diff --git a/src/entry/Maat_api.cpp b/src/entry/Maat_api.cpp index 9cdcb69..73b1ff5 100644 --- a/src/entry/Maat_api.cpp +++ b/src/entry/Maat_api.cpp @@ -549,13 +549,12 @@ Maat_feather_t Maat_feather(int max_thread_num,const char* table_info_path,void* feather->logger=logger; feather->scan_thread_num=max_thread_num; - feather->garbage_q=MESA_lqueue_create(0,0); feather->effect_interval_ms=60*1000; feather->scan_interval_ms=1*1000; feather->rule_scan_type=2; feather->thread_call_cnt=alignment_int64_array_alloc(max_thread_num); feather->outer_mid_cnt=alignment_int64_array_alloc(max_thread_num); - feather-> compile_mid_cnt=alignment_int64_array_alloc(max_thread_num); + feather->compile_mid_cnt=alignment_int64_array_alloc(max_thread_num); feather->hit_cnt=alignment_int64_array_alloc(max_thread_num); feather->not_grp_hit_cnt=alignment_int64_array_alloc(max_thread_num); feather->maat_version=0; diff --git a/src/entry/Maat_command.cpp b/src/entry/Maat_command.cpp index 3ecb07b..8303a97 100644 --- a/src/entry/Maat_command.cpp +++ b/src/entry/Maat_command.cpp @@ -219,7 +219,8 @@ int get_valid_flag_offset(const char* line, enum MAAT_TABLE_TYPE type,int valid_ case TABLE_TYPE_EXPR_PLUS: column_seq=8; break; - case TABLE_TYPE_GROUP: + case TABLE_TYPE_GROUP2COMPILE: + case TABLE_TYPE_GROUP2GROUP: column_seq=3; break; default: @@ -262,12 +263,12 @@ void serialize_group2compile(enum MAAT_OPERATION op, const struct Maat_cmd_group g2c->Nth_clause==0?1:g2c->Nth_clause); return; } -void serialize_compile(const struct Maat_rule_t* p_m_rule, const char* huge_service_defined, int group_num, enum MAAT_OPERATION op, char* buff, size_t sz) +void serialize_compile(const struct Maat_rule_t* p_m_rule, const char* huge_service_defined, int clause_num, enum MAAT_OPERATION op, char* buff, size_t sz) { if(op==MAAT_OP_RENEW_TIMEOUT) op=MAAT_OP_ADD; const char* service_define=huge_service_defined?huge_service_defined:(strlen(p_m_rule->service_defined)?p_m_rule->service_defined:"null"); - snprintf(buff, sz,"%d\t%d\t%hhd\t%hhd\t%hhd\t0\t%s\t%d\t%d", + snprintf(buff, sz, "%d\t%d\t%hhu\t%hhu\t%hhu\t0\t%s\t%d\t%d", p_m_rule->config_id, p_m_rule->service_id, p_m_rule->action, @@ -275,7 +276,7 @@ void serialize_compile(const struct Maat_rule_t* p_m_rule, const char* huge_serv p_m_rule->do_log, service_define, op, - group_num); + clause_num); return; } void serialize_region(const struct Maat_cmd_region* p, int group_id, char* buff, size_t sz) @@ -1807,7 +1808,65 @@ void _maat_empty_region(struct Maat_region_t* p) return; } +int Maat_cmd_raw_set_lines(Maat_feather_t feather,const struct Maat_cmd_line** line_rule, int line_num ,enum MAAT_OPERATION op) +{ + int i=0; + _Maat_feather_t* _feather=(_Maat_feather_t*)feather; + int ret=0, table_id=0,success_cnt=0; + struct serial_rule_t *s_rule=NULL; + long long server_time=0,absolute_expire_time=0; + redisContext* write_ctx=get_redis_ctx_for_write(_feather); + if(write_ctx==NULL) + { + return -1; + } + server_time=redis_server_time(write_ctx); + if(!server_time) + { + return -1; + } + s_rule=ALLOC(struct serial_rule_t, line_num); + for(i=0;itable_mgr, line_rule[i]->table_name); + if(table_id<0) + { + MESA_handle_runtime_log(_feather->logger, RLOG_LV_FATAL, maat_command, + "Command raw set line id %d failed: unknown table %s.", + line_rule[i]->rule_id, + line_rule[i]->table_name); + ret=-1; + goto error_out; + } + if(op==MAAT_OP_RENEW_TIMEOUT) + { + assert(line_rule[i]->expire_after>0); + } + if(line_rule[i]->expire_after>0) + { + absolute_expire_time=server_time+line_rule[i]->expire_after; + } + set_serial_rule(s_rule+i, op,line_rule[i]->rule_id,line_rule[i]->label_id, line_rule[i]->table_name, + line_rule[i]->table_line, absolute_expire_time); + } + success_cnt=exec_serial_rule(write_ctx,s_rule, line_num,server_time,_feather->logger); + if(success_cnt<0||success_cnt!=line_num)//error + { + ret=-1; + goto error_out; + } + ret=success_cnt; + _feather->line_cmd_acc_num+=success_cnt; +error_out: + for(i=0;itable_name; line_cmd.rule_id=region->region_id; line_cmd.table_line=line; - int ret=Maat_cmd_set_line(feather, &line_cmd, op); + p=&line_cmd; + int ret=Maat_cmd_raw_set_lines(feather, &p, 1, op); return ret; } int Maat_command_raw_set_group2compile(Maat_feather_t feather, enum MAAT_OPERATION op, const struct Maat_cmd_group2compile* g2c) { struct Maat_cmd_line line_cmd; + const struct Maat_cmd_line *p=NULL; + char line[MAX_TABLE_LINE_SIZE]; serialize_group2compile(op, g2c, line, sizeof(line)); @@ -2177,12 +2243,14 @@ int Maat_command_raw_set_group2compile(Maat_feather_t feather, enum MAAT_OPERATI line_cmd.table_name=g2c->table_name; line_cmd.rule_id=g2c->compile_id*1024*1024+g2c->group_id; line_cmd.table_line=line; - int ret=Maat_cmd_set_line(feather, &line_cmd, op); + p=&line_cmd; + int ret=Maat_cmd_raw_set_lines(feather, &p, 1, op); return ret; } int Maat_command_raw_set_group2group(Maat_feather_t feather, enum MAAT_OPERATION op, const