gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

新增IP回调表,可以进行IPv4和IPv6的区间匹配。

Browse Source
This commit is contained in:
zhengchao
2020-05-03 17:19:48 +08:00
parent 8729ebfbbe
commit 9d0d510348
14 changed files with 694 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/entry/Maat_api.cpp
View File

@@ -1380,6 +1380,27 @@ MAAT_PLUGIN_EX_DATA Maat_plugin_get_EX_data(Maat_feather_t feather, int table_id
exdata=Maat_table_runtime_plugin_get_ex_data(table_rt, table_desc, key);
return exdata;
}
int Maat_IP_plugin_get_EX_data(Maat_feather_t feather, int table_id, const struct ip_address* ip, MAAT_PLUGIN_EX_DATA* ex_data_array, size_t n_ex_data)
{
struct _Maat_feather_t* _feather=(_Maat_feather_t*)feather;
struct Maat_table_schema *table_desc=NULL;
struct Maat_table_runtime *table_rt=NULL;
int n_get=0;
if(_feather->scanner==NULL)
{
return 0;
}
table_desc=Maat_table_get_scan_by_id(_feather->table_mgr, table_id, TABLE_TYPE_PLUGIN, NULL);
table_rt=Maat_table_runtime_get(_feather->scanner->table_rt_mgr, table_id);
if(table_rt->table_type!=TABLE_TYPE_IP_PLUGIN)
{
return -1;
}
n_get=Maat_table_runtime_ip_plugin_get_N_ex_data(table_rt, table_desc, ip, ex_data_array, n_ex_data);
return n_get;
}
int Maat_full_scan_string_detail(Maat_feather_t feather,int table_id
,enum MAAT_CHARSET charset,const char* data,int data_len

230
src/entry/Maat_rule.cpp
View File

@@ -2410,142 +2410,7 @@ error_out:
free(maat_str_rule);
maat_str_rule=NULL;
}
enum MAAT_IP_FORMAT
{
FORMAT_RANGE,
FORMAT_MASK,
FORMAT_CIDR,
FORMAT_UNKNOWN
};
enum MAAT_IP_FORMAT ip_format_str2int(const char* format)
{
if(0==strcasecmp(format, "range"))
{
return FORMAT_RANGE;
}
else if(0==strcasecmp(format, "mask"))
{
return FORMAT_MASK;
}
else if(0==strcasecmp(format, "CIDR"))
{
return FORMAT_CIDR;
}
else
{
assert(0);
}
return FORMAT_UNKNOWN;
}
int ip_format2range(int ip_type, enum MAAT_IP_FORMAT format, const char* ip1, const char* ip2, unsigned int range_begin[], unsigned int range_end[])
{
unsigned int ipv4_addr=0, ipv4_mask=0, ipv4_range_end=0;
unsigned int ipv6_addr[4]={0}, ipv6_mask[4]={0}, ipv6_range_end[4]={0};
int cidr=0, bit32=0;
int ret=0, i=0;
if(ip_type!=4 && ip_type!=6)
{
assert(0);
return -1;
}
if(ip_type==4)
{
ret=inet_pton(AF_INET, ip1, &ipv4_addr);
if(ret<=0)
{
return -1;
}
ipv4_addr=ntohl(ipv4_addr);
switch (format)
{
case FORMAT_RANGE:
range_begin[0]=ipv4_addr;
ret=inet_pton(AF_INET, ip2, &ipv4_range_end);
if(ret<=0)
{
return -1;
}
ipv4_range_end=ntohl(ipv4_range_end);
range_end[0]=ipv4_range_end;
break;
case FORMAT_MASK:
ret=inet_pton(AF_INET, ip2, &ipv4_mask);
if(ret<=0)
{
return -1;
}
ipv4_mask=ntohl(ipv4_mask);
range_begin[0]=ipv4_addr&ipv4_mask;
range_end[0]=ipv4_addr|~ipv4_mask;
break;
case FORMAT_CIDR:
cidr=atoi(ip2);
if(cidr>32||cidr<0)
{
return -1;
}
ipv4_mask = (0xFFFFFFFFUL << (32 - cidr)) & 0xFFFFFFFFUL;
range_begin[0]=ipv4_addr&ipv4_mask;
range_end[0]=ipv4_addr|~ipv4_mask;
break;
default:
assert(0);
}
}
else //ipv6
{
ret=inet_pton(AF_INET6, ip1, ipv6_addr);
if(ret<=0)
{
return -1;
}
ipv6_ntoh(ipv6_addr);
switch(format)
{
case FORMAT_RANGE:
ret=inet_pton(AF_INET6, ip2, ipv6_range_end);
if(ret<=0)
{
return -1;
}
ipv6_ntoh(ipv6_range_end);
