[PATCH]maat_scan_ip remove port & protocol parameter
This commit is contained in:
liuwentan
@@ -255,27 +255,24 @@ struct maat_state;
|
|||||||
* MAAT_SCAN_HALF_HIT
|
* MAAT_SCAN_HALF_HIT
|
||||||
* MAAT_SCAN_HIT
|
* MAAT_SCAN_HIT
|
||||||
*/
|
*/
|
||||||
int maat_scan_flag(struct maat *instance, int table_id,
|
int maat_scan_flag(struct maat *instance, int table_id, long long flag,
|
||||||
long long flag, long long *results, size_t n_result,
|
long long *results, size_t n_result, size_t *n_hit_result,
|
||||||
size_t *n_hit_result, struct maat_state *state);
|
struct maat_state *state);
|
||||||
int maat_scan_integer(struct maat *instance, int table_id,
|
|
||||||
long long integer, long long *results, size_t n_result,
|
int maat_scan_integer(struct maat *instance, int table_id, long long integer,
|
||||||
size_t *n_hit_result, struct maat_state *state);
|
long long *results, size_t n_result, size_t *n_hit_result,
|
||||||
|
struct maat_state *state);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param ip_addr: network ipv4 address
|
* @param ip_addr: network ipv4 address
|
||||||
* @param port: network port
|
|
||||||
* @param protocol: -1(ANY protocol) 1(ICMP) 6(TCP) 17(UDP)
|
|
||||||
*/
|
*/
|
||||||
int maat_scan_ipv4(struct maat *instance, int table_id,
|
int maat_scan_ipv4(struct maat *instance, int table_id, uint32_t ip_addr,
|
||||||
uint32_t ip_addr, uint16_t port, int protocol,
|
long long *results, size_t n_result, size_t *n_hit_result,
|
||||||
long long *results, size_t n_result,
|
struct maat_state *state);
|
||||||
size_t *n_hit_result, struct maat_state *state);
|
|
||||||
|
|
||||||
int maat_scan_ipv6(struct maat *instance, int table_id,
|
int maat_scan_ipv6(struct maat *instance, int table_id, uint8_t *ip_addr,
|
||||||
uint8_t *ip_addr, uint16_t port, int protocol,
|
long long *results, size_t n_result, size_t *n_hit_result,
|
||||||
long long *results, size_t n_result,
|
struct maat_state *state);
|
||||||
size_t *n_hit_result, struct maat_state *state);
|
|
||||||
|
|
||||||
int maat_scan_string(struct maat *instance, int table_id,
|
int maat_scan_string(struct maat *instance, int table_id,
|
||||||
const char *data, size_t data_len,
|
const char *data, size_t data_len,
|
||||||
|
|||||||
@@ -42,8 +42,7 @@ long long ip_runtime_ipv6_rule_count(void *ip_runtime);
|
|||||||
|
|
||||||
/* ip runtime scan API */
|
/* ip runtime scan API */
|
||||||
int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
|
int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
|
||||||
uint8_t *ip_addr, uint16_t port, int proto,
|
uint8_t *ip_addr, int vtable_id, struct maat_state *state);
|
||||||
int vtable_id, struct maat_state *state);
|
|
||||||
|
|
||||||
void ip_runtime_perf_stat(struct ip_runtime *ip_rt, struct timespec *start,
|
void ip_runtime_perf_stat(struct ip_runtime *ip_rt, struct timespec *start,
|
||||||
struct timespec *end, int thread_id);
|
struct timespec *end, int thread_id);
|
||||||
|
|||||||
@@ -70,18 +70,10 @@ enum ip_format {
|
|||||||
IP_FORMAT_UNKNOWN
|
IP_FORMAT_UNKNOWN
|
||||||
};
|
};
|
||||||
|
|
||||||
enum port_format {
|
|
||||||
PORT_FORMAT_SINGLE = 1,
|
|
||||||
PORT_FORMAT_RANGE,
|
|
||||||
PORT_FORMAT_UNKNOWN
|
|
||||||
};
|
|
||||||
|
|
||||||
enum ip_format ip_format_str2int(const char *format);
|
enum ip_format ip_format_str2int(const char *format);
|
||||||
int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2,
|
int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2,
|
||||||
uint32_t range_begin[], uint32_t range_end[]);
|
uint32_t range_begin[], uint32_t range_end[]);
|
||||||
|
|
||||||
enum port_format port_format_str2int(const char *format);
|
|
||||||
|
|
||||||
#define UNUSED __attribute__((unused))
|
#define UNUSED __attribute__((unused))
|
||||||
|
|
||||||
const char *module_name_str(const char *name);
|
const char *module_name_str(const char *name);
|
||||||
|
|||||||
@@ -539,30 +539,6 @@ static int write_ip_plus_line(cJSON *region_json, struct iris_description *p_iri
|
|||||||
json_cmd[cmd_cnt].default_string = "255.255.255.255";
|
json_cmd[cmd_cnt].default_string = "255.255.255.255";
|
||||||
cmd_cnt++;
|
cmd_cnt++;
|
||||||
|
|
||||||
json_cmd[cmd_cnt].json_string = "port_format";
|
|
||||||
json_cmd[cmd_cnt].json_type = cJSON_String;
|
|
||||||
json_cmd[cmd_cnt].empty_allowed = 1;
|
|
||||||
json_cmd[cmd_cnt].default_string = "mask";
|
|
||||||
cmd_cnt++;
|
|
||||||
|
|
||||||
json_cmd[cmd_cnt].json_string = "port1";
|
|
||||||
json_cmd[cmd_cnt].json_type = cJSON_String;
|
|
||||||
json_cmd[cmd_cnt].empty_allowed = 1;
|
|
||||||
json_cmd[cmd_cnt].default_string = "0";
|
|
||||||
cmd_cnt++;
|
|
||||||
|
|
||||||
json_cmd[cmd_cnt].json_string = "port2";
|
|
||||||
json_cmd[cmd_cnt].json_type = cJSON_String;
|
|
||||||
json_cmd[cmd_cnt].empty_allowed = 1;
|
|
||||||
json_cmd[cmd_cnt].default_string = "65535";
|
|
||||||
cmd_cnt++;
|
|
||||||
|
|
||||||
json_cmd[cmd_cnt].json_string = "protocol";
|
|
||||||
json_cmd[cmd_cnt].json_type = cJSON_Number;
|
|
||||||
json_cmd[cmd_cnt].empty_allowed = 1;
|
|
||||||
json_cmd[cmd_cnt].default_int = 0;
|
|
||||||
cmd_cnt++;
|
|
||||||
|
|
||||||
json_cmd[cmd_cnt].json_string = "is_valid";
|
json_cmd[cmd_cnt].json_string = "is_valid";
|
||||||
json_cmd[cmd_cnt].json_type = cJSON_Number;
|
json_cmd[cmd_cnt].json_type = cJSON_Number;
|
||||||
cmd_cnt++;
|
cmd_cnt++;
|
||||||
|
|||||||
@@ -1080,33 +1080,6 @@ static int interval_scan(struct table_manager *tbl_mgr, int thread_id, long long
|
|||||||
}
|
}
|
||||||
|
|
||||||
static int ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr,
|
static int ipv4_scan(struct table_manager *tbl_mgr, int thread_id, uint32_t ip_addr,
|
||||||
uint16_t port, int proto, int phy_table_id, int vtable_id,
|
|
||||||
struct maat_state *state)
|
|
||||||
{
|
|
||||||
|
|
||||||
enum table_type table_type = table_manager_get_table_type(tbl_mgr, phy_table_id);
|
|
||||||
if (table_type != TABLE_TYPE_IP_PLUS) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
void *ip_rt = table_manager_get_runtime(tbl_mgr, phy_table_id);
|
|
||||||
if (NULL == ip_rt) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv4,
|
|
||||||
(uint8_t *)&ip_addr, port, proto, vtable_id, state);
|
|
||||||
if (group_hit_cnt <= 0) {
|
|
||||||
return group_hit_cnt;
|
|
||||||
}
|
|
||||||
|
|
||||||
ip_runtime_hit_times_inc((struct ip_runtime *)ip_rt, thread_id);
|
|
||||||
|
|
||||||
return group_hit_cnt;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int ipv6_scan(struct table_manager *tbl_mgr, int thread_id,
|
|
||||||
uint8_t *ip_addr, uint16_t port, int proto,
|
|
||||||
int phy_table_id, int vtable_id, struct maat_state *state)
|
int phy_table_id, int vtable_id, struct maat_state *state)
|
||||||
{
|
{
|
||||||
|
|
||||||
@@ -1120,8 +1093,34 @@ static int ipv6_scan(struct table_manager *tbl_mgr, int thread_id,
|
|||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv4,
|
||||||
|
(uint8_t *)&ip_addr, vtable_id, state);
|
||||||
|
if (group_hit_cnt <= 0) {
|
||||||
|
return group_hit_cnt;
|
||||||
|
}
|
||||||
|
|
||||||
|
ip_runtime_hit_times_inc((struct ip_runtime *)ip_rt, thread_id);
|
||||||
|
|
||||||
|
return group_hit_cnt;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int ipv6_scan(struct table_manager *tbl_mgr, int thread_id,
|
||||||
|
uint8_t *ip_addr, int phy_table_id, int vtable_id,
|
||||||
|
struct maat_state *state)
|
||||||
|
{
|
||||||
|
|
||||||
|
enum table_type table_type = table_manager_get_table_type(tbl_mgr, phy_table_id);
|
||||||
|
if (table_type != TABLE_TYPE_IP_PLUS) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
|
void *ip_rt = table_manager_get_runtime(tbl_mgr, phy_table_id);
|
||||||
|
if (NULL == ip_rt) {
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
|
|
||||||
int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv6,
|
int group_hit_cnt = ip_runtime_scan((struct ip_runtime *)ip_rt, thread_id, IPv6,
|
||||||
ip_addr, port, proto, vtable_id, state);
|
ip_addr, vtable_id, state);
|
||||||
if (group_hit_cnt <= 0) {
|
if (group_hit_cnt <= 0) {
|
||||||
return group_hit_cnt;
|
return group_hit_cnt;
|
||||||
}
|
}
|
||||||
@@ -1351,12 +1350,12 @@ int maat_scan_integer(struct maat *maat_inst, int table_id,
|
|||||||
}
|
}
|
||||||
|
|
||||||
int maat_scan_ipv4(struct maat *maat_inst, int table_id, uint32_t ip_addr,
|
int maat_scan_ipv4(struct maat *maat_inst, int table_id, uint32_t ip_addr,
|
||||||
uint16_t port, int protocol, long long *results, size_t n_result,
|
long long *results, size_t n_result, size_t *n_hit_result,
|
||||||
size_t *n_hit_result, struct maat_state *state)
|
struct maat_state *state)
|
||||||
{
|
{
|
||||||
if ((NULL == maat_inst) || table_id < 0 || table_id >= MAX_TABLE_NUM ||
|
if ((NULL == maat_inst) || table_id < 0 || table_id >= MAX_TABLE_NUM ||
|
||||||
(protocol < -1) || (NULL == results) || (0 == n_result) ||
|
(NULL == results) || (0 == n_result) || (NULL == n_hit_result) ||
|
||||||
(NULL == n_hit_result) || (NULL == state) || (state->thread_id < 0)) {
|
(NULL == state) || (state->thread_id < 0)) {
|
||||||
return MAAT_SCAN_ERR;
|
return MAAT_SCAN_ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1395,7 +1394,7 @@ int maat_scan_ipv4(struct maat *maat_inst, int table_id, uint32_t ip_addr,
|
|||||||
|
|
||||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||||
int hit_group_cnt = ipv4_scan(maat_inst->tbl_mgr, state->thread_id, ip_addr,
|
int hit_group_cnt = ipv4_scan(maat_inst->tbl_mgr, state->thread_id, ip_addr,
|
||||||
port, protocol, phy_table_id, vtable_id, state);
|
phy_table_id, vtable_id, state);
|
||||||
if (hit_group_cnt < 0) {
|
if (hit_group_cnt < 0) {
|
||||||
maat_inst->stat->scan_err_cnt++;
|
maat_inst->stat->scan_err_cnt++;
|
||||||
return MAAT_SCAN_ERR;
|
return MAAT_SCAN_ERR;
|
||||||
@@ -1435,15 +1434,13 @@ int maat_scan_ipv4(struct maat *maat_inst, int table_id, uint32_t ip_addr,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
int maat_scan_ipv6(struct maat *maat_inst, int table_id,
|
int maat_scan_ipv6(struct maat *maat_inst, int table_id, uint8_t *ip_addr,
|
||||||
uint8_t *ip_addr, uint16_t port, int protocol,
|
long long *results, size_t n_result, size_t *n_hit_result,
|
||||||
long long *results, size_t n_result,
|
struct maat_state *state)
|
||||||
size_t *n_hit_result, struct maat_state *state)
|
|
||||||
{
|
{
|
||||||
if ((NULL == maat_inst) || table_id < 0 || table_id >= MAX_TABLE_NUM ||
|
if ((NULL == maat_inst) || table_id < 0 || table_id >= MAX_TABLE_NUM ||
|
||||||
(protocol < -1) || (NULL == ip_addr) || (NULL == results) ||
|
(NULL == ip_addr) || (NULL == results) || (0 == n_result) ||
|
||||||
(0 == n_result) || (NULL == n_hit_result) || (NULL == state) ||
|
(NULL == n_hit_result) || (NULL == state) || (state->thread_id < 0)) {
|
||||||
(state->thread_id < 0)) {
|
|
||||||
return MAAT_SCAN_ERR;
|
return MAAT_SCAN_ERR;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1482,7 +1479,7 @@ int maat_scan_ipv6(struct maat *maat_inst, int table_id,
|
|||||||
|
|
||||||
