gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feature/scan ip port together support endpoint object

Browse Source
This commit is contained in:
郑超
2024-03-27 11:19:39 +00:00
committed by liuwentan
parent 35d60d06b5
commit 99f98abbcd
30 changed files with 942 additions and 1064 deletions
Download Patch File Download Diff File Expand all files Collapse all files

497
test/maat_framework_gtest.cpp
View File

@@ -2,6 +2,7 @@
#include <dirent.h>
#include <openssl/md5.h>
#include "test_utils.h"
#include "maat.h"
#include "maat_rule.h"
#include "maat_utils.h"
@@ -18,286 +19,12 @@
#define HIT_PATH_SIZE 128
#define WAIT_FOR_EFFECTIVE_S 2
const char *table_info_path = "./table_info.conf";
const char *json_path ="./maat_json.json";
const char *json_filename = "maat_json.json";
const char *g_table_info_path = "./table_info.conf";
const char *g_json_filename = "maat_json.json";
size_t g_thread_num = 4;
int count_line_num_cb(const char *table_name, const char *line, void *u_para)
{
(*((unsigned int *)u_para))++;
return 0;
}
int line_idx = 0;
long long absolute_expire_time = 0;
int make_serial_rule(const char *table_name, const char *line, void *u_para)
{
struct serial_rule *s_rule=(struct serial_rule *)u_para;
redisContext *ctx = s_rule->ref_ctx;
char *buff = ALLOC(char, strlen(line) + 1);
memcpy(buff, line, strlen(line) + 1);
while (buff[strlen(line) - 1] == '\n' || buff[strlen(line) - 1] == '\t') {
buff[strlen(line) - 1] = '\0';
}
const char *redis_rule_key = "TEST_RULE_KEY";
redisReply *reply = maat_wrap_redis_command(ctx, NULL, "INCRBY %s %d",
redis_rule_key, 1);
if (reply->type == REDIS_REPLY_NIL) {
printf("incrby redis_rule_key:%s failed.", redis_rule_key);
return -1;
} else {
s_rule->rule_id = maat_read_redis_integer(reply);
freeReplyObject(reply);
reply = NULL;
}
maat_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, s_rule->rule_id,
table_name, buff, absolute_expire_time);
(s_rule + line_idx)->ref_ctx = ctx;
line_idx++;
FREE(buff);
return 0;
}
int write_config_to_redis(char *redis_ip, int redis_port, int redis_db,
struct log_handle *logger)
{
char json_iris_path[512] = {0};
snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp",
json_filename);
redisContext *c = maat_connect_redis(redis_ip, redis_port, redis_db, logger);
if (NULL == c) {
return -1;
}
redisReply *reply = maat_wrap_redis_command(c, logger, "flushdb");
if (NULL == reply) {
return -1;
} else {
freeReplyObject(reply);
reply = NULL;
}
if (0 == access(json_iris_path, F_OK)) {
system_cmd_rmdir(json_iris_path);
}
if (access(json_iris_path, F_OK) < 0) {
char tmp_iris_path[128] = {0};
char *json_buff = NULL;
size_t json_buff_sz = 0;
int ret = load_file_to_memory(json_filename, (unsigned char **)&json_buff,
&json_buff_sz);
if (ret < 0) {
return -1;
}
ret = json2iris(json_buff, json_filename, c, tmp_iris_path,
sizeof(tmp_iris_path), NULL, NULL, logger);
FREE(json_buff);
if (ret < 0) {
return -1;
}
}
size_t total_line_cnt = 0;
char tmp_iris_full_idx_path[PATH_MAX] = {0};
snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index",
json_iris_path);
config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb,
NULL, &total_line_cnt, NULL, logger);
struct serial_rule *s_rule = ALLOC(struct serial_rule, total_line_cnt);
s_rule->ref_ctx = c;
long long server_time = maat_redis_server_time_s(c);
if (server_time < 0) {
return -1;
}
absolute_expire_time = server_time + 300;
config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, make_serial_rule,
NULL, s_rule, NULL, logger);
s_rule->ref_ctx = NULL;
line_idx = 0;
absolute_expire_time = 0;
int success_cnt = 0;
do {
success_cnt = maat_cmd_write_rule(c, s_rule, total_line_cnt,