memcpy(range_begin, ipv6_addr, sizeof(ipv6_addr));
memcpy(range_end, ipv6_range_end, sizeof(ipv6_range_end));
break;
case FORMAT_MASK:
ret=inet_pton(AF_INET6, ip2, ipv6_mask);
if(ret<=0)
{
return -1;
}
ipv6_ntoh(ipv6_mask);
for(i=0; i<4; i++)
{
range_begin[i]=ipv6_addr[i]&ipv6_mask[i];
range_end[i] = ipv6_addr[i]|~ipv6_mask[i];
}
break;
case FORMAT_CIDR:
cidr=atoi(ip2);
if(cidr>128||cidr<0)
{
return -1;
}
for(i=0; i<4; i++)
{
bit32=128-cidr-32*(3-i);
if(bit32<0) bit32=0;
ipv6_mask[i]=(0xFFFFFFFFUL << bit32) & 0xFFFFFFFFUL;
range_begin[i]=ipv6_addr[i]&ipv6_mask[i];
range_end[i] = ipv6_addr[i]|~ipv6_mask[i];
}
break;
default:
assert(0);
}
}
return 0;
}
void update_ip_rule(struct Maat_table_schema* table, const char* table_line, struct Maat_scanner *scanner, void* logger)
{
struct db_ip_rule_t* ip_rule=(struct db_ip_rule_t*)calloc(sizeof(struct db_ip_rule_t),1);
@@ -3032,12 +2897,12 @@ void garbage_bagging_with_timeout(enum maat_garbage_type type,void *p, int timeo
MESA_lqueue_join_tail(garbage_q,&bag,sizeof(void*));
return;
}
void garbage_bagging(enum maat_garbage_type type,void *p,MESA_lqueue_head garbage_q)
void garbage_bagging(enum maat_garbage_type type, void *p, MESA_lqueue_head garbage_q)
{
garbage_bagging_with_timeout(type, p, -1, garbage_q);
return;
}
void garbage_bury(MESA_lqueue_head garbage_q,int timeout,void *logger)
void garbage_bury(MESA_lqueue_head garbage_q, int timeout, void *logger)
{
UNUSED MESA_queue_errno_t q_ret=MESA_QUEUE_RET_OK;
_maat_garbage_t* bag=NULL;
@@ -3117,6 +2982,10 @@ void garbage_bury(MESA_lqueue_head garbage_q,int timeout,void *logger)
free(bag->filename);
bag->filename=NULL;
break;
case GARBAGE_IP_MATCHER:
ip_matcher_free(bag->a_ip_matcher);
bag->a_ip_matcher=NULL;
break;
default:
assert(0);
}
@@ -3131,7 +3000,7 @@ void garbage_bury(MESA_lqueue_head garbage_q,int timeout,void *logger)
q_cnt,bury_cnt);
}
}
void update_plugin_table(struct Maat_table_schema* table,const char* table_line,Maat_scanner* scanner, const struct rule_tag* tags, int n_tags, void* logger)
void update_plugin_table(struct Maat_table_schema* table, const char* table_line, Maat_scanner* scanner, const struct rule_tag* tags, int n_tags, void* logger)
{
int i=0, ret=1, matched_tag=1;
unsigned int len=strlen(table_line)+1;
@@ -3193,14 +3062,14 @@ void update_plugin_table(struct Maat_table_schema* table,const char* table_line,
}
else
{
plugin_EX_data_free(table, table_line, table_rt->plugin.key2ex_hash, logger);
plugin_EX_data_free(table_line, plugin_desc->key_column, table_rt->plugin.key2ex_hash, logger);
}
}
if(plugin_desc->cb_plug_cnt>0)
{
for(i=0;i<plugin_desc->cb_plug_cnt;i++)
{
plugin_desc->cb_plug[i].update(table->table_id,table_line,plugin_desc->cb_plug[i].u_para);
plugin_desc->cb_plug[i].update(table->table_id, table_line, plugin_desc->cb_plug[i].u_para);
}
}
@@ -3210,10 +3079,77 @@ void update_plugin_table(struct Maat_table_schema* table,const char* table_line,
p=ALLOC(char, len);
memcpy(p,table_line,len);
table_rt->plugin.cache_size+=len;
dynamic_array_write(table_rt->plugin.cache_lines,table_rt->plugin.cache_line_num,p);
dynamic_array_write(table_rt->plugin.cache_lines, table_rt->plugin.cache_line_num, p);
