_offset, &column_len); - if (ret < 0) { - log_fatal(logger, MODULE_IP_PLUGIN, - "[%s:%d] ip_plugin table:<%s> has no addr_format column in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto error; - } - - memset(addr_format, 0, sizeof(addr_format)); - memcpy(addr_format, (line + column_offset), column_len); - } - - if (IP_FORMAT_UNKNOWN == ip_format_str2int(addr_format)) { - log_fatal(logger, MODULE_IP_PLUGIN, - "[%s:%d] ip_plugin table(table_id:%d) has invalid addr_format," - " should be range/CIDR, line:%s", - __FUNCTION__, __LINE__, schema->table_id, line); - goto error; - } - - ret = get_column_pos(line, schema->start_ip_column, - &column_offset, &column_len); - if (ret < 0) { - log_fatal(logger, MODULE_IP_PLUGIN, - "[%s:%d] ip_plugin table:<%s> has no start_ip in line:%s", - __FUNCTION__, __LINE__, table_name, line); - goto error; - } - strncpy(start_ip_str, line + column_offset, column_len); - ret = get_column_pos(line, schema->end_ip_column, + ret = get_column_pos(line, schema->ip_column, &column_offset, &column_len); if (ret < 0) { log_fatal(logger, MODULE_IP_PLUGIN, @@ -279,13 +197,16 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name, __FUNCTION__, __LINE__, table_name, line); goto error; } - strncpy(end_ip_str, line + column_offset, column_len); + strncpy(ip_str, line + column_offset, column_len); + + if (strchr(ip_str, ':') != NULL) { + ip_plugin_rule->type = IPV6; + } else { + ip_plugin_rule->type = IPV4; + } if (IPv4 == ip_plugin_rule->type) { - ret = ip_format2range(ip_plugin_rule->type, ip_format_str2int(addr_format), - start_ip_str, end_ip_str, - &ip_plugin_rule->ipv4_rule.start_ip, - &ip_plugin_rule->ipv4_rule.end_ip); + ret = ip_format2range(ip_str, ip_plugin_rule->type, &ip_plugin_rule->ipv4_rule.start_ip, &ip_plugin_rule->ipv4_rule.end_ip); if (ret < 0) { log_fatal(logger, MODULE_IP_PLUGIN, "[%s:%d] ip_plugin table:<%s>> ip_format2range(ip4)" @@ -295,10 +216,7 @@ ip_plugin_rule_new(struct ip_plugin_schema *schema, const char *table_name, } } else { //ipv6 - ret = ip_format2range(ip_plugin_rule->type, ip_format_str2int(addr_format), - start_ip_str, end_ip_str, - ip_plugin_rule->ipv6_rule.start_ip, - ip_plugin_rule->ipv6_rule.end_ip); + ret = ip_format2range(ip_str, ip_plugin_rule->type, ip_plugin_rule->ipv6_rule.start_ip, ip_plugin_rule->ipv6_rule.end_ip); if (ret < 0) { log_fatal(logger, MODULE_IP_PLUGIN, "[%s:%d] ip_plugin table:<%s> ip_format2range(ip6)" diff --git a/src/maat_utils.c b/src/maat_utils.c index 76838f4..a3efd51 100644 --- a/src/maat_utils.c +++ b/src/maat_utils.c @@ -453,7 +453,7 @@ size_t memcat(void **dest, size_t offset, size_t *n_dest, const void *src, size_ return n_src; } -enum ip_format ip_format_str2int(const char *format) +enum ip_format ip_format_str2int(const char *format)//TODO: need to delete? { if (0 == strcasecmp(format, "single")) { return IP_FORMAT_SINGLE; @@ -469,117 +469,124 @@ enum ip_format ip_format_str2int(const char *format) return IP_FORMAT_UNKNOWN; } -int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2, - uint32_t range_begin[], uint32_t range_end[]) +int ip_format2range(const char *ip_str, int ip_type, uint32_t range_begin[], uint32_t range_end[]) { - int cidr = 0; int ret = 0; + enum ip_format format = IP_FORMAT_UNKNOWN; - if (ip_type != IPV4 && ip_type != IPV6) { - assert(0); - return -1; + if (strchr(ip_str, '-') != NULL) { + format = IP_FORMAT_RANGE; + } else if (strchr(ip_str, '/') != NULL) { + format = IP_FORMAT_CIDR; + } else { + format = IP_FORMAT_SINGLE; } if (ip_type == IPV4) { - uint32_t ipv4_addr = 0; - ret = inet_pton(AF_INET, ip1, &ipv4_addr); - if (ret <= 0) { - return -1; - } - - ipv4_addr = ntohl(ipv4_addr); - uint32_t ipv4_range_end = 0; - uint32_t ipv4_mask = 0; + uint32_t ipv4_addr_start = 0; + uint32_t ipv4_addr_end = 0; + char start_ip_str[16] = {0}; + char end_ip_str[16] = {0}; + int prefix_length = 0; switch (format) { - case IP_FORMAT_SINGLE: - case IP_FORMAT_RANGE: - range_begin[0] = ipv4_addr; - ret = inet_pton(AF_INET, ip2, &ipv4_range_end); - if (ret <= 0) { - return -1; - } - ipv4_range_end = ntohl(ipv4_range_end); - range_end[0] = ipv4_range_end; - break; - case IP_FORMAT_MASK: - ret = inet_pton(AF_INET, ip2, &ipv4_mask); + case IP_FORMAT_SINGLE: + ret = inet_pton(AF_INET, ip_str, &ipv4_addr_start); if (ret <= 0) { return -1; } - ipv4_mask = ntohl(ipv4_mask); - range_begin[0] = ipv4_addr & ipv4_mask; - range_end[0] = ipv4_addr | ~ipv4_mask; + range_begin[0] = ntohl(ipv4_addr_start); + range_end[0] = range_begin[0]; + break; + case IP_FORMAT_RANGE: + sscanf(ip_str, "%15[^-]-%15s", start_ip_str, end_ip_str); + ret = inet_pton(AF_INET, start_ip_str, &ipv4_addr_start); + if (ret <= 0) { + return -1; + } + ret = inet_pton(AF_INET, end_ip_str, &ipv4_addr_end); + if (ret <= 0) { + return -1; + } + range_begin[0] = ntohl(ipv4_addr_start); + range_end[0] = ntohl(ipv4_addr_end); break; case IP_FORMAT_CIDR: - cidr = atoi(ip2); - if (cidr > 32 || cidr < 0) { + sscanf(ip_str, "%15[^/]/%d", start_ip_str, &prefix_length); + if (prefix_length > 32 || prefix_length < 0) { return -1; } - ipv4_mask = (0xFFFFFFFFUL << (32 - cidr)) & 0xFFFFFFFFUL; - range_begin[0] = ipv4_addr & ipv4_mask; - range_end[0] = ipv4_addr | ~ipv4_mask; + ret = inet_pton(AF_INET, start_ip_str, &ipv4_addr_start); + if (ret <= 0) { + return -1; + } + ipv4_addr_start = ntohl(ipv4_addr_start); + uint32_t ipv4_mask = (0xFFFFFFFFUL << (32 - prefix_length)) & 0xFFFFFFFFUL; + range_begin[0] = ipv4_addr_start & ipv4_mask; + range_end[0] = ipv4_addr_start | ~ipv4_mask; break; default: assert(0); + } } else { - //ipv6 - int i = 0; - uint32_t ipv6_addr[4] = {0}; - uint32_t ipv6_mask[4] = {0}; - uint32_t ipv6_range_end[4] = {0}; - - ret = inet_pton(AF_INET6, ip1, ipv6_addr); - if (ret <= 0) { - return -1; - } - ipv6_ntoh(ipv6_addr); - + //ipv6 + uint32_t ipv6_addr_start[4] = {0}; + uint32_t ipv6_mask[4] = {0}; + uint32_t ipv6_addr_end[4] = {0}; + char start_ip_str[40] = {0}; + char end_ip_str[40] = {0}; + int prefix_length = 0; + int i = 0; switch (format) { - case IP_FORMAT_SINGLE: - case IP_FORMAT_RANGE: - ret = inet_pton(AF_INET6, ip2, ipv6_range_end); + case IP_FORMAT_SINGLE: + ret = inet_pton(AF_INET6, ip_str, ipv6_addr_start); if (ret <= 0) { return -1; } - ipv6_ntoh(ipv6_range_end); - - memcpy(range_begin, ipv6_addr, sizeof(ipv6_addr)); - memcpy(range_end, ipv6_range_end, sizeof(ipv6_range_end)); + ipv6_ntoh(ipv6_addr_start); + memcpy(range_begin, ipv6_addr_start, sizeof(ipv6_addr_start)); + memcpy(range_end, ipv6_addr_start, sizeof(ipv6_addr_start)); break; - case IP_FORMAT_MASK: - ret = inet_pton(AF_INET6, ip2, ipv6_mask); + case IP_FORMAT_RANGE: + sscanf(ip_str, "%39[^-]-%39s", start_ip_str, end_ip_str); + ret = inet_pton(AF_INET6, start_ip_str, ipv6_addr_start); if (ret <= 0) { return -1; } - ipv6_ntoh(ipv6_mask); - - for (i = 0; i < 4; i++) { - range_begin[i]=ipv6_addr[i] & ipv6_mask[i]; - range_end[i] = ipv6_addr[i] | ~ipv6_mask[i]; + ret = inet_pton(AF_INET6, end_ip_str, ipv6_addr_end); + if (ret <= 0) { + return -1; } + ipv6_ntoh(ipv6_addr_start); + ipv6_ntoh(ipv6_addr_end); + memcpy(range_begin, ipv6_addr_start, sizeof(ipv6_addr_start)); + memcpy(range_end, ipv6_addr_end, sizeof(ipv6_addr_end)); break; case IP_FORMAT_CIDR: - cidr = atoi(ip2); - if (cidr > 128 || cidr < 0) { + sscanf(ip_str, "%39[^/]/%d", start_ip_str, &prefix_length); + if (prefix_length > 128 || prefix_length < 0) { return -1; } - + ret = inet_pton(AF_INET6, start_ip_str, ipv6_addr_start); + if (ret <= 0) { + return -1; + } + ipv6_ntoh(ipv6_addr_start); for (i = 0; i < 4; i++) { - int bit32 = 128 - cidr - 32 * (3 - i); + int bit32 = 128 - prefix_length - 32 * (3 - i); if (bit32 < 0) { - bit32 = 0; - } - + bit32 = 0; + } ipv6_mask[i] = (0xFFFFFFFFUL << bit32) & 0xFFFFFFFFUL; - range_begin[i] = ipv6_addr[i] & ipv6_mask[i]; - range_end[i] = ipv6_addr[i] | ~ipv6_mask[i]; + range_begin[i] = ipv6_addr_start[i] & ipv6_mask[i]; + range_end[i] = ipv6_addr_start[i] | ~ipv6_mask[i]; } break; default: assert(0); } } + return 0; } diff --git a/test/file_test_tableinfo.conf b/test/file_test_tableinfo.conf index c3dff0a..588657e 