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
alignment_int64_array_add(maat_inst->stat->thread_call_cnt, state->thread_id, 1);
|
||||||
int hit_group_cnt = ipv6_scan(maat_inst->tbl_mgr, state->thread_id, ip_addr,
|
int hit_group_cnt = ipv6_scan(maat_inst->tbl_mgr, state->thread_id, ip_addr,
|
||||||
port, protocol, phy_table_id, vtable_id, state);
|
phy_table_id, vtable_id, state);
|
||||||
if (hit_group_cnt < 0) {
|
if (hit_group_cnt < 0) {
|
||||||
maat_inst->stat->scan_err_cnt++;
|
maat_inst->stat->scan_err_cnt++;
|
||||||
return MAAT_SCAN_ERR;
|
return MAAT_SCAN_ERR;
|
||||||
|
|||||||
@@ -25,8 +25,8 @@ struct interval_schema {
|
|||||||
int item_id_column;
|
int item_id_column;
|
||||||
int group_id_column;
|
int group_id_column;
|
||||||
int district_column;
|
int district_column;
|
||||||
int low_bound_column;
|
int low_boundary_column;
|
||||||
int up_bound_column;
|
int up_boundary_column;
|
||||||
int table_id;
|
int table_id;
|
||||||
struct table_manager *ref_tbl_mgr;
|
struct table_manager *ref_tbl_mgr;
|
||||||
};
|
};
|
||||||
@@ -34,8 +34,8 @@ struct interval_schema {
|
|||||||
struct interval_item {
|
struct interval_item {
|
||||||
long long item_id;
|
long long item_id;
|
||||||
long long group_id;
|
long long group_id;
|
||||||
int low_bound;
|
int low_boundary;
|
||||||
int up_bound;
|
int up_boundary;
|
||||||
void *user_data;
|
void *user_data;
|
||||||
int district_id;
|
int district_id;
|
||||||
};
|
};
|
||||||
@@ -124,22 +124,22 @@ void *interval_schema_new(cJSON *json, struct table_manager *tbl_mgr,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
custom_item = cJSON_GetObjectItem(item, "low_bound");
|
custom_item = cJSON_GetObjectItem(item, "low_boundary");
|
||||||
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
||||||
schema->low_bound_column = custom_item->valueint;
|
schema->low_boundary_column = custom_item->valueint;
|
||||||
} else {
|
} else {
|
||||||
log_fatal(logger, MODULE_INTERVAL,
|
log_fatal(logger, MODULE_INTERVAL,
|
||||||
"[%s:%d] interval table:<%s> schema has no low_bound column",
|
"[%s:%d] interval table:<%s> schema has no low_boundary column",
|
||||||
__FUNCTION__, __LINE__, table_name);
|
__FUNCTION__, __LINE__, table_name);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
custom_item = cJSON_GetObjectItem(item, "up_bound");
|
custom_item = cJSON_GetObjectItem(item, "up_boundary");
|
||||||
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
||||||
schema->up_bound_column = custom_item->valueint;
|
schema->up_boundary_column = custom_item->valueint;
|
||||||
} else {
|
} else {
|
||||||
log_fatal(logger, MODULE_INTERVAL,
|
log_fatal(logger, MODULE_INTERVAL,
|
||||||
"[%s:%d] interval table:<%s> schema has no up_bound column",
|
"[%s:%d] interval table:<%s> schema has no up_boundary column",
|
||||||
__FUNCTION__, __LINE__, table_name);
|
__FUNCTION__, __LINE__, table_name);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
@@ -334,23 +334,23 @@ interval_item_new(struct interval_schema *schema, const char *table_name,
|
|||||||
item->district_id = DISTRICT_ANY;
|
item->district_id = DISTRICT_ANY;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = get_column_pos(line, schema->low_bound_column, &column_offset, &column_len);
|
ret = get_column_pos(line, schema->low_boundary_column, &column_offset, &column_len);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
log_fatal(interval_rt->logger, MODULE_INTERVAL,
|
log_fatal(interval_rt->logger, MODULE_INTERVAL,
|
||||||
"[%s:%d] interval table:<%s> has no low_bound in line:%s",
|
"[%s:%d] interval table:<%s> has no low_boundary in line:%s",
|
||||||
__FUNCTION__, __LINE__, table_name, line);
|
__FUNCTION__, __LINE__, table_name, line);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
item->low_bound = atoi(line + column_offset);
|
item->low_boundary = atoi(line + column_offset);
|
||||||
|
|
||||||
ret = get_column_pos(line, schema->up_bound_column, &column_offset, &column_len);
|
ret = get_column_pos(line, schema->up_boundary_column, &column_offset, &column_len);
|
||||||
if (ret < 0) {
|
if (ret < 0) {
|
||||||
log_fatal(interval_rt->logger, MODULE_INTERVAL,
|
log_fatal(interval_rt->logger, MODULE_INTERVAL,
|
||||||
"[%s:%d] interval table:<%s> has no up_bound in line:%s",
|
"[%s:%d] interval table:<%s> has no up_boundary in line:%s",
|
||||||
__FUNCTION__, __LINE__, table_name, line);
|
__FUNCTION__, __LINE__, table_name, line);
|
||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
item->up_bound = atoi(line + column_offset);
|
item->up_boundary = atoi(line + column_offset);
|
||||||
|
|
||||||
return item;
|
return item;
|
||||||
error:
|
error:
|
||||||
@@ -363,8 +363,8 @@ interval_item_to_interval_rule(struct interval_item *item)
|
|||||||
{
|
{
|
||||||
struct interval_rule rule;
|
struct interval_rule rule;
|
||||||
|
|
||||||
rule.start = item->low_bound;
|
rule.start = item->low_boundary;
|
||||||
rule.end = item->up_bound;
|
rule.end = item->up_boundary;
|
||||||
rule.result.rule_id = item->item_id;
|
rule.result.rule_id = item->item_id;
|
||||||
rule.result.user_tag = item->user_data;
|
rule.result.user_tag = item->user_data;
|
||||||
|
|
||||||
|
|||||||
157
src/maat_ip.c
157
src/maat_ip.c
@@ -15,7 +15,6 @@
|
|||||||
#include "maat_utils.h"
|
#include "maat_utils.h"
|
||||||
#include "maat_ex_data.h"
|
#include "maat_ex_data.h"
|
||||||
#include "ip_matcher.h"
|
#include "ip_matcher.h"
|
||||||
#include "interval_matcher.h"
|
|
||||||
#include "maat_ip.h"
|
#include "maat_ip.h"
|
||||||
#include "maat_rule.h"
|
#include "maat_rule.h"
|
||||||
#include "maat_compile.h"
|
#include "maat_compile.h"
|
||||||
@@ -24,11 +23,6 @@
|
|||||||
|
|
||||||
#define MODULE_IP module_name_str("maat.ip")
|
#define MODULE_IP module_name_str("maat.ip")
|
||||||
|
|
||||||
#define IP_PROTO_ANY -1
|
|
||||||
#define IP_PROTO_ICMP 1
|
|
||||||
#define IP_PROTO_TCP 6
|
|
||||||
#define IP_PROTO_UDP 17
|
|
||||||
|
|
||||||
struct ip_schema {
|
struct ip_schema {
|
||||||
int item_id_column;
|
int item_id_column;
|
||||||
int group_id_column;
|
int group_id_column;
|
||||||
@@ -36,10 +30,6 @@ struct ip_schema {
|
|||||||
int addr_format_column;
|
int addr_format_column;
|
||||||
int ip1_column;
|
int ip1_column;
|
||||||
int ip2_column;
|
int ip2_column;
|
||||||
int port_format_column;
|
|
||||||
int port1_column;
|
|
||||||
int port2_column;
|
|
||||||
int protocol_column;
|
|
||||||
int table_id;
|
int table_id;
|
||||||
struct table_manager *ref_tbl_mgr;
|
struct table_manager *ref_tbl_mgr;
|
||||||
};
|
};
|
||||||
@@ -63,10 +53,6 @@ struct ip_item {
|
|||||||
struct ipv6_item_rule ipv6;
|
struct ipv6_item_rule ipv6;
|
||||||
};
|
};
|
||||||
enum ip_format ip_format;
|
enum ip_format ip_format;
|
||||||
enum port_format port_format;
|
|
||||||
uint16_t min_port;
|
|
||||||
uint16_t max_port;
|
|
||||||
int proto;
|
|
||||||
};
|
};
|
||||||
|
|
||||||
struct ip_runtime {
|
struct ip_runtime {
|
||||||
@@ -172,46 +158,6 @@ void *ip_schema_new(cJSON *json, struct table_manager *tbl_mgr,
|
|||||||
goto error;
|
goto error;
|
||||||
}
|
}
|
||||||
|
|
||||||
custom_item = cJSON_GetObjectItem(item, "port_format");
|
|
||||||
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
|
||||||
ip_schema->port_format_column = custom_item->valueint;
|
|
||||||
} else {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> schema has no port_format column",
|
|
||||||
__FUNCTION__, __LINE__, table_name);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
custom_item = cJSON_GetObjectItem(item, "port1");
|
|
||||||
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
|
||||||
ip_schema->port1_column = custom_item->valueint;
|
|
||||||
} else {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> schema has no port1 column",
|
|
||||||
__FUNCTION__, __LINE__, table_name);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
custom_item = cJSON_GetObjectItem(item, "port2");
|
|
||||||
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
|
||||||
ip_schema->port2_column = custom_item->valueint;
|
|
||||||
} else {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> schema has no port2 column",
|
|
||||||
__FUNCTION__, __LINE__, table_name);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
custom_item = cJSON_GetObjectItem(item, "protocol");
|
|
||||||
if (custom_item != NULL && custom_item->type == cJSON_Number) {
|
|
||||||
ip_schema->protocol_column = custom_item->valueint;
|
|
||||||
} else {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> schema has no protocol column",
|
|
||||||
__FUNCTION__, __LINE__, table_name);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
ip_schema->ref_tbl_mgr = tbl_mgr;
|
ip_schema->ref_tbl_mgr = tbl_mgr;
|
||||||
return ip_schema;
|
return ip_schema;
|
||||||
error:
|
error:
|
||||||
@@ -231,7 +177,6 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
|
|||||||
size_t column_offset = 0;
|
size_t column_offset = 0;
|
||||||
size_t column_len = 0;
|
size_t column_len = 0;
|
||||||
char addr_format[16] = {0};
|
char addr_format[16] = {0};
|
||||||
char port_format[16] = {0};
|
|
||||||
char ip1_str[40] = {0};
|
char ip1_str[40] = {0};
|
||||||
char ip2_str[40] = {0};
|
char ip2_str[40] = {0};
|
||||||
struct ip_item *ip_item = ALLOC(struct ip_item, 1);
|
struct ip_item *ip_item = ALLOC(struct ip_item, 1);
|
||||||
@@ -331,71 +276,6 @@ ip_item_new(struct ip_schema *ip_schema, const char *table_name,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = get_column_pos(line, ip_schema->port_format_column, &column_offset,
|
|
||||||
&column_len);
|
|
||||||
if (ret < 0) {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> has no port_format in line:%s",
|
|
||||||
__FUNCTION__, __LINE__, table_name, line);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
memcpy(port_format, (line + column_offset), column_len);
|
|
||||||
if (PORT_FORMAT_UNKNOWN == port_format_str2int(port_format)) {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> has invalid port_format, "
|
|
||||||
"should be single/range in line:%s",
|
|
||||||
__FUNCTION__, __LINE__, table_name, line);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
ip_item->port_format = port_format_str2int(port_format);
|
|
||||||
|
|
||||||
ret = get_column_pos(line, ip_schema->port1_column, &column_offset,
|
|
||||||
&column_len);
|
|
||||||
if (ret < 0) {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s>) has no port1 in line:%s",
|
|
||||||
__FUNCTION__, __LINE__, table_name, line);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
ip_item->min_port = atoi(line + column_offset);
|
|
||||||
|
|
||||||
ret = get_column_pos(line, ip_schema->port2_column, &column_offset,
|
|
||||||
&column_len);
|
|
||||||
if (ret < 0) {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> has no port2 in line:%s",
|
|
||||||
__FUNCTION__, __LINE__, table_name, line);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
ip_item->max_port = atoi(line + column_offset);
|
|
||||||
|
|
||||||
ret = get_column_pos(line, ip_schema->protocol_column, &column_offset,
