gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[FEATURE]Compile table must register plugin table to get compile ex_data & maat_state_get_compile_table_ids API

Browse Source
This commit is contained in:
刘文坛
2023-08-07 04:26:13 +00:00
parent e9ffca8392
commit d29eef0423
20 changed files with 711 additions and 608 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
test/json_update/corrupted.json
View File

@@ -1,5 +1,5 @@
{
"compile_table": "COMPILE",
"compile_table": "COMPILE_DEFAULT",
"group_table": "GROUP",
"rules": [
{

4
test/json_update/new.json
View File

@@ -1,6 +1,6 @@
{
"compile_table": "COMPILE",
"group2compile_table": "GROUP2COMPILE",
"compile_table": "COMPILE_DEFAULT",
"group2compile_table": "GROUP2COMPILE_DEFAULT",
"group2group_table": "GROUP2GROUP",
"rules": [
{

4
test/json_update/old.json
View File

@@ -1,6 +1,6 @@
{
"compile_table": "COMPILE",
"group2compile_table": "GROUP2COMPILE",
"compile_table": "COMPILE_DEFAULT",
"group2compile_table": "GROUP2COMPILE_DEFAULT",
"group2group_table": "GROUP2GROUP",
"rules": [
{

189
test/maat_framework_gtest.cpp
View File

@@ -287,12 +287,12 @@ int test_add_expr_command(struct maat *maat_inst, const char *expr_table,
memset(huge_serv_def, 's', sizeof(huge_serv_def) - 1);
huge_serv_def[sizeof(huge_serv_def) - 1] = '\0';
int ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_ADD, compile_id,
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD, compile_id,
huge_serv_def, 1, timeout);
EXPECT_EQ(ret, 1);
long long group_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE", MAAT_OP_ADD, group_id,
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE_DEFAULT", MAAT_OP_ADD, group_id,
compile_id, 0, "null", 1, timeout);
EXPECT_EQ(ret, 1);
@@ -306,7 +306,7 @@ int test_add_expr_command(struct maat *maat_inst, const char *expr_table,
int del_command(struct maat *maat_inst, int compile_id)
{
return compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_DEL, compile_id, "null", 1, 0);
return compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_DEL, compile_id, "null", 1, 0);
}
static void random_keyword_generate(char *keyword_buf, size_t sz)
@@ -461,6 +461,11 @@ void scan_with_old_or_new_cfg(struct maat *maat_inst, int is_old)
if (is_old) {
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_TRUE(results[0] == 1);
int table_id = -1;
int table_cnt = maat_state_get_compile_table_ids(state, results, 1, &table_id);
EXPECT_EQ(table_cnt, 1);
EXPECT_EQ(table_id, 0);
} else {
EXPECT_EQ(ret, MAAT_SCAN_OK);
}
@@ -1360,8 +1365,8 @@ TEST_F(MaatHsStringScan, dynamic_config) {
EXPECT_EQ(n_hit_result, 0);
maat_state_reset(state);
const char *compile_table_name = "COMPILE";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
/* compile table add line */
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
@@ -2030,8 +2035,8 @@ TEST_F(MaatRsStringScan, dynamic_config) {
EXPECT_EQ(n_hit_result, 0);
maat_state_reset(state);
const char *compile_table_name = "COMPILE";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
/* compile table add line */
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
@@ -2593,8 +2598,8 @@ TEST_F(MaatIPScan, dynamic_config) {
EXPECT_EQ(n_hit_result, 0);
maat_state_reset(state);
const char *compile_table_name = "COMPILE";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
/* compile table add line */
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
@@ -4143,7 +4148,7 @@ void compile_ex_param_dup(int table_id, void **to, void **from, long argl, void
TEST_F(CompileTable, CompileRuleUpdate) {
struct maat *maat_inst = CompileTable::_shared_maat_inst;
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
int ret = compile_table_set_line(maat_inst, compile_table_name,
MAAT_OP_ADD, compile_id, "null", 1, 0);
@@ -4175,6 +4180,12 @@ TEST_F(CompileTable, Conjunction1) {
EXPECT_EQ(results[0], 197);
EXPECT_EQ(results[1], 141);
int table_ids[2] = {-1, -1};
ret = maat_state_get_compile_table_ids(state, results, 2, table_ids);
EXPECT_EQ(ret, 2);
