gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add unittest for scan_ip

Browse Source
This commit is contained in:
liuwentan
2022-12-12 00:10:30 +08:00
parent 83bdf09dc9
commit 95b2123b5f
5 changed files with 167 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/maat_api.cpp
View File

@@ -412,6 +412,7 @@ static int ip_scan_data_set(struct table_rt_2tuple *table_rt_addr, struct addr_4
{
switch (addr->type) {
case IP_TYPE_V4:
table_rt_addr->ip_type = IP_TYPE_V4;
switch (child_type) {
case COMPOSITION_TYPE_SIP:
table_rt_addr->ipv4 = ntohl(addr->ipv4.sip);
@@ -427,6 +428,7 @@ static int ip_scan_data_set(struct table_rt_2tuple *table_rt_addr, struct addr_4
}
break;
case IP_TYPE_V6:
table_rt_addr->ip_type = IP_TYPE_V6;
switch (child_type) {
case COMPOSITION_TYPE_SIP:
memcpy(table_rt_addr->ipv6, addr->ipv6.sip, sizeof(addr->ipv6.sip));

3
src/maat_rule.cpp
View File

@@ -268,6 +268,9 @@ void *rule_monitor_loop(void *arg)
if ((updating_flag > 0) && (time_window >= maat_instance->rule_effect_interval_ms / 1000)) {
maat_runtime_commit(maat_instance->maat_rt);
log_info(maat_instance->logger,MODULE_MAAT_RULE,
"Actual update config version %u, %d entries load to rulescan after postpone.",
maat_instance->maat_rt->version, maat_instance->maat_rt->rule_num);
}
}

2
src/maat_table_runtime.cpp
View File

@@ -303,7 +303,7 @@ int table_runtime_scan_ip(struct table_runtime *table_rt, int thread_id, struct
} else {
memcpy(ip.ipv6, data->ipv6, sizeof(data->ipv6));
}
n_hit_result = ip_matcher_match(table_rt->ip_plus_rt.ip_matcher, &ip, scan_results, table_rt->rule_num);
int index = 0;
/* filter rule_id by port */