|
|
||||||
&column_len);
|
|
||||||
if (ret < 0) {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> has no protocol in line:%s",
|
|
||||||
__FUNCTION__, __LINE__, table_name, line);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
ip_item->proto = atoi(line + column_offset);
|
|
||||||
if (ip_item->proto != IP_PROTO_ANY && ip_item->proto != IP_PROTO_ICMP &&
|
|
||||||
ip_item->proto != IP_PROTO_TCP && ip_item->proto != IP_PROTO_UDP) {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> protocol:%d is illegal in line:%s",
|
|
||||||
__FUNCTION__, __LINE__, table_name, ip_item->proto, line);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (ip_item->proto != IP_PROTO_ANY && ip_item->proto != IP_PROTO_ICMP &&
|
|
||||||
ip_item->proto != IP_PROTO_TCP && ip_item->proto != IP_PROTO_UDP) {
|
|
||||||
log_fatal(logger, MODULE_IP,
|
|
||||||
"[%s:%d] ip table:<%s> protocol:%d is illegal in line:%s",
|
|
||||||
__FUNCTION__, __LINE__, table_name, ip_item->proto, line);
|
|
||||||
goto error;
|
|
||||||
}
|
|
||||||
|
|
||||||
return ip_item;
|
return ip_item;
|
||||||
error:
|
error:
|
||||||
FREE(ip_item);
|
FREE(ip_item);
|
||||||
@@ -497,13 +377,6 @@ static void ip_item_to_ip_rule(struct ip_item *item, struct ip_rule *rule)
|
|||||||
rule->rule_id = item->item_id;
|
rule->rule_id = item->item_id;
|
||||||
}
|
}
|
||||||
|
|
||||||
static void ip_item_to_port_rule(struct ip_item *item, struct interval_rule *rule)
|
|
||||||
{
|
|
||||||
rule->start = item->min_port;
|
|
||||||
rule->end = item->max_port;
|
|
||||||
rule->result.rule_id = item->item_id;
|
|
||||||
}
|
|
||||||
|
|
||||||
static int ip_runtime_update_row(struct ip_runtime *ip_rt, char *key, size_t key_len,
|
static int ip_runtime_update_row(struct ip_runtime *ip_rt, char *key, size_t key_len,
|
||||||
struct ip_item *item, int is_valid)
|
struct ip_item *item, int is_valid)
|
||||||
{
|
{
|
||||||
@@ -603,13 +476,11 @@ int ip_runtime_commit(void *ip_runtime, const char *table_name,
|
|||||||
ip_rt->ipv6_rule_num = 0;
|
ip_rt->ipv6_rule_num = 0;
|
||||||
|
|
||||||
struct ip_rule *rules = NULL;
|
struct ip_rule *rules = NULL;
|
||||||
struct interval_rule *interval_rules = NULL;
|
|
||||||
void **ex_data_array = NULL;
|
void **ex_data_array = NULL;
|
||||||
|
|
||||||
size_t rule_cnt = rcu_updating_hash_list(ip_rt->item_hash, &ex_data_array);
|
size_t rule_cnt = rcu_updating_hash_list(ip_rt->item_hash, &ex_data_array);
|
||||||
if (rule_cnt > 0) {
|
if (rule_cnt > 0) {
|
||||||
rules = ALLOC(struct ip_rule, rule_cnt);
|
rules = ALLOC(struct ip_rule, rule_cnt);
|
||||||
interval_rules = ALLOC(struct interval_rule, rule_cnt);
|
|
||||||
for (size_t i = 0; i < rule_cnt; i++) {
|
for (size_t i = 0; i < rule_cnt; i++) {
|
||||||
struct ip_item *item = (struct ip_item *)ex_data_array[i];
|
struct ip_item *item = (struct ip_item *)ex_data_array[i];
|
||||||
if (item->addr_type == IPv6) {
|
if (item->addr_type == IPv6) {
|
||||||
@@ -617,7 +488,6 @@ int ip_runtime_commit(void *ip_runtime, const char *table_name,
|
|||||||
}
|
}
|
||||||
|
|
||||||
ip_item_to_ip_rule(item, &rules[i]);
|
ip_item_to_ip_rule(item, &rules[i]);
|
||||||
ip_item_to_port_rule(item, &interval_rules[i]);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -663,10 +533,6 @@ int ip_runtime_commit(void *ip_runtime, const char *table_name,
|
|||||||
FREE(rules);
|
FREE(rules);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (interval_rules != NULL) {
|
|
||||||
FREE(interval_rules);
|
|
||||||
}
|
|
||||||
|
|
||||||
if (ex_data_array != NULL) {
|
if (ex_data_array != NULL) {
|
||||||
FREE(ex_data_array);
|
FREE(ex_data_array);
|
||||||
}
|
}
|
||||||
@@ -694,24 +560,8 @@ long long ip_runtime_ipv6_rule_count(void *ip_runtime)
|
|||||||
return ip_rt->ipv6_rule_num;
|
return ip_rt->ipv6_rule_num;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int validate_port_proto(struct ip_item *item, uint16_t port, int proto)
|
|
||||||
{
|
|
||||||
uint16_t host_port = ntohs(port);
|
|
||||||
|
|
||||||
if (item->min_port > host_port || item->max_port < host_port) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (item->proto != -1 && item->proto != proto) {
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
|
int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
|
||||||
uint8_t *ip_addr, uint16_t port, int proto,
|
uint8_t *ip_addr, int vtable_id, struct maat_state *state)
|
||||||
int vtable_id, struct maat_state *state)
|
|
||||||
{
|
{
|
||||||
if (0 == ip_rt->rule_num) {
|
if (0 == ip_rt->rule_num) {
|
||||||
//empty ip table
|
//empty ip table
|
||||||
@@ -760,11 +610,6 @@ int ip_runtime_scan(struct ip_runtime *ip_rt, int thread_id, int ip_type,
|
|||||||
continue;
|
continue;
|
||||||
}
|
}
|
||||||
|
|
||||||
ret = validate_port_proto(ip_item, port, proto);
|
|
||||||
if (ret < 0) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
hit_maat_items[real_hit_item_cnt].item_id = ip_results[i].rule_id;
|
hit_maat_items[real_hit_item_cnt].item_id = ip_results[i].rule_id;
|
||||||
hit_maat_items[real_hit_item_cnt].group_id = ip_item->group_id;
|
hit_maat_items[real_hit_item_cnt].group_id = ip_item->group_id;
|
||||||
real_hit_item_cnt++;
|
real_hit_item_cnt++;
|
||||||
|
|||||||
@@ -469,18 +469,6 @@ enum ip_format ip_format_str2int(const char *format)
|
|||||||
return IP_FORMAT_UNKNOWN;
|
return IP_FORMAT_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
|
||||||
enum port_format port_format_str2int(const char *format)
|
|
||||||
{
|
|
||||||
if (0 == strcasecmp(format, "single")) {
|
|
||||||
return PORT_FORMAT_SINGLE;
|
|
||||||
} else if (0 == strcasecmp(format, "range")) {
|
|
||||||
return PORT_FORMAT_RANGE;
|
|
||||||
} else {
|
|
||||||
assert(0);
|
|
||||||
}
|
|
||||||
return PORT_FORMAT_UNKNOWN;
|
|
||||||
}
|
|
||||||
|
|
||||||
int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2,
|
int ip_format2range(int ip_type, enum ip_format format, const char *ip1, const char *ip2,
|
||||||
uint32_t range_begin[], uint32_t range_end[])
|
uint32_t range_begin[], uint32_t range_end[])
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -350,13 +350,11 @@ void *perf_ip_scan_thread(void *arg)
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "100.64.1.1", &ip_addr);
|
inet_pton(AF_INET, "100.64.1.1", &ip_addr);
|
||||||
uint16_t port = htons(20000);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
clock_gettime(CLOCK_MONOTONIC, &start);
|
clock_gettime(CLOCK_MONOTONIC, &start);
|
||||||
for (int i = 0; i < param->test_times; i++) {
|
for (int i = 0; i < param->test_times; i++) {
|
||||||
int ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto,
|
int ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
if (ret == MAAT_SCAN_HIT) {
|
if (ret == MAAT_SCAN_HIT) {
|
||||||
hit_times++;
|
hit_times++;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -287,13 +287,11 @@ void *perf_ip_scan_thread(void *arg)
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "100.64.1.1", &ip_addr);
|
inet_pton(AF_INET, "100.64.1.1", &ip_addr);
|
||||||
uint16_t port = htons(20000);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
clock_gettime(CLOCK_MONOTONIC, &start);
|
clock_gettime(CLOCK_MONOTONIC, &start);
|
||||||
for (int i = 0; i < param->test_times; i++) {
|
for (int i = 0; i < param->test_times; i++) {
|
||||||
int ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto,
|
int ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
if (ret == MAAT_SCAN_HIT) {
|
if (ret == MAAT_SCAN_HIT) {
|
||||||
hit_times++;
|
hit_times++;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -313,8 +313,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -325,8 +325,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -337,8 +337,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -349,8 +349,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -361,8 +361,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -63,18 +63,14 @@
|
|||||||
"table_id":5,
|
"table_id":5,
|
||||||
"table_name":"NTC_UNIVERSAL_IP",
|
"table_name":"NTC_UNIVERSAL_IP",
|
||||||
"table_type":"ip_plus",
|
"table_type":"ip_plus",
|
||||||
"valid_column":11,
|
"valid_column":7,
|
||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"addr_type":3,
|
"addr_type":3,
|
||||||
"addr_format":4,
|
"addr_format":4,
|
||||||
"ip1":5,
|
"ip1":5,
|
||||||
"ip2":6,
|
"ip2":6
|
||||||
"port_format":7,
|
|
||||||
"port1":8,
|
|
||||||
"port2":9,
|
|
||||||
"protocol":10
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -85,26 +81,22 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"table_id":7,
|
"table_id":7,
|
||||||
"table_name":"WHITE_LIST_IP",
|
"table_name":"WHITE_LIST_IP",
|
||||||
"table_type":"ip_plus",
|
"table_type":"ip_plus",
|
||||||
"valid_column":11,
|
"valid_column":7,
|
||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"addr_type":3,
|
"addr_type":3,
|
||||||
"addr_format":4,
|
"addr_format":4,
|
||||||
"ip1":5,
|
"ip1":5,
|
||||||
"ip2":6,
|
"ip2":6
|
||||||
"port_format":7,
|
|
||||||
"port1":8,
|
|
||||||
"port2":9,
|
|
||||||
"protocol":10
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -237,11 +237,11 @@ int expr_table_set_line(struct maat *maat_inst, const char *table_name,
|
|||||||
return maat_cmd_set_line(maat_inst, &line_rule);
|
return maat_cmd_set_line(maat_inst, &line_rule);
|
||||||
}
|
}
|
||||||
|
|
||||||
int interval_table_set_line(struct maat *maat_inst, const char *table_name,
|
int
|
||||||
enum maat_operation op, long long item_id,
|
interval_table_set_line(struct maat *maat_inst, const char *table_name,
|
||||||
long long group_id, unsigned int low_boundary,
|
enum maat_operation op, long long item_id, long long group_id,
|
||||||
unsigned int up_boundary, const char *district,
|
unsigned int low_boundary, unsigned int up_boundary,
|
||||||
int expire_after)
|
const char *district, int expire_after)
|
||||||
{
|
{
|
||||||
char table_line[1024] = {0};
|
char table_line[1024] = {0};
|
||||||
int table_id = maat_get_table_id(maat_inst, table_name);
|
int table_id = maat_get_table_id(maat_inst, table_name);
|
||||||
@@ -273,8 +273,7 @@ int interval_table_set_line(struct maat *maat_inst, const char *table_name,
|
|||||||
int ip_table_set_line(struct maat *maat_inst, const char *table_name,
|
int ip_table_set_line(struct maat *maat_inst, const char *table_name,
|
||||||
enum maat_operation op, long long item_id,
|
enum maat_operation op, long long item_id,
|
||||||
long long group_id, enum IP_TYPE type, const char *ip1,
|
long long group_id, enum IP_TYPE type, const char *ip1,
|
||||||
const char *ip2, uint16_t port_min, uint16_t port_max,
|
const char *ip2, int expire_after)
|
||||||
int expire_after)
|
|
||||||
{
|
{
|
||||||
char table_line[1024] = {0};
|
char table_line[1024] = {0};
|
||||||
int table_id = maat_get_table_id(maat_inst, table_name);
|
int table_id = maat_get_table_id(maat_inst, table_name);
|
||||||
@@ -287,9 +286,8 @@ int ip_table_set_line(struct maat *maat_inst, const char *table_name,
|
|||||||
ip_type = IPV6;
|
ip_type = IPV6;
|
||||||
}
|
}
|
||||||
|
|
||||||