EXPECT_EQ(table_ids[0], 0);
EXPECT_EQ(table_ids[1], 1);
struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0};
int n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE);
EXPECT_EQ(n_read, 2);
@@ -4203,6 +4214,12 @@ TEST_F(CompileTable, Conjunction2) {
EXPECT_EQ(results[0], 197);
EXPECT_EQ(results[1], 141);
int table_ids[2] = {-1, -1};
ret = maat_state_get_compile_table_ids(state, results, 2, table_ids);
EXPECT_EQ(ret, 2);
EXPECT_EQ(table_ids[0], 0);
EXPECT_EQ(table_ids[1], 1);
struct maat_hit_path hit_path[HIT_PATH_SIZE] = {0};
int n_read = maat_state_get_hit_paths(state, hit_path, HIT_PATH_SIZE);
EXPECT_EQ(n_read, 2);
@@ -4219,6 +4236,40 @@ TEST_F(CompileTable, Conjunction2) {
state = NULL;
}
TEST_F(CompileTable, GetHitCompileTableID) {
long long results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0;
int thread_id = 0;
const char *compile_table_name = "COMPILE_FIREWALL_CONJUNCTION";
const char *scan_data = "This is a firewall engine.";
const char *table_name = "HTTP_URL";
struct maat *maat_inst = CompileTable::_shared_maat_inst;
struct maat_state *state = maat_state_new(maat_inst, thread_id);
int table_id = maat_get_table_id(maat_inst, table_name);
ASSERT_GT(table_id, 0);
int compile_table_id = maat_get_table_id(maat_inst, compile_table_name);
ASSERT_GT(table_id, 0);
int ret = maat_state_set_scan_compile_table(state, compile_table_id);
EXPECT_EQ(ret, 0);
ret = maat_scan_string(maat_inst, table_id, scan_data, strlen(scan_data),
results, ARRAY_SIZE, &n_hit_result, state);
EXPECT_EQ(ret, MAAT_SCAN_HIT);
EXPECT_EQ(n_hit_result, 1);
EXPECT_EQ(results[0], 198);
int hit_compile_table_id = -1;
ret = maat_state_get_compile_table_ids(state, results, 1, &hit_compile_table_id);
EXPECT_EQ(ret, 1);
EXPECT_EQ(hit_compile_table_id, 4);
maat_state_free(state);
state = NULL;
}
class Policy : public testing::Test
{
protected:
@@ -4348,16 +4399,18 @@ TEST_F(Policy, CompileEXData) {
int thread_id = 0;
const char *url = "firewall should hit";
const char *table_name = "HTTP_URL";
const char *compile_table_name = "COMPILE_FIREWALL";
const char *plugin_table_name = "COMPILE_FIREWALL_PLUGIN";
const char *compile_table_name = "COMPILE_FIREWALL_CONJUNCTION";
const char *expect_name = "I have a name";
struct maat *maat_inst = Policy::_shared_maat_inst;
struct maat_state *state = maat_state_new(maat_inst, thread_id);
int table_id = maat_get_table_id(maat_inst, table_name);
int plugin_table_id = maat_get_table_id(maat_inst, plugin_table_name);
int compile_table_id = maat_get_table_id(maat_inst, compile_table_name);
int ex_data_counter = 0;
int ret = maat_plugin_table_ex_schema_register(maat_inst, compile_table_name,
int ret = maat_plugin_table_ex_schema_register(maat_inst, plugin_table_name,
compile_ex_param_new,
compile_ex_param_free,
compile_ex_param_dup,
@@ -4374,7 +4427,7 @@ TEST_F(Policy, CompileEXData) {
EXPECT_EQ(n_hit_result, 1);
EXPECT_EQ(results[0], 198);
void *ex_data = maat_plugin_table_get_ex_data(maat_inst, compile_table_id,
void *ex_data = maat_plugin_table_get_ex_data(maat_inst, plugin_table_id,
(char *)&results[0], sizeof(long long));
ASSERT_TRUE(ex_data!=NULL);
struct rule_ex_param *param = (struct rule_ex_param *)ex_data;
@@ -4916,8 +4969,8 @@ TEST_F(MaatCmdTest, SetIP) {
size_t n_hit_result = 0;
int thread_id = 0;
const char *ip_table_name = "IP_CONFIG";
const char *compile_table_name = "COMPILE";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
struct maat_state *state = maat_state_new(maat_inst, thread_id);
@@ -4970,6 +5023,7 @@ TEST_F(MaatCmdTest, SetExpr) {
const char *keywords1 = "Hiredis";
const char *keywords2 = "C Client";
const char *compile_table_name = "COMPILE_DEFAULT";
char escape_buff1[256], escape_buff2[256];
char keywords[512];
@@ -4999,10 +5053,10 @@ TEST_F(MaatCmdTest, SetExpr) {
EXPECT_TRUE(results[0] == compile_id || results[0] == (compile_id - 1));
maat_state_reset(state);
ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_DEL, compile_id-1,
