gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[UNIT_TEST]add unit_test for ipport plugin

Browse Source
This commit is contained in:
liuwentan
2023-10-13 14:50:10 +08:00
parent e49427974f
commit 93bfab81e8
9 changed files with 375 additions and 82 deletions
Download Patch File Download Diff File Expand all files Collapse all files

98
scanner/ipport_matcher/ipport_matcher.cpp
View File

@@ -14,16 +14,17 @@
#include "maat_limits.h" #include "maat_limits.h"
#include "ipport_matcher.h" #include "ipport_matcher.h"
struct port_range_entity { struct port_range {
long long rule_id; long long rule_id;
void *tag; void *tag;
struct port_range range; uint16_t min_port; /* host order */
uint16_t max_port; /* host order */
}; };
struct ipport_node { struct ipport_node {
char *key; //key must be ipv4/ipv6 string int ip_type; //IPV4 or IPV6
size_t key_len; uint32_t ip_addr[4];
UT_array *port_range_entities; //array to store <struct port_range_entity> UT_array *port_range_list; //array to store <struct port_range>
UT_hash_handle hh; UT_hash_handle hh;
}; };
@@ -31,30 +32,30 @@ struct ipport_matcher {
struct ipport_node *ipport_hash; struct ipport_node *ipport_hash;
}; };
UT_icd ut_port_range_entity_icd = {sizeof(struct port_range_entity), NULL, NULL, NULL}; UT_icd ut_port_range_icd = {sizeof(struct port_range), NULL, NULL, NULL};
static inline int compare_port_range_entity_for_sort(const void *a, const void *b) static inline int compare_port_range_for_sort(const void *a, const void *b)
{ {
struct port_range_entity entity_a = *(const struct port_range_entity *)a; struct port_range range_a = *(const struct port_range *)a;
struct port_range_entity entity_b = *(const struct port_range_entity *)b; struct port_range range_b = *(const struct port_range *)b;
int ret = entity_a.range.min_port - entity_b.range.min_port; int ret = range_a.min_port - range_b.min_port;
if (0 == ret) { if (0 == ret) {
ret = entity_a.range.max_port - entity_b.range.max_port; ret = range_a.max_port - range_b.max_port;
} }
return ret; return ret;
} }
static inline int compare_port_range_entity_for_find(const void *a, const void *b) static inline int compare_port_range_for_find(const void *a, const void *b)
{ {
struct port_range_entity entity_a = *(const struct port_range_entity *)a; struct port_range range_a = *(const struct port_range *)a;
struct port_range_entity entity_b = *(const struct port_range_entity *)b; struct port_range range_b = *(const struct port_range *)b;
int ret = -1; int ret = -1;
if (entity_a.range.min_port >= entity_b.range.min_port && if (range_a.min_port >= range_b.min_port &&
entity_a.range.min_port <= entity_b.range.max_port) { range_a.min_port <= range_b.max_port) {
ret = 0; ret = 0;
} else if (entity_a.range.max_port < entity_b.range.min_port) { } else if (range_a.max_port < range_b.min_port) {
ret = -1; ret = -1;
} else { } else {
ret = 1; ret = 1;
@@ -75,36 +76,43 @@ struct ipport_matcher *ipport_matcher_new(struct ipport_rule *rules, size_t rule
size_t key_len = 0; size_t key_len = 0;
for (size_t i = 0; i < rule_num; i++) { for (size_t i = 0; i < rule_num; i++) {
if (rules[i].ip.ip_type == IPV4) { if (rules[i].ip.ip_type == IPV4) {
key = (char *)&rules[i].ip.ipv4; key = (char *)&rules[i].ip.ipv4;
key_len = 4; key_len = 4;
} else { } else {
key = (char *)&rules[i].ip.ipv6; key = (char *)rules[i].ip.ipv6;
key_len = 16; key_len = 16;
} }
HASH_FIND(hh, matcher->ipport_hash, key, key_len, node); HASH_FIND(hh, matcher->ipport_hash, key, key_len, node);
if (NULL == node) { if (NULL == node) {
node = ALLOC(struct ipport_node, 1); node = ALLOC(struct ipport_node, 1);
node->key = ALLOC(char, key_len);
memcpy(node->key, key, key_len); if (rules[i].ip.ip_type == IPV4) {
node->key_len = key_len; node->ip_type = IPV4;
utarray_new(node->port_range_entities, &ut_port_range_entity_icd); node->ip_addr[0] = rules[i].ip.ipv4;
HASH_ADD_KEYPTR(hh, matcher->ipport_hash, node->key, node->key_len, node); } else {
node->ip_type = IPV6;
for (size_t j = 0; j < 4; j++) {
node->ip_addr[j] = rules[i].ip.ipv6[j];
}
}
utarray_new(node->port_range_list, &ut_port_range_icd);
HASH_ADD_KEYPTR(hh, matcher->ipport_hash, (char *)node->ip_addr, key_len, node);
} }
struct port_range_entity entity; struct port_range range;
entity.range = rules[i].port_range; range.min_port = rules[i].min_port;
entity.rule_id = rules[i].rule_id; range.max_port = rules[i].max_port;
entity.tag = rules[i].user_tag; range.rule_id = rules[i].rule_id;
utarray_push_back(node->port_range_entities, &entity); range.tag = rules[i].user_tag;
utarray_push_back(node->port_range_list, &range);
} }
struct ipport_node *tmp_node = NULL; struct ipport_node *tmp_node = NULL;
HASH_ITER(hh, matcher->ipport_hash, node, tmp_node) { HASH_ITER(hh, matcher->ipport_hash, node, tmp_node) {
utarray_sort(node->port_range_entities, compare_port_range_entity_for_sort); utarray_sort(node->port_range_list, compare_port_range_for_sort);
} }
return matcher; return matcher;
@@ -135,16 +143,16 @@ int ipport_matcher_match(struct ipport_matcher *matcher, const struct ip_addr *i
} }
uint16_t host_port = ntohs(port); uint16_t host_port = ntohs(port);
struct port_range_entity entity; struct port_range range;
entity.range.min_port = host_port; range.min_port = host_port;
entity.range.max_port = host_port; range.max_port = host_port;
struct port_range_entity *tmp_entity = NULL; struct port_range *tmp_range = NULL;
tmp_entity = (struct port_range_entity *)utarray_find(node->port_range_entities, tmp_range = (struct port_range *)utarray_find(node->port_range_list,
&entity, compare_port_range_entity_for_find); &range, compare_port_range_for_find);
if (tmp_entity != NULL) { if (tmp_range != NULL) {
result_array[0].rule_id = tmp_entity->rule_id; result_array[0].rule_id = tmp_range->rule_id;
result_array[0].tag = tmp_entity->tag; result_array[0].tag = tmp_range->tag;
return 1; return 1;
} }
@@ -159,13 +167,9 @@ void ipport_matcher_free(struct ipport_matcher *matcher)
struct ipport_node *node = NULL, *tmp_node = NULL; struct ipport_node *node = NULL, *tmp_node = NULL;
HASH_ITER(hh, matcher->ipport_hash, node, tmp_node) { HASH_ITER(hh, matcher->ipport_hash, node, tmp_node) {
if (node->key != NULL) { if (node->port_range_list != NULL) {
FREE(node->key); utarray_free(node->port_range_list);
} node->port_range_list = NULL;
if (node->port_range_entities != NULL) {
utarray_free(node->port_range_entities);
node->port_range_entities = NULL;
} }
HASH_DEL(matcher->ipport_hash, node); HASH_DEL(matcher->ipport_hash, node);