sprintf(table_line, "%lld\t%lld\t%d\t%s\t%s\t%s\t%s\t%u\t%u\t6\t%d",
|
sprintf(table_line, "%lld\t%lld\t%d\t%s\t%s\t%s\t%d",
|
||||||
item_id, group_id, ip_type, "range", ip1, ip2, "range",
|
item_id, group_id, ip_type, "range", ip1, ip2, op);
|
||||||
port_min, port_max, op);
|
|
||||||
struct maat_cmd_line line_rule;
|
struct maat_cmd_line line_rule;
|
||||||
|
|
||||||
line_rule.rule_id = item_id;
|
line_rule.rule_id = item_id;
|
||||||
@@ -2832,14 +2830,12 @@ TEST_F(MaatIPScan, IPv4ScanDataFull_0) {
|
|||||||
uint32_t sip1;
|
uint32_t sip1;
|
||||||
int ret = inet_pton(AF_INET, ip_str1, &sip1);
|
int ret = inet_pton(AF_INET, ip_str1, &sip1);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(65530);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip1, port, proto,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip1, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
EXPECT_EQ(n_hit_result, 0);
|
EXPECT_EQ(n_hit_result, 0);
|
||||||
|
|
||||||
@@ -2863,14 +2859,12 @@ TEST_F(MaatIPScan, IPv4ScanDataFull_1) {
|
|||||||
uint32_t sip1;
|
uint32_t sip1;
|
||||||
int ret = inet_pton(AF_INET, ip_str1, &sip1);
|
int ret = inet_pton(AF_INET, ip_str1, &sip1);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(5210);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip1, port, proto,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip1, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
EXPECT_EQ(n_hit_result, 0);
|
EXPECT_EQ(n_hit_result, 0);
|
||||||
|
|
||||||
@@ -2894,25 +2888,12 @@ TEST_F(MaatIPScan, IPv4RuleFull_0) {
|
|||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
int ret = inet_pton(AF_INET, ip_str, &sip);
|
int ret = inet_pton(AF_INET, ip_str, &sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(20303);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
|
||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
|
||||||
|
|
||||||
maat_state_reset(state);
|
|
||||||
|
|
||||||
port = htons(64999);
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip, port, proto,
|
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 169);
|
EXPECT_EQ(results[0], 169);
|
||||||
@@ -2937,16 +2918,15 @@ TEST_F(MaatIPScan, IPv6ScanDataFull_0) {
|
|||||||
uint8_t sip[16];
|
uint8_t sip[16];
|
||||||
int ret = inet_pton(AF_INET6, ip_str, sip);
|
int ret = inet_pton(AF_INET6, ip_str, sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(65510);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv6(maat_inst, table_id, sip, port, proto,
|
ret = maat_scan_ipv6(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 0);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
|
EXPECT_EQ(results[0], 210);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
@@ -2967,14 +2947,12 @@ TEST_F(MaatIPScan, IPv6ScanDataFull_1) {
|
|||||||
uint8_t sip[16];
|
uint8_t sip[16];
|
||||||
int ret = inet_pton(AF_INET6, ip_str, sip);
|
int ret = inet_pton(AF_INET6, ip_str, sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(65510);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv6(maat_inst, table_id, sip, port, proto,
|
ret = maat_scan_ipv6(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
EXPECT_EQ(n_hit_result, 0);
|
EXPECT_EQ(n_hit_result, 0);
|
||||||
|
|
||||||
@@ -2997,25 +2975,13 @@ TEST_F(MaatIPScan, IPv6RuleFull_0) {
|
|||||||
uint8_t sip[16];
|
uint8_t sip[16];
|
||||||
int ret = inet_pton(AF_INET6, ip_str, sip);
|
int ret = inet_pton(AF_INET6, ip_str, sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(20303);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv6(maat_inst, table_id, sip, port, proto,
|
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_ipv6(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
|
||||||
|
|
||||||
maat_state_reset(state);
|
|
||||||
|
|
||||||
port = htons(64999);
|
|
||||||
ret = maat_scan_ipv6(maat_inst, table_id, sip, port, proto,
|
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 210);
|
EXPECT_EQ(results[0], 210);
|
||||||
@@ -3040,14 +3006,12 @@ TEST_F(MaatIPScan, IPv4_IPPort) {
|
|||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
int ret = inet_pton(AF_INET, ip_str, &sip);
|
int ret = inet_pton(AF_INET, ip_str, &sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(65530);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 2);
|
EXPECT_EQ(n_hit_result, 2);
|
||||||
EXPECT_EQ(results[0], 208);
|
EXPECT_EQ(results[0], 208);
|
||||||
@@ -3071,17 +3035,16 @@ TEST_F(MaatIPScan, IPv6_IPPort) {
|
|||||||
uint8_t sip[16];
|
uint8_t sip[16];
|
||||||
int ret = inet_pton(AF_INET6, ip_str, &sip);
|
int ret = inet_pton(AF_INET6, ip_str, &sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(65510);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv6(maat_inst, table_id, sip, port, proto,
|
ret = maat_scan_ipv6(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 2);
|
||||||
EXPECT_EQ(results[0], 155);
|
EXPECT_EQ(results[0], 210);
|
||||||
|
EXPECT_EQ(results[1], 155);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
@@ -3101,14 +3064,12 @@ TEST_F(MaatIPScan, BugReport20210515) {
|
|||||||
uint8_t ip_addr[sizeof(struct in6_addr)];
|
uint8_t ip_addr[sizeof(struct in6_addr)];
|
||||||
int ret = inet_pton(AF_INET6, ip_str, &ip_addr);
|
int ret = inet_pton(AF_INET6, ip_str, &ip_addr);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(41159);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv6(maat_inst, table_id, ip_addr, port, proto,
|
ret = maat_scan_ipv6(maat_inst, table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
||||||
@@ -3129,14 +3090,12 @@ TEST_F(MaatIPScan, dynamic_config) {
|
|||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
int ret = inet_pton(AF_INET, ip_str, &sip);
|
int ret = inet_pton(AF_INET, ip_str, &sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(100);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
struct maat_state *state = maat_state_new(maat_inst, thread_id);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
EXPECT_EQ(n_hit_result, 0);
|
EXPECT_EQ(n_hit_result, 0);
|
||||||
|
|
||||||
@@ -3164,14 +3123,13 @@ TEST_F(MaatIPScan, dynamic_config) {
|
|||||||
/* ip table add line */
|
/* ip table add line */
|
||||||
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
|
ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
|
||||||
group_id, IPv4, "100.100.100.100", "100.100.100.100",
|
group_id, IPv4, "100.100.100.100", "100.100.100.100", 0);
|
||||||
100, 100, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
sleep(WAIT_FOR_EFFECTIVE_S);
|
sleep(WAIT_FOR_EFFECTIVE_S);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], compile_id);
|
EXPECT_EQ(results[0], compile_id);
|
||||||
@@ -3184,8 +3142,7 @@ TEST_F(MaatIPScan, dynamic_config) {
|
|||||||
|
|
||||||
/* ip table del line */
|
/* ip table del line */
|
||||||
ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_DEL, item_id,
|
ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_DEL, item_id,
|
||||||
group_id, IPv4, "100.100.100.100", "100.100.100.100",
|
group_id, IPv4, "100.100.100.100", "100.100.100.100", 0);
|
||||||
100, 100, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
/* group2compile table del line */
|
/* group2compile table del line */
|
||||||
@@ -3200,8 +3157,8 @@ TEST_F(MaatIPScan, dynamic_config) {
|
|||||||
|
|
||||||
sleep(WAIT_FOR_EFFECTIVE_S);
|
sleep(WAIT_FOR_EFFECTIVE_S);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
||||||
@@ -3660,14 +3617,12 @@ TEST_F(NOTLogic, ScanHitAtLastEmptyExpr) {
|
|||||||
|
|
||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
inet_pton(AF_INET, "10.0.8.186", &sip);
|
inet_pton(AF_INET, "10.0.8.186", &sip);
|
||||||
uint16_t port = htons(18611);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int hit_table_id = maat_get_table_id(maat_inst, hit_table_name);
|
int hit_table_id = maat_get_table_id(maat_inst, hit_table_name);
|
||||||
ASSERT_GT(hit_table_id, 0);
|
ASSERT_GT(hit_table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, hit_table_id, sip, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, hit_table_id, sip, results, ARRAY_SIZE,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 186);
|
EXPECT_EQ(results[0], 186);
|
||||||
@@ -3717,14 +3672,12 @@ TEST_F(NOTLogic, ScanHitAtLastEmptyInteger) {
|
|||||||
|
|
||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
inet_pton(AF_INET, "10.0.8.187", &sip);
|
inet_pton(AF_INET, "10.0.8.187", &sip);
|
||||||
uint16_t port = htons(18611);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int hit_table_id = maat_get_table_id(maat_inst, hit_table_name);
|
int hit_table_id = maat_get_table_id(maat_inst, hit_table_name);
|
||||||
ASSERT_GT(hit_table_id, 0);
|
ASSERT_GT(hit_table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, hit_table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, hit_table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 187);
|
EXPECT_EQ(results[0], 187);
|
||||||
@@ -3773,19 +3726,19 @@ TEST_F(NOTLogic, ScanNotIP) {
|
|||||||
|
|
||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
inet_pton(AF_INET, "10.0.6.205", &sip);
|
inet_pton(AF_INET, "10.0.6.205", &sip);
|
||||||
uint16_t port = htons(50001);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int not_hit_table_id = maat_get_table_id(maat_inst, not_hit_table_name);
|
int not_hit_table_id = maat_get_table_id(maat_inst, not_hit_table_name);
|
||||||
ASSERT_GT(not_hit_table_id, 0);
|
ASSERT_GT(not_hit_table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, not_hit_table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, not_hit_table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, not_hit_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, not_hit_table_id, results, ARRAY_SIZE,
|
||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
|
EXPECT_EQ(results[0], 145);
|
||||||
|
|
||||||
maat_state_reset(state);
|
maat_state_reset(state);
|
||||||
|
|
||||||
@@ -3795,16 +3748,14 @@ TEST_F(NOTLogic, ScanNotIP) {
|
|||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
inet_pton(AF_INET, "10.1.0.0", &sip);
|
inet_pton(AF_INET, "10.0.6.201", &sip);
|
||||||
ret = maat_scan_ipv4(maat_inst, not_hit_table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, not_hit_table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, not_hit_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, not_hit_table_id, results, ARRAY_SIZE,
|
||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
|
||||||
EXPECT_EQ(results[0], 145);
|
|
||||||
|
|
||||||
maat_state_free(state);
|
maat_state_free(state);
|
||||||
state = NULL;
|
state = NULL;
|
||||||
@@ -3902,14 +3853,12 @@ TEST_F(NOTLogic, NotUrlAndNotIp) {
|
|||||||
|
|
||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
inet_pton(AF_INET, "10.0.6.201", &sip);
|
inet_pton(AF_INET, "10.0.6.201", &sip);
|
||||||
uint16_t port = htons(50001);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int ip_table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int ip_table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(ip_table_id, 0);
|