ret = compile_table_set_line(maat_inst, compile_table_name, MAAT_OP_DEL, compile_id-1,
"null", 1, 0);
EXPECT_EQ(ret, 1);
ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_DEL, compile_id,
ret = compile_table_set_line(maat_inst, compile_table_name, MAAT_OP_DEL, compile_id,
"null", 1, 0);
EXPECT_EQ(ret, 1);
sleep(WAIT_FOR_EFFECTIVE_S);
@@ -5027,9 +5081,9 @@ TEST_F(MaatCmdTest, SetExpr8) {
const char *scan_data8 = "string1, string2, string3, string4, string5, string6, string7, string8";
const char *scan_data7 = "string1, string2, string3, string4, string5, string6, string7";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *table_name = "KEYWORDS_TABLE";
const char *g2c_table_name = "GROUP2COMPILE";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *keywords8 = "string1&string2&string3&string4&string5&string6&string7&string8";
const char *keywords7 = "string1&string2&string3&string4&string5&string6&string7";
@@ -5096,6 +5150,8 @@ TEST_F(MaatCmdTest, SameFilterRefByOneCompile) {
const char *vtable_name = "HTTP_URL_FILTER";
const char *scan_data = "http://filtermenot.com";
const char *keywords = "menot.com";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
long long results[ARRAY_SIZE] = {0};
size_t n_hit_result = 0;
int thread_id = 0;
@@ -5106,17 +5162,17 @@ TEST_F(MaatCmdTest, SameFilterRefByOneCompile) {
ASSERT_GT(table_id, 0);
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
int ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_ADD, compile_id,
int ret = compile_table_set_line(maat_inst, compile_table_name, MAAT_OP_ADD, compile_id,
"null", 2, 0); // compile has two clause
EXPECT_EQ(ret, 1);
//clause1 & clause2 has same filter => {vtable_id, group_id}
long long group_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE", MAAT_OP_ADD,
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
group_id, compile_id, 0, vtable_name, 1, 0);
EXPECT_EQ(ret, 1);
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE", MAAT_OP_ADD,
ret = group2compile_table_set_line(maat_inst, g2c_table_name, MAAT_OP_ADD,
group_id, compile_id, 0, vtable_name, 2, 0);
EXPECT_EQ(ret, 1);
@@ -5220,9 +5276,9 @@ TEST_F(MaatCmdTest, ReturnRuleIDWithDescendingOrder) {
TEST_F(MaatCmdTest, SubGroup) {
const char *table_name = "HTTP_URL";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *g2g_table_name = "GROUP2GROUP";
const char *compile_table_name = "COMPILE";
const char *scan_data1 = "www.v2ex.com/t/573028#程序员的核心竞争力是什么";
const char *keyword1 = "程序员&核心竞争力";
const char *scan_data2 = "https://ask.leju.com/bj/detail/12189672562229248/?bi=tg&type=sina-pc"
@@ -5376,8 +5432,8 @@ TEST_F(MaatCmdTest, SubGroup) {
TEST_F(MaatCmdTest, RefGroup) {
const char *table_name = "HTTP_URL";
const char* g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char* g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* scan_data1 = "m.facebook.com/help/2297503110373101?helpref=hc_nav&refid=69";
const char* keyword1 = "something-should-not-hit";
const char* keyword2 = "facebook.com/help/2297503110373101";
@@ -5454,8 +5510,8 @@ TEST_F(MaatCmdTest, RefGroup) {
}
TEST_F(MaatCmdTest, VirtualTable) {
const char* g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char* g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* table_name="HTTP_SIGNATURE";
int thread_id = 0;
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
@@ -5836,11 +5892,12 @@ void plugin_ex_dup_cb(int table_id, void **to, void **from, long argl, void *arg
}
TEST_F(MaatCmdTest, CompileEXData) {
const char *compile_table_name = "COMPILE_FIREWALL";
const char *plugin_table_name = "COMPILE_FIREWALL_PLUGIN";
const char *compile_table_name = "COMPILE_FIREWALL_DEFAULT";
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
int *ex_data_counter = MaatCmdTest::_ex_data_counter;
int compile_table_id = maat_get_table_id(maat_inst, compile_table_name);
EXPECT_GT(compile_table_id, 0);
int plugin_table_id = maat_get_table_id(maat_inst, plugin_table_name);
EXPECT_GT(plugin_table_id, 0);
long long compile1_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