8
scanner/ipport_matcher/ipport_matcher.h
View File

@@ -20,16 +20,12 @@ extern "C"
#include "maat.h" #include "maat.h"
struct port_range {
uint16_t min_port; /* host order */
uint16_t max_port; /* host order */
};
struct ipport_rule { struct ipport_rule {
long long rule_id; /* rule id */ long long rule_id; /* rule id */
void *user_tag; /* point to user-defined data which will return with hit results */ void *user_tag; /* point to user-defined data which will return with hit results */
struct ip_addr ip; struct ip_addr ip;
struct port_range port_range; uint16_t min_port; /* host order */
uint16_t max_port; /* host order */
}; };
struct ipport_result { struct ipport_result {

8
src/maat_ipport_plugin.c
View File

@@ -444,13 +444,13 @@ static void ipport_item_to_ipport_rule(struct ipport_item *item, struct ipport_r
if (IPV4 == item->ip_type) { if (IPV4 == item->ip_type) {
rule->ip.ip_type= IPV4; rule->ip.ip_type= IPV4;
rule->ip.ipv4 = item->ipv4.min_ip; rule->ip.ipv4 = item->ipv4.min_ip;
rule->port_range.min_port = item->min_port; rule->min_port = item->min_port;
rule->port_range.max_port = item->max_port; rule->max_port = item->max_port;
} else { } else {
rule->ip.ip_type = IPV6; rule->ip.ip_type = IPV6;
memcpy(rule->ip.ipv6, item->ipv6.min_ip, sizeof(item->ipv6.min_ip)); memcpy(rule->ip.ipv6, item->ipv6.min_ip, sizeof(item->ipv6.min_ip));
rule->port_range.min_port = item->min_port; rule->min_port = item->min_port;
rule->port_range.max_port = item->max_port; rule->max_port = item->max_port;
} }
rule->rule_id = item->item_id; rule->rule_id = item->item_id;
} }