ASSERT_GT(ip_table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -3932,8 +3881,8 @@ TEST_F(NOTLogic, NotUrlAndNotIp) {
|
|||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
inet_pton(AF_INET, "10.1.0.0", &sip);
|
inet_pton(AF_INET, "10.1.0.0", &sip);
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -3958,8 +3907,8 @@ TEST_F(NOTLogic, NotUrlAndNotIp) {
|
|||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
inet_pton(AF_INET, "10.1.0.0", &sip);
|
inet_pton(AF_INET, "10.1.0.0", &sip);
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, sip, port, proto,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, sip, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -4543,9 +4492,8 @@ TEST_F(NOTLogic, MultiLiteralsInOneNotClause) {
|
|||||||
//--------------------------------------
|
//--------------------------------------
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.40.88", &ip_addr);
|
inet_pton(AF_INET, "192.168.40.88", &ip_addr);
|
||||||
uint16_t port = htons(8888);
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
&n_hit_result, state);
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_string(maat_inst, ip_geo_table_id, my_county, strlen(my_county),
|
ret = maat_scan_string(maat_inst, ip_geo_table_id, my_county, strlen(my_county),
|
||||||
@@ -4563,8 +4511,8 @@ TEST_F(NOTLogic, MultiLiteralsInOneNotClause) {
|
|||||||
//--------------------------------------
|
//--------------------------------------
|
||||||
inet_pton(AF_INET, "192.168.40.89", &ip_addr);
|
inet_pton(AF_INET, "192.168.40.89", &ip_addr);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_string(maat_inst, ip_geo_table_id, my_county, strlen(my_county),
|
ret = maat_scan_string(maat_inst, ip_geo_table_id, my_county, strlen(my_county),
|
||||||
@@ -4606,7 +4554,6 @@ TEST_F(NOTLogic, SameVtableInMultiClause) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.40.88", &ip_addr);
|
inet_pton(AF_INET, "192.168.40.88", &ip_addr);
|
||||||
uint16_t port = htons(8888);
|
|
||||||
//-------------------------------------------
|
//-------------------------------------------
|
||||||
// Dest ASN1 & Dest ASN3 & IP Config
|
// Dest ASN1 & Dest ASN3 & IP Config
|
||||||
//-------------------------------------------
|
//-------------------------------------------
|
||||||
@@ -4618,8 +4565,8 @@ TEST_F(NOTLogic, SameVtableInMultiClause) {
|
|||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
results, ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, dst_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, dst_table_id, results, ARRAY_SIZE,
|
||||||
@@ -4643,8 +4590,8 @@ TEST_F(NOTLogic, SameVtableInMultiClause) {
|
|||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
maat_state_reset(state);
|
maat_state_reset(state);
|
||||||
@@ -4668,8 +4615,8 @@ TEST_F(NOTLogic, SameVtableInMultiClause) {
|
|||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
maat_state_reset(state);
|
maat_state_reset(state);
|
||||||
@@ -4685,8 +4632,8 @@ TEST_F(NOTLogic, SameVtableInMultiClause) {
|
|||||||
&n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 185);
|
EXPECT_EQ(results[0], 185);
|
||||||
@@ -4701,8 +4648,8 @@ TEST_F(NOTLogic, SameVtableInMultiClause) {
|
|||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
inet_pton(AF_INET, "192.168.40.89", &ip_addr);
|
inet_pton(AF_INET, "192.168.40.89", &ip_addr);
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, dst_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, dst_table_id, results, ARRAY_SIZE,
|
||||||
@@ -4896,10 +4843,8 @@ TEST_F(ExcludeLogic, ScanVirtualTable) {
|
|||||||
uint32_t should_not_hit_ip;
|
uint32_t should_not_hit_ip;
|
||||||
inet_pton(AF_INET, "100.64.1.1", &should_hit_ip);
|
inet_pton(AF_INET, "100.64.1.1", &should_hit_ip);
|
||||||
|
|
||||||
uint16_t port = htons(5210);
|
int ret = maat_scan_ipv4(maat_inst, table_id, should_hit_ip, results,
|
||||||
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
int ret = maat_scan_ipv4(maat_inst, table_id, should_hit_ip, port, 6,
|
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 202);
|
EXPECT_EQ(results[0], 202);
|
||||||
@@ -4910,8 +4855,8 @@ TEST_F(ExcludeLogic, ScanVirtualTable) {
|
|||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
inet_pton(AF_INET, "100.64.1.5", &should_hit_ip);
|
inet_pton(AF_INET, "100.64.1.5", &should_hit_ip);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, should_hit_ip, port, 6,
|
ret = maat_scan_ipv4(maat_inst, table_id, should_hit_ip, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 202);
|
EXPECT_EQ(results[0], 202);
|
||||||
@@ -4923,8 +4868,8 @@ TEST_F(ExcludeLogic, ScanVirtualTable) {
|
|||||||
maat_state_reset(state);
|
maat_state_reset(state);
|
||||||
|
|
||||||
inet_pton(AF_INET, "100.64.1.6", &should_not_hit_ip);
|
inet_pton(AF_INET, "100.64.1.6", &should_not_hit_ip);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, should_not_hit_ip, port, 6,
|
ret = maat_scan_ipv4(maat_inst, table_id, should_not_hit_ip, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
||||||
@@ -4934,8 +4879,8 @@ TEST_F(ExcludeLogic, ScanVirtualTable) {
|
|||||||
maat_state_reset(state);
|
maat_state_reset(state);
|
||||||
|
|
||||||
inet_pton(AF_INET, "100.64.1.11", &should_not_hit_ip);
|
inet_pton(AF_INET, "100.64.1.11", &should_not_hit_ip);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, should_not_hit_ip, port, 6,
|
ret = maat_scan_ipv4(maat_inst, table_id, should_not_hit_ip, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
||||||
@@ -4958,10 +4903,9 @@ TEST_F(ExcludeLogic, ScanWithMultiClause) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.50.43", &ip_addr);
|
inet_pton(AF_INET, "192.168.50.43", &ip_addr);
|
||||||
uint16_t port = htons(56168);
|
|
||||||
|
|
||||||
int ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
int ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -4969,9 +4913,8 @@ TEST_F(ExcludeLogic, ScanWithMultiClause) {
|
|||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
inet_pton(AF_INET, "47.92.108.93", &ip_addr);
|
inet_pton(AF_INET, "47.92.108.93", &ip_addr);
|
||||||
port = htons(443);
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
&n_hit_result, state);
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -5021,10 +4964,9 @@ TEST_F(ExcludeLogic, ExcludeInDifferentLevel) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "100.64.2.1", &ip_addr);
|
inet_pton(AF_INET, "100.64.2.1", &ip_addr);
|
||||||
uint16_t port = htons(56168);
|
|
||||||
|
|
||||||
int ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
int ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -5032,10 +4974,9 @@ TEST_F(ExcludeLogic, ExcludeInDifferentLevel) {
|
|||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
inet_pton(AF_INET, "100.64.2.6", &ip_addr);
|
inet_pton(AF_INET, "100.64.2.6", &ip_addr);
|
||||||
port = htons(443);
|
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -6501,8 +6442,7 @@ TEST_F(Policy, SubGroup) {
|
|||||||
const char *scan_data = "ceshi6@mailhost.cn";
|
const char *scan_data = "ceshi6@mailhost.cn";
|
||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET,"10.0.6.205", &ip_addr);
|
inet_pton(AF_INET,"10.0.6.201", &ip_addr);
|
||||||
uint16_t port = htons(50001);
|
|
||||||
|
|
||||||
int table_id = maat_get_table_id(maat_inst, "MAIL_ADDR");
|
int table_id = maat_get_table_id(maat_inst, "MAIL_ADDR");
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
@@ -6518,8 +6458,8 @@ TEST_F(Policy, SubGroup) {
|
|||||||
table_id = maat_get_table_id(maat_inst, "IP_CONFIG");
|
table_id = maat_get_table_id(maat_inst, "IP_CONFIG");
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(results[0], 153);
|
EXPECT_EQ(results[0], 153);
|
||||||
@@ -6605,14 +6545,13 @@ TEST_F(Policy, EvaluationOrder) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.23.23", &ip_addr);
|
inet_pton(AF_INET, "192.168.23.23", &ip_addr);
|
||||||
uint16_t port = htons(65530);
|
|
||||||
|
|
||||||
table_id = maat_get_table_id(maat_inst, "IP_PLUS_CONFIG");
|
table_id = maat_get_table_id(maat_inst, "IP_PLUS_CONFIG");
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
memset(results, 0, sizeof(results));
|
memset(results, 0, sizeof(results));
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 165);
|
EXPECT_EQ(results[0], 165);
|
||||||
@@ -6646,9 +6585,8 @@ TEST_F(Policy, NotClauseHitPath) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.101.101", &ip_addr);
|
inet_pton(AF_INET, "192.168.101.101", &ip_addr);
|
||||||
uint16_t port = htons(65530);
|
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
EXPECT_EQ(ret, MAAT_SCAN_OK);
|
||||||
|
|
||||||
@@ -7211,10 +7149,9 @@ TEST_F(HierarchyTest, MultiLiteralsInOneClause) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.40.88", &ip_addr);
|
inet_pton(AF_INET, "192.168.40.88", &ip_addr);
|
||||||
uint16_t port = htons(8888);
|
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 180);
|
EXPECT_EQ(results[0], 180);
|
||||||
@@ -7228,8 +7165,8 @@ TEST_F(HierarchyTest, MultiLiteralsInOneClause) {
|
|||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
results, ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 180);
|
EXPECT_EQ(results[0], 180);
|
||||||
@@ -7247,8 +7184,8 @@ TEST_F(HierarchyTest, MultiLiteralsInOneClause) {
|
|||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
results, ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], 180);
|
EXPECT_EQ(results[0], 180);
|
||||||
@@ -7324,11 +7261,9 @@ TEST_F(MaatCmdTest, SetIP) {
|
|||||||
/* item table add line */
|
/* item table add line */
|
||||||
const char *ip1 = "172.0.0.1";
|
const char *ip1 = "172.0.0.1";
|
||||||
const char *ip2 = "172.0.0.1";
|
const char *ip2 = "172.0.0.1";
|
||||||
uint16_t port_min = 53331;
|
|
||||||
uint16_t port_max = 53331;
|
|
||||||
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item_id,
|
||||||
group_id, IPv4, ip1, ip2, port_min, port_max, 0);
|
group_id, IPv4, ip1, ip2, 0);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
sleep(WAIT_FOR_EFFECTIVE_S);
|
sleep(WAIT_FOR_EFFECTIVE_S);
|
||||||
@@ -7336,14 +7271,12 @@ TEST_F(MaatCmdTest, SetIP) {
|
|||||||
uint32_t sip;
|
uint32_t sip;
|
||||||
ret = inet_pton(AF_INET, ip1, &sip);
|
ret = inet_pton(AF_INET, ip1, &sip);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
uint16_t port = htons(53331);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GE(table_id, 0);
|
ASSERT_GE(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, sip, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, sip, results, ARRAY_SIZE,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
EXPECT_EQ(results[0], compile_id);
|
EXPECT_EQ(results[0], compile_id);
|
||||||
@@ -8962,8 +8895,7 @@ TEST_F(MaatCmdTest, HitGroup) {
|
|||||||
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
||||||
group3_id, IPv4, "220.181.38.150", "220.181.38.151",
|
group3_id, IPv4, "220.181.38.150", "220.181.38.151", 0);
|
||||||
0, 65535, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
char temp[1024]={0};
|
char temp[1024]={0};
|
||||||
@@ -9115,9 +9047,8 @@ TEST_F(MaatCmdTest, HitGroup) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "220.181.38.150", &ip_addr);