int ret = compile_table_set_line(maat_inst, compile_table_name, MAAT_OP_ADD,
@@ -5853,7 +5910,7 @@ TEST_F(MaatCmdTest, CompileEXData) {
sleep(WAIT_FOR_EFFECTIVE_S);
*ex_data_counter = 0;
ret = maat_plugin_table_ex_schema_register(maat_inst, compile_table_name,
ret = maat_plugin_table_ex_schema_register(maat_inst, plugin_table_name,
compile_ex_param_new,
compile_ex_param_free,
compile_ex_param_dup,
@@ -5861,13 +5918,13 @@ TEST_F(MaatCmdTest, CompileEXData) {
ASSERT_TRUE(ret == 0);
EXPECT_EQ(*ex_data_counter, 2);
void *ex_data = maat_plugin_table_get_ex_data(maat_inst, compile_table_id,
void *ex_data = maat_plugin_table_get_ex_data(maat_inst, plugin_table_id,
(char *)&compile1_id, sizeof(long long));
ASSERT_TRUE(ex_data != NULL);
struct rule_ex_param *param = (struct rule_ex_param *)ex_data;
EXPECT_EQ(param->id, 1111);
ex_data = maat_plugin_table_get_ex_data(maat_inst, compile_table_id,
ex_data = maat_plugin_table_get_ex_data(maat_inst, plugin_table_id,
(char *)&compile2_id, sizeof(long long));
ASSERT_TRUE(ex_data != NULL);
param = (struct rule_ex_param *)ex_data;
@@ -5875,10 +5932,10 @@ TEST_F(MaatCmdTest, CompileEXData) {
ret = compile_table_set_line(maat_inst, compile_table_name, MAAT_OP_DEL,
compile2_id, "test:compile2,2222", 1, 0);
sleep(WAIT_FOR_EFFECTIVE_S * 5);
sleep(WAIT_FOR_EFFECTIVE_S);
EXPECT_EQ(param->id, 2222);
sleep(2);
//excced gc_timeout_s(11s), the data pointed by param has been freed
//excced gc_timeout_s(3s), the data pointed by param has been freed
}
TEST_F(MaatCmdTest, PluginEXData) {
@@ -6218,8 +6275,8 @@ TEST_F(MaatCmdTest, UpdateBoolPlugin) {
#define COMPILE_ID_NUMS 1000
TEST_F(MaatCmdTest, GroupInMassCompiles) {
const char* g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char* g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* table_url = "HTTP_URL";
const char* table_appid = "APP_ID";
int thread_id = 0;
@@ -6323,9 +6380,9 @@ TEST_F(MaatCmdTest, GroupInMassCompiles) {
}
TEST_F(MaatCmdTest, HitGroup) {
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *g2g_table_name = "GROUP2GROUP";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *http_sig_table_name = "HTTP_SIGNATURE";
const char *ip_table_name = "IP_CONFIG";
const char *keywords_table_name = "KEYWORDS_TABLE";
@@ -6652,9 +6709,9 @@ TEST_F(MaatCmdTest, HitGroup) {
}
TEST_F(MaatCmdTest, HitPath) {
const char *g2g_table_name = "GROUP2GROUP";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *g2g_table_name = "GROUP2GROUP";
const char *http_sig_table_name = "HTTP_SIGNATURE";
const char *ip_table_name = "IP_CONFIG";
const char *keywords_table_name = "KEYWORDS_TABLE";
@@ -6911,9 +6968,9 @@ that the edges be all directed in the same direction.";
TEST_F(MaatCmdTest, SameSuperGroupRefByMultiCompile) {
char temp[1024]={0};
int thread_id = 0;
const char *g2g_table_name = "GROUP2GROUP";
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *g2g_table_name = "GROUP2GROUP";
const char *http_sig_table_name = "HTTP_SIGNATURE";
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
@@ -7002,8 +7059,8 @@ TEST_F(MaatCmdTest, SameSuperGroupRefByMultiCompile) {
}
TEST_F(MaatCmdTest, SameScanStatusWhenClauseUpdate_TSG6419) {
const char *g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* ip_table_name = "IP_PLUS_CONFIG";
const char *app_id_table_name = "APP_ID";
int thread_id = 0;
@@ -7096,8 +7153,8 @@ TEST_F(MaatCmdTest, SameScanStatusWhenClauseUpdate_TSG6419) {
}
TEST_F(MaatCmdTest, GroupEdit) {
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *ip_table_name = "IP_PLUS_CONFIG";
const char *app_id_table_name = "APP_ID";
int thread_id = 0;
@@ -7215,8 +7272,8 @@ TEST_F(MaatCmdTest, GroupEdit) {
}
TEST_F(MaatCmdTest, CompileDelete_TSG6548) {
const char* g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char* g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* ip_table_name = "IP_PLUS_CONFIG";
int thread_id = 0;
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
@@ -7286,8 +7343,8 @@ TEST_F(MaatCmdTest, CompileDelete_TSG6548) {