163
test/maat_framework_gtest.cpp
View File

@@ -207,15 +207,41 @@ TEST(maat_scan_string, hit_three_expr) {
EXPECT_EQ(result_array[2], 18);
}
TEST(maat_scan_ip, hit_ip) {
TEST(maat_scan_ipv4, hit_ip_and_port) {
struct table_schema_manager *table_schema_mgr = g_maat_instance->table_schema_mgr;
int table_id = table_schema_manager_get_table_id(table_schema_mgr, "IP_PLUS_CONFIG");
char ip_str[32] = "192.168.50.24";
char ip_str[32] = "192.168.58.19";
uint16_t port = 20000;
struct addr_4tuple addr;
addr.type = IP_TYPE_V4;
int ret = inet_pton(AF_INET, ip_str, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
addr.ipv4.sport = htons(1);
addr.ipv4.sport = htons(port);
int results[3] = {-1};
size_t n_result = 0;
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 1);
EXPECT_EQ(results[0], 7);
port = 20001;
addr.ipv4.sport = htons(port);
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 0);
}
TEST(maat_scan_ipv4, hit_ip_and_port_range) {
struct table_schema_manager *table_schema_mgr = g_maat_instance->table_schema_mgr;
int table_id = table_schema_manager_get_table_id(table_schema_mgr, "IP_PLUS_CONFIG");
char ip_str[32] = "192.168.50.24";
uint16_t port = 1;
struct addr_4tuple addr;
addr.type = IP_TYPE_V4;
int ret = inet_pton(AF_INET, ip_str, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
addr.ipv4.sport = htons(port);
int results[3] = {-1};
size_t n_result = 0;
@@ -223,6 +249,137 @@ TEST(maat_scan_ip, hit_ip) {
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 1);
EXPECT_EQ(results[0], 4);
port = 40000;
addr.ipv4.sport = htons(port);
memset(results, 0, sizeof(results));
n_result = 0;
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 1);
EXPECT_EQ(results[0], 4);
port = 40001;
addr.ipv4.sport = htons(port);
memset(results, 0, sizeof(results));
n_result = 0;
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 0);
}
TEST(maat_scan_ipv4, hit_ip_range_and_port_range) {
struct table_schema_manager *table_schema_mgr = g_maat_instance->table_schema_mgr;
int table_id = table_schema_manager_get_table_id(table_schema_mgr, "IP_PLUS_CONFIG");
char ip_str1[32] = "10.0.1.20";
char ip_str2[32] = "10.0.1.25";
char ip_str3[32] = "10.0.1.26";
uint16_t port1 = 1;
uint16_t port2 = 443;
struct addr_4tuple addr;
addr.type = IP_TYPE_V4;
int ret = inet_pton(AF_INET, ip_str1, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
addr.ipv4.sport = htons(port1);
int results[3] = {-1};
size_t n_result = 0;
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 1);
EXPECT_EQ(results[0], 8);
ret = inet_pton(AF_INET, ip_str2, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
addr.ipv4.sport = htons(port2);
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 1);
EXPECT_EQ(results[0], 8);
ret = inet_pton(AF_INET, ip_str3, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
addr.ipv4.sport = htons(port2);
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 0);
}
TEST(maat_scan_ipv4, hit_ip_cidr_and_port_range) {
struct table_schema_manager *table_schema_mgr = g_maat_instance->table_schema_mgr;
int table_id = table_schema_manager_get_table_id(table_schema_mgr, "IP_PLUS_CONFIG");
char ip_str1[32] = "192.168.0.1";
char ip_str2[32] = "192.168.0.0";
uint16_t port = 5210;
struct addr_4tuple addr;
addr.type = IP_TYPE_V4;
int ret = inet_pton(AF_INET, ip_str1, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
addr.ipv4.sport = htons(port);
int results[3] = {-1};
size_t n_result = 0;
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 1);
EXPECT_EQ(results[0], 50);
ret = inet_pton(AF_INET, ip_str2, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 0);
}
TEST(maat_scan_ipv4, hit_ip_cidr_and_port_mask) {
struct table_schema_manager *table_schema_mgr = g_maat_instance->table_schema_mgr;
int table_id = table_schema_manager_get_table_id(table_schema_mgr, "IP_PLUS_CONFIG");
char ip_str[32] = "192.168.40.10";
uint16_t port = 443;
struct addr_4tuple addr;
addr.type = IP_TYPE_V4;
int ret = inet_pton(AF_INET, ip_str, &addr.ipv4.sip);
EXPECT_EQ(ret, 1);
addr.ipv4.sport = htons(port);
int results[3] = {-1};
size_t n_result = 0;
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 2);
EXPECT_EQ(results[0], 63);
EXPECT_EQ(results[1], 67);
port = 442;
addr.ipv4.sport = htons(port);
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 0);
}
TEST(maat_scan_ipv6, hit_ip_range_and_port_mask) {
struct table_schema_manager *table_schema_mgr = g_maat_instance->table_schema_mgr;
int table_id = table_schema_manager_get_table_id(table_schema_mgr, "IP_PLUS_CONFIG");
char ip_str[32] = "1001:da8:205:1::101";
uint16_t port = 5210;
struct addr_4tuple addr;
addr.type = IP_TYPE_V6;
int ret = inet_pton(AF_INET6, ip_str, &addr.ipv6.sip);
EXPECT_EQ(ret, 1);
addr.ipv6.sport = htons(port);
int results[3] = {-1};
size_t n_result = 0;
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 1);
EXPECT_EQ(results[0], 47);
port = 442;
addr.ipv6.sport = htons(port);
ret = maat_scan_ip(g_maat_instance, table_id, 0, &addr, results, &n_result, nullptr);
EXPECT_EQ(ret, 0);
EXPECT_EQ(n_result, 0);
}
int main(int argc, char ** argv)

1
test/maat_input_mode_gtest.cpp
View File

@@ -205,6 +205,7 @@ TEST(redis_mode, maat_scan_string) {
EXPECT_EQ(n_result_array, 1);
EXPECT_EQ(result_array[0], 30);
log_handle_destroy(maat_instance->logger);
maat_free(maat_instance);
}