|
inet_pton(AF_INET, "220.181.38.150", &ip_addr);
|
||||||
uint16_t port = htons(17272);
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6, results,
|
&n_hit_result, state);
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, ip_table_id, results, ARRAY_SIZE,
|
||||||
@@ -9257,8 +9188,7 @@ TEST_F(MaatCmdTest, HitPathBasic) {
|
|||||||
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
||||||
group3_id, IPv4, "220.181.38.148", "220.181.38.149",
|
group3_id, IPv4, "220.181.38.148", "220.181.38.149", 0);
|
||||||
0, 65535, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
char temp[1024]={0};
|
char temp[1024]={0};
|
||||||
@@ -9418,8 +9348,8 @@ that the edges be all directed in the same direction.";
|
|||||||
Nth_scan++;
|
Nth_scan++;
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "220.181.38.148", &ip_addr);
|
inet_pton(AF_INET, "220.181.38.148", &ip_addr);
|
||||||
uint16_t port = htons(17272);
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -9571,8 +9501,7 @@ TEST_F(MaatCmdTest, HitPathAdvanced) {
|
|||||||
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
||||||
group3_id, IPv4, "220.181.38.168", "220.181.38.169",
|
group3_id, IPv4, "220.181.38.168", "220.181.38.169", 0);
|
||||||
0, 65535, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
||||||
@@ -9697,12 +9626,11 @@ TEST_F(MaatCmdTest, HitPathAdvanced) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "220.181.38.168", &ip_addr);
|
inet_pton(AF_INET, "220.181.38.168", &ip_addr);
|
||||||
uint16_t port = htons(17272);
|
|
||||||
|
|
||||||
int ip_table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int ip_table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(ip_table_id, 0);
|
ASSERT_GT(ip_table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
@@ -9921,8 +9849,7 @@ TEST_F(MaatCmdTest, HitPathHasNotGroup) {
|
|||||||
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group3_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item3_id,
|
||||||
group3_id, IPv4, "220.181.38.158", "220.181.38.159",
|
group3_id, IPv4, "220.181.38.158", "220.181.38.159", 0);
|
||||||
0, 65535, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
char temp[1024]={0};
|
char temp[1024]={0};
|
||||||
@@ -10086,8 +10013,7 @@ TEST_F(MaatCmdTest, HitPathHasNotGroup) {
|
|||||||
Nth_scan++;
|
Nth_scan++;
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "220.181.38.158", &ip_addr);
|
inet_pton(AF_INET, "220.181.38.158", &ip_addr);
|
||||||
uint16_t port = htons(17272);
|
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, results,
|
||||||
ret = maat_scan_ipv4(maat_inst, ip_table_id, ip_addr, port, 6, results,
|
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -10267,8 +10193,7 @@ TEST_F(MaatCmdTest, SameScanStatusWhenClauseUpdate_TSG6419) {
|
|||||||
|
|
||||||
long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
|
||||||
group11_id, IPv4, "192.168.2.1", "192.168.2.4",
|
group11_id, IPv4, "192.168.2.1", "192.168.2.4", 0);
|
||||||
0, 65535, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
@@ -10286,10 +10211,9 @@ TEST_F(MaatCmdTest, SameScanStatusWhenClauseUpdate_TSG6419) {
|
|||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.2.2", &ip_addr);
|
inet_pton(AF_INET, "192.168.2.2", &ip_addr);
|
||||||
uint16_t port = htons(50001);
|
|
||||||
|
|
||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -10378,8 +10302,7 @@ TEST_F(MaatCmdTest, GroupEdit) {
|
|||||||
|
|
||||||
long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
|
||||||
group11_id, IPv4, "192.168.3.1", "192.168.3.4",
|
group11_id, IPv4, "192.168.3.1", "192.168.3.4", 0);
|
||||||
0, 65535, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group21_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
@@ -10396,7 +10319,6 @@ TEST_F(MaatCmdTest, GroupEdit) {
|
|||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.3.2", &ip_addr);
|
inet_pton(AF_INET, "192.168.3.2", &ip_addr);
|
||||||
uint16_t port = htons(50001);
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
@@ -10404,7 +10326,7 @@ TEST_F(MaatCmdTest, GroupEdit) {
|
|||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -10441,7 +10363,7 @@ TEST_F(MaatCmdTest, GroupEdit) {
|
|||||||
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
//TODO: EXPECT_EQ(ret,?)
|
//TODO: EXPECT_EQ(ret,?)
|
||||||
|
|
||||||
@@ -10477,7 +10399,7 @@ TEST_F(MaatCmdTest, GroupEdit) {
|
|||||||
|
|
||||||
memset(results, 0, sizeof(results));
|
memset(results, 0, sizeof(results));
|
||||||
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -10519,15 +10441,13 @@ TEST_F(MaatCmdTest, CompileDelete_TSG6548) {
|
|||||||
|
|
||||||
long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item11_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item11_id,
|
||||||
group11_id, IPv4, "192.168.73.163", "192.168.73.180",
|
group11_id, IPv4, "192.168.73.163", "192.168.73.180", 0);
|
||||||
0, 65535, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
sleep(WAIT_FOR_EFFECTIVE_S * 2);
|
sleep(WAIT_FOR_EFFECTIVE_S * 2);
|
||||||
|
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
inet_pton(AF_INET, "192.168.73.169", &ip_addr);
|
inet_pton(AF_INET, "192.168.73.169", &ip_addr);
|
||||||
uint16_t port = htons(50001);
|
|
||||||
|
|
||||||
long long results[ARRAY_SIZE] = {0};
|
long long results[ARRAY_SIZE] = {0};
|
||||||
size_t n_hit_result = 0;
|
size_t n_hit_result = 0;
|
||||||
@@ -10535,7 +10455,7 @@ TEST_F(MaatCmdTest, CompileDelete_TSG6548) {
|
|||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HIT);
|
||||||
EXPECT_EQ(n_hit_result, 1);
|
EXPECT_EQ(n_hit_result, 1);
|
||||||
@@ -10558,7 +10478,7 @@ TEST_F(MaatCmdTest, CompileDelete_TSG6548) {
|
|||||||
time_t update_time = time(NULL);
|
time_t update_time = time(NULL);
|
||||||
time_t now = update_time;
|
time_t now = update_time;
|
||||||
while (now - update_time < 3) {
|
while (now - update_time < 3) {
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
if (ret == MAAT_SCAN_HIT) {
|
if (ret == MAAT_SCAN_HIT) {
|
||||||
hit_cnt++;
|
hit_cnt++;
|
||||||
@@ -10835,8 +10755,7 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenIncUpdate) {
|
|||||||
long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
|
||||||
group2_id, IPv4, "100.100.100.1", "100.100.100.1",
|
group2_id, IPv4, "100.100.100.1", "100.100.100.1", 0);
|
||||||
100, 100, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
||||||
@@ -10852,13 +10771,10 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenIncUpdate) {
|
|||||||
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
uint16_t port = htons(100);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -10894,7 +10810,7 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenIncUpdate) {
|
|||||||
*/
|
*/
|
||||||
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -10942,7 +10858,7 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenFullUpdate) {
|
|||||||
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD,
|
||||||
item2_id, group2_id, IPv4, "100.100.100.2",
|
item2_id, group2_id, IPv4, "100.100.100.2",
|
||||||
"100.100.100.2", 100, 100, 0);
|
"100.100.100.2", 0);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
||||||
@@ -10958,13 +10874,10 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenFullUpdate) {
|
|||||||
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
uint16_t port = htons(100);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -10998,7 +10911,7 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenFullUpdate) {
|
|||||||
*/
|
*/
|
||||||
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -11045,8 +10958,7 @@ TEST_F(MaatCmdTest, IPAndStringScanWhenIncUpdate) {
|
|||||||
long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
|
||||||
group2_id, IPv4, "100.100.100.1", "100.100.100.1",
|
group2_id, IPv4, "100.100.100.1", "100.100.100.1", 0);
|
||||||
100, 100, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
||||||
@@ -11062,14 +10974,11 @@ TEST_F(MaatCmdTest, IPAndStringScanWhenIncUpdate) {
|
|||||||
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
uint16_t port = htons(100);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results, ARRAY_SIZE,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
&n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
ret = maat_scan_not_logic(maat_inst, table_id, results, ARRAY_SIZE,
|
||||||
@@ -11103,7 +11012,7 @@ TEST_F(MaatCmdTest, IPAndStringScanWhenIncUpdate) {
|
|||||||
*/
|
*/
|
||||||
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -11149,8 +11058,7 @@ TEST_F(MaatCmdTest, IPAndStringScanWhenFullupdate) {
|
|||||||
long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
long long group2_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
|
||||||
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
|
ret = ip_table_set_line(maat_inst, ip_table_name, MAAT_OP_ADD, item2_id,
|
||||||
group2_id, IPv4, "100.100.100.3", "100.100.100.3",
|
group2_id, IPv4, "100.100.100.3", "100.100.100.3", 0);
|
||||||
100, 100, 0);
|
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
|
||||||
@@ -11166,13 +11074,10 @@ TEST_F(MaatCmdTest, IPAndStringScanWhenFullupdate) {
|
|||||||
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
uint16_t port = htons(100);
|
|
||||||
int proto = 6;
|
|
||||||
|
|
||||||
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
int table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
@@ -11206,7 +11111,7 @@ TEST_F(MaatCmdTest, IPAndStringScanWhenFullupdate) {
|
|||||||
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
table_id = maat_get_table_id(maat_inst, ip_table_name);
|
||||||
ASSERT_GT(table_id, 0);
|
ASSERT_GT(table_id, 0);
|
||||||
|
|
||||||
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, proto, results,
|
ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
EXPECT_EQ(ret, MAAT_SCAN_HALF_HIT);
|
||||||
|
|
||||||
|
|||||||
@@ -232,8 +232,7 @@ static int expr_table_set_line(struct maat *maat_inst, const char *table_name,
|
|||||||
static int ip_table_set_line(struct maat *maat_inst, const char *table_name,
|
static int ip_table_set_line(struct maat *maat_inst, const char *table_name,
|
||||||
enum maat_operation op, long long item_id,
|
enum maat_operation op, long long item_id,
|
||||||
long long group_id, enum IP_TYPE type, const char *ip1,
|
long long group_id, enum IP_TYPE type, const char *ip1,
|
||||||
const char *ip2, uint16_t port_min, uint16_t port_max,
|
const char *ip2, int expire_after)
|
||||||
int expire_after)
|
|
||||||
{
|
{
|
||||||
char table_line[1024] = {0};
|
char table_line[1024] = {0};
|
||||||
int table_id = maat_get_table_id(maat_inst, table_name);
|
int table_id = maat_get_table_id(maat_inst, table_name);
|
||||||
@@ -246,9 +245,8 @@ static int ip_table_set_line(struct maat *maat_inst, const char *table_name,
|
|||||||
ip_type = IPV6;
|
ip_type = IPV6;
|
||||||
}
|
}
|
||||||
|
|
||||||
sprintf(table_line, "%lld\t%lld\t%d\t%s\t%s\t%s\t%s\t%u\t%u\t6\t%d",
|
sprintf(table_line, "%lld\t%lld\t%d\t%s\t%s\t%s\t%d",
|
||||||