struct Maat_cmd_group2group* g2g) { struct Maat_cmd_line line_cmd; + const struct Maat_cmd_line *p=NULL; char line[MAX_TABLE_LINE_SIZE]; assert(g2g->group_id<1024*1024); @@ -2191,7 +2259,8 @@ int Maat_command_raw_set_group2group(Maat_feather_t feather, enum MAAT_OPERATION line_cmd.table_name=g2g->table_name; line_cmd.rule_id=g2g->superior_group_id*1024*1024+g2g->group_id; line_cmd.table_line=line; - int ret=Maat_cmd_set_line(feather, &line_cmd, op); + p=&line_cmd; + int ret=Maat_cmd_raw_set_lines(feather, &p, 1, op); return ret; } diff --git a/src/entry/Maat_ex_data.cpp b/src/entry/Maat_ex_data.cpp index 25f6bee..71873fb 100644 --- a/src/entry/Maat_ex_data.cpp +++ b/src/entry/Maat_ex_data.cpp @@ -71,6 +71,7 @@ void EX_data_rt_free(struct EX_data_rt* p) p->cache_rows=NULL; } MESA_htable_destroy(p->key2ex_hash, NULL); + free(p); return; } void EX_data_rt_cache_row(struct EX_data_rt* p, const char* row) diff --git a/src/entry/Maat_garbage_collection.cpp b/src/entry/Maat_garbage_collection.cpp index eb98253..b89400f 100644 --- a/src/entry/Maat_garbage_collection.cpp +++ b/src/entry/Maat_garbage_collection.cpp @@ -38,11 +38,16 @@ void Maat_garbage_bin_free(struct Maat_garbage_bin* bin) p->garbage_free(p->garbage); TAILQ_REMOVE(&bin->garbage_q, p, entries); free(p); + bin->bag_cnt--; } free(bin); return; } +size_t Maat_garbage_bin_get_size(struct Maat_garbage_bin* bin) +{ + return bin->bag_cnt; +} void Maat_garbage_bagging(struct Maat_garbage_bin* bin, void* garbage, void (* func)(void *)) { struct Maat_garbage_bag* bag=ALLOC( struct Maat_garbage_bag, 1); diff --git a/src/entry/Maat_hierarchy.cpp b/src/entry/Maat_hierarchy.cpp index 2748725..ca2f685 100644 --- a/src/entry/Maat_hierarchy.cpp +++ b/src/entry/Maat_hierarchy.cpp @@ -209,7 +209,7 @@ static struct Maat_hierarchy_compile* Maat_hierarchy_compile_new(struct Maat_hie static void Maat_hierarchy_compile_free(struct Maat_hierarchy* hier, struct Maat_hierarchy_compile* compile) { HASH_DEL(hier->hash_compile_by_id, compile); - if(hier->compile_user_data_free) + if(hier->compile_user_data_free && compile->user_data) { hier->compile_user_data_free(compile->user_data); } @@ -234,7 +234,7 @@ static void Maat_hierarchy_region_free(struct Maat_hierarchy* hier, struct Maat_ { HASH_DELETE(hh, hier->hash_region_by_id, region); region->ref_parent_group->ref_by_region_cnt--; - if(region->user_data) + if(hier->region_user_data_free && region->user_data) { hier->region_user_data_free(region->user_data); region->user_data=NULL; @@ -281,14 +281,6 @@ void Maat_hierarchy_free(struct Maat_hierarchy* hier) Maat_hierarchy_compile_free(hier, compile); } assert(hier->hash_compile_by_id==NULL); - - HASH_CLEAR(hh_vertex_id, hier->hash_group_by_vertex);//No need group memory clean up. - HASH_ITER(hh_group_id, hier->hash_group_by_id, group, tmp_group) - { - HASH_DELETE(hh_group_id, hier->hash_group_by_id, group); - _group_vertex_free(group); - } - assert(hier->hash_group_by_id==NULL); HASH_ITER(hh, hier->hash_literal_by_id, literal, tmp_literal) { @@ -301,9 +293,19 @@ void Maat_hierarchy_free(struct Maat_hierarchy* hier) Maat_hierarchy_region_free(hier, region); } + + //Free group as the last. + HASH_CLEAR(hh_vertex_id, hier->hash_group_by_vertex);//No need group memory clean up. + HASH_ITER(hh_group_id, hier->hash_group_by_id, group, tmp_group) + { + HASH_DELETE(hh_group_id, hier->hash_group_by_id, group); + _group_vertex_free(group); + } + assert(hier->hash_group_by_id==NULL); igraph_destroy(&hier->group_graph); - + bool_matcher_free(hier->bm); + hier->bm=NULL; pthread_rwlock_unlock(&hier->rwlock); free(hier); } @@ -352,7 +354,7 @@ int Maat_hierarchy_compile_remove(struct Maat_hierarchy * hier, int compile_id) pthread_rwlock_wrlock(&hier->rwlock); HASH_FIND_INT(hier->hash_compile_by_id, &compile_id, compile); - if(!compile) + if(compile) { Maat_hierarchy_compile_free(hier, compile); ret=0; @@ -368,7 +370,7 @@ int Maat_hierarchy_compile_remove(struct Maat_hierarchy * hier, int compile_id) pthread_rwlock_unlock(&hier->rwlock); return ret; } -static void* Maat_hier_get_user_data(struct Maat_hierarchy* hier, int compile_id, int is_dettach) +static void* Maat_hier_compile_get_user_data(struct Maat_hierarchy* hier, int compile_id, int is_dettach) { struct Maat_hierarchy_compile* compile=NULL; void* ret=NULL; @@ -390,13 +392,13 @@ static void* Maat_hier_get_user_data(struct Maat_hierarchy* hier, int compile_id void* Maat_hierarchy_compile_dettach_user_data(struct Maat_hierarchy* hier, int compile_id) { void* user_data=NULL; - user_data=Maat_hier_get_user_data(hier, compile_id, 1); + user_data=Maat_hier_compile_get_user_data(hier, compile_id, 1); return user_data; } void* Maat_hierarchy_compile_read_user_data(struct Maat_hierarchy* hier, int compile_id) { void* user_data=NULL; - user_data=Maat_hier_get_user_data(hier, compile_id, 0); + user_data=Maat_hier_compile_get_user_data(hier, compile_id, 0); return