245
test/ipport_matcher_gtest.cpp
View File

@@ -14,14 +14,14 @@ struct log_handle *g_logger = NULL;
match input port = 110, which is in port range match input port = 110, which is in port range
match input port = 100, which is on port range boundary match input port = 100, which is on port range boundary
*/ */
TEST(ipv4port_matcher, MatchedOneRuleInPortRange) { TEST(IPv4PortMatcher, MatchedOneRuleInPortRange) {
const char *ip1_str = "192.168.0.1"; const char *ip1_str = "192.168.0.1";
struct ipport_rule rules[MAX_ARRAY_SIZE]; struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100; rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV4; rules[0].ip.ip_type = IPV4;
rules[0].port_range.min_port = 100; rules[0].min_port = 100;
rules[0].port_range.max_port = 150; rules[0].max_port = 150;
inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1); struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
@@ -41,14 +41,14 @@ TEST(ipv4port_matcher, MatchedOneRuleInPortRange) {
matcher = NULL; matcher = NULL;
} }
TEST(ipv4port_matcher, MatchedOneRuleOnPortRangeBoundary) { TEST(IPv4PortMatcher, MatchedOneRuleOnPortRangeBoundary) {
const char *ip1_str = "192.168.0.1"; const char *ip1_str = "192.168.0.1";
struct ipport_rule rules[MAX_ARRAY_SIZE]; struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100; rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV4; rules[0].ip.ip_type = IPV4;
rules[0].port_range.min_port = 100; rules[0].min_port = 100;
rules[0].port_range.max_port = 150; rules[0].max_port = 150;
inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1); struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
@@ -75,7 +75,7 @@ TEST(ipv4port_matcher, MatchedOneRuleOnPortRangeBoundary) {
matcher = NULL; matcher = NULL;
} }
TEST(ipv4port_matcher, MatchedMultiRuleInPortRange) { TEST(IPv4PortMatcher, MatchedMultiRuleInPortRange) {
const char *ip1_str = "192.168.0.1"; const char *ip1_str = "192.168.0.1";
struct ipport_rule rules[MAX_ARRAY_SIZE]; struct ipport_rule rules[MAX_ARRAY_SIZE];
@@ -83,38 +83,38 @@ TEST(ipv4port_matcher, MatchedMultiRuleInPortRange) {
rules[0].rule_id = 100; rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV4; rules[0].ip.ip_type = IPV4;
rules[0].port_range.min_port = 100; rules[0].min_port = 100;
rules[0].port_range.max_port = 150; rules[0].max_port = 150;
inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4);
rules[1].rule_id = 200; rules[1].rule_id = 200;
rules[1].ip.ip_type = IPV4; rules[1].ip.ip_type = IPV4;
rules[1].port_range.min_port = 110; rules[1].min_port = 110;
rules[1].port_range.max_port = 160; rules[1].max_port = 160;
inet_pton(AF_INET, ip1_str, &rules[1].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[1].ip.ipv4);
rules[2].rule_id = 300; rules[2].rule_id = 300;
rules[2].ip.ip_type = IPV4; rules[2].ip.ip_type = IPV4;
rules[2].port_range.min_port = 120; rules[2].min_port = 120;
rules[2].port_range.max_port = 170; rules[2].max_port = 170;
inet_pton(AF_INET, ip1_str, &rules[2].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[2].ip.ipv4);
rules[3].rule_id = 400; rules[3].rule_id = 400;
rules[3].ip.ip_type = IPV4; rules[3].ip.ip_type = IPV4;
rules[3].port_range.min_port = 130; rules[3].min_port = 130;
rules[3].port_range.max_port = 180; rules[3].max_port = 180;
inet_pton(AF_INET, ip1_str, &rules[3].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[3].ip.ipv4);
rules[4].rule_id = 500; rules[4].rule_id = 500;
rules[4].ip.ip_type = IPV4; rules[4].ip.ip_type = IPV4;
rules[4].port_range.min_port = 140; rules[4].min_port = 140;
rules[4].port_range.max_port = 190; rules[4].max_port = 190;
inet_pton(AF_INET, ip1_str, &rules[4].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[4].ip.ipv4);
rules[5].rule_id = 600; rules[5].rule_id = 600;
rules[5].ip.ip_type = IPV4; rules[5].ip.ip_type = IPV4;
rules[5].port_range.min_port = 150; rules[5].min_port = 150;
rules[5].port_range.max_port = 200; rules[5].max_port = 200;
inet_pton(AF_INET, ip1_str, &rules[5].ip.ipv4); inet_pton(AF_INET, ip1_str, &rules[5].ip.ipv4);
struct ipport_matcher *matcher = ipport_matcher_new(rules, MAX_ARRAY_SIZE); struct ipport_matcher *matcher = ipport_matcher_new(rules, MAX_ARRAY_SIZE);
@@ -221,6 +221,213 @@ TEST(ipv4port_matcher, MatchedMultiRuleInPortRange) {
matcher = NULL; matcher = NULL;
} }
TEST(IPv6PortMatcher, MatchedOneRuleInPortRange) {
const char *ip1_str = "2001:db8:1234::1";
struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV6;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET6, ip1_str, rules[0].ip.ipv6);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
ASSERT_TRUE(matcher != NULL);
struct ip_addr ip;
ip.ip_type = IPV6;
inet_pton(AF_INET6, ip1_str, ip.ipv6);
uint16_t port = htons(120);