table_rt->plugin.cache_line_num++;
}
}
void update_ip_plugin_table(struct Maat_table_schema* table,const char* table_line,Maat_scanner* scanner, const struct rule_tag* tags, int n_tags, void* logger)
{
int ret=1, matched_tag=1;
struct ip_plugin_table_schema* ip_plugin_schema=&(table->ip_plugin);
struct Maat_table_runtime* table_rt=Maat_table_runtime_get(scanner->table_rt_mgr, table->table_id);
struct ip_plugin_runtime* ip_plugin_rt=&(table_rt->ip_plugin);
char* copy=NULL;
size_t is_valid_offset=0, valid_len=0;
size_t accept_tag_offset=0, accept_tag_len=0;
if(ip_plugin_schema->rule_tag_column>0&&n_tags>0)
{
ret=Maat_helper_read_column(table_line, ip_plugin_schema->rule_tag_column, &accept_tag_offset, &accept_tag_len);
if(ret<0)
{
MESA_handle_runtime_log(logger,RLOG_LV_FATAL,maat_module ,
"update error, could not locate tag in column %d of plugin table %s:%s",
ip_plugin_schema->rule_tag_column,
table->table_name[table->updating_name],
table_line);
table->udpate_err_cnt++;
return;
}
if(accept_tag_len>2)
{
copy=ALLOC(char, accept_tag_len+1);
memcpy(copy, table_line+accept_tag_offset, accept_tag_len);
matched_tag=compare_accept_tag(copy, tags, n_tags);
if(matched_tag<0)
{
MESA_handle_runtime_log(logger, RLOG_LV_FATAL, maat_module,
"update error, invalid tag format of ip_plugin table %s:%s",
table->table_name[table->updating_name], table_line);
table->udpate_err_cnt++;
}
if(matched_tag==0)
{
table->unmatch_tag_cnt++;
}
free(copy);
copy=NULL;
}
if(!matched_tag)
{
return;
}
}
ret=Maat_helper_read_column(table_line, ip_plugin_schema->valid_flag_column, &is_valid_offset, &valid_len);
//thread safe is protected by background_update_mutex
if(atoi(table_line+is_valid_offset)==1)
{
ret=plugin_EX_data_new(table, table_line, ip_plugin_rt->rowid2ex_hash, logger);
if(ret==0)
{
ip_plugin_rt->row_num++;
}
}
else
{
ret=plugin_EX_data_free(table_line, ip_plugin_schema->row_id_column, ip_plugin_rt->rowid2ex_hash, logger);
if(ret==0)
{
ip_plugin_rt->row_num--;
}
}
}
void vector_print(igraph_vector_t *v) {
long int i;
for (i=0; i<igraph_vector_size(v); i++) {
@@ -3302,6 +3238,7 @@ void do_scanner_update(struct Maat_scanner* scanner, MESA_lqueue_head garbage_q,
struct bool_matcher *tmp1=NULL,*tmp2=NULL;
MESA_htable_handle tmp_map=NULL;
struct Maat_table_runtime* table_rt=NULL;
struct ip_matcher* old_ip_matcher=NULL;
int i=0, ret=0;
igraph_bool_t is_dag;
igraph_is_dag(&(scanner->group_graph), &is_dag);
@@ -3355,7 +3292,10 @@ void do_scanner_update(struct Maat_scanner* scanner, MESA_lqueue_head garbage_q,
"GIE_update error.");
}
break;
case TABLE_TYPE_PLUGIN:
case TABLE_TYPE_IP_PLUGIN:
Maat_table_runtime_rebuild_ip_matcher(table_rt);
old_ip_matcher=Maat_table_runtime_dettach_old_ip_matcher(table_rt);
garbage_bagging(GARBAGE_IP_MATCHER, old_ip_matcher, garbage_q);
break;
default:
break;
@@ -3513,6 +3453,10 @@ int maat_update_cb(const char* table_name,const char* line,void *u_para)
break;
case TABLE_TYPE_PLUGIN:
update_plugin_table(p_table, line, scanner, feather->accept_tags, feather->n_tags, feather->logger);
break;
case TABLE_TYPE_IP_PLUGIN:
update_ip_plugin_table(p_table, line, scanner, feather->accept_tags, feather->n_tags, feather->logger);