}
TEST_F(MaatCmdTest, UpdateDeadLockDetection) {
const char* g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char* g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* table_http_url = "HTTP_URL";
int thread_id = 0;
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
@@ -7361,8 +7418,8 @@ TEST_F(MaatCmdTest, UpdateDeadLockDetection) {
}
TEST_F(MaatCmdTest, StreamScanWhenExprTableIncUpdate) {
const char* g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char* g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* scan_table_name = "KEYWORDS_TABLE";
int thread_id = 0;
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
@@ -7423,8 +7480,8 @@ TEST_F(MaatCmdTest, StreamScanWhenExprTableIncUpdate) {
}
TEST_F(MaatCmdTest, StreamScanSegfaultWhenVersionRollBack_TSG6324) {
const char* g2c_table_name = "GROUP2COMPILE";
const char* compile_table_name = "COMPILE";
const char* compile_table_name = "COMPILE_DEFAULT";
const char* g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char* scan_table_name = "KEYWORDS_TABLE";
int thread_id = 0;
struct maat *maat_inst = MaatCmdTest::_shared_maat_inst;
@@ -7482,8 +7539,8 @@ TEST_F(MaatCmdTest, StreamScanSegfaultWhenVersionRollBack_TSG6324) {
}
TEST_F(MaatCmdTest, IPAndStreamScanWhenIncUpdate) {
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *expr_table_name = "KEYWORDS_TABLE";
const char *ip_table_name = "IP_PLUS_CONFIG";
int thread_id = 0;
@@ -7574,8 +7631,8 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenIncUpdate) {
}
TEST_F(MaatCmdTest, IPAndStreamScanWhenFullUpdate) {
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *ip_table_name = "IP_PLUS_CONFIG";
const char *expr_table_name = "KEYWORDS_TABLE";
int thread_id = 0;
@@ -7664,8 +7721,8 @@ TEST_F(MaatCmdTest, IPAndStreamScanWhenFullUpdate) {
}
TEST_F(MaatCmdTest, IPAndStringScanWhenIncUpdate) {
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *expr_table_name = "HTTP_URL";
const char *ip_table_name = "IP_PLUS_CONFIG";
const char *keywords = "IP&stringinc";
@@ -7755,8 +7812,8 @@ TEST_F(MaatCmdTest, IPAndStringScanWhenIncUpdate) {
}
TEST_F(MaatCmdTest, IPAndStringScanWhenFullupdate) {
const char *g2c_table_name = "GROUP2COMPILE";
const char *compile_table_name = "COMPILE";
const char *compile_table_name = "COMPILE_DEFAULT";
const char *g2c_table_name = "GROUP2COMPILE_DEFAULT";
const char *ip_table_name = "IP_PLUS_CONFIG";
const char *expr_table_name = "HTTP_URL";
const char *keywords = "IP&string";

16
test/maat_framework_perf_gtest.cpp
View File

@@ -306,11 +306,11 @@ static void test_add_expr_command(struct maat *maat_inst, const char *table_name
const char *keywords)
{
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
int ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_ADD, compile_id, "null", 1, 0);
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD, compile_id, "null", 1, 0);
EXPECT_EQ(ret, 1);
long long group_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE", MAAT_OP_ADD, group_id,
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE_DEFAULT", MAAT_OP_ADD, group_id,
compile_id, 0, "null", 1, 0);
EXPECT_EQ(ret, 1);
@@ -324,11 +324,11 @@ static void test_add_ip_command(struct maat *maat_inst, const char *table_name,
const char *ip, uint16_t port)
{
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
int ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_ADD, compile_id, "null", 1, 0);
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD, compile_id, "null", 1, 0);
EXPECT_EQ(ret, 1);
long long group_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE", MAAT_OP_ADD, group_id,
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE_DEFAULT", MAAT_OP_ADD, group_id,
compile_id, 0, "null", 1, 0);
EXPECT_EQ(ret, 1);
@@ -342,11 +342,11 @@ static void test_add_integer_command(struct maat *maat_inst, const char *table_n
int low_bound, int up_bound)
{
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
int ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_ADD, compile_id, "null", 1, 0);