struct ipport_result results[MAX_ARRAY_SIZE];
int ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 100);
ipport_matcher_free(matcher);
matcher = NULL;
}
TEST(IPv6PortMatcher, MatchedOneRuleOnPortRangeBoundary) {
const char *ip1_str = "2001:db8:1234::1";
struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV6;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET6, ip1_str, rules[0].ip.ipv6);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
ASSERT_TRUE(matcher != NULL);
struct ip_addr ip;
ip.ip_type = IPV6;
inet_pton(AF_INET6, ip1_str, ip.ipv6);
uint16_t port = htons(100);
struct ipport_result results[MAX_ARRAY_SIZE];
int ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 100);
memset(results, 0, sizeof(results));
port = htons(150);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 100);
ipport_matcher_free(matcher);
matcher = NULL;
}
TEST(IPv6PortMatcher, MatchedMultiRuleInPortRange) {
const char *ip1_str = "2001:db8:1234::1";
struct ipport_rule rules[MAX_ARRAY_SIZE];
memset(rules, 0, sizeof(rules));
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV6;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET6, ip1_str, rules[0].ip.ipv6);
rules[1].rule_id = 200;
rules[1].ip.ip_type = IPV6;
rules[1].min_port = 110;
rules[1].max_port = 160;
inet_pton(AF_INET6, ip1_str, rules[1].ip.ipv6);
rules[2].rule_id = 300;
rules[2].ip.ip_type = IPV6;
rules[2].min_port = 120;
rules[2].max_port = 170;
inet_pton(AF_INET6, ip1_str, rules[2].ip.ipv6);
rules[3].rule_id = 400;
rules[3].ip.ip_type = IPV6;
rules[3].min_port = 130;
rules[3].max_port = 180;
inet_pton(AF_INET6, ip1_str, rules[3].ip.ipv6);
rules[4].rule_id = 500;
rules[4].ip.ip_type = IPV6;
rules[4].min_port = 140;
rules[4].max_port = 190;
inet_pton(AF_INET6, ip1_str, rules[4].ip.ipv6);
rules[5].rule_id = 600;
rules[5].ip.ip_type = IPV6;
rules[5].min_port = 150;
rules[5].max_port = 200;
inet_pton(AF_INET6, ip1_str, rules[5].ip.ipv6);
struct ipport_matcher *matcher = ipport_matcher_new(rules, MAX_ARRAY_SIZE);
ASSERT_TRUE(matcher != NULL);
struct ip_addr ip;
ip.ip_type = IPV6;
inet_pton(AF_INET6, ip1_str, ip.ipv6);
uint16_t port = htons(90);
//no match rule_id
struct ipport_result results[MAX_ARRAY_SIZE];
int ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 0);
//match rule_id:100
memset(results, 0, sizeof(results));
port = htons(100);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 100);
/* sorted port range array: [[100,150], [110,160], [120,170], [130,180], [140,190], [150,200]]
rule_id: 100, 200, 300, 400, 500, 600
match rule_id:100, 200, but return only one rule_id:200(reference binary search logic)
*/
memset(results, 0, sizeof(results));
port = htons(110);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 200);
// match rule_id:100, 200, 300, but return only one rule_id:200(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(120);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 200);
// match rule_id:100, 200, 300, 400, but return only one rule_id:400(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(130);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 400);
// match rule_id:100, 200, 300, 400, 500, but return only one rule_id:400(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(140);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 400);
// match rule_id:100, 200, 300, 400, 500, 600, but return only one rule_id:400(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(150);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 400);
// match rule_id:200, 300, 400, 500, 600, but return only one rule_id:400(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(160);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 400);
// match rule_id:300, 400, 500, 600, but return only one rule_id:400(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(170);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 400);
// match rule_id:400, 500, 600, but return only one rule_id:400(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(180);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 400);
// match rule_id:500, 600, but return only one rule_id:600(reference binary search logic)
memset(results, 0, sizeof(results));
port = htons(190);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 600);
// match rule_id:600, but return only one rule_id:600
memset(results, 0, sizeof(results));
port = htons(200);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0].rule_id, 600);
// no match rule_id
memset(results, 0, sizeof(results));
port = htons(210);
ret = ipport_matcher_match(matcher, &ip, port, results, MAX_ARRAY_SIZE);
EXPECT_EQ(ret, 0);
ipport_matcher_free(matcher);
matcher = NULL;
}
int main(int argc, char **argv) int main(int argc, char **argv)
{ {
int ret = 0; int ret = 0;