break;
default:
break;

118
src/entry/Maat_table.cpp
View File

@@ -74,7 +74,7 @@ int read_expr_table_info(const char* line, struct Maat_table_schema* table, MESA
}
return 0;
}
int read_virtual_table_info(const char* line, struct Maat_table_schema* table, MESA_htable_handle string2int_map)
int read_virtual_table_schema(const char* line, struct Maat_table_schema* table, MESA_htable_handle string2int_map)
{
int ret=0;
char table_type[16];
@@ -117,8 +117,11 @@ int _read_integer_arrary(char* string, int *array, int size)
}
return i;
}
#define COLUMN_PLUGIN_DESCR_JSON 4
int read_plugin_table_description(const char* line, struct Maat_table_schema* p)
#define COLUMN_PLUGIN_SCHEMA_JSON 4
#define COLUMN_IP_PLUGIN_SCHEMA_JSON 4
#define COLUMN_COMPOSITION_SCHEMA_JSON 4
int read_plugin_table_schema(const char* line, struct Maat_table_schema* p)
{
int i=0,ret=0;
size_t offset=0, len=0;
@@ -126,7 +129,7 @@ int read_plugin_table_description(const char* line, struct Maat_table_schema* p)
char* copy_line=NULL, *plug_info=NULL;
struct plugin_table_schema* plugin_desc=&(p->plugin);
copy_line=_maat_strdup(line);
ret=get_column_pos(copy_line, COLUMN_PLUGIN_DESCR_JSON, &offset, &len);
ret=get_column_pos(copy_line, COLUMN_PLUGIN_SCHEMA_JSON, &offset, &len);
if(ret<0)
{
goto error_out;
@@ -202,7 +205,97 @@ error_out:
free(copy_line);
return -1;
}
#define COLUMN_COMPOSITION_SCHEMA_JSON 4
int read_ip_plugin_table_schema(const char* line, struct Maat_table_schema* p)
{
int ret=0, read_cnt=0;
size_t offset=0, len=0;
cJSON* json=NULL, *tmp=NULL;
char* copy_line=NULL, *ip_plugin_info=NULL;
struct ip_plugin_table_schema* ip_plugin_schema=&(p->ip_plugin);
copy_line=_maat_strdup(line);
ret=get_column_pos(copy_line, COLUMN_IP_PLUGIN_SCHEMA_JSON, &offset, &len);
if(ret<0)
{
goto error_out;
}
if(offset+len<strlen(copy_line))
{
copy_line[offset+len+1]='\0';
}
ip_plugin_info=copy_line+offset;
json=cJSON_Parse(ip_plugin_info);
if(!json)
{
goto error_out;
}
tmp=cJSON_GetObjectItem(json, "row_id");
if(tmp!=NULL && tmp->type==cJSON_Number)
{
ip_plugin_schema->row_id_column=tmp->valueint;
read_cnt++;
}
tmp=cJSON_GetObjectItem(json, "ip_type");
if(tmp!=NULL && tmp->type==cJSON_Number)
{
ip_plugin_schema->ip_type_column=tmp->valueint;
read_cnt++;
}
tmp=cJSON_GetObjectItem(json, "start_ip");
if(tmp!=NULL && tmp->type==cJSON_Number)
{
ip_plugin_schema->start_ip_column=tmp->valueint;
read_cnt++;
}
tmp=cJSON_GetObjectItem(json, "end_ip");
if(tmp!=NULL && tmp->type==cJSON_Number)
{
ip_plugin_schema->end_ip_column=tmp->valueint;
read_cnt++;
}
tmp=cJSON_GetObjectItem(json, "valid");
if(tmp!=NULL)
{
assert(tmp->type==cJSON_Number);
ip_plugin_schema->valid_flag_column=tmp->valueint;
read_cnt++;
}
ip_plugin_schema->rule_tag_column=-1;
tmp=cJSON_GetObjectItem(json, "tag");
if(tmp!=NULL)
{
assert(tmp->type==cJSON_Number);
ip_plugin_schema->rule_tag_column=tmp->valueint;
//read_cnt++; Tag is optional, so NOT ++ intentionally.
}
ip_plugin_schema->estimate_size=4096;
tmp=cJSON_GetObjectItem(json, "estimate_size");
if(tmp!=NULL)
{
assert(tmp->type==cJSON_Number);
ip_plugin_schema->estimate_size=tmp->valueint;
//read_cnt++; estimate_size is optional, so NOT ++ intentionally.