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD, compile_id, "null", 1, 0);
EXPECT_EQ(ret, 1);
long long group_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE", MAAT_OP_ADD, group_id,
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE_DEFAULT", MAAT_OP_ADD, group_id,
compile_id, 0, "null", 1, 0);
EXPECT_EQ(ret, 1);
@@ -360,11 +360,11 @@ static void test_add_flag_command(struct maat *maat_inst, const char *table_name
long long flag, long long flag_mask)
{
long long compile_id = maat_cmd_incrby(maat_inst, "TEST_SEQ", 1);
int ret = compile_table_set_line(maat_inst, "COMPILE", MAAT_OP_ADD, compile_id, "null", 1, 0);
int ret = compile_table_set_line(maat_inst, "COMPILE_DEFAULT", MAAT_OP_ADD, compile_id, "null", 1, 0);
EXPECT_EQ(ret, 1);
long long group_id = maat_cmd_incrby(maat_inst, "SEQUENCE_GROUP", 1);
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE", MAAT_OP_ADD, group_id,
ret = group2compile_table_set_line(maat_inst, "GROUP2COMPILE_DEFAULT", MAAT_OP_ADD, group_id,
compile_id, 0, "null", 1, 0);
EXPECT_EQ(ret, 1);

113
test/maat_json.json
View File

@@ -1687,28 +1687,6 @@
}
]
},
{
"compile_id": 175,
"service": 0,
"action": 0,
"do_blacklist": 0,
"do_log": 0,
"effective_rage": 0,
"user_region": "ipv4_composition.match",
"is_valid": "yes",
"groups": [
{
"group_name": "ipv4_composition.source",
"virtual_table": "COMPOSITION_IP_SOURCE",
"not_flag": 0
},
{
"group_name": "ipv4_composition.destination",
"virtual_table": "COMPOSITION_IP_DESTINATION",
"not_flag": 0
}
]
},
{
"compile_id": 176,
"service": 0,
@@ -1741,24 +1719,6 @@
}
]
},
{
"compile_id": 177,
"service": 0,
"action": 0,
"do_blacklist": 0,
"do_log": 0,
"effective_rage": 0,
"user_region": "ipv4_composition.session.match",
"is_valid": "yes",
"groups": [
{
"group_name": "ipv4_composition.session",
"virtual_table": "COMPOSITION_IP_SESSION",
"not_flag": 0,
"clause_index": 1
}
]
},
{
"compile_id": 178,
"service": 1,
@@ -1819,47 +1779,6 @@
}
]
},
{
"compile_id": 180,
"service": 0,
"action": 0,
"do_blacklist": 0,
"do_log": 0,
"effective_rage": 0,
"user_region": "Hierarchy_VirtualWithTwoPhysical",
"is_valid": "yes",
"groups": [
{
"group_name": "FQDN_OBJ1",
"virtual_table": "VIRTUAL_SSL_SNI",
"not_flag": 0,
"clause_index": 0
},
{
"group_name": "FQDN_CAT1",
"virtual_table": "VIRTUAL_SSL_SNI",
"not_flag": 0,
"clause_index": 0
}
]
},
{
"compile_id": 181,
"service": 0,
"action": 0,
"do_blacklist": 0,
"do_log": 0,
"effective_rage": 0,
"user_region": "ipv4_composition.match",
"is_valid": "yes",
"groups": [
{
"group_name": "IPv4-composition-source-only",
"virtual_table": "COMPOSITION_IP_SOURCE",
"not_flag": 0
}
]
},
{
"compile_id": 182,
"service": 1,
@@ -1942,28 +1861,6 @@
}
]
},
{
"compile_id": 185,
"service": 0,
"action": 0,
"do_blacklist": 0,
"do_log": 0,
"effective_rage": 0,
"user_region": "ipv4_composition.NOT_match",
"is_valid": "yes",
"groups": [
{
"group_name": "IPv4-composition-NOT-client-ip",
"virtual_table": "COMPOSITION_IP_SOURCE",
"not_flag": 0
},
{
"group_name": "IPv4-composition-NOT-server-ip",
"virtual_table": "COMPOSITION_IP_DESTINATION",
"not_flag": 1
}
]
},
{
"compile_id": 186,
"service": 1,
@@ -2361,7 +2258,7 @@
"do_blacklist": 1,
"do_log": 1,
"user_region": "Something:I\\bhave\\ba\\bname,7799",
"compile_table_name": "COMPILE_FIREWALL",
"compile_table_name": "COMPILE_FIREWALL_DEFAULT",
"is_valid": "yes",
"groups": [
{
@@ -3112,14 +3009,6 @@
"3\t192.168.1.1\t103\t1"
]
},
{
"table_name": "TEST_PLUGIN_TABLE",
"table_content": [
"1\t3388\t99\t1",
"2\t3355\t66\t1",
"3\tcccc\t11\t1"
]
},
{
"table_name": "TEST_PLUGIN_EXDATA_TABLE",
"table_content": [

183
test/table_info.conf
View File

@@ -1,12 +1,10 @@
[
{
"table_id":0,
"table_name":"COMPILE",
"db_tables":["COMPILE_DEFAULT", "COMPILE_ALIAS"],
"table_name":"COMPILE_DEFAULT",
"table_type":"compile",
"valid_column":8,
"custom": {
"gc_timeout_s": 3,
"compile_id":1,
"tags":6,
"clause_num":9
@@ -14,22 +12,20 @@
},
{
"table_id":1,
"table_name":"GROUP2COMPILE",