78
test/ipport_plugin/ipport_plugin_gtest.cpp
View File

@@ -15,7 +15,7 @@
const char *table_info_path = "./ipport_plugin_table_info.conf"; const char *table_info_path = "./ipport_plugin_table_info.conf";
const char *log_file = "./ipport_plugin_gtest.log"; const char *log_file = "./ipport_plugin_gtest.log";
const char *g_ip_str = "192.0.1.1"; const char *g_ip_str = "116.71.169.140";
class IPPortPluginTable : public testing::Test class IPPortPluginTable : public testing::Test
{ {
@@ -208,6 +208,7 @@ void ipport_plugin_ex_dup_cb(int table_id, void **to, void **from, long argl, vo
struct thread_param { struct thread_param {
int thread_id; int thread_id;
int test_count; int test_count;
uint16_t port;
struct maat *maat_inst; struct maat *maat_inst;
const char *table_name; const char *table_name;
long long time_elapse_ms; long long time_elapse_ms;
@@ -227,7 +228,7 @@ void *ipport_plugin_scan_thread(void *arg)
int ret = inet_pton(AF_INET, g_ip_str, &ipv4.ipv4); int ret = inet_pton(AF_INET, g_ip_str, &ipv4.ipv4);
EXPECT_EQ(ret, 1); EXPECT_EQ(ret, 1);
uint16_t port = htons(10); uint16_t port = htons(param->port);
int hit_times = 0; int hit_times = 0;
struct ipport_plugin_ud *results[ARRAY_SIZE]; struct ipport_plugin_ud *results[ARRAY_SIZE];
@@ -300,7 +301,7 @@ void *ipport_plugin_update_thread(void *arg)
struct thread_param *param = (struct thread_param *)arg; struct thread_param *param = (struct thread_param *)arg;
struct maat *maat_inst = param->maat_inst; struct maat *maat_inst = param->maat_inst;
const char *table_name = param->table_name; const char *table_name = param->table_name;
const int CMD_EXPR_NUM = 64; const int CMD_EXPR_NUM = 256;
long long item_id = 9000000; long long item_id = 9000000;
for (int i = 0; i < CMD_EXPR_NUM; i++) { for (int i = 0; i < CMD_EXPR_NUM; i++) {
@@ -362,6 +363,7 @@ TEST_F(IPPortPluginTable, WITHOUT_SAME_IP) {
thread_params[i].maat_inst = maat_inst; thread_params[i].maat_inst = maat_inst;
thread_params[i].thread_id = i; thread_params[i].thread_id = i;
thread_params[i].table_name = table_name; thread_params[i].table_name = table_name;
thread_params[i].port = 10;
thread_params[i].test_count = PERF_SCAN_COUNT; thread_params[i].test_count = PERF_SCAN_COUNT;
thread_params[i].time_elapse_ms = 0; thread_params[i].time_elapse_ms = 0;
thread_params[i].logger = logger; thread_params[i].logger = logger;
@@ -382,6 +384,7 @@ TEST_F(IPPortPluginTable, WITHOUT_SAME_IP) {
free(is_all_hit); free(is_all_hit);
} }
maat_free(maat_inst);
scan_per_second = PERF_SCAN_COUNT * 1000 / time_elapse_ms; scan_per_second = PERF_SCAN_COUNT * 1000 / time_elapse_ms;
log_info(maat_inst->logger, MODULE_IPPORT_PLUGIN_GTEST, log_info(maat_inst->logger, MODULE_IPPORT_PLUGIN_GTEST,
"IpportPluginScan without same ip match rate speed %lld lookups/s/thread", "IpportPluginScan without same ip match rate speed %lld lookups/s/thread",
@@ -428,6 +431,7 @@ TEST_F(IPPortPluginTable, WITH_256SAME_IP) {
thread_params[i].maat_inst = maat_inst; thread_params[i].maat_inst = maat_inst;