user_data; } diff --git a/src/entry/Maat_rule.cpp b/src/entry/Maat_rule.cpp index 4d1ee71..9e3ba47 100644 --- a/src/entry/Maat_rule.cpp +++ b/src/entry/Maat_rule.cpp @@ -2596,12 +2596,12 @@ void *thread_rule_monitor(void *arg) } } - Maat_table_manager_destroy(feather->table_mgr); destroy_maat_scanner(feather->scanner); Maat_garbage_bin_free(feather->garbage_bin); + Maat_table_manager_destroy(feather->table_mgr);//Table manager MUST be freed at last. alignment_int64_array_free(feather->thread_call_cnt); - alignment_int64_array_free(feather-> compile_mid_cnt); + alignment_int64_array_free(feather->compile_mid_cnt); alignment_int64_array_free(feather->outer_mid_cnt); alignment_int64_array_free(feather->hit_cnt); alignment_int64_array_free(feather->not_grp_hit_cnt); diff --git a/src/entry/Maat_stat.cpp b/src/entry/Maat_stat.cpp index edafff7..c97f073 100644 --- a/src/entry/Maat_stat.cpp +++ b/src/entry/Maat_stat.cpp @@ -1,5 +1,6 @@ #include "Maat_rule_internal.h" #include "Maat_table.h" +#include "Maat_garbage_collection.h" #include "alignment_int64.h" #include #include @@ -196,7 +197,7 @@ void maat_stat_output(struct _Maat_feather_t* feather) FS_operate(feather->stat_handle, feather->fs_status_id[STATUS_CMD_Q_SIZE], 0,FS_OP_SET,feather->cmd_q_cnt); FS_operate(feather->stat_handle, feather->fs_status_id[STATUS_CMD_LINE_NUM], 0,FS_OP_SET,feather->line_cmd_acc_num); - value=MESA_lqueue_get_count(feather->garbage_q); + value=Maat_garbage_bin_get_size(feather->garbage_bin); FS_operate(feather->stat_handle, feather->fs_status_id[STATUS_GARBAGE_QSIZE], 0,FS_OP_SET,value); feather->update_err_cnt=0; feather->iconv_err_cnt=0; diff --git a/src/entry/Maat_table_runtime.cpp b/src/entry/Maat_table_runtime.cpp index c15531c..5788e83 100644 --- a/src/entry/Maat_table_runtime.cpp +++ b/src/entry/Maat_table_runtime.cpp @@ -343,6 +343,7 @@ void Maat_table_runtime_digest_add(struct Maat_table_runtime* table_rt, int expr confidence_degree, tag); MESA_lqueue_join_tail(table_rt->similar.update_q, &digest_rule, sizeof(void*)); + free(dup_digest); return; } void Maat_table_runtime_digest_del(struct Maat_table_runtime* table_rt, int expr_id) diff --git a/src/entry/json2iris.cpp b/src/entry/json2iris.cpp index d876dc3..cbfb714 100644 --- a/src/entry/json2iris.cpp +++ b/src/entry/json2iris.cpp @@ -952,6 +952,7 @@ void table_idx_write_cb(const uchar * key, uint size, void * data, void * user) assert(ret==0); fwrite(encrypt_buff, encrypt_buff_sz, 1, table_fp); fprintf(p_iris->idx_fp,"%s\t%d\t%s\t%s\n", table->table_name, table->line_count, table->table_path, p_iris->encrypt_algo); + free(encrypt_buff); } else { @@ -1149,7 +1150,7 @@ int write_iris(cJSON *json, struct iris_description_t *p_iris, void* logger) parent_group=group_info_read(p_iris->group_name_map, parent_group_name); if(parent_group==NULL) { - parent_group=group_info_add_unsafe(p_iris, p_iris->group_name_map, item->string); + parent_group=group_info_add_unsafe(p_iris, p_iris->group_name_map, parent_group_name); } ret=write_group_rule(group_obj, parent_group->group_id, PARENT_TYPE_GROUP, 0, 0, p_iris, logger); if(ret<0) diff --git a/src/entry/map_str2int.cpp b/src/entry/map_str2int.cpp index 6b6d20c..af252ea 100644 --- a/src/entry/map_str2int.cpp +++ b/src/entry/map_str2int.cpp @@ -100,6 +100,7 @@ void duplicate_func(const uchar * key, uint size, void * data, void * user) memcpy(string,key,size); ret=map_register(target,string,value); assert(ret>0); + free(string); } MESA_htable_handle map_duplicate(MESA_htable_handle origin_map) { diff --git a/src/inc_internal/Maat_garbage_collection.h b/src/inc_internal/Maat_garbage_collection.h index e1d9681..8a2293d 100644 --- a/src/inc_internal/Maat_garbage_collection.h +++ b/src/inc_internal/Maat_garbage_collection.h @@ -5,4 +5,5 @@ struct Maat_garbage_bin* Maat_garbage_bin_new(int default_timeout); void Maat_garbage_bin_free(struct Maat_garbage_bin* bin); void Maat_garbage_bagging(struct Maat_garbage_bin* bin, void* garbage, void (* func)(void *)); void Maat_garbage_collect_routine(struct Maat_garbage_bin* bin); +size_t Maat_garbage_bin_get_size(struct Maat_garbage_bin* bin); diff --git a/src/inc_internal/Maat_rule_internal.h b/src/inc_internal/Maat_rule_internal.h index 1b1dd57..140842b 100644 --- a/src/inc_internal/Maat_rule_internal.h +++ b/src/inc_internal/Maat_rule_internal.h @@ -262,7 +262,6 @@ struct _Maat_feather_t { struct Maat_scanner *scanner; struct Maat_scanner *update_tmp_scanner; - MESA_lqueue_head garbage_q; struct Maat_garbage_bin * garbage_bin; struct Maat_table_manager* table_mgr; diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index a9c9813..7fb80b9 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -11,7 +11,7 @@ target_link_libraries(test_maatframe maat_frame_shared gtest) #target_link_libraries(perf_test_maatframe maat_frame_shared gtest) configure_file(table_info.conf table_info.conf COPYONLY) -configure_file(t2_tableinfo.conf