"db_tables":["GROUP2COMPILE_DEFAULT", "GROUP2COMPILE_ALIAS"],
"table_type":"group2compile",
"associated_compile_table_id":0,
"valid_column":3,
"table_name":"COMPILE_ALIAS",
"table_type":"compile",
"valid_column":8,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
"compile_id":1,
"tags":6,
"clause_num":9
}
},
},
{
"table_id":2,
"table_name":"COMPILE_FIREWALL",
"table_name":"COMPILE_CONJUNCTION",
"db_tables":["COMPILE_DEFAULT", "COMPILE_ALIAS"],
"default_compile_table":1,
"table_type":"compile",
"valid_column":8,
"custom": {
@@ -40,7 +36,8 @@
},
{
"table_id":3,
"table_name":"GROUP2COMPILE_FIREWALL",
"table_name":"GROUP2COMPILE",
"db_tables":["GROUP2COMPILE_DEFAULT", "GROUP2COMPILE_ALIAS"],
"table_type":"group2compile",
"associated_compile_table_id":2,
"valid_column":3,
@@ -54,6 +51,43 @@
},
{
"table_id":4,
"table_name":"COMPILE_FIREWALL_DEFAULT",
"table_type":"compile",
"valid_column":8,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
}
},
{
"table_id":5,
"table_name":"COMPILE_FIREWALL_CONJUNCTION",
"db_tables":["COMPILE_FIREWALL_DEFAULT"],
"table_type":"compile",
"valid_column":8,
"custom": {
"compile_id":1,
"tags":6,
"clause_num":9
}
},
{
"table_id":6,
"table_name":"GROUP2COMPILE_FIREWALL",
"table_type":"group2compile",
"associated_compile_table_id":5,
"valid_column":3,
"custom": {
"group_id":1,
"compile_id":2,
"not_flag":4,
"virtual_table_name":5,
"clause_index":6
}
},
{
"table_id":7,
"table_name":"GROUP2GROUP",
"table_type":"group2group",
"valid_column":4,
@@ -64,7 +98,33 @@
}
},
{
"table_id":5,
"table_id":8,
"table_name":"COMPILE_PLUGIN",
"db_tables":["COMPILE_DEFAULT", "COMPILE_ALIAS"],
"table_type":"plugin",
"valid_column":8,
"custom": {
"gc_timeout_s":3,
"key_type":"integer",
"key_len":8,
"key":1
}
},
{
"table_id":9,
"table_name":"COMPILE_FIREWALL_PLUGIN",
"db_tables":["COMPILE_FIREWALL_DEFAULT"],
"table_type":"plugin",
"valid_column":8,
"custom": {
"gc_timeout_s":3,
"key_type":"integer",
"key_len":8,
"key":1
}
},
{
"table_id":10,
"table_name":"HTTP_REGION",
"db_tables":["HTTP_URL", "HTTP_HOST"],
"table_type":"expr",
@@ -79,7 +139,7 @@
}
},
{
"table_id":6,
"table_id":11,
"table_name":"KEYWORDS_TABLE",
"table_type":"expr",
"valid_column":7,
@@ -93,7 +153,7 @@
}
},
{
"table_id":7,
"table_id":12,
"table_name":"IP_CONFIG",
"table_type":"ip_plus",
"valid_column":11,
@@ -111,7 +171,7 @@
}
},
{
"table_id":8,
"table_id":13,
"table_name":"CONTENT_SIZE",
"table_type":"intval",
"valid_column":5,
@@ -123,18 +183,19 @@
}
},
{
"table_id":9,
"table_id":14,
"table_name":"QD_ENTRY_INFO",
"table_type":"plugin",
"valid_column":4,
"custom": {
"gc_timeout_s":3,
"key_type":"integer",
"key_len":8,
"key":1
}
},
{
"table_id":10,
"table_id":15,
"table_name":"HTTP_SIGNATURE",
"table_type":"expr_plus",
"valid_column":8,
@@ -149,7 +210,7 @@
}
},
{
"table_id":11,
"table_id":16,
"table_name":"IMAGE_FP",
"table_type":"expr",
"valid_column":7,
@@ -163,11 +224,12 @@
}
},
{
"table_id":12,
"table_id":17,
"table_name":"TEST_EFFECTIVE_RANGE_TABLE",
"table_type":"plugin",
"valid_column":4,
"custom": {
"gc_timeout_s":3,
"key_type":"integer",
"key_len":8,
"key":1,
@@ -175,11 +237,12 @@
}
},
{
"table_id":13,
"table_id":18,
"table_name":"TEST_FOREIGN_KEY",
"table_type":"plugin",
"valid_column":4,
"custom": {
"gc_timeout_s":3,
"key_type":"pointer",
"key":2,
"tag":3,
@@ -187,7 +250,7 @@
}
},
{
"table_id":14,
"table_id":19,
"table_name":"TEST_PLUGIN_EXDATA_TABLE",
"table_type":"plugin",
"valid_column":4,
@@ -199,18 +262,19 @@
}
},
{
"table_id":15,
"table_id":20,
"table_name":"IR_INTERCEPT_IP",
"table_type":"plugin",
"valid_column":14,
"custom": {
"gc_timeout_s":3,
"key_type":"pointer",
"key":2,
"tag":18
}
},
{
"table_id":16,
"table_id":21,
"table_name":"APP_PAYLOAD",
"table_type":"expr_plus",
"valid_column":8,
@@ -225,7 +289,7 @@
}
},
{
"table_id":17,
"table_id":22,
"table_name":"TROJAN_PAYLOAD",
"table_type":"expr",
"valid_column":7,
@@ -240,7 +304,7 @@
}
},
{
"table_id":18,
"table_id":23,
"table_name":"MAIL_ADDR",
"table_type":"expr",