thread_params[i].thread_id = i; thread_params[i].thread_id = i;
thread_params[i].table_name = table_name; thread_params[i].table_name = table_name;
thread_params[i].port = 10;
thread_params[i].test_count = PERF_SCAN_COUNT; thread_params[i].test_count = PERF_SCAN_COUNT;
thread_params[i].time_elapse_ms = 0; thread_params[i].time_elapse_ms = 0;
thread_params[i].logger = logger; thread_params[i].logger = logger;
@@ -447,6 +451,7 @@ TEST_F(IPPortPluginTable, WITH_256SAME_IP) {
*is_all_hit = 0; *is_all_hit = 0;
free(is_all_hit); free(is_all_hit);
} }
maat_free(maat_inst);
scan_per_second = PERF_SCAN_COUNT * 1000 / time_elapse_ms; scan_per_second = PERF_SCAN_COUNT * 1000 / time_elapse_ms;
log_info(maat_inst->logger, MODULE_IPPORT_PLUGIN_GTEST, log_info(maat_inst->logger, MODULE_IPPORT_PLUGIN_GTEST,
@@ -454,6 +459,73 @@ TEST_F(IPPortPluginTable, WITH_256SAME_IP) {
scan_per_second); scan_per_second);
} }
TEST_F(IPPortPluginTable, TSG_DYN_IPPORT_MAPPING) {
char redis_ip[32] = "127.0.0.1";
int redis_port = 6379;
int redis_db = 0;
struct log_handle *logger = IPPortPluginTable::logger;
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
assert(ret == 0);
struct maat_options *opts = maat_options_new();
maat_options_set_redis(opts, redis_ip, redis_port, redis_db);
maat_options_set_logger(opts, log_file, LOG_LEVEL_INFO);
maat_options_set_stat_file(opts, "./stat.log");
maat_options_set_rule_update_checking_interval_ms(opts, 100);
struct maat *maat_inst = maat_new(opts, table_info_path);
assert(maat_inst);
maat_options_free(opts);
int ex_data_counter = 0;
const char *table_name = "TSG_DYN_IPPORT_SUBSCRIBER_MAPPING";
int table_id = maat_get_table_id(maat_inst, table_name);
ASSERT_GT(table_id, 0);
ret = maat_plugin_table_ex_schema_register(maat_inst, table_name,
ipport_plugin_ex_new_cb,
ipport_plugin_ex_free_cb,
ipport_plugin_ex_dup_cb,
0, &ex_data_counter);
EXPECT_EQ(ret, 0);
int i = 0;
pthread_t threads[2];
struct thread_param thread_params[2];
for (i = 0; i < 2; i++) {
thread_params[i].maat_inst = maat_inst;
thread_params[i].thread_id = i;
thread_params[i].table_name = table_name;
thread_params[i].port = 45568;
thread_params[i].test_count = PERF_SCAN_COUNT;
thread_params[i].time_elapse_ms = 0;
thread_params[i].logger = logger;
}
pthread_create(&threads[0], NULL, ipport_plugin_scan_thread, thread_params);
pthread_create(&threads[1], NULL, ipport_plugin_update_thread, thread_params + 1);
int *is_all_hit = NULL;
long long time_elapse_ms = 0;
long long scan_per_second = 0;
for (i = 0; i < 2; i++) {
pthread_join(threads[i], (void **)&is_all_hit);
time_elapse_ms += thread_params[i].time_elapse_ms;
EXPECT_EQ(*is_all_hit, 1);
*is_all_hit = 0;
free(is_all_hit);
}
maat_free(maat_inst);
scan_per_second = PERF_SCAN_COUNT * 1000 / time_elapse_ms;
log_info(maat_inst->logger, MODULE_IPPORT_PLUGIN_GTEST,
"IpportPluginScan TSG_DYN_IPPORT_SUBSCRIBER_MAPPING match rate speed %lld lookups/s/thread",
scan_per_second);
}
int main(int argc, char ** argv) int main(int argc, char ** argv)
{ {
int ret = 0; int ret = 0;