t2_tableinfo.conf COPYONLY) +configure_file(file_test_tableinfo.conf file_test_tableinfo.conf COPYONLY) configure_file(maat_json.json maat_json.json COPYONLY) configure_file(reset_redis4maat.sh reset_redis4maat.sh COPYONLY) file(COPY conf DESTINATION ./) diff --git a/test/file_test_tableinfo.conf b/test/file_test_tableinfo.conf new file mode 100644 index 0000000..271b999 --- /dev/null +++ b/test/file_test_tableinfo.conf @@ -0,0 +1,27 @@ +#each collumn seperate with '\t' +#id (0~65535) +#name string +#type one of ip,expr,expr_plus,digest,intval,compile or plugin +#src_charset one of GBK,BIG5,UNICODE,UTF8 +#dst_charset combined by GBK,BIG5,UNICODE,UTF8,seperate with '/' +#do_merege yes or no +#cross cache 0~max +#quickswitch quickon or quick off +#id name type src_charset dst_charset do_merge cross_cache quickswitch +0 NTC_COMPILE compile UTF8 UTF8 no 0 +0 WHITE_LIST_COMPILE compile UTF8 UTF8 no 0 +1 NTC_GROUP2GROUP group2group -- +2 NTC_GROUP2COMPILE group2compile -- +3 NTC_UNIVERSAL_IP ip UTF8 UTF8 no 0 +4 NTC_UNIVERSAL_PROTO_TYPE intval UTF8 UTF8 no 0 +5 WHITE_LIST_IP ip UTF8 UTF8 no 0 +7 NTC_HTTP_URL expr UTF8 UTF8 yes 0 quickoff +7 WHITE_LIST_DOMAIN expr UTF8 UTF8 yes 0 quickoff +8 NTC_HTTP_REQ_HDR expr_plus UTF8 UTF8 yes 0 quickoff +8 NTC_HTTP_RES_HDR expr_plus UTF8 UTF8 yes 0 quickoff +9 NTC_HTTP_REQ_BODY expr UTF8 UTF8/GBK/BIG5/UNICODE yes 0 quickoff +9 NTC_HTTP_RES_BODY expr UTF8 UTF8/GBK/BIG5/UNICODE yes 0 quickoff +11 NTC_MAIL_HDR expr_plus UTF8 UTF8/GBK yes 0 quickoff +12 NTC_MAIL_BODY expr_plus UTF8 UTF8/GBK yes 0 quickoff +13 NTC_FTP_URL expr UTF8 UTF8 yes 0 quickoff +14 NTC_FTP_CONTENT expr UTF8 UTF8 yes 0 quickoff diff --git a/test/t2_tableinfo.conf b/test/file_test_tableinfo.conf.bak similarity index 87% rename from test/t2_tableinfo.conf rename to test/file_test_tableinfo.conf.bak index 6208b3f..2266965 100644 --- a/test/t2_tableinfo.conf +++ b/test/file_test_tableinfo.conf.bak @@ -10,11 +10,11 @@ #id name type src_charset dst_charset do_merge cross_cache quickswitch 0 NTC_COMPILE compile UTF8 UTF8 no 0 0 WHITE_LIST_COMPILE compile UTF8 UTF8 no 0 -1 NTC_GROUP group UTF8 UTF8 no 0 -1 WHITE_LIST_GROUP group UTF8 UTF8 no 0 -2 NTC_UNIVERSAL_IP ip UTF8 UTF8 no 0 +1 NTC_GROUP2GROUP group2group -- +2 NTC_GROUP2COMPILE group2compile -- +3 NTC_UNIVERSAL_IP ip UTF8 UTF8 no 0 3 NTC_UNIVERSAL_PROTO_TYPE intval UTF8 UTF8 no 0 -4 WHITE_LIST_IP ip UTF8 UTF8 no 0 +5 WHITE_LIST_IP ip UTF8 UTF8 no 0 7 NTC_HTTP_URL expr UTF8 UTF8 yes 0 quickoff 7 WHITE_LIST_DOMAIN expr UTF8 UTF8 yes 0 quickoff 8 NTC_HTTP_REQ_HDR expr_plus UTF8 UTF8 yes 0 quickoff diff --git a/test/json_update/new.json b/test/json_update/new.json index 5e3a1a7..cfb5238 100644 --- a/test/json_update/new.json +++ b/test/json_update/new.json @@ -1,6 +1,7 @@ { "compile_table": "COMPILE", - "group_table": "GROUP", + "group2compile_table": "GROUP2COMPILE", + "group2group_table": "GROUP2GROUP", "rules": [ { "compile_id": 2, diff --git a/test/json_update/old.json b/test/json_update/old.json index 3c5b7c8..27f5f44 100644 --- a/test/json_update/old.json +++ b/test/json_update/old.json @@ -1,6 +1,7 @@ { "compile_table": "COMPILE", - "group_table": "GROUP", + "group2compile_table": "GROUP2COMPILE", + "group2group_table": "GROUP2GROUP", "rules": [ { "compile_id": 1, diff --git a/test/maat_json.json b/test/maat_json.json index 184bf33..ff3e890 100644 --- a/test/maat_json.json +++ b/test/maat_json.json @@ -1,12 +1,10 @@ { - "compile_table": "COMPILE", - "group2compile_table": "GROUP2COMPILE", + "compile_table": "COMPILE", + "group2compile_table": "GROUP2COMPILE", "group2group_table": "GROUP2GROUP", "groups": [ { "group_name": "ASN1234", - "parent_group": "SRC_IP_ASN_1234", - "virtual_table":"SOURCE_IP_ASN", "regions": [ { "table_name": "AS_NUMBER", @@ -22,8 +20,6 @@ }, { "group_name": "ASN2345", - "parent_group": "DEST_IP_ASN_2345", - "virtual_table":"DESTINATION_IP_ASN", "regions": [ { "table_name": "AS_NUMBER", @@ -36,6 +32,43 @@ } } ] + }, + { + "group_name": "financial-department-ip", + "regions": [ + { + "table_name": "IP_CONFIG", + "table_type": "ip", + "table_content": { + "addr_type": "ipv4", + "src_ip": "192.168.40.88", + "mask_src_ip": "255.255.255.255", + "src_port": "0", + "mask_src_port": "65535", + "dst_ip": "0.0.0.0", + "mask_dst_ip": "255.255.255.255", + "dst_port": "0", + "mask_dst_port": "65535", + "protocol": 6, + "direction": "double" + } + } + ] + }, + { + "group_name": "Country-Sparta-IP", + "regions": [ + { + "table_name": "GeoLocation", + "table_type": "string", + "table_content": { + "keywords": "Greece.Sparta", + "expr_type": "none", + "match_method": "exact", + "format": "uncase plain" + } + } + ] } ], "rules": [ @@ -1764,16 +1797,32 @@ "action": 1, "do_blacklist": 1, "do_log": 1, - "user_region": "non-top-object-as-virtual", + "user_region": "Hierarchy.TwoVirtualInOneClause", "is_valid": "yes", "groups": [ { - "group_name":"SRC_IP_ASN_1234", - "not_flag":0 - }, + "group_name":"ASN1234", + "virtual_table":"SOURCE_IP_ASN", + "not_flag":0, + "nth_clause":1 + }, { - "group_name":"DEST_IP_ASN_2345", - "not_flag":0 + "group_name":"financial-department-ip", + "virtual_table":"null", + "not_flag":0, + "nth_clause":1 + }, + { + "group_name":"Country-Sparta-IP", + "virtual_table":"SOURCE_IP_GEO", + "not_flag":0, + "nth_clause":1 + }, + { + "group_name":"ASN2345", + "virtual_table":"DESTINATION_IP_ASN", + "not_flag":0, + "nth_clause":2 } ] } diff --git a/test/ntcrule/full/2018-10-09/NTC_GROUP.0000050997 b/test/ntcrule/full/2018-10-09/NTC_GROUP.0000050997 deleted file mode 100644 index 4cbccc3..0000000 --- a/test/ntcrule/full/2018-10-09/NTC_GROUP.0000050997 +++ /dev/null @@ -1,104 +0,0 @@ -0000000103 -828 193099 1 -648 192999 1 -869 193126 1 -847 193114 1 -620 192973 1 -834 193105 1 -551 170487 1 -836 193106 1 -723 193040 1 -867 193128 1 -607 192965 1 -624 192976 1 -991 193252 1 -827 193098 1 -861 193133 1 -843 193112 1 -854 193119 1 -611 192967 1 -890 193154 1 -728 193039 1 -980 193237 1 -849 193115 1 -806 193076 1 -820 193091 1 -8 11 1 -845 193113 1 -66 118 1 -614 192966 1 -610 192967 1 -612 192966 1 -855 193120 1 -982 193236 1 -884 193148 1 -70 121 1 -831 193102 1 -856 193121 1 -881 193145 1 -838 193108 1 -873 193138 1 -851 193116 1 -623 192976 1 -68 120 1 -605 192960 1 -983 193236 1 -993 193258 1 -979 193234 1 -816 193088 1 -7 12 1 -603 192960 1 -981 193237 1 -431 170435 1 -846 193114 1 -550 170486 1 -649 192977 1 -919 193171 1 -864 193131 1 -20 32 1 -865 193130 1 -724 193040 1 -1021 193289 1 -829 193101 1 -868 193127 1 -805 193077 1 -613 192966 1 -883 193147 1 -647 193000 1 -726 193039 1 -862 193134 1 -994 193258 1 -549 170485 1 -837 193107 1 -863 193132 1 -727 193039 1 -409 441 1 -833 193103 1 -608 192965 1 -650 193002 1 -844 193112 1 -625 192978 1 -432 170436 1 -67 116 1 -891 193155 1 -598 192959 1 -850 193116 1 -609 192967 1 -835 193106 1 -885 193149 1 -725 193040 1 -615 192968 1 -886 193150 1 -880 193144 1 -606 192965 1 -876 193140 1 -1034 193294 1 -840 193110 1 -839 193108 1 -832 193103 1 -1020 193289 1 -866 193129 1 -604 192960 1 -830 193102 1 -875 193139 1 -848 193115 1 diff --git a/test/ntcrule/full/2018-10-09/NTC_GROUP2COMPILE.0000050997 b/test/ntcrule/full/2018-10-09/NTC_GROUP2COMPILE.0000050997 new file mode 100644 index 0000000..633cea4 --- /dev/null +++ b/test/ntcrule/full/2018-10-09/NTC_GROUP2COMPILE.0000050997 @@ -0,0 +1,105 @@ +0000000103 +828 193099 1 0 null 1 +648 192999 1 0 null 1 +869 193126 1 0 null 1 +847 193114 1 0 null 1 +620 192973 1 0 null 1 +834 193105 1 0 null 1 +551 170487 1 0 null 1 +836 193106 1 0 null 1 +723 193040 1 0 null 1 +867 193128 1 0 null 1 +607 192965 1 0 null 1 +624 192976 1 0 null 1 +991 193252 1 0 null 1 +827 193098 1 0 null 1 +861 193133 1 0 null 1 +843 193112 1 0 null 1 +854 193119 1 0 null 1 +611 192967 1 0 null 1 +890 193154 1 0 null 1 +728 193039 1 0 null 1 +980 193237 1 0 null 1 +849 193115 1 0 null 1 +806 193076 1 0 null 1 +820 193091 1 0 null 1 +8 11 1 0 null 1 +845 193113 1 0 null 1 +66 118 1 0 null 1 +614 192966 1 0 null 1 +610 192967 1 0 null 1 +612 192966 1 0 null 1 +855 193120 1 0 null 1 +982 193236 1 0 null 1 +884 193148 1 0 null 1 +70 121 1 0 null 1 +831 193102 1 0 null 1 +856 193121 1 0 null 1 +881 193145 1 0 null 1 +838 193108 1 0 null 1 +873 193138 1 0 null 1 +851 193116 1 0 null 1 +623 192976 1 0 null 1 +68 120 1 0 null 1 +605 192960 1 0 null 1 +983 193236 1 0 null 1 +993 193258 1 0 null 1 +979 193234 1 0 null 1 +816 193088 1 0 null 1 +7 12 1 0 null 1 +603 192960 1 0 null 1 +981 193237 1 0 null 1 +431 170435 1 0 null 1 +846 193114 1 0 null 1 +550 170486 1 0 null 1 +649 192977 1 0 null 1 +919 193171 1 0 null 1 +864 193131 1 0 null 1 +20 32 1 0 null 1 +865 193130 1 0 null 1 +724 193040 1 0 null 1 +1021 19328 0 null 19 1 +829 193101 1 0 null 1 +868 193127 1 0 null 1 +805 193077 1 0 null 1 +613 192966 1 0 null 1 +883 193147 1 0 null 1 +647 193000 1 0 null 1 +726 193039 1 0 null 1 +862 193134 1 0 null 1 +994 193258 1 0 null 1 +549 170485 1 0 null 1 +837 193107 1 0 null 1 +863 193132 1 0 null 1 +727 193039 1 0 null 1 +409 441 1 0 null 1 +833 193103 1 0 null 1 +608 192965 1 0 null 1 +650 193002 1 0 null 1 +844 193112 1 0 null 1 +625 192978 1 0 null 1 +432 170436 1 0 null 1 +67 116 1 0 null 1 +891 193155 1 0 null 1 +598 192959 1 0 null 1 +850 193116 1 0 null 1 +609 192967 1 0 null 1 +835 193106 1 0 null 1 +885 193149 1 0 null 1 +725 193040 1 0 null 1 +615 192968 1 0 null 1 +886 193150 1 0 null 1 +880 193144 1 0 null 1 +606 192965 1 0 null 1 +876 193140 1 0 null 1 +1034 19329 0 null 14 1 +840 193110 1 0 null 1 +839 193108 1 0 null 1 +832 193103 1 0 null 1 +1020 19328 0 null 19 1 +866 193129 1 0 null 1 +604 192960 1 0 null 1 +830 193102 1 0 null 1 +875 193139 1 0 null 1 +848 193115 1 0 null 1 + 0 null 1 \ No newline at end of file diff --git a/test/ntcrule/full/index/full_config_index.0000050997 b/test/ntcrule/full/index/full_config_index.0000050997 