server_time, logger);
} while (success_cnt < 0);
EXPECT_EQ(success_cnt, (int)total_line_cnt);
for (size_t i = 0; i < total_line_cnt; i++) {
maat_clear_rule_cache(s_rule + i);
}
FREE(s_rule);
redisFree(c);
return 0;
}
int compile_table_set_line(struct maat *maat_inst, const char *table_name,
enum maat_operation op, long long compile_id,
const char *user_region, int clause_num,
int expire_after)
{
char table_line[1024 * 16] = {0};
sprintf(table_line, "%lld\t0\t0\t0\t0\t0\t%s\t%d\t%d\t0.0",
compile_id, user_region, clause_num, op);
struct maat_cmd_line line_rule;
line_rule.rule_id = compile_id;
line_rule.table_line = table_line;
line_rule.table_name = table_name;
line_rule.expire_after = expire_after;
return maat_cmd_set_line(maat_inst, &line_rule);
}
#define TO_GROUP2X_KEY(group_id, parent_id, clause_index) (((unsigned long)group_id<<32|parent_id) + clause_index)
int group2compile_table_set_line(struct maat *maat_inst, const char *table_name,
enum maat_operation op, long long group_id,
long long compile_id, int not_flag,
const char *vtable_name, int clause_index,
int expire_after)
{
char table_line[128] = {0};
sprintf(table_line, "%lld\t%lld\t%d\t%s\t%d\t%d",
group_id, compile_id, not_flag, vtable_name, clause_index, op);
struct maat_cmd_line line_rule;
line_rule.rule_id = TO_GROUP2X_KEY(group_id, compile_id, clause_index);
line_rule.table_line = table_line;
line_rule.table_name = table_name;
line_rule.expire_after = expire_after;
return maat_cmd_set_line(maat_inst, &line_rule);
}
int group2group_table_set_line(struct maat *maat_inst, const char *table_name,
enum maat_operation op, long long group_id,
long long sub_group_id, int expire_after)
{
char table_line[128] = {0};
sprintf(table_line, "%lld\t%lld\t%s\t%d", group_id, sub_group_id,
"null", op);
struct maat_cmd_line line_rule;
line_rule.rule_id = TO_GROUP2X_KEY(group_id, sub_group_id, 0);
line_rule.table_line = table_line;
line_rule.table_name = table_name;
line_rule.expire_after = expire_after;
return maat_cmd_set_line(maat_inst, &line_rule);
}
int expr_table_set_line(struct maat *maat_inst, const char *table_name,
enum maat_operation op, long long item_id,
long long group_id, const char *keywords,
const char *district, int expr_type,
int match_method, int is_hexbin, int expire_after)
{
char table_line[1024] = {0};
int table_id = maat_get_table_id(maat_inst, table_name);
if (table_id < 0) {
return 0;
}
enum table_type table_type = table_manager_get_table_type(maat_inst->tbl_mgr,
table_id);
assert(table_type == TABLE_TYPE_EXPR || table_type == TABLE_TYPE_EXPR_PLUS);
if (table_type == TABLE_TYPE_EXPR_PLUS) {
sprintf(table_line, "%lld\t%lld\t%s\t%s\t%d\t%d\t%d\t%d",
item_id, group_id, district, keywords, expr_type,
match_method, is_hexbin, op);
} else {
sprintf(table_line, "%lld\t%lld\t%s\t%d\t%d\t%d\t%d",
item_id, group_id, keywords, expr_type,
match_method, is_hexbin, op);
}
struct maat_cmd_line line_rule;
line_rule.rule_id = item_id;
line_rule.table_line = table_line;
line_rule.table_name = table_name;
line_rule.expire_after = expire_after;
return maat_cmd_set_line(maat_inst, &line_rule);
}
int
interval_table_set_line(struct maat *maat_inst, const char *table_name,
enum maat_operation op, long long item_id, long long group_id,
unsigned int low_boundary, unsigned int up_boundary,
const char *district, int expire_after)
{
char table_line[1024] = {0};
int table_id = maat_get_table_id(maat_inst, table_name);
if (table_id < 0) {
return 0;
}
enum table_type table_type = table_manager_get_table_type(maat_inst->tbl_mgr,
table_id);
assert(table_type == TABLE_TYPE_INTERVAL || table_type == TABLE_TYPE_INTERVAL_PLUS);