100644 --- a/test/file_test_tableinfo.conf +++ b/test/file_test_tableinfo.conf @@ -63,14 +63,12 @@ "table_id":5, "table_name":"NTC_UNIVERSAL_IP", "table_type":"ip", - "valid_column":7, + "valid_column":5, "custom": { "item_id":1, "group_id":2, - "addr_type":3, - "addr_format":4, - "ip1":5, - "ip2":6 + "ip":3, + "port":4 } }, { @@ -89,14 +87,12 @@ "table_id":7, "table_name":"WHITE_LIST_IP", "table_type":"ip", - "valid_column":7, + "valid_column":5, "custom": { "item_id":1, "group_id":2, - "addr_type":3, - "addr_format":4, - "ip1":5, - "ip2":6 + "ip":3, + "port":4 } }, { diff --git a/test/ip_matcher_gtest.cpp b/test/ip_matcher_gtest.cpp index 89c4bcd..91e47dc 100644 --- a/test/ip_matcher_gtest.cpp +++ b/test/ip_matcher_gtest.cpp @@ -10,19 +10,18 @@ struct log_handle *g_logger = NULL; TEST(ipv4_matcher_match, OneSingleIPv4Rule) { - const char *ip1_str = "192.168.0.1"; + const char *ip_str = "192.168.0.1"; struct ip_rule rule; rule.rule_id = 100; rule.type = IPv4; - int ret = ip_format2range(4, IP_FORMAT_RANGE, ip1_str, ip1_str, - &rule.ipv4_rule.start_ip, &rule.ipv4_rule.end_ip); + int ret = ip_format2range(ip_str, IPV4, &rule.ipv4_rule.start_ip, &rule.ipv4_rule.end_ip); size_t mem_size = 0; struct ip_matcher *matcher = ip_matcher_new(&rule, 1, &mem_size); ASSERT_TRUE(matcher != NULL); struct ip_data data; data.type = IPv4; - inet_pton(AF_INET, ip1_str, &data.ipv4); + inet_pton(AF_INET, ip_str, &data.ipv4); data.ipv4 = ntohl(data.ipv4); struct scan_result results[MAX_ARRAY_SIZE]; @@ -38,20 +37,17 @@ TEST(ipv4_matcher_match, MultiSingleIPv4Rule) { struct ip_rule rule[3]; rule[0].rule_id = 100; rule[0].type = IPv4; - int ret = ip_format2range(4, IP_FORMAT_RANGE, ip1_str, ip1_str, - &rule[0].ipv4_rule.start_ip, &rule[0].ipv4_rule.end_ip); + int ret = ip_format2range(ip1_str, IPV4, &rule[0].ipv4_rule.start_ip, &rule[0].ipv4_rule.end_ip); EXPECT_EQ(ret, 0); rule[1].rule_id = 200; rule[1].type = IPv4; - ret = ip_format2range(4, IP_FORMAT_RANGE, ip2_str, ip2_str, - &rule[1].ipv4_rule.start_ip, &rule[1].ipv4_rule.end_ip); + ret = ip_format2range(ip2_str, IPV4, &rule[1].ipv4_rule.start_ip, &rule[1].ipv4_rule.end_ip); EXPECT_EQ(ret, 0); rule[2].rule_id = 300; rule[2].type = IPv4; - ret = ip_format2range(4, IP_FORMAT_RANGE, ip3_str, ip3_str, - &rule[2].ipv4_rule.start_ip, &rule[2].ipv4_rule.end_ip); + ret = ip_format2range(ip3_str, IPV4, &rule[2].ipv4_rule.start_ip, &rule[2].ipv4_rule.end_ip); EXPECT_EQ(ret, 0); size_t mem_size = 0; @@ -84,13 +80,11 @@ TEST(ipv4_matcher_match, MultiSingleIPv4Rule) { } TEST(ipv6_matcher_match, OneSingleIPv6Rule) { - const char *ip1_str = "1001:da8:205:1::101"; - const char *ip2_str = "1001:da8:205:1::101"; + const char *ip1_str = "1001:da8:205:1::101-1001:da8:205:1::101"; struct ip_rule rule; rule.rule_id = 100; rule.type = IPv6; - int ret = ip_format2range(6, IP_FORMAT_RANGE, ip1_str, ip2_str, - rule.ipv6_rule.start_ip, rule.ipv6_rule.end_ip); + int ret = ip_format2range(ip1_str, IPV6, rule.ipv6_rule.start_ip, rule.ipv6_rule.end_ip); EXPECT_EQ(ret, 0); size_t mem_size = 0; @@ -115,20 +109,17 @@ TEST(ipv6_matcher_match, MultiSingleIPv6Rule) { struct ip_rule rule[3]; rule[0].rule_id = 100; rule[0].type = IPv6; - int ret = ip_format2range(6, IP_FORMAT_RANGE, ip1_str, ip1_str, - rule[0].ipv6_rule.start_ip, rule[0].ipv6_rule.end_ip); + int ret = ip_format2range(ip1_str, IPV6, rule[0].ipv6_rule.start_ip, rule[0].ipv6_rule.end_ip); EXPECT_EQ(ret, 0); rule[1].rule_id = 200; rule[1].type = IPv6; - ret = ip_format2range(6, IP_FORMAT_RANGE, ip2_str, ip2_str, - rule[1].ipv6_rule.start_ip, rule[1].ipv6_rule.end_ip); + ret = ip_format2range(ip2_str, IPV6, rule[1].ipv6_rule.start_ip, rule[1].ipv6_rule.end_ip); EXPECT_EQ(ret, 0); rule[2].rule_id = 300; rule[2].type = IPv6; - ret = ip_format2range(6, IP_FORMAT_RANGE, ip3_str, ip3_str, - rule[2].ipv6_rule.start_ip, rule[2].ipv6_rule.end_ip); + ret = ip_format2range(ip3_str, IPV6, rule[2].ipv6_rule.start_ip, rule[2].ipv6_rule.end_ip); EXPECT_EQ(ret, 0); size_t mem_size = 0; diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 