index b88e7c0..11d2804 100644 --- a/test/ntcrule/full/index/full_config_index.0000050997 +++ b/test/ntcrule/full/index/full_config_index.0000050997 @@ -13,7 +13,7 @@ NTC_DNS_FAKE_IP_CB 3 ./ntcrule/full/2018-10-09/NTC_DNS_FAKE_IP_CB.0000050997 NTC_DNS_REGION 15 ./ntcrule/full/2018-10-09/NTC_DNS_REGION.0000050997 NTC_DNS_RES_STRATEGY 2 ./ntcrule/full/2018-10-09/NTC_DNS_RES_STRATEGY.0000050997 NTC_FTP_URL 5 ./ntcrule/full/2018-10-09/NTC_FTP_URL.0000050997 -NTC_GROUP 103 ./ntcrule/full/2018-10-09/NTC_GROUP.0000050997 +NTC_GROUP2COMPILE 103 ./ntcrule/full/2018-10-09/NTC_GROUP2COMPILE.0000050997 NTC_HTTP_REQ_BODY 4 ./ntcrule/full/2018-10-09/NTC_HTTP_REQ_BODY.0000050997 NTC_HTTP_RES_BODY 14 ./ntcrule/full/2018-10-09/NTC_HTTP_RES_BODY.0000050997 NTC_HTTP_URL 9 ./ntcrule/full/2018-10-09/NTC_HTTP_URL.0000050997 diff --git a/test/table_info.conf b/test/table_info.conf index 0d2a17e..d45aa32 100644 --- a/test/table_info.conf +++ b/test/table_info.conf @@ -52,4 +52,6 @@ 29 TEST_IP_PLUGIN_WITH_EXDATA ip_plugin {"row_id":1,"ip_type":2,"start_ip":3,"end_ip":4,"valid":6} -- 30 AS_NUMBER expr UTF8 UTF8 yes 0 31 SOURCE_IP_ASN virtual AS_NUMBER -- -32 DESTINATION_IP_ASN virtual AS_NUMBER -- \ No newline at end of file +32 DESTINATION_IP_ASN virtual AS_NUMBER -- +33 GeoLocation expr UTF8 UTF8 yes 0 +34 SOURCE_IP_GEO virtual AS_NUMBER -- \ No newline at end of file diff --git a/test/test_maatframe.cpp b/test/test_maatframe.cpp index a3de88b..7f4465a 100644 --- a/test/test_maatframe.cpp +++ b/test/test_maatframe.cpp @@ -401,7 +401,7 @@ TEST(StringScan, BugReport20190325) &mid, 0); EXPECT_EQ(ret, 1); EXPECT_EQ(result[0].config_id, 150); - + Maat_clean_status(&mid); } #define PrefixAndSuffixTest TEST(StringScan, PrefixAndSuffix) @@ -1731,9 +1731,9 @@ TEST(ScanResult, LongerServiceDefine) free(buff); return; } -TEST(VirtualTable, VirtualWithPhysical) +TEST(Hierarchy, VirtualWithPhysical) { -#define VT_VirtualWithPhysical +#define Hierarchy_VirtualWithPhysical int ret=0, table_id=0; const char* http_content="Batman\\:Take me Home.Superman/:Fine,stay with me."; const char* http_url="https://blog.csdn.net/littlefang/article/details/8213058"; @@ -1760,6 +1760,7 @@ TEST(VirtualTable, VirtualWithPhysical) EXPECT_EQ(ret, 1); EXPECT_EQ(result[0].config_id, 160); + Maat_clean_status(&mid); const char* should_not_hit="2018-10-05 is a keywords of table KEYWORDS_TABLE. Should not hit."; @@ -1771,9 +1772,9 @@ TEST(VirtualTable, VirtualWithPhysical) return; } -TEST(VirtualTable, VirtualWithVirtual) +TEST(Hierarchy, VirtualWithVirtual) { -#define VT_VirtualWithVirtual +#define Hierarchy_VirtualWithVirtual int ret=0, table_id=0; const char* http_req_hdr_ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"; const char* http_resp_hdr_cookie="uid=12345678;BDORZ=B490B5EBF6F3CD402E515D22BCDA1598; sugstore=1;"; @@ -1811,9 +1812,9 @@ TEST(VirtualTable, VirtualWithVirtual) return; } -TEST(VirtualTable, OneGroupInTwoVirtual) +TEST(Hierarchy, OneGroupInTwoVirtual) { -#define VT_OneGroupInTwoVirtual +#define Hierarchy_OneGroupInTwoVirtual int ret=0, table_id=0; const char* http_resp_hdr_cookie="sessionid=888888;BDORZ=B490B5EBF6F3CD402E515D22BCDA1598; sugstore=1;"; @@ -1850,31 +1851,78 @@ TEST(VirtualTable, OneGroupInTwoVirtual) return; } -TEST(VirtualTable, VirtualAsNonTopObject) +TEST(Hierarchy, TwoVirtualInOneClause) { -#define VT_AsNonTopObject +#define Hierarchy_TwoVirtualInOneClause int ret=0, table_id=0; + struct ipaddr ipv4_addr; + struct stream_tuple4_v4 v4_addr; const char* src_asn="AS1234", *dst_asn="AS2345"; + const char* my_county="Greece.Sparta"; struct Maat_rule_t result[4]; memset(result, 0, sizeof(result)); scan_status_t mid=NULL; + + //-------------------------------------- + // Source ASN & Dest ASN + //-------------------------------------- + table_id=Maat_table_register(g_feather, "SOURCE_IP_ASN"); ASSERT_GT(table_id, 0); - ret=Maat_full_scan_string(g_feather, table_id, CHARSET_GBK, src_asn, strlen(src_asn), + ret=Maat_full_scan_string(g_feather, table_id, CHARSET_UTF8, src_asn, strlen(src_asn), result, NULL, 4, &mid, 0); EXPECT_EQ(ret, -2); - table_id=Maat_table_register(g_feather, "DESTINATION_IP_ASN"); ASSERT_GT(table_id, 0); - ret=Maat_full_scan_string(g_feather, table_id, CHARSET_GBK, dst_asn, strlen(dst_asn), + ret=Maat_full_scan_string(g_feather, table_id, CHARSET_UTF8, dst_asn, strlen(dst_asn), result, NULL, 4, &mid, 0); EXPECT_EQ(ret, 1); - EXPECT_EQ(result[0].config_id, 178); + EXPECT_EQ(result[0].config_id, 178); + + Maat_clean_status(&mid); + + + //-------------------------------------- + // Source IP & Dest ASN + //-------------------------------------- + ipv4_addr_set(&ipv4_addr, &v4_addr, "192.168.40.88", 8888, "47.92.55.81", 443); + + table_id=Maat_table_register(g_feather, "IP_CONFIG"); + ASSERT_GT(table_id, 0); + ret=Maat_scan_proto_addr(g_feather, table_id, &ipv4_addr, 6, result, 4, &mid, 