}
cJSON_Delete(json);
free(copy_line);
if(read_cnt<5)
{
return 0;
}
else
{
return -1;
}
error_out:
free(copy_line);
return -1;
}
int read_composition_table_schema(const char* line, struct Maat_table_schema* p, MESA_htable_handle string2int_map)
{
@@ -397,6 +490,7 @@ struct Maat_table_manager* Maat_table_manager_create(const char* table_info_path
map_register(string2int_map,"ip_plus", TABLE_TYPE_IP_PLUS);
map_register(string2int_map,"compile", TABLE_TYPE_COMPILE);
map_register(string2int_map,"plugin", TABLE_TYPE_PLUGIN);
map_register(string2int_map,"ip_plugin", TABLE_TYPE_IP_PLUGIN);
map_register(string2int_map,"intval", TABLE_TYPE_INTERVAL);
map_register(string2int_map,"digest", TABLE_TYPE_DIGEST);
map_register(string2int_map,"expr_plus", TABLE_TYPE_EXPR_PLUS);
@@ -468,7 +562,7 @@ struct Maat_table_manager* Maat_table_manager_create(const char* table_info_path
}
break;
case TABLE_TYPE_PLUGIN:
ret=read_plugin_table_description(line, p);
ret=read_plugin_table_schema(line, p);
if(ret<0)
{
fprintf(stderr,"Maat read table info %s line %d error:illegal plugin info.\n", table_info_path,i);
@@ -477,6 +571,16 @@ struct Maat_table_manager* Maat_table_manager_create(const char* table_info_path
goto invalid_table;
}
break;
case TABLE_TYPE_IP_PLUGIN:
ret=read_ip_plugin_table_schema(line, p);
if(ret<0)
{
fprintf(stderr,"Maat read table info %s line %d error:illegal ip_plugin info.\n", table_info_path,i);
MESA_handle_runtime_log(logger, RLOG_LV_FATAL,maat_module,
"Maat read table info %s line %d error:illegal ip_plugin info.", table_info_path,i);
goto invalid_table;
}
break;
case TABLE_TYPE_COMPOSITION:
ret=read_composition_table_schema(line, p, string2int_map);
if(ret<0)
@@ -488,7 +592,7 @@ struct Maat_table_manager* Maat_table_manager_create(const char* table_info_path
}
break;
case TABLE_TYPE_VIRTUAL:
ret=read_virtual_table_info(line, p, string2int_map);
ret=read_virtual_table_schema(line, p, string2int_map);
if(ret<0)
{
fprintf(stderr,"Maat read table info %s line %d error:illegal virtual info.\n", table_info_path,i);

179
src/entry/Maat_table_runtime.cpp
View File

@@ -5,18 +5,22 @@
#include <MESA/MESA_handle_logger.h>
#include <MESA/MESA_list_queue.h>
#include <assert.h>
#include <sys/queue.h>
struct wrap_plugin_EX_data
{
MAAT_RULE_EX_DATA exdata;
const struct Maat_table_schema* ref_plugin_table;
int table_id;
const struct plugin_table_ex_data_schema* ex_desc;
struct ip_rule range_rule;//for ip_plugin
TAILQ_ENTRY(wrap_plugin_EX_data) entries;
};
void wrap_plugin_EX_data_free(void *data)
{
struct wrap_plugin_EX_data* wrap_data=(struct wrap_plugin_EX_data*)data;
const struct plugin_table_ex_data_schema* ex_desc= &(wrap_data->ref_plugin_table->plugin.ex_desc);
ex_desc->free_func(wrap_data->ref_plugin_table->table_id, &(wrap_data->exdata), ex_desc->argl, ex_desc->argp);
wrap_data->ref_plugin_table=NULL;
wrap_data->ex_desc->free_func(wrap_data->table_id, &(wrap_data->exdata), wrap_data->ex_desc->argl, wrap_data->ex_desc->argp);
wrap_data->ex_desc=NULL;
wrap_data->table_id=-1;
free(wrap_data);
return;
}
@@ -51,66 +55,130 @@ MESA_htable_handle wrap_plugin_EX_hash_new(long long estimate_size, Maat_plugin_
return key2ex_hash;
}
int plugin_EX_data_free(const struct Maat_table_schema* plugin_table, const char* line,
int plugin_EX_data_free(const char* line, int key_column,
MESA_htable_handle key2ex_hash, void *logger)