"valid_column":7,
@@ -254,7 +318,7 @@
}
},
{
"table_id":19,
"table_id":24,
"table_name":"IP_PLUS_CONFIG",
"table_type":"ip_plus",
"valid_column":11,
@@ -272,32 +336,32 @@
}
},
{
"table_id":20,
"table_id":25,
"table_name":"HTTP_RESPONSE_KEYWORDS",
"table_type":"virtual",
"physical_table": "KEYWORDS_TABLE"
},
{
"table_id":21,
"table_id":26,
"table_name":"HTTP_REQUEST_HEADER",
"table_type":"virtual",
"physical_table": "HTTP_SIGNATURE"
},
{
"table_id":22,
"table_id":27,
"table_name":"HTTP_RESPONSE_HEADER",
"table_type":"virtual",
"physical_table": "HTTP_SIGNATURE"
},
{
"table_id":23,
"table_id":28,
"table_name":"VIRTUAL_IP_PLUS_TABLE",
"db_tables":["VIRTUAL_IP_PLUS_SOURCE", "VIRTUAL_IP_PLUS_DESTINATION"],
"table_type":"virtual",
"physical_table": "IP_PLUS_CONFIG"
},
{
"table_id":24,
"table_id":29,
"table_name":"TEST_IP_PLUGIN_WITH_EXDATA",
"table_type":"ip_plugin",
"valid_column":6,
@@ -311,7 +375,7 @@
}
},
{
"table_id":25,
"table_id":30,
"table_name":"AS_NUMBER",
"table_type":"expr",
"valid_column":7,
@@ -325,19 +389,19 @@
}
},
{
"table_id":26,
"table_id":31,
"table_name":"SOURCE_IP_ASN",
"table_type":"virtual",
"physical_table":"AS_NUMBER"
},
{
"table_id":27,
"table_id":32,
"table_name":"DESTINATION_IP_ASN",
"table_type":"virtual",
"physical_table":"AS_NUMBER"
},
{
"table_id":28,
"table_id":33,
"table_name":"GeoLocation",
"table_type":"expr",
"valid_column":7,
@@ -351,13 +415,13 @@
}
},
{
"table_id":29,
"table_id":34,
"table_name":"SOURCE_IP_GEO",
"table_type":"virtual",
"physical_table":"GeoLocation"
},
{
"table_id":30,
"table_id":35,
"table_name":"INTERGER_PLUS",
"table_type":"intval_plus",
"valid_column":6,
@@ -370,7 +434,7 @@
}
},
{
"table_id":31,
"table_id":36,
"table_name":"TEST_FQDN_PLUGIN_WITH_EXDATA",
"table_type":"fqdn_plugin",
"valid_column":5,
@@ -382,7 +446,7 @@
}
},
{
"table_id":32,
"table_id":37,
"table_name":"APP_ID",
"table_type":"intval",
"valid_column":5,
@@ -394,7 +458,7 @@
}
},
{
"table_id":33,
"table_id":38,
"table_name":"EMPTY_KEYWORD",
"table_type":"expr",
"valid_column":7,
@@ -408,7 +472,7 @@
}
},
{
"table_id":34,
"table_id":39,
"table_name":"EMPTY_INTERGER",
"table_type":"intval",
"valid_column":5,
@@ -420,7 +484,7 @@
}
},
{
"table_id":35,
"table_id":40,
"table_name":"TEST_BOOL_PLUGIN_WITH_EXDATA",
"table_type":"bool_plugin",
"valid_column":4,
@@ -431,7 +495,7 @@
}
},
{
"table_id":36,
"table_id":41,
"table_name":"FLAG_CONFIG",
"table_type":"flag",
"valid_column":5,
@@ -443,7 +507,7 @@
}
},
{
"table_id":37,
"table_id":42,
"table_name":"FLAG_PLUS_CONFIG",
"table_type":"flag_plus",
"valid_column":6,
@@ -456,11 +520,12 @@
}
},
{
"table_id":38,
"table_id":43,
"table_name":"TEST_PLUGIN_LONG_KEY_TYPE_TABLE",
"table_type":"plugin",
"valid_column":4,
"custom": {
"gc_timeout_s":3,
"key_type":"integer",
"key_len":8,
"key":2,
@@ -468,11 +533,12 @@
}
},
{
"table_id":39,
"table_id":44,
"table_name":"TEST_PLUGIN_INT_KEY_TYPE_TABLE",
"table_type":"plugin",
"valid_column":4,
"custom": {
"gc_timeout_s":3,
"key_type":"integer",
"key_len":4,
"key":2,
@@ -480,24 +546,25 @@
}
},
{
"table_id":40,
"table_id":45,
"table_name":"TEST_PLUGIN_IP_KEY_TYPE_TABLE",
"table_type":"plugin",
"valid_column":4,
"custom": {
"gc_timeout_s":3,
"key_type":"ip_addr",
"addr_type":1,
"key":2
}
},
{
"table_id":41,
"table_id":46,
"table_name":"HTTP_URL_FILTER",
"table_type":"virtual",
"physical_table": "HTTP_URL"
},
{
"table_id":42,
"table_id":47,
"table_name":"IP_PERF_CONFIG",
"table_type":"ip_plus",
"valid_column":11,
@@ -515,7 +582,7 @@
}
},
{
"table_id":43,
"table_id":48,
"table_name":"INTEGER_PERF_CONFIG",
"table_type":"intval",
"valid_column":5,
@@ -527,7 +594,7 @@
}
},
{
"table_id":44,
"table_id":49,
"table_name":"EXPR_LITERAL_PERF_CONFIG",
"table_type":"expr",
"valid_column":7,
@@ -541,7 +608,7 @@
}
},
{
"table_id":45,
"table_id":50,
"table_name":"EXPR_REGEX_PERF_CONFIG",
"table_type":"expr",
"valid_column":7,
@@ -555,7 +622,7 @@
}
},
{
"table_id":46,
"table_id":51,
"table_name":"FLAG_PERF_CONFIG",
"table_type":"flag",
"valid_column":5,