7a9ee88..954db11 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -3077,7 +3077,7 @@ TEST_F(IPScan, RuleUpdates) { /* ip table add line */ long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id, - group_id, IPv4, "100.100.100.100", "100.100.100.100", 0); + group_id, "100.100.100.100", 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -3096,7 +3096,7 @@ TEST_F(IPScan, RuleUpdates) { /* ip table del line */ ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_DEL, item_id, - group_id, IPv4, "100.100.100.100", "100.100.100.100", 0); + group_id, "100.100.100.100", 0); EXPECT_EQ(ret, 1); /* group2compile table del line */ @@ -3150,7 +3150,7 @@ TEST_F(IPScan, RuleChangeClauseId) { /* ip table add line */ long long item_id1 = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, phy_ip_table_name, MAAT_OP_ADD, item_id1, - group_id1, IPv4, "1.1.1.1", "1.1.1.1", 0); + group_id1, "1.1.1.1", 0); EXPECT_EQ(ret, 1); /* group2compile table add line */ @@ -3162,7 +3162,7 @@ TEST_F(IPScan, RuleChangeClauseId) { /* ip table add line */ long long item_id2 = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, phy_ip_table_name, MAAT_OP_ADD, item_id2, - group_id2, IPv4, "11.11.11.11", "11.11.11.11", 0); + group_id2, "11.11.11.11", 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -5483,7 +5483,7 @@ void ip_plugin_ex_new_cb(const char *table_name, int table_id, const char *key, ud->rule_id = atoll(table_line + column_offset); - ret = get_column_pos(table_line, 5, &column_offset, &column_len); + ret = get_column_pos(table_line, 4, &column_offset, &column_len); EXPECT_EQ(ret, 0); ud->buffer = ALLOC(char, column_len + 1); @@ -7379,10 +7379,9 @@ TEST_F(MaatCmd, SetIP) { /* item table add line */ const char *ip1 = "172.0.0.1"; - const char *ip2 = "172.0.0.1"; long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item_id, - group_id, IPv4, ip1, ip2, 0); + group_id, ip1, 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S); @@ -8567,15 +8566,15 @@ TEST_F(MaatCmd, UpdateIPPlugin) { struct maat *maat_inst = MaatCmd::_shared_maat_inst; int *ex_data_counter = MaatCmd::_ex_data_counter; const char *table_line_add[TEST_CMD_LINE_NUM] = { - "101\t4\t192.168.30.98\t31\tSomething-like-json\t1\tCIDR", - "102\t4\t192.168.30.90\t192.168.30.128\tBigger-range-should-in-the-back\t1\trange", - "103\t6\t2001:db8:1234::\t2001:db8:1235::\tBigger-range-should-in-the-back\t1\trange", - "104\t6\t2001:db8:1234::1\t2001:db8:1234::5210\tSomething-like-json\t1\trange"}; + "101\t4\t192.168.30.98/31\tSomething-like-json\t1", + "102\t4\t192.168.30.90-192.168.30.128\tBigger-range-should-in-the-back\t1", + "103\t6\t2001:db8:1234::-2001:db8:1235::\tBigger-range-should-in-the-back\t1", + "104\t6\t2001:db8:1234::1-2001:db8:1234::5210\tSomething-like-json\t1"}; const char *table_line_del[TEST_CMD_LINE_NUM] = { - "101\t4\t192.168.30.98\t31\tSomething-like-json\t0\tcidr", - "102\t4\t192.168.30.90\t192.168.30.128\tBigger-range-should-in-the-back\t0\trange", - "103\t6\t2001:db8:1234::\t2001:db8:1235::\tBigger-range-should-in-the-back\t0\trange", - "104\t6\t2001:db8:1234::1\t2001:db8:1234::5210\tSomething-like-json\t0\trange"}; + "101\t4\t192.168.30.98/31\tSomething-like-json\t0", + "102\t4\t192.168.30.90-192.168.30.128\tBigger-range-should-in-the-back\t0", + "103\t6\t2001:db8:1234::-2001:db8:1235::\tBigger-range-should-in-the-back\t0", + "104\t6\t2001:db8:1234::1-2001:db8:1234::5210\tSomething-like-json\t0"}; int table_id = maat_get_table_id(maat_inst, table_name); ASSERT_GT(table_id, 0); @@ -9014,7 +9013,7 @@ TEST_F(MaatCmd, HitGroup) { long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id, - group3_id, IPv4, "220.181.38.150", "220.181.38.151", 0); + group3_id, "220.181.38.150-220.181.38.151", 0); EXPECT_EQ(ret, 1); char temp[1024]={0}; @@ -9295,7 +9294,7 @@ TEST_F(MaatCmd, HitPathBasic) { long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id, - group3_id, IPv4, "220.181.38.148", "220.181.38.149", 0); + group3_id, "220.181.38.148-220.181.38.149", 0); EXPECT_EQ(ret, 1); char temp[1024]={0}; @@ -9608,7 +9607,7 @@ TEST_F(MaatCmd, HitPathAdvanced) { long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id, - group3_id, IPv4, "220.181.38.168", "220.181.38.169", 0); + group3_id, "220.181.38.168-220.181.38.169", 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, @@ -9956,7 +9955,7 @@ TEST_F(MaatCmd, HitPathHasNotGroup) { long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id, - group3_id, IPv4, "220.181.38.158", "220.181.38.159", 0); + group3_id, "220.181.38.158-220.181.38.159", 0); EXPECT_EQ(ret, 1); char temp[1024]={0}; @@ -10300,7 +10299,7 @@ TEST_F(MaatCmd, SameScanStatusWhenClauseUpdate_TSG6419) { long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id, - group11_id, IPv4, "192.168.2.1", "192.168.2.4", 0); + group11_id, "192.168.2.1-192.168.2.4", 0); EXPECT_EQ(ret, 1); long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); @@ -10409,7 +10408,7 @@ TEST_F(MaatCmd, GroupEdit) { long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id, - group11_id, IPv4, "192.168.3.1", "192.168.3.4", 0); + group11_id, "192.168.3.1-192.168.3.4", 0); EXPECT_EQ(ret, 1); long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); @@ -10548,7 +10547,7 @@ TEST_F(MaatCmd, CompileDelete_TSG6548) { long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id, - group11_id, IPv4, "192.168.73.163", "192.168.73.180", 0); + group11_id, "192.168.73.163-192.168.73.180", 0); EXPECT_EQ(ret, 1); sleep(WAIT_FOR_EFFECTIVE_S * 2); @@ -10862,7 +10861,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenIncUpdate) { long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id, - group2_id, IPv4, "100.100.100.1", "100.100.100.1", 0); + group2_id, "100.100.100.1", 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, @@ -10964,8 +10963,7 @@ TEST_F(MaatCmd, IPAndStreamScanWhenFullUpdate) { long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, - item2_id, group2_id, IPv4, "100.100.100.2", - "100.100.100.2", 0); + item2_id, group2_id, "100.100.100.2", 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, @@ -11065,7 +11063,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenIncUpdate) { long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id, - group2_id, IPv4, "100.100.100.1", "100.100.100.1", 0); + group2_id, "100.100.100.1", 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, @@ -11165,7 +11163,7 @@ TEST_F(MaatCmd, IPAndStringScanWhenFullupdate) { long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1); ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id, - group2_id, IPv4, "100.100.100.3", "100.100.100.3", 0); + group2_id, "100.100.100.3", 0); EXPECT_EQ(ret, 1); ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD, diff --git a/test/maat_framework_perf_gtest.cpp b/test/maat_framework_perf_gtest.cpp index bce99f8..803b7cf 100644 --- a/test/maat_framework_perf_gtest.cpp +++ b/test/maat_framework_perf_gtest.cpp @@ -70,7 +70,7 @@ test_add_ip_command(struct maat *maat_inst, const char *table_name, long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1); ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id, - group_id, IPv4, ip, ip, 0); + group_id, ip, 0); EXPECT_EQ(ret, 1); } diff --git a/test/maat_json.json b/test/maat_json.json index 6d068dc..a201b4b 100644 --- a/test/maat_json.json +++ b/test/maat_json.json @@ -107,10 +107,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "single", - "ip1": "192.168.50.24", - "ip2": "192.168.50.24" + "ip": "192.168.50.24" } } ] @@ -154,10 +151,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "single", - "ip1": "192.168.58.19", - "ip2": "192.168.58.19" + "ip": "192.168.58.19" } } ] @@ -170,10 +164,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "10.0.1.20", - "ip2": "10.0.1.25" + "ip": "10.0.1.20-10.0.1.25" } } ] @@ -186,10 +177,7 @@ "table_name": "IP_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "mask", - "ip1": "192.168.40.88", - "ip2": "255.255.255.255" + "ip": "192.168.40.88/32" } } ] @@ -202,10 +190,7 @@ "table_name": "IP_PLUS_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "mask", - "ip1": "192.168.40.88", - "ip2": "255.255.255.255" + "ip": "192.168.40.88/32" } } ] @@ -218,10 +203,7 @@ "table_name": "IP_PLUS_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "mask", - "ip1": "192.168.40.88", - "ip2": "255.255.255.255" + "ip": "192.168.40.88/32" } } ] @@ -262,20 +244,14 @@ "table_name": "IP_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "mask", - "ip1": "10.0.6.201", - "ip2": "255.255.255.255" + "ip": "10.0.6.201/32" } }, { "table_name": "IP_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv6", - "addr_format": "mask", - "ip1": "2001:da8:205:1::101", - "ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:0000" + "ip": "2001:da8:205:1::101/112" } } ] @@ -1387,10 +1363,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "10.0.7.100", - "ip2": "10.0.7.101" + "ip": "10.0.7.100-10.0.7.101" } } ] @@ -1416,10 +1389,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv6", - "addr_format": "range", - "ip1": "1001:da8:205:1::101", - "ip2": "1001:da8:205:1::102" + "ip": "1001:da8:205:1::101-1001:da8:205:1::102" } } ] @@ -1501,10 +1471,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "CIDR", - "ip1": "192.168.0.1", - "ip2": "32" + "ip": "192.168.0.1/32" } } ] @@ -1529,10 +1496,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv6", - "addr_format": "CIDR", - "ip1": "2001:db8::", - "ip2": "120" + "ip": "2001:db8::/120" } } ] @@ -1740,10 +1704,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "CIDR", - "ip1": "192.168.23.1", - "ip2": "24" + "ip": "192.168.23.1/24" } } ] @@ -1859,10 +1820,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "CIDR", - "ip1": "100.64.3.1", - "ip2": "32" + "ip": "100.64.3.1/32" } } ] @@ -1888,10 +1846,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "CIDR", - "ip1": "192.168.40.10", - "ip2": "32" + "ip": "192.168.40.10/32" } } ] @@ -1917,10 +1872,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "CIDR", - "ip1": "192.168.231.46", - "ip2": "32" + "ip": "192.168.231.46/32" } } ] @@ -2105,10 +2057,7 @@ "table_name": "IP_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv6", - "addr_format": "mask", - "ip1": "::", - "ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" + "ip": "::/128" } } ] @@ -2193,10 +2142,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "single", - "ip1": "10.0.8.186", - "ip2": "10.0.8.186" + "ip": "10.0.8.186" } } ] @@ -2240,10 +2186,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "single", - "ip1": "10.0.8.187", - "ip2": "10.0.8.187" + "ip": "10.0.8.187" } } ] @@ -2287,10 +2230,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "single", - "ip1": "10.0.8.188", - "ip2": "10.0.8.188" + "ip": "10.0.8.188" } } ] @@ -2743,10 +2683,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "100.64.1.0", - "ip2": "100.64.1.20" + "ip": "100.64.1.0-100.64.1.20" } } ] @@ -2760,10 +2697,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "100.64.1.6", - "ip2": "100.64.1.10" + "ip": "100.64.1.6-100.64.1.10" } } ] @@ -2777,10 +2711,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "100.64.1.11", - "ip2": "100.64.1.20" + "ip": "100.64.1.11-100.64.1.20" } } ] @@ -2808,10 +2739,7 @@ "table_name": "IP_PLUS_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "192.168.50.43", - "ip2": "192.168.50.43" + "ip": "192.168.50.43-192.168.50.43" } } @@ -2827,10 +2755,7 @@ "table_name": "IP_PLUS_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "47.92.108.93", - "ip2": "47.92.108.93" + "ip": "47.92.108.93-47.92.108.93" } } ] @@ -2898,10 +2823,7 @@ "table_name": "IP_PLUS_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "100.64.2.0", - "ip2": "100.64.2.5" + "ip": "100.64.2.0-100.64.2.5" } } @@ -2917,10 +2839,7 @@ "table_name": "IP_PLUS_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "100.64.2.6", - "ip2": "100.64.2.10" + "ip": "100.64.2.6-100.64.2.10" } } ] @@ -3094,10 +3013,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "10.0.7.100", - "ip2": "10.0.7.106" + "ip": "10.0.7.100-10.0.7.106" } } ] @@ -3149,10 +3065,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv6", - "addr_format": "CIDR", - "ip1": "::", - "ip2": "0" + "ip": "::/0" } } ] @@ -3178,10 +3091,7 @@ "table_type":"ip", "table_name": "IP_PERF_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "range", - "ip1": "10.0.0.1", - "ip2": "10.0.0.6" + "ip": "10.0.0.1-10.0.0.6" } } ] @@ -3960,10 +3870,7 @@ "table_name": "IP_CONFIG", "table_type":"ip", "table_content": { - "addr_type": "ipv4", - "addr_format": "mask", - "ip1": "192.168.101.102", - "ip2": "255.255.255.255" + "ip": "192.168.101.102/32" } } ] @@ -4016,10 +3923,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv6", - "addr_format": "CIDR", - "ip1": "2607:5d00:2:2::32:28", - "ip2": "128", + "ip": "2607:5d00:2:2::32:28/128", "port":"80-443" } } @@ -4045,10 +3949,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv6", - "addr_format": "CIDR", - "ip1": "2607:5d00:2:2::32:28", - "ip2": "128", + "ip": "2607:5d00:2:2::32:28/128", "port":"80" } } @@ -4074,10 +3975,7 @@ "table_type":"ip", "table_name": "IP_PLUS_CONFIG", "table_content": { - "addr_type": "ipv4", - "addr_format": "CIDR", - "ip1": "192.168.30.44", - "ip2": "32", + "ip": "192.168.30.44/32", "port": "80" } } @@ -4179,11 +4077,11 @@ { "table_name": "TEST_IP_PLUGIN_WITH_EXDATA", "table_content": [ - "101\t4\t192.168.30.99\t192.168.30.101\tSomething-like-json\t1", - "102\t4\t192.168.30.90\t192.168.30.128\tBigger-range-should-in-the-back\t1", - "103\t6\t2001:db8:1234::\t2001:db8:1235::\tBigger-range-should-in-the-back\t1", - "104\t6\t2001:db8:1234::1\t2001:db8:1234::5210\tSomething-like-json\t1", - "105\t6\t2620:100:3000::\t2620:0100:30ff:ffff:ffff:ffff:ffff:ffff\tBugreport-liumengyan-20210517\t1" + "101\t4\t192.168.30.99-192.168.30.101\tSomething-like-json\t1", + "102\t4\t192.168.30.90-192.168.30.128\tBigger-range-should-in-the-back\t1", + "103\t6\t2001:db8:1234::-2001:db8:1235::\tBigger-range-should-in-the-back\t1", + "104\t6\t2001:db8:1234::1-2001:db8:1234::5210\tSomething-like-json\t1", + "105\t6\t2620:100:3000::-2620:0100:30ff:ffff:ffff:ffff:ffff:ffff\tBugreport-liumengyan-20210517\t1" ] }, { diff --git a/test/ntcrule/full/2018-10-09/NTC_UNIVERSAL_IP.0000050997 b/test/ntcrule/full/2018-10-09/NTC_UNIVERSAL_IP.0000050997 index c5263eb..a18edb6 100644 --- a/test/ntcrule/full/2018-10-09/NTC_UNIVERSAL_IP.0000050997 +++ b/test/ntcrule/full/2018-10-09/NTC_UNIVERSAL_IP.0000050997 @@ -1,24 +1,24 @@ 0000000023 -977 962 4 mask 10.11.36.21 255.255.255.255 range 0 65535 6 1 -1000 985 4 mask 10.11.36.21 255.255.255.255 range 0 65535 6 1 -967 950 4 mask 10.11.36.21 255.255.255.255 range 0 65535 6 1 -852 835 6 mask :: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range 0 65535 6 1 -992 977 4 mask 10.11.36.21 255.255.255.255 range 0 65535 6 1 -863 846 4 mask 0.0.0.0 255.255.255.255 range 0 65535 6 1 -849 832 4 mask 0.0.0.0 255.255.255.255 range 0 65535 6 1 -995 980 4 mask 10.11.36.59 255.255.255.255 range 0 65535 6 1 -931 914 4 mask 10.11.36.21 255.255.255.255 range 0 65535 6 1 -739 723 4 mask 10.11.36.26 255.255.255.255 range 0 65535 6 1 -619 603 4 mask 10.11.36.26 255.255.255.255 range 0 65535 6 1 -742 726 4 mask 10.3.57.1 255.255.255.255 range 0 65535 6 1 -938 921 4 mask 10.11.36.5 255.255.255.255 range 0 65535 6 1 -997 982 4 mask 10.11.36.59 255.255.255.255 range 0 65535 6 1 -625 609 4 mask 10.3.57.1 255.255.255.255 range 2345 65535 6 1 -847 830 6 mask :: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range 0 65535 6 1 -865 848 4 mask 0.0.0.0 255.255.255.255 range 0 65535 6 1 -986 971 4 mask 10.11.36.21 255.255.255.255 range 0 65535 6 1 -628 612 4 mask 10.3.57.1 255.255.255.255 range 56345 65535 6 1 -974 959 4 mask 10.11.36.21 255.255.255.255 range 0 65535 6 1 -622 606 4 mask 10.3.57.1 255.255.255.255 range 0 65535 6 1 -867 850 6 mask :: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range 0 65535 6 1 -860 843 6 mask :: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF range 0 65535 6 1 \ No newline at end of file +977 962 10.11.36.21/32 0-65535 1 +1000 985 10.11.36.21/32 0-65535 1 +967 950 10.11.36.21/32 0-65535 1 +852 835 ::/128 0-65535 1 +992 977 10.11.36.21/32 0-65535 1 +863 846 0.0.0.0/32 0-65535 