if (table_type == TABLE_TYPE_INTERVAL_PLUS) {
sprintf(table_line, "%lld\t%lld\t%s\t%u\t%u\t%d",
item_id, group_id, district, low_boundary, up_boundary, op);
} else {
sprintf(table_line, "%lld\t%lld\t%u\t%u\t%d",
item_id, group_id, low_boundary, up_boundary, op);
}
struct maat_cmd_line line_rule;
line_rule.rule_id = item_id;
line_rule.table_line = table_line;
line_rule.table_name = table_name;
line_rule.expire_after = expire_after;
return maat_cmd_set_line(maat_inst, &line_rule);
}
int ip_table_set_line(struct maat *maat_inst, const char *table_name,
enum maat_operation op, long long item_id,
long long group_id, enum IP_TYPE type, const char *ip1,
const char *ip2, int expire_after)
{
char table_line[1024] = {0};
int table_id = maat_get_table_id(maat_inst, table_name);
if (table_id < 0) {
return 0;
}
int ip_type = IPV4;
if (type == IPv6) {
ip_type = IPV6;
}
sprintf(table_line, "%lld\t%lld\t%d\t%s\t%s\t%s\t%d",
item_id, group_id, ip_type, "range", ip1, ip2, op);
struct maat_cmd_line line_rule;
line_rule.rule_id = item_id;
line_rule.table_line = table_line;
line_rule.table_name = table_name;
line_rule.expire_after = expire_after;
return maat_cmd_set_line(maat_inst, &line_rule);
}
int test_add_expr_command(struct maat *maat_inst, const char *expr_table,
long long compile_id, int timeout,
@@ -369,7 +96,7 @@ protected:
maat_options_set_json_file_decrypt_key(opts, json_decrypt_key);
maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -467,7 +194,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__);
@@ -481,7 +208,7 @@ protected:
maat_options_set_accept_tags(opts, accept_tags);
maat_options_set_hit_path_enabled(opts);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -773,7 +500,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -789,7 +516,7 @@ protected:
maat_options_set_hit_path_enabled(opts);
maat_options_set_expr_engine(opts, MAAT_EXPR_ENGINE_HS);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -1685,7 +1412,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -1701,7 +1428,7 @@ protected:
maat_options_set_expr_engine(opts, MAAT_EXPR_ENGINE_RS);
maat_options_set_hit_path_enabled(opts);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -2607,18 +2334,17 @@ protected:
maat_options_set_redis(opts, redis_ip, redis_port, redis_db);
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
assert(_shared_maat_inst != NULL);
maat_cmd_flushDB(_shared_maat_inst);
maat_free(_shared_maat_inst);
maat_options_set_foreign_cont_dir(opts, "./foreign_files/");
maat_options_set_rule_effect_interval_ms(opts, 0);
maat_options_set_gc_timeout_ms(opts, 0); // start GC immediately
maat_options_set_stat_file(opts, "./stat.log");
maat_options_set_perf_on(opts);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
}
@@ -2721,19 +2447,18 @@ protected:
maat_options_set_redis(opts, redis_ip, redis_port, redis_db);
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
assert(_shared_maat_inst != NULL);
maat_cmd_flushDB(_shared_maat_inst);
maat_free(_shared_maat_inst);
maat_options_set_foreign_cont_dir(opts, "./foreign_files/");
maat_options_set_rule_effect_interval_ms(opts, 0);
maat_options_set_gc_timeout_ms(opts, 0); // start GC immediately
maat_options_set_stat_file(opts, "./stat.log");
maat_options_set_perf_on(opts);
maat_options_set_expr_engine(opts, MAAT_EXPR_ENGINE_RS);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
}
@@ -2828,7 +2553,7 @@ TEST_F(MaatRsStreamScan, dynamic_config) {
state = NULL;
}
class MaatIPScan : public testing::Test
class IPScan : public testing::Test
{
protected:
static void SetUpTestCase() {