0); + + EXPECT_EQ(ret, -2); + + table_id=Maat_table_register(g_feather, "DESTINATION_IP_ASN"); + ASSERT_GT(table_id, 0); + ret=Maat_full_scan_string(g_feather, table_id, CHARSET_UTF8, dst_asn, strlen(dst_asn), + result, NULL, 4, &mid, 0); + EXPECT_EQ(ret, 1); + EXPECT_EQ(result[0].config_id, 178); + + Maat_clean_status(&mid); + + //-------------------------------------- + // Source Geo & Dest ASN + //-------------------------------------- + + table_id=Maat_table_register(g_feather, "SOURCE_IP_GEO"); + ASSERT_GT(table_id, 0); + ret=Maat_full_scan_string(g_feather, table_id, CHARSET_UTF8, my_county, strlen(my_county), + result, NULL, 4, &mid, 0); + EXPECT_EQ(ret, -2); + + table_id=Maat_table_register(g_feather, "DESTINATION_IP_ASN"); + ASSERT_GT(table_id, 0); + ret=Maat_full_scan_string(g_feather, table_id, CHARSET_UTF8, dst_asn, strlen(dst_asn), + result, NULL, 4, &mid, 0); + EXPECT_EQ(ret, 1); + EXPECT_EQ(result[0].config_id, 178); Maat_clean_status(&mid); @@ -1890,7 +1938,7 @@ protected: { const char* rule_folder="./ntcrule/full/index"; logger=MESA_create_runtime_log_handle("test_maat_file.log",0); - const char* table_info="./t2_tableinfo.conf"; + const char* table_info="./file_test_tableinfo.conf"; _shared_feather_f=Maat_feather(g_iThreadNum, table_info, logger); Maat_set_feather_opt(_shared_feather_f,MAAT_OPT_INSTANCE_NAME,"files", strlen("files")+1); Maat_set_feather_opt(_shared_feather_f, MAAT_OPT_FULL_CFG_DIR, rule_folder, strlen(rule_folder)+1); @@ -2032,11 +2080,11 @@ int test_add_expr_command(Maat_feather_t feather,const char* region_table,int co { char huge_serv_def[1024*2]; memset(huge_serv_def,'s',sizeof(huge_serv_def)-1); - + huge_serv_def[sizeof(huge_serv_def)-1]='\0'; struct Maat_rule_t compile; - memset(&compile,0,sizeof(compile)); + memset(&compile, 0, sizeof(compile)); compile.config_id=config_id; - strcpy(compile.service_defined,"maat_command"); + strcpy(compile.service_defined, "maat_command"); Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile, "COMPILE", huge_serv_def, 1, label_id, timeout); struct Maat_cmd_region region; @@ -2053,7 +2101,7 @@ int test_add_expr_command(Maat_feather_t feather,const char* region_table,int co struct Maat_cmd_group2compile g2c; memset(&g2c, 0, sizeof(g2c)); g2c.group_id=Maat_cmd_get_new_group_id(feather); - g2c.table_name="GROUP"; + g2c.table_name="GROUP2COMPILE"; g2c.compile_id=config_id; g2c.Nth_clause=1; Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &g2c); @@ -2079,7 +2127,7 @@ TEST_F(MaatCmdTest, SetIP) int ret=0; memset(&compile, 0, sizeof(compile)); Maat_feather_t feather=MaatCmdTest::_shared_feather; - + //MUST acquire by Maat_cmd_incrby to guarantee a unique compile ID. config_id=(int)Maat_cmd_incrby(feather, "TEST_SEQ", 1); compile.config_id=config_id; @@ -2093,10 +2141,13 @@ TEST_F(MaatCmdTest, SetIP) g2c.group_id=Maat_cmd_get_new_group_id(feather); g2c.compile_id=compile.config_id; g2c.Nth_clause=1; + g2c.table_name="GROUP2COMPILE"; Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &g2c); + ret=Maat_read_state(feather,MAAT_STATE_VERSION, &version_before, sizeof(version_before)); EXPECT_EQ(ret, 0); + struct Maat_cmd_region region; memset(®ion, 0, sizeof(region)); @@ -2143,9 +2194,9 @@ TEST_F(MaatCmdTest, SetIP) ret=Maat_read_state(feather,MAAT_STATE_VERSION, &version_before, sizeof(version_before)); - Maat_command_raw_set_compile(feather, MAAT_OP_RENEW_TIMEOUT, &compile, "COMPILE", NULL, 1, 0, timeout+5); + Maat_command_raw_set_compile(feather, MAAT_OP_RENEW_TIMEOUT, &compile, "COMPILE", NULL, 1, 0, timeout); - sleep(timeout+5); + sleep(timeout-1); ret=Maat_scan_proto_addr(feather,table_id,&ipv4_addr,6,&result,1, &mid,0); EXPECT_EQ(ret, 1); @@ -2215,7 +2266,7 @@ TEST_F(MaatCmdTest, SetExpr) ret=Maat_full_scan_string(feather, table_id,CHARSET_GBK, scan_data, strlen(scan_data), &result,NULL, 1, &mid, 0); - EXPECT_EQ(ret, 0); + EXPECT_EQ(ret, -2); //compile is deleted, but region and groups are still there. Maat_clean_status(&mid); timeout=1; @@ -2226,7 +2277,7 @@ TEST_F(MaatCmdTest, SetExpr) ret=Maat_full_scan_string(feather, table_id,CHARSET_GBK, scan_data, strlen(scan_data), &result,NULL, 1, &mid, 0); - EXPECT_EQ(ret, 0); + EXPECT_EQ(ret, -2); Maat_clean_status(&mid); } TEST_F(MaatCmdTest, RuleIDRecycle) @@ -2262,7 +2313,7 @@ TEST_F(MaatCmdTest, RuleIDRecycle) &result, NULL, 1, &mid, 0); Maat_clean_status(&mid); - EXPECT_EQ(ret, 0); + EXPECT_EQ(ret, -2); test_add_expr_command(feather,table_name,rule_id, 0, label_id, keywords); @@ -2320,7 +2371,8 @@ TEST_F(MaatCmdTest, SubGroup) { const char* table_name="HTTP_URL"; - const char* group_table_name="GROUP"; + const char* g2c_tn="GROUP2COMPILE"; + const char* g2g_tn="GROUP2GROUP"; const char* compile_table_name="COMPILE"; const char* scan_data1="www.v2ex.com/t/573028#程序员的核心竞争力是什么"; const char* keyword1="程序员&核心竞争力"; @@ -2347,7 +2399,7 @@ TEST_F(MaatCmdTest, SubGroup) //group1->compile1 memset(&group1, 