1 +849 832 0.0.0.0/32 0-65535 1 +995 980 10.11.36.59/32 0-65535 1 +931 914 10.11.36.21/32 0-65535 1 +739 723 10.11.36.26/32 0-65535 1 +619 603 10.11.36.26/32 0-65535 1 +742 726 10.3.57.1/32 0-65535 1 +938 921 10.11.36.5/32 0-65535 1 +997 982 10.11.36.59/32 0-65535 1 +625 609 10.3.57.1/32 2345-65535 1 +847 830 ::/128 0-65535 1 +865 848 0.0.0.0/32 0-65535 1 +986 971 10.11.36.21/32 0-65535 1 +628 612 10.3.57.1/32 56345-65535 1 +974 959 10.11.36.21/32 0-65535 1 +622 606 10.3.57.1/32 0-65535 1 +867 850 ::/128 0-65535 1 +860 843 ::/128 0-65535 1 \ No newline at end of file diff --git a/test/ntcrule/full/2018-10-09/WHITE_LIST_IP.0000050997 b/test/ntcrule/full/2018-10-09/WHITE_LIST_IP.0000050997 index 2e792b9..122f93e 100644 --- a/test/ntcrule/full/2018-10-09/WHITE_LIST_IP.0000050997 +++ b/test/ntcrule/full/2018-10-09/WHITE_LIST_IP.0000050997 @@ -1,2 +1,2 @@ 0000000001 -81 81 4 mask 10.11.36.7 255.255.255.255 range 22222 65535 6 1 +81 81 10.11.36.7/32 22222-65535 1 diff --git a/test/table_info.conf b/test/table_info.conf index 902ae53..7fdcba4 100644 --- a/test/table_info.conf +++ b/test/table_info.conf @@ -162,14 +162,12 @@ "table_id":12, "table_name":"IP_CONFIG", "table_type":"ip", - "valid_column":8, + "valid_column":5, "custom": { "item_id":1, "group_id":2, - "addr_type":3, - "addr_format":4, - "ip1":5, - "ip2":6 + "ip":3, + "port":4 } }, { @@ -323,15 +321,12 @@ "table_id":24, "table_name":"IP_PLUS_CONFIG", "table_type":"ip", - "valid_column":8, + "valid_column":5, "custom": { "item_id":1, "group_id":2, - "addr_type":3, - "addr_format":4, - "ip1":5, - "ip2":6, - "port":7 + "ip":3, + "port":4 } }, { @@ -365,13 +360,11 @@ "table_id":29, "table_name":"TEST_IP_PLUGIN_WITH_EXDATA", "table_type":"ip_plugin", - "valid_column":6, + "valid_column":5, "custom": { "gc_timeout_s": 3, "item_id":1, - "ip_type":2, - "start_ip":3, - "end_ip":4 + "ip":3 } }, { @@ -567,15 +560,12 @@ "table_id":47, "table_name":"IP_PERF_CONFIG", "table_type":"ip", - "valid_column":8, + "valid_column":5, "custom": { "item_id":1, "group_id":2, - "addr_type":3, - "addr_format":4, - "ip1":5, - "ip2":6, - "port":7 + "ip":3, + "port":4 } }, { @@ -726,14 +716,11 @@ "table_id":66, "table_name":"TEST_IP_PLUGIN_WITH_ADDR_FORMAT", "table_type":"ip_plugin", - "valid_column":6, + "valid_column":5, "custom": { "gc_timeout_s": 3, "item_id":1, - "ip_type":2, - "start_ip":3, - "end_ip":4, - "addr_format":7 + "ip":3 } } ] \ No newline at end of file diff --git a/test/test_utils.cpp b/test/test_utils.cpp index e639b75..74fc90c 100644 --- a/test/test_utils.cpp +++ b/test/test_utils.cpp @@ -275,8 +275,7 @@ int interval_table_set_line(struct maat *maat_inst, const char *table_name, int ip_table_set_line(struct maat *maat_inst, const char *table_name, enum maat_operation op, long long item_id, - long long group_id, enum IP_TYPE type, - const char *ip1, const char *ip2, int expire_after) + long long group_id, const char *ip, int expire_after) { char table_line[1024] = {0}; int table_id = maat_get_table_id(maat_inst, table_name); @@ -284,13 +283,8 @@ int ip_table_set_line(struct maat *maat_inst, const char *table_name, return 0; } - int ip_type = IPV4; - if (type == IPv6) { - ip_type = IPV6; - } - - sprintf(table_line, "%lld\t%lld\t%d\trange\t%s\t%s\t0-65535\t%d", - item_id, group_id, ip_type, ip1, ip2, op); + sprintf(table_line, "%lld\t%lld\t%s\t0-65535\t%d", + item_id, group_id, ip, op); struct maat_cmd_line line_rule; line_rule.rule_id = item_id; diff --git a/test/test_utils.h b/test/test_utils.h index 9c83c73..e7f7bc2 100644 --- a/test/test_utils.h +++ b/test/test_utils.h @@ -42,8 +42,7 @@ int interval_table_set_line(struct maat *maat_inst, const char *table_name, int ip_table_set_line(struct maat *maat_inst, const char *table_name, enum maat_operation op, long long item_id, - long long group_id, enum IP_TYPE type, const char *ip1, - const char *ip2, int expire_after); + long long group_id, const char *ip, int expire_after); int flag_table_set_line(struct maat *maat_inst, const char *table_name, enum maat_operation op, long long item_id,