@@ -2839,7 +2564,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -2853,11 +2578,11 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] create maat instance in MaatIPScan failed.",
"[%s:%d] create maat instance in IPScan failed.",
__FUNCTION__, __LINE__);
}
}
@@ -2871,12 +2596,12 @@ protected:
static struct maat *_shared_maat_inst;
};
struct maat *MaatIPScan::_shared_maat_inst;
struct log_handle *MaatIPScan::logger;
struct maat *IPScan::_shared_maat_inst;
struct log_handle *IPScan::logger;
TEST_F(MaatIPScan, IPv4ScanDataFull_0) {
TEST_F(IPScan, IPv4Unspecified) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -2903,9 +2628,9 @@ TEST_F(MaatIPScan, IPv4ScanDataFull_0) {
state = NULL;
}
TEST_F(MaatIPScan, IPv4ScanDataFull_1) {
TEST_F(IPScan, IPv4Broadcast) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -2932,9 +2657,9 @@ TEST_F(MaatIPScan, IPv4ScanDataFull_1) {
state = NULL;
}
TEST_F(MaatIPScan, IPv4RuleFull_0) {
TEST_F(IPScan, MatchSingleIPv4) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -2962,9 +2687,9 @@ TEST_F(MaatIPScan, IPv4RuleFull_0) {
state = NULL;
}
TEST_F(MaatIPScan, IPv6ScanDataFull_0) {
TEST_F(IPScan, IPv6Unspecified) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -2991,9 +2716,9 @@ TEST_F(MaatIPScan, IPv6ScanDataFull_0) {
maat_state_free(state);
}
TEST_F(MaatIPScan, IPv6ScanDataFull_1) {
TEST_F(IPScan, IPv6Broadcast) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -3019,9 +2744,9 @@ TEST_F(MaatIPScan, IPv6ScanDataFull_1) {
maat_state_free(state);
}
TEST_F(MaatIPScan, IPv6RuleFull_0) {
TEST_F(IPScan, MatchSingleIPv6) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -3050,9 +2775,9 @@ TEST_F(MaatIPScan, IPv6RuleFull_0) {
state = NULL;
}
TEST_F(MaatIPScan, IPv4_IPPort) {
TEST_F(IPScan, MatchIPv4Range) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -3080,10 +2805,39 @@ TEST_F(MaatIPScan, IPv4_IPPort) {
maat_state_free(state);
state = NULL;
}
TEST_F(MaatIPScan, IPv6_IPPort) {
TEST_F(IPScan, MatchIPv4Port) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
ASSERT_GT(table_id, 0);
char ip_str[32] = "192.168.30.44";
uint32_t sip;
int ret = inet_pton(AF_INET, ip_str, &sip);
EXPECT_EQ(ret, 1);
long long results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0;
struct maat_state *state = maat_state_new(maat_inst, thread_id);
ret = maat_scan_ipv4_port(maat_inst, table_id, sip, 443, results, ARRAY_SIZE,
&n_hit_result, state);
EXPECT_EQ(ret, MAAT_SCAN_OK);
EXPECT_EQ(n_hit_result, 0);
ret = maat_scan_ipv4_port(maat_inst, table_id, sip, 80, results, ARRAY_SIZE,
&n_hit_result, state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
EXPECT_EQ(results[0], 232);
maat_state_free(state);
state = NULL;
}
TEST_F(IPScan, MatchIPv6Range) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -3109,10 +2863,43 @@ TEST_F(MaatIPScan, IPv6_IPPort) {
maat_state_free(state);
state = NULL;
}
TEST_F(IPScan, MatchIPv6Port) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
TEST_F(MaatIPScan, BugReport20210515) {
int table_id = maat_get_table_id(maat_inst, table_name);
char ip_str[32] = "2607:5d00:2:2::32:28";
int port=443;
uint8_t sip[16];
int ret = inet_pton(AF_INET6, ip_str, &sip);
EXPECT_EQ(ret, 1);
long long results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0;
struct maat_state *state = maat_state_new(maat_inst, thread_id);
ret = maat_scan_ipv6_port(maat_inst, table_id, sip, port, results, ARRAY_SIZE,
&n_hit_result, state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 2);
EXPECT_EQ(results[0], 230);
EXPECT_EQ(results[1], 210);
maat_state_reset(state);
//If the port is not present, should not match rules with port range. In this case, only rule 210 "::/0" should match.