{
size_t key_offset=0, key_len=0;
const struct plugin_table_schema* plugin_desc= &(plugin_table->plugin);
int ret=0;
ret=get_column_pos(line, plugin_desc->key_column, &key_offset, &key_len);
ret=get_column_pos(line, key_column, &key_offset, &key_len);
if(ret<0)
{
MESA_handle_runtime_log(logger, RLOG_LV_FATAL, maat_module,
"Plugin EX data del error: cannot find column %d of %s",
plugin_desc->key_column, line);
"plugin/ip_plugin EX data del error: cannot find column %d of %s",
key_column, line);
return -1;
}
ret=MESA_htable_del(key2ex_hash, (const unsigned char*)line+key_offset, key_len, NULL);
if(ret<0)
{
MESA_handle_runtime_log(logger, RLOG_LV_FATAL, maat_module,
"Plugin EX data del error: no such key %.*s of %s",
"plugin/ip_plugin EX data del error: no such key %.*s of %s",
key_len, line+key_offset, line);
return -1;
}
return 0;
}
int ip_plugin_line_read(const struct ip_plugin_table_schema* schema, const char* line, struct ip_rule* range_rule)
{
int ret[4]={0};
size_t column_offset=0, column_len=0;
char start_ip[128]={0}, end_ip[128]={0};
ret[0]=get_column_pos(line, schema->row_id_column, &column_offset, &column_len);
range_rule->rule_id=atoi(line+column_offset);
ret[1]=get_column_pos(line, schema->ip_type_column, &column_offset, &column_len);
int ip_type=atoi(line+column_offset);
int plugin_EX_data_new(const struct Maat_table_schema* plugin_table, const char* line,
ret[2]=get_column_pos(line, schema->start_ip_column, &column_offset, &column_len);
strncpy(start_ip, line+column_offset, MIN(column_len, sizeof(start_ip)));
ret[3]=get_column_pos(line, schema->end_ip_column, &column_offset, &column_len);
strncpy(end_ip, line+column_offset, MIN(column_len, sizeof(end_ip)));
if(ret[0]<0||ret[1]<0||ret[2]<0||ret[3]<0)
{
return -1;
}
if(ip_type==4)
{
ret[0]=ip_format2range(ip_type, FORMAT_RANGE, start_ip, end_ip, &(range_rule->ipv4_rule.start_ip), &(range_rule->ipv4_rule.end_ip));
range_rule->type=IPv4;
}
else if(ip_type==6)
{
ret[0]=ip_format2range(ip_type, FORMAT_RANGE, start_ip, end_ip, range_rule->ipv6_rule.start_ip, range_rule->ipv6_rule.end_ip);
range_rule->type=IPv6;
}
else
{
return -1;
}
if(ret[0]<0)
{
return -1;
}
range_rule->rule_id=(unsigned int)atoi(line+column_offset);
range_rule->user_tag=NULL;
return 0;
}
int plugin_EX_data_new(const struct Maat_table_schema* table_schema,
const char* line,
MESA_htable_handle key2ex_hash, void *logger)
{
char* key=NULL;
size_t key_offset=0, key_len=0;
MAAT_RULE_EX_DATA exdata=NULL;
struct wrap_plugin_EX_data* wrap_data=NULL;
const struct plugin_table_schema* plugin_desc= &(plugin_table->plugin);
const struct plugin_table_ex_data_schema* ex_desc=NULL;
int key_column=-1;
struct wrap_plugin_EX_data* wrap_data=ALLOC(struct wrap_plugin_EX_data, 1);
switch(table_schema->table_type)
{
case TABLE_TYPE_PLUGIN:
ex_desc=&(table_schema->plugin.ex_desc);
key_column=table_schema->plugin.key_column;
break;
case TABLE_TYPE_IP_PLUGIN:
ex_desc=&(table_schema->ip_plugin.ex_desc);
key_column=table_schema->ip_plugin.row_id_column;
ip_plugin_line_read(&table_schema->ip_plugin, line, &(wrap_data->range_rule));
wrap_data->range_rule.user_tag=wrap_data;
break;
default:
assert(0);
break;
}
int ret=0;
ret=get_column_pos(line, plugin_desc->key_column, &key_offset, &key_len);
ret=get_column_pos(line, key_column, &key_offset, &key_len);
if(ret<0)
{
MESA_handle_runtime_log(logger, RLOG_LV_FATAL, maat_module,