13
test/ipport_plugin/ipport_plugin_table_info.conf
View File

@@ -24,5 +24,18 @@
"port1":4, "port1":4,
"port2":5 "port2":5
} }
},
{
"table_id":3,
"table_name":"TSG_DYN_IPPORT_SUBSCRIBER_MAPPING",
"table_type":"ipport_plugin",
"valid_column":6,
"custom": {
"item_id":1,
"ip_type":2,
"ip_addr":3,
"port1":4,
"port2":5
}
} }
] ]

2
test/ipport_plugin/test_data/IPPORT_PLUGIN_WITHOUT_SAME_IP.local
View File

@@ -1,5 +1,5 @@
0000196608 0000196608
1 4 192.0.0.0 0 500 1 1 4 116.71.169.140 0 500 1
2 4 192.0.0.1 1 500 1 2 4 192.0.0.1 1 500 1
3 4 192.0.0.2 2 500 1 3 4 192.0.0.2 2 500 1
4 4 192.0.0.3 3 500 1 4 4 192.0.0.3 3 500 1

2
test/ipport_plugin/test_data/IPPORT_PLUGIN_WITH_256SAME_IP.local
View File

@@ -1,5 +1,5 @@
0000196608 0000196608
1 4 192.0.0.0 0 500 1 1 4 116.71.169.140 0 500 1
2 4 192.0.0.0 1 500 1 2 4 192.0.0.0 1 500 1
3 4 192.0.0.0 2 500 1 3 4 192.0.0.0 2 500 1
4 4 192.0.0.0 3 500 1 4 4 192.0.0.0 3 500 1

1
test/ipport_plugin/test_data/index/full_config_index.0000000001
View File

@@ -1,2 +1,3 @@
IPPORT_PLUGIN_WITH_256SAME_IP 196608 test_data/IPPORT_PLUGIN_WITH_256SAME_IP.local IPPORT_PLUGIN_WITH_256SAME_IP 196608 test_data/IPPORT_PLUGIN_WITH_256SAME_IP.local
IPPORT_PLUGIN_WITHOUT_SAME_IP 196608 test_data/IPPORT_PLUGIN_WITHOUT_SAME_IP.local IPPORT_PLUGIN_WITHOUT_SAME_IP 196608 test_data/IPPORT_PLUGIN_WITHOUT_SAME_IP.local
TSG_DYN_IPPORT_SUBSCRIBER_MAPPING 807214 test_data/TSG_DYN_IPPORT_SUBSCRIBER_MAPPING.local