item_id, group_id, ip_type, "range", ip1, ip2,
|
item_id, group_id, ip_type, "range", ip1, ip2, op);
|
||||||
"range", port_min, port_max, op);
|
|
||||||
struct maat_cmd_line line_rule;
|
struct maat_cmd_line line_rule;
|
||||||
|
|
||||||
line_rule.rule_id = item_id;
|
line_rule.rule_id = item_id;
|
||||||
@@ -259,10 +257,10 @@ static int ip_table_set_line(struct maat *maat_inst, const char *table_name,
|
|||||||
return maat_cmd_set_line(maat_inst, &line_rule);
|
return maat_cmd_set_line(maat_inst, &line_rule);
|
||||||
}
|
}
|
||||||
|
|
||||||
static int integer_table_set_line(struct maat *maat_inst, const char *table_name,
|
static int
|
||||||
enum maat_operation op, long long item_id,
|
integer_table_set_line(struct maat *maat_inst, const char *table_name,
|
||||||
long long group_id, int low_bound, int up_bound,
|
enum maat_operation op, long long item_id, long long group_id,
|
||||||
int expire_after)
|
int low_boundary, int up_boundary, int expire_after)
|
||||||
{
|
{
|
||||||
char table_line[1024] = {0};
|
char table_line[1024] = {0};
|
||||||
int table_id = maat_get_table_id(maat_inst, table_name);
|
int table_id = maat_get_table_id(maat_inst, table_name);
|
||||||
@@ -271,7 +269,7 @@ static int integer_table_set_line(struct maat *maat_inst, const char *table_name
|
|||||||
}
|
}
|
||||||
|
|
||||||
sprintf(table_line, "%lld\t%lld\t%d\t%d\t%d",
|
sprintf(table_line, "%lld\t%lld\t%d\t%d\t%d",
|
||||||
item_id, group_id, low_bound, up_bound, op);
|
item_id, group_id, low_boundary, up_boundary, op);
|
||||||
struct maat_cmd_line line_rule;
|
struct maat_cmd_line line_rule;
|
||||||
|
|
||||||
line_rule.rule_id = item_id;
|
line_rule.rule_id = item_id;
|
||||||
@@ -326,7 +324,7 @@ static void test_add_expr_command(struct maat *maat_inst, const char *table_name
|
|||||||
}
|
}
|
||||||
|
|
||||||
static void test_add_ip_command(struct maat *maat_inst, const char *table_name,
|
static void test_add_ip_command(struct maat *maat_inst, const char *table_name,
|
||||||
const char *ip, uint16_t port)
|
const char *ip)
|
||||||
{
|
{
|
||||||
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
|
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
|
||||||
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD,
|
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD,
|
||||||
@@ -341,12 +339,12 @@ static void test_add_ip_command(struct maat *maat_inst, const char *table_name,
|
|||||||
|
|
||||||
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
|
ret = ip_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
|
||||||
group_id, IPv4, ip, ip, port, port, 0);
|
group_id, IPv4, ip, ip, 0);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void test_add_integer_command(struct maat *maat_inst, const char *table_name,
|
static void test_add_integer_command(struct maat *maat_inst, const char *table_name,
|
||||||
int low_bound, int up_bound)
|
int low_boundary, int up_boundary)
|
||||||
{
|
{
|
||||||
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
|
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
|
||||||
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD,
|
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD,
|
||||||
@@ -361,7 +359,7 @@ static void test_add_integer_command(struct maat *maat_inst, const char *table_n
|
|||||||
|
|
||||||
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
long long item_id = maat_cmd_incrby(maat_inst, "SEQUENCE_REGION", 1);
|
||||||
ret = integer_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
|
ret = integer_table_set_line(maat_inst, table_name, MAAT_OP_ADD, item_id,
|
||||||
group_id, low_bound, up_bound, 0);
|
group_id, low_boundary, up_boundary, 0);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -926,7 +924,6 @@ void *perf_ip_scan_thread(void *arg)
|
|||||||
struct timespec start, end;
|
struct timespec start, end;
|
||||||
char ip_str[32] = "10.0.0.1";
|
char ip_str[32] = "10.0.0.1";
|
||||||
uint32_t ip_addr;
|
uint32_t ip_addr;
|
||||||
uint16_t port = htons(65530);
|
|
||||||
|
|
||||||
int ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
int ret = inet_pton(AF_INET, ip_str, &ip_addr);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
@@ -940,8 +937,8 @@ void *perf_ip_scan_thread(void *arg)
|
|||||||
|
|
||||||
clock_gettime(CLOCK_MONOTONIC, &start);
|
clock_gettime(CLOCK_MONOTONIC, &start);
|
||||||
for (int i = 0; i < param->test_times; i++) {
|
for (int i = 0; i < param->test_times; i++) {
|
||||||
int ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, port, 6,
|
int ret = maat_scan_ipv4(maat_inst, table_id, ip_addr, results,
|
||||||
results, ARRAY_SIZE, &n_hit_result, state);
|
ARRAY_SIZE, &n_hit_result, state);
|
||||||
if (ret == MAAT_SCAN_HIT) {
|
if (ret == MAAT_SCAN_HIT) {
|
||||||
hit_times++;
|
hit_times++;
|
||||||
}
|
}
|
||||||
@@ -977,9 +974,8 @@ void *perf_ip_update_thread(void *arg)
|
|||||||
"10.0.7.109",
|
"10.0.7.109",
|
||||||
"10.0.7.110"};
|
"10.0.7.110"};
|
||||||
|
|
||||||
uint16_t port = 65530;
|
|
||||||
for (int i = 0; i < CMD_EXPR_NUM; i++) {
|
for (int i = 0; i < CMD_EXPR_NUM; i++) {
|
||||||
test_add_ip_command(maat_inst, table_name, ip_str[i], port);
|
test_add_ip_command(maat_inst, table_name, ip_str[i]);
|
||||||
sleep(1);
|
sleep(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -1918,7 +1914,7 @@ TEST_F(MaatTSGFqdnScan, mem_used) {
|
|||||||
|
|
||||||
ret = ip_table_set_line(maat_inst, table_name2, MAAT_OP_ADD,
|
ret = ip_table_set_line(maat_inst, table_name2, MAAT_OP_ADD,
|
||||||
600000000+i, 600000000+i, IPv4, "100.64.1.1",
|
600000000+i, 600000000+i, IPv4, "100.64.1.1",
|
||||||
"100.64.1.2", 1000, 2000, 0);
|
"100.64.1.2", 0);
|
||||||
EXPECT_EQ(ret, 1);
|
EXPECT_EQ(ret, 1);
|
||||||
|
|
||||||
log_info(logger, MODULE_FRAMEWORK_PERF_GTEST, "MaatTSGFqdnScan update one line");
|
log_info(logger, MODULE_FRAMEWORK_PERF_GTEST, "MaatTSGFqdnScan update one line");
|
||||||
|
|||||||
@@ -110,11 +110,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "single",
|
"addr_format": "single",
|
||||||
"ip1": "192.168.50.24",
|
"ip1": "192.168.50.24",
|
||||||
"ip2": "192.168.50.24",
|
"ip2": "192.168.50.24"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "39000",
|
|
||||||
"port2": "40000",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -161,11 +157,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "single",
|
"addr_format": "single",
|
||||||
"ip1": "192.168.58.19",
|
"ip1": "192.168.58.19",
|
||||||
"ip2": "192.168.58.19",
|
"ip2": "192.168.58.19"
|
||||||
"port_format": "single",
|
|
||||||
"port1": "20000",
|
|
||||||
"port2": "20000",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -181,11 +173,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "10.0.1.20",
|
"ip1": "10.0.1.20",
|
||||||
"ip2": "10.0.1.25",
|
"ip2": "10.0.1.25"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "1",
|
|
||||||
"port2": "443",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -201,11 +189,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "mask",
|
"addr_format": "mask",
|
||||||
"ip1": "192.168.40.88",
|
"ip1": "192.168.40.88",
|
||||||
"ip2": "255.255.255.255",
|
"ip2": "255.255.255.255"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "0",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -221,11 +205,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "mask",
|
"addr_format": "mask",
|
||||||
"ip1": "192.168.40.88",
|
"ip1": "192.168.40.88",
|
||||||
"ip2": "255.255.255.255",
|
"ip2": "255.255.255.255"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "0",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -241,11 +221,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "mask",
|
"addr_format": "mask",
|
||||||
"ip1": "192.168.40.88",
|
"ip1": "192.168.40.88",
|
||||||
"ip2": "255.255.255.255",
|
"ip2": "255.255.255.255"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "0",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -289,11 +265,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "mask",
|
"addr_format": "mask",
|
||||||
"ip1": "10.0.6.201",
|
"ip1": "10.0.6.201",
|
||||||
"ip2": "255.255.0.0",
|
"ip2": "255.255.255.255"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "0",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -303,11 +275,7 @@
|
|||||||
"addr_type": "ipv6",
|
"addr_type": "ipv6",
|
||||||
"addr_format": "mask",
|
"addr_format": "mask",
|
||||||
"ip1": "2001:da8:205:1::101",
|
"ip1": "2001:da8:205:1::101",
|
||||||
"ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:0000",
|
"ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:0000"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "0",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1422,11 +1390,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "10.0.7.100",
|
"ip1": "10.0.7.100",
|
||||||
"ip2": "10.0.7.106",
|
"ip2": "10.0.7.101"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65530",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1455,11 +1419,7 @@
|
|||||||
"addr_type": "ipv6",
|
"addr_type": "ipv6",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "1001:da8:205:1::101",
|
"ip1": "1001:da8:205:1::101",
|
||||||
"ip2": "1001:da8:205:1::201",
|
"ip2": "1001:da8:205:1::102"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65510",
|
|
||||||
"port2": "65520",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1544,11 +1504,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "CIDR",
|
"addr_format": "CIDR",
|
||||||
"ip1": "192.168.0.1",
|
"ip1": "192.168.0.1",
|
||||||
"ip2": "32",
|
"ip2": "32"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "5210",
|
|
||||||
"port2": "5211",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1576,11 +1532,7 @@
|
|||||||
"addr_type": "ipv6",
|
"addr_type": "ipv6",
|
||||||
"addr_format": "CIDR",
|
"addr_format": "CIDR",
|
||||||
"ip1": "2001:db8::",
|
"ip1": "2001:db8::",
|
||||||
"ip2": "120",
|
"ip2": "120"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65510",
|
|
||||||
"port2": "65520",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1791,11 +1743,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "CIDR",
|
"addr_format": "CIDR",
|
||||||
"ip1": "192.168.23.1",
|
"ip1": "192.168.23.1",
|
||||||
"ip2": "24",
|
"ip2": "24"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65530",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": -1
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1913,12 +1861,8 @@
|
|||||||
"table_content": {
|
"table_content": {
|
||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "CIDR",
|
"addr_format": "CIDR",
|
||||||
"ip1": "0.0.0.0",
|
"ip1": "100.64.3.1",
|
||||||
"ip2": "0",
|
"ip2": "32"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "64000",
|
|
||||||
"port2": "64999",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1947,11 +1891,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "CIDR",
|
"addr_format": "CIDR",
|
||||||
"ip1": "192.168.40.10",
|
"ip1": "192.168.40.10",
|
||||||
"ip2": "32",
|