ret = maat_scan_ipv6(maat_inst, table_id, sip, results, ARRAY_SIZE,
&n_hit_result, state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
EXPECT_EQ(results[0], 210);
maat_state_free(state);
state = NULL;
}
TEST_F(IPScan, BugReport20210515) {
const char *table_name = "IP_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -3136,9 +2923,9 @@ TEST_F(MaatIPScan, BugReport20210515) {
state = NULL;
}
TEST_F(MaatIPScan, dynamic_config) {
TEST_F(IPScan, RuleUpdates) {
const char *table_name = "IP_PLUS_CONFIG";
struct maat *maat_inst = MaatIPScan::_shared_maat_inst;
struct maat *maat_inst = IPScan::_shared_maat_inst;
int thread_id = 0;
int table_id = maat_get_table_id(maat_inst, table_name);
@@ -3236,7 +3023,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__);
@@ -3249,7 +3036,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -3372,7 +3159,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__);
@@ -3385,7 +3172,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -3471,7 +3258,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -3485,7 +3272,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -4730,7 +4517,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -4744,7 +4531,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -5117,7 +4904,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -5131,7 +4918,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_DEBUG);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -5381,7 +5168,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -5395,7 +5182,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -5521,7 +5308,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -5535,7 +5322,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -5661,7 +5448,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -5675,7 +5462,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -5832,7 +5619,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -5846,7 +5633,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -5919,7 +5706,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -5933,7 +5720,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -5985,7 +5772,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -6000,7 +5787,7 @@ protected:
maat_options_set_accept_tags(opts, accept_tags);
maat_options_set_hit_path_enabled(opts);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -6138,7 +5925,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -6153,7 +5940,7 @@ protected:
maat_options_set_accept_tags(opts, accept_tags);
maat_options_set_hit_path_enabled(opts);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -6320,7 +6107,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -6335,7 +6122,7 @@ protected:
maat_options_set_accept_tags(opts, accept_tags);
maat_options_set_hit_path_enabled(opts);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -6732,7 +6519,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -6746,7 +6533,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -6806,8 +6593,6 @@ protected:
static void SetUpTestCase() {
const char *rule_folder = "./ntcrule/full/index";
const char *table_info = "./file_test_tableinfo.conf";
int scan_interval_ms = 500;
int effective_interval_ms = 0;
struct maat_options *opts = maat_options_new();
maat_options_set_caller_thread_number(opts, g_thread_num);
@@ -6815,8 +6600,7 @@ protected:
maat_options_set_stat_file(opts, "./stat.log");
maat_options_set_perf_on(opts);
maat_options_set_iris(opts, rule_folder, rule_folder);
maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms);
maat_options_set_rule_effect_interval_ms(opts, effective_interval_ms);
maat_options_set_rule_update_checking_interval_ms(opts, 500);
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
_shared_maat_inst = maat_new(opts, table_info);
@@ -6909,7 +6693,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.",
@@ -6923,7 +6707,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -7282,15 +7066,14 @@ protected:
maat_options_set_hit_path_enabled(opts);
maat_options_set_hit_group_enabled(opts);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
assert(_shared_maat_inst != NULL);
maat_cmd_flushDB(_shared_maat_inst);
maat_free(_shared_maat_inst);
maat_options_set_foreign_cont_dir(opts, "./foreign_files/");
maat_options_set_rule_effect_interval_ms(opts, 1000);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
_ex_data_counter = ALLOC(int, 1);
@@ -11207,7 +10990,7 @@ protected:
int redis_db = 0;
logger = log_handle_create("./maat_framework_gtest.log", 0);
int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
if (ret < 0) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
"[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__);
@@ -11220,7 +11003,7 @@ protected:
maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO);
maat_options_set_accept_tags(opts, accept_tags);
_shared_maat_inst = maat_new(opts, table_info_path);
_shared_maat_inst = maat_new(opts, g_table_info_path);
maat_options_free(opts);
if (NULL == _shared_maat_inst) {
log_fatal(logger, MODULE_FRAMEWORK_GTEST,
@@ -11368,7 +11151,7 @@ TEST_F(MaatRollbackTest, FullConfigRollback) {
ret = clear_config_in_redis(c, logger);
EXPECT_EQ(ret, 0);
ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
EXPECT_EQ(ret, 0);
ret = rollback_redis_version(c, logger);
@@ -11428,7 +11211,7 @@ TEST_F(MaatRollbackTest, FullConfigRollbackWhenScanUnfinished) {
ret = clear_config_in_redis(c, logger);
EXPECT_EQ(ret, 0);
ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger);
ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger);
EXPECT_EQ(ret, 0);
ret = rollback_redis_version(c, logger);