"Plugin EX data add error: cannot find column %d of %s",
plugin_desc->key_column, line);
return -1;
"plugin/ip_plugin EX data add error: cannot find column %d of %s",
key_column, line);
goto error_out;
}
key=ALLOC(char, key_len+1);
memcpy(key, line+key_offset, key_len);
plugin_desc->ex_desc.new_func(plugin_table->table_id, key, line, &exdata,
plugin_desc->ex_desc.argl, plugin_desc->ex_desc.argp);
wrap_data=ALLOC(struct wrap_plugin_EX_data, 1);
ex_desc->new_func(table_schema->table_id, key, line, &exdata,
ex_desc->argl, ex_desc->argp);
wrap_data->exdata=exdata;
wrap_data->ref_plugin_table=plugin_table;
wrap_data->ex_desc=ex_desc;
wrap_data->table_id=table_schema->table_id;
ret=MESA_htable_add(key2ex_hash, (const unsigned char*)line+key_offset, key_len, wrap_data);
free(key);
if(ret<0)
{
MESA_handle_runtime_log(logger, RLOG_LV_FATAL, maat_module,
"Plugin EX data add error: duplicated key %.*s of %s",
"plugin/ip_plugin EX data add error: duplicated key %.*s of %s",
key_len, line+key_offset, line);
wrap_plugin_EX_data_free(wrap_data);
return -1;
}
return 0;
error_out:
free(wrap_data);
free(key);
return -1;
}
struct Maat_table_runtime_manager
@@ -168,6 +236,10 @@ static struct Maat_table_runtime* table_runtime_new(const struct Maat_table_sche
table_desc->plugin.ex_desc.key2index_func);
}
break;
case TABLE_TYPE_IP_PLUGIN:
table_rt->ip_plugin.rowid2ex_hash=wrap_plugin_EX_hash_new(table_desc->ip_plugin.estimate_size,
NULL);
break;
default:
break;
}
@@ -218,6 +290,12 @@ static void table_runtime_free(struct Maat_table_runtime* p)
{
MESA_htable_destroy(p->plugin.key2ex_hash, NULL);
}
break;
case TABLE_TYPE_IP_PLUGIN:
MESA_htable_destroy(p->ip_plugin.rowid2ex_hash, NULL);
ip_matcher_free(p->ip_plugin.ip_matcher);
p->ip_plugin.row_num=0;
break;
default:
break;
}
@@ -331,6 +409,22 @@ MAAT_PLUGIN_EX_DATA Maat_table_runtime_plugin_get_ex_data(struct Maat_table_runt
return exdata;
}
int Maat_table_runtime_ip_plugin_get_N_ex_data(struct Maat_table_runtime* table_rt, struct Maat_table_schema* table_schema, const struct ip_address* ip, MAAT_PLUGIN_EX_DATA* ex_data_array, size_t size)
{
struct ip_plugin_table_schema* ip_plugin_desc=NULL;
struct scan_result results[size];
int n_result=0, i=0;
ip_plugin_desc=&(table_schema->ip_plugin);
n_result=ip_matcher_match(table_rt->ip_plugin.ip_matcher, (struct ip_data*)ip, results, size);
for(i=0; i<n_result; i++)
{
ip_plugin_desc->ex_desc.dup_func(table_schema->table_id, &(ex_data_array[i]), &(results[i].tag),
ip_plugin_desc->ex_desc.argl, ip_plugin_desc->ex_desc.argp);
}
return n_result;
}
void Maat_table_runtime_digest_add(struct Maat_table_runtime* table_rt, int expr_id, const char* digest, short confidence_degree, void* tag)
{
@@ -424,4 +518,45 @@ int Maat_table_runtime_digest_batch_udpate(struct Maat_table_runtime* table_rt)
return q_cnt;
}
TAILQ_HEAD(ip_range_rule_q, wrap_plugin_EX_data);
void walk_ip_plugin_hash(const uchar * key, uint size, void * data, void * user)
{
struct wrap_plugin_EX_data* wrap_plugin_ex=(struct wrap_plugin_EX_data*)data;
struct ip_range_rule_q* queue=(struct ip_range_rule_q*)user;
TAILQ_INSERT_TAIL(queue, wrap_plugin_ex, entries);
return;
}
int Maat_table_runtime_rebuild_ip_matcher(struct Maat_table_runtime* table_rt)
{
struct ip_matcher* new_ip_matcher=NULL;
struct ip_range_rule_q queue;//This is for index, no need to free.