"ip2": "32"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65531",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -1980,131 +1920,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "CIDR",
|
"addr_format": "CIDR",
|
||||||
"ip1": "192.168.231.46",
|
"ip1": "192.168.231.46",
|
||||||
"ip2": "32",
|
"ip2": "32"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65532",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"compile_id": 172,
|
|
||||||
"service": 0,
|
|
||||||
"action": 0,
|
|
||||||
"do_blacklist": 0,
|
|
||||||
"do_log": 0,
|
|
||||||
"user_region": "ipv4_virtual.match",
|
|
||||||
"is_valid": "yes",
|
|
||||||
"groups": [
|
|
||||||
{
|
|
||||||
"virtual_table": "VIRTUAL_IP_PLUS_SOURCE",
|
|
||||||
"group_name": "ipv4_virtual.source",
|
|
||||||
"not_flag": 0
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"virtual_table": "VIRTUAL_IP_PLUS_DESTINATION",
|
|
||||||
"group_name": "ipv4_virtual.destination",
|
|
||||||
"not_flag": 0
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"compile_id": 173,
|
|
||||||
"service": 0,
|
|
||||||
"action": 0,
|
|
||||||
"do_blacklist": 0,
|
|
||||||
"do_log": 0,
|
|
||||||
"user_region": "IPScan.IPv4_composition.source",
|
|
||||||
"is_valid": "no",
|
|
||||||
"groups": [
|
|
||||||
{
|
|
||||||
"virtual_table": "IP_PLUS_CONFIG",
|
|
||||||
"group_name": "ipv4_composition.source",
|
|
||||||
"group_id": 163,
|
|
||||||
"not_flag": 0,
|
|
||||||
"regions": [
|
|
||||||
{
|
|
||||||
"table_type": "ip_plus",
|
|
||||||
"table_name": "IP_PLUS_CONFIG",
|
|
||||||
"table_content": {
|
|
||||||
"addr_type": "ipv4",
|
|
||||||
"addr_format": "CIDR",
|
|
||||||
"ip1": "192.168.40.11",
|
|
||||||
"ip2": "32",
|
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65530",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"compile_id": 174,
|
|
||||||
"service": 0,
|
|
||||||
"action": 0,
|
|
||||||
"do_blacklist": 0,
|
|
||||||
"do_log": 0,
|
|
||||||
"user_region": "IPScan.IPv4_composition.destination",
|
|
||||||
"is_valid": "no",
|
|
||||||
"groups": [
|
|
||||||
{
|
|
||||||
"virtual_table": "IP_PLUS_CONFIG",
|
|
||||||
"group_name": "ipv4_composition.destination",
|
|
||||||
"group_id": 164,
|
|
||||||
"not_flag": 0,
|
|
||||||
"regions": [
|
|
||||||
{
|
|
||||||
"table_type": "ip_plus",
|
|
||||||
"table_name": "IP_PLUS_CONFIG",
|
|
||||||
"table_content": {
|
|
||||||
"addr_type": "ipv4",
|
|
||||||
"addr_format": "CIDR",
|
|
||||||
"ip1": "192.168.231.47",
|
|
||||||
"ip2": "32",
|
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65530",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
]
|
|
||||||
},
|
|
||||||
{
|
|
||||||
"compile_id": 176,
|
|
||||||
"service": 0,
|
|
||||||
"action": 0,
|
|
||||||
"do_blacklist": 0,
|
|
||||||
"do_log": 0,
|
|
||||||
"user_region": "IPScan.IPv4_composition.session",
|
|
||||||
"is_valid": "no",
|
|
||||||
"groups": [
|
|
||||||
{
|
|
||||||
"virtual_table": "IP_PLUS_CONFIG",
|
|
||||||
"group_name": "ipv4_composition.session",
|
|
||||||
"group_id": 165,
|
|
||||||
"not_flag": 0,
|
|
||||||
"regions": [
|
|
||||||
{
|
|
||||||
"table_type": "ip_plus",
|
|
||||||
"table_name": "IP_PLUS_CONFIG",
|
|
||||||
"table_content": {
|
|
||||||
"addr_type": "ipv4",
|
|
||||||
"addr_format": "CIDR",
|
|
||||||
"ip1": "192.168.40.11",
|
|
||||||
"ip2": "2",
|
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65530",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -2292,11 +2108,7 @@
|
|||||||
"addr_type": "ipv6",
|
"addr_type": "ipv6",
|
||||||
"addr_format": "mask",
|
"addr_format": "mask",
|
||||||
"ip1": "::",
|
"ip1": "::",
|
||||||
"ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",
|
"ip2": "ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff"
|
||||||
"port_format": "single",
|
|
||||||
"port1": "0",
|
|
||||||
"port2": "0",
|
|
||||||
"protocol": 0
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -2384,11 +2196,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "single",
|
"addr_format": "single",
|
||||||
"ip1": "10.0.8.186",
|
"ip1": "10.0.8.186",
|
||||||
"ip2": "10.0.8.186",
|
"ip2": "10.0.8.186"
|
||||||
"port_format": "single",
|
|
||||||
"port1": "18611",
|
|
||||||
"port2": "18611",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -2435,11 +2243,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "single",
|
"addr_format": "single",
|
||||||
"ip1": "10.0.8.187",
|
"ip1": "10.0.8.187",
|
||||||
"ip2": "10.0.8.187",
|
"ip2": "10.0.8.187"
|
||||||
"port_format": "single",
|
|
||||||
"port1": "18611",
|
|
||||||
"port2": "18611",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -2486,11 +2290,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "single",
|
"addr_format": "single",
|
||||||
"ip1": "10.0.8.188",
|
"ip1": "10.0.8.188",
|
||||||
"ip2": "10.0.8.188",
|
"ip2": "10.0.8.188"
|
||||||
"port_format": "single",
|
|
||||||
"port1": "18611",
|
|
||||||
"port2": "18611",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -2946,11 +2746,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "100.64.1.0",
|
"ip1": "100.64.1.0",
|
||||||
"ip2": "100.64.1.20",
|
"ip2": "100.64.1.20"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "5210",
|
|
||||||
"port2": "5211",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -2967,11 +2763,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "100.64.1.6",
|
"ip1": "100.64.1.6",
|
||||||
"ip2": "100.64.1.10",
|
"ip2": "100.64.1.10"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "5210",
|
|
||||||
"port2": "5211",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -2988,11 +2780,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "100.64.1.11",
|
"ip1": "100.64.1.11",
|
||||||
"ip2": "100.64.1.20",
|
"ip2": "100.64.1.20"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "5210",
|
|
||||||
"port2": "5211",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -3023,12 +2811,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "192.168.50.43",
|
"ip1": "192.168.50.43",
|
||||||
"ip2": "192.168.50.43",
|
"ip2": "192.168.50.43"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "56168",
|
|
||||||
"port2": "56168",
|
|
||||||
"protocol": -1,
|
|
||||||
"direction": "double"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@@ -3047,12 +2830,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "47.92.108.93",
|
"ip1": "47.92.108.93",
|
||||||
"ip2": "47.92.108.93",
|
"ip2": "47.92.108.93"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "443",
|
|
||||||
"port2": "443",
|
|
||||||
"protocol": -1,
|
|
||||||
"direction": "double"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -3123,12 +2901,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "100.64.2.0",
|
"ip1": "100.64.2.0",
|
||||||
"ip2": "100.64.2.5",
|
"ip2": "100.64.2.5"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "56168",
|
|
||||||
"port2": "56168",
|
|
||||||
"protocol": -1,
|
|
||||||
"direction": "double"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@@ -3147,12 +2920,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "100.64.2.6",
|
"ip1": "100.64.2.6",
|
||||||
"ip2": "100.64.2.10",
|
"ip2": "100.64.2.10"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "443",
|
|
||||||
"port2": "443",
|
|
||||||
"protocol": -1,
|
|
||||||
"direction": "double"
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -3329,11 +3097,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "10.0.7.100",
|
"ip1": "10.0.7.100",
|
||||||
"ip2": "10.0.7.106",
|
"ip2": "10.0.7.106"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65530",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -3388,11 +3152,7 @@
|
|||||||
"addr_type": "ipv6",
|
"addr_type": "ipv6",
|
||||||
"addr_format": "CIDR",
|
"addr_format": "CIDR",
|
||||||
"ip1": "::",
|
"ip1": "::",
|
||||||
"ip2": "0",
|
"ip2": "0"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "64000",
|
|
||||||
"port2": "64999",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -3421,11 +3181,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "range",
|
"addr_format": "range",
|
||||||
"ip1": "10.0.0.1",
|
"ip1": "10.0.0.1",
|
||||||
"ip2": "10.0.0.6",
|
"ip2": "10.0.0.6"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "65530",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
@@ -4207,11 +3963,7 @@
|
|||||||
"addr_type": "ipv4",
|
"addr_type": "ipv4",
|
||||||
"addr_format": "mask",
|
"addr_format": "mask",
|
||||||
"ip1": "192.168.101.102",
|
"ip1": "192.168.101.102",
|
||||||
"ip2": "255.255.255.255",
|
"ip2": "255.255.255.255"
|
||||||
"port_format": "range",
|
|
||||||
"port1": "0",
|
|
||||||
"port2": "65535",
|
|
||||||
"protocol": 6
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
|
|||||||
@@ -162,18 +162,14 @@
|
|||||||
"table_id":12,
|
"table_id":12,
|
||||||
"table_name":"IP_CONFIG",
|
"table_name":"IP_CONFIG",
|
||||||
"table_type":"ip_plus",
|
"table_type":"ip_plus",
|
||||||
"valid_column":11,
|
"valid_column":7,
|
||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"addr_type":3,
|
"addr_type":3,
|
||||||
"addr_format":4,
|
"addr_format":4,
|
||||||
"ip1":5,
|
"ip1":5,
|
||||||
"ip2":6,
|
"ip2":6
|
||||||
"port_format":7,
|
|
||||||
"port1":8,
|
|
||||||
"port2":9,
|
|
||||||
"protocol":10
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -184,8 +180,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -327,18 +323,14 @@
|
|||||||
"table_id":24,
|
"table_id":24,
|
||||||
"table_name":"IP_PLUS_CONFIG",
|
"table_name":"IP_PLUS_CONFIG",
|
||||||
"table_type":"ip_plus",
|
"table_type":"ip_plus",
|
||||||
"valid_column":11,
|
"valid_column":7,
|
||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"addr_type":3,
|
"addr_type":3,
|
||||||
"addr_format":4,
|
"addr_format":4,
|
||||||
"ip1":5,
|
"ip1":5,
|
||||||
"ip2":6,
|
"ip2":6
|
||||||
"port_format":7,
|
|
||||||
"port1":8,
|
|
||||||
"port2":9,
|
|
||||||
"protocol":10
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -436,8 +428,8 @@
|
|||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"district":3,
|
"district":3,
|
||||||
"low_bound":4,
|
"low_boundary":4,
|
||||||
"up_bound":5
|
"up_boundary":5
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -460,8 +452,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -486,8 +478,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -574,18 +566,14 @@
|
|||||||
"table_id":47,
|
"table_id":47,
|
||||||
"table_name":"IP_PERF_CONFIG",
|
"table_name":"IP_PERF_CONFIG",
|
||||||
"table_type":"ip_plus",
|
"table_type":"ip_plus",
|
||||||
"valid_column":11,
|
"valid_column":7,
|
||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"addr_type":3,
|
"addr_type":3,
|
||||||
"addr_format":4,
|
"addr_format":4,
|
||||||
"ip1":5,
|
"ip1":5,
|
||||||
"ip2":6,
|
"ip2":6
|
||||||
"port_format":7,
|
|
||||||
"port1":8,
|
|
||||||
"port2":9,
|
|
||||||
"protocol":10
|
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
@@ -596,8 +584,8 @@
|
|||||||
"custom": {
|
"custom": {
|
||||||
"item_id":1,
|
"item_id":1,
|
||||||
"group_id":2,
|
"group_id":2,
|
||||||
"low_bound":3,
|
"low_boundary":3,
|
||||||
"up_bound":4
|
"up_boundary":4
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user