size_t rule_cnt=0;
size_t i=0, mem_use=0;
struct ip_rule *rules=NULL;
struct wrap_plugin_EX_data *p=NULL;
TAILQ_INIT(&queue);
MESA_htable_iterate(table_rt->ip_plugin.rowid2ex_hash, walk_ip_plugin_hash, &queue);
rule_cnt=(size_t)MESA_htable_get_elem_num(table_rt->ip_plugin.rowid2ex_hash);
rules=ALLOC(struct ip_rule, rule_cnt);
TAILQ_FOREACH(p, &queue, entries)
{
rules[i]=p->range_rule;
i++;
}
assert(i==rule_cnt);
new_ip_matcher=ip_matcher_new(rules, rule_cnt, &mem_use);
table_rt->ip_plugin.old_ip_matcher=table_rt->ip_plugin.ip_matcher;
table_rt->ip_plugin.ip_matcher=new_ip_matcher;
return 0;
}
struct ip_matcher* Maat_table_runtime_dettach_old_ip_matcher(struct Maat_table_runtime* table_rt)
{
struct ip_matcher* old_one=table_rt->ip_plugin.old_ip_matcher;
assert(table_rt->table_type==TABLE_TYPE_IP_PLUGIN);
table_rt->ip_plugin.old_ip_matcher=NULL;
return old_one;
}

129
src/entry/Maat_utils.cpp
View File

@@ -390,4 +390,133 @@ int decrypt_open(const char* file_name, const char* key, const char* algorithm,
file_buff=NULL;
return ret;
}
enum MAAT_IP_FORMAT ip_format_str2int(const char* format)
{
if(0==strcasecmp(format, "range"))
{
return FORMAT_RANGE;
}
else if(0==strcasecmp(format, "mask"))
{
return FORMAT_MASK;
}
else if(0==strcasecmp(format, "CIDR"))
{
return FORMAT_CIDR;
}
else
{
assert(0);
}
return FORMAT_UNKNOWN;
}
int ip_format2range(int ip_type, enum MAAT_IP_FORMAT format, const char* ip1, const char* ip2, unsigned int range_begin[], unsigned int range_end[])
{
unsigned int ipv4_addr=0, ipv4_mask=0, ipv4_range_end=0;
unsigned int ipv6_addr[4]={0}, ipv6_mask[4]={0}, ipv6_range_end[4]={0};
int cidr=0, bit32=0;
int ret=0, i=0;
if(ip_type!=4 && ip_type!=6)
{
assert(0);
return -1;
}
if(ip_type==4)
{
ret=inet_pton(AF_INET, ip1, &ipv4_addr);
if(ret<=0)
{
return -1;
}
ipv4_addr=ntohl(ipv4_addr);
switch (format)
{
case FORMAT_RANGE:
range_begin[0]=ipv4_addr;
ret=inet_pton(AF_INET, ip2, &ipv4_range_end);
if(ret<=0)
{
return -1;
}
ipv4_range_end=ntohl(ipv4_range_end);
range_end[0]=ipv4_range_end;
break;
case FORMAT_MASK:
ret=inet_pton(AF_INET, ip2, &ipv4_mask);
if(ret<=0)
{
return -1;
}
ipv4_mask=ntohl(ipv4_mask);
range_begin[0]=ipv4_addr&ipv4_mask;
range_end[0]=ipv4_addr|~ipv4_mask;
break;
case FORMAT_CIDR:
cidr=atoi(ip2);
if(cidr>32||cidr<0)
{
return -1;
}
ipv4_mask = (0xFFFFFFFFUL << (32 - cidr)) & 0xFFFFFFFFUL;
range_begin[0]=ipv4_addr&ipv4_mask;
range_end[0]=ipv4_addr|~ipv4_mask;
break;
default:
assert(0);
}
}
else //ipv6
{
ret=inet_pton(AF_INET6, ip1, ipv6_addr);
if(ret<=0)
{
return -1;
}
ipv6_ntoh(ipv6_addr);
switch(format)
{
case FORMAT_RANGE:
ret=inet_pton(AF_INET6, ip2, ipv6_range_end);
if(ret<=0)
{
return -1;
}
ipv6_ntoh(ipv6_range_end);
memcpy(range_begin, ipv6_addr, sizeof(ipv6_addr));
memcpy(range_end, ipv6_range_end, sizeof(ipv6_range_end));
break;
case FORMAT_MASK:
ret=inet_pton(AF_INET6, ip2, ipv6_mask);
if(ret<=0)
{
return -1;
}
ipv6_ntoh(ipv6_mask);
for(i=0; i<4; i++)
{
range_begin[i]=ipv6_addr[i]&ipv6_mask[i];
range_end[i] = ipv6_addr[i]|~ipv6_mask[i];
}
break;
case FORMAT_CIDR:
cidr=atoi(ip2);
if(cidr>128||cidr<0)
{
return -1;
}
for(i=0; i<4; i++)
{
bit32=128-cidr-32*(3-i);
if(bit32<0) bit32=0;
ipv6_mask[i]=(0xFFFFFFFFUL << bit32) & 0xFFFFFFFFUL;
range_begin[i]=ipv6_addr[i]&ipv6_mask[i];
range_end[i] = ipv6_addr[i]|~ipv6_mask[i];
}
break;
default:
assert(0);
}
}
return 0;
}