0, sizeof(group1)); group1.group_id=Maat_cmd_get_new_group_id(feather); - group1.table_name=group_table_name; + group1.table_name=g2c_tn; group1.compile_id=compile1.config_id; group1.Nth_clause=1; group1.not_flag=0; @@ -2364,7 +2416,7 @@ TEST_F(MaatCmdTest, SubGroup) */ memset(&group2, 0, sizeof(group2)); group2.group_id=Maat_cmd_get_new_group_id(feather); - group2.table_name=group_table_name; + group2.table_name=g2g_tn; group2.superior_group_id=group1.group_id; Maat_command_raw_set_group2group(feather, MAAT_OP_ADD, &group2); @@ -2420,7 +2472,7 @@ TEST_F(MaatCmdTest, SubGroup) memset(&group2_g2c, 0, sizeof(group2_g2c)); group2_g2c.group_id=group2.group_id; - group2_g2c.table_name=group2.table_name; + group2_g2c.table_name=g2c_tn; group2_g2c.compile_id=compile2.config_id; Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &group2_g2c); @@ -2444,7 +2496,7 @@ TEST_F(MaatCmdTest, SubGroup) memset(&group3, 0, sizeof(group3)); group3.group_id=Maat_cmd_get_new_group_id(feather); group3.superior_group_id=group1.group_id; - group3.table_name=group_table_name; + group3.table_name=g2g_tn; Maat_command_raw_set_group2group(feather, MAAT_OP_ADD, &group3); memset(®ion2, 0, sizeof(region2)); @@ -2486,12 +2538,11 @@ TEST_F(MaatCmdTest, SubGroup) } #define MaatCmdTest_RefGroup 0 -/* TEST_F(MaatCmdTest, RefGroup) { const char* table_name="HTTP_URL"; - const char* group_table_name="GROUP"; + const char* g2c_tn="GROUP2COMPILE"; const char* compile_table_name="COMPILE"; const char* scan_data1="m.facebook.com/help/2297503110373101?helpref=hc_nav&refid=69"; const char* keyword1="something-should-not-hit"; @@ -2501,23 +2552,23 @@ TEST_F(MaatCmdTest, RefGroup) int table_id=0; table_id=Maat_table_register(feather, table_name); struct Maat_rule_t compile1; - struct Maat_group_t group1, group2; - struct Maat_region_t region1, region2; + struct Maat_cmd_group2compile group1, group2; + + struct Maat_cmd_region region1, region2; int value=0; Maat_set_feather_opt(feather, MAAT_OPT_ENABLE_UPDATE, &value, sizeof(value)); memset(&compile1, 0, sizeof(compile1)); compile1.config_id=(int)Maat_cmd_incrby(feather, "TEST_SEQ", 1); - Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 1); + Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 1, 0, 0); //group1->compile1 memset(&group1, 0, sizeof(group1)); group1.group_id=Maat_cmd_get_new_group_id(feather); - group1.table_name=group_table_name; - group1.parent_id=compile1.config_id; - group1.parent_type=PARENT_TYPE_COMPILE; - Maat_command_raw_set_group(feather, MAAT_OP_ADD, &group1); + group1.table_name=g2c_tn; + group1.compile_id=compile1.config_id; + Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &group1); //region1->group1->compile1 @@ -2537,12 +2588,13 @@ TEST_F(MaatCmdTest, RefGroup) value=0; Maat_set_feather_opt(feather, MAAT_OPT_ENABLE_UPDATE, &value, sizeof(value)); //region1->group1-X-compile1 - //region2->group2->compile1 + // / + // / + // region2->group2 memset(&group2, 0, sizeof(group2)); group2.group_id=Maat_cmd_get_new_group_id(feather); - group2.table_name=group_table_name; - group2.parent_id=compile1.config_id; - group2.parent_type=PARENT_TYPE_COMPILE; + group2.table_name=g2c_tn; + group2.compile_id=compile1.config_id; memset(®ion2, 0, sizeof(region2)); region2.region_id=Maat_cmd_get_new_region_id(feather); @@ -2553,10 +2605,10 @@ TEST_F(MaatCmdTest, RefGroup) Maat_command_raw_set_region(feather, MAAT_OP_ADD, ®ion2, group2.group_id); - Maat_command_raw_set_compile(feather, MAAT_OP_DEL, &compile1, compile_table_name, NULL, 1); - Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 1); - Maat_command_raw_set_group(feather, MAAT_OP_DEL, &group1); - Maat_command_raw_set_group(feather, MAAT_OP_ADD, &group2); + Maat_command_raw_set_compile(feather, MAAT_OP_DEL, &compile1, compile_table_name, NULL, 1, 0, 0); + Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 1, 0, 0); + Maat_command_raw_set_group2compile(feather, MAAT_OP_DEL, &group1); + Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &group2); value=1; Maat_set_feather_opt(feather, MAAT_OPT_ENABLE_UPDATE, &value, sizeof(value)); @@ -2575,31 +2627,32 @@ TEST_F(MaatCmdTest, RefGroup) Maat_clean_status(&mid); } + #define MaatCmdTest_VirtualTable TEST_F(MaatCmdTest, VirtualTable) { Maat_feather_t feather=MaatCmdTest::_shared_feather; - const char* group_table_name="GROUP"; + const char* g2c_tn="GROUP2COMPILE"; const char* compile_table_name="COMPILE"; const char* region_table_name="HTTP_SIGNATURE"; struct Maat_rule_t compile1; - struct Maat_group_t group1, group2; - struct Maat_region_t region1, region2; + struct Maat_cmd_group2compile group1, group2; + struct Maat_cmd_region region1, region2; memset(&compile1, 0, sizeof(compile1)); compile1.config_id=(int)Maat_cmd_incrby(feather, "TEST_SEQ", 1); - Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 2); + Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 2, 0, 0); //group1->compile1 memset(&group1, 0, sizeof(group1)); group1.group_id=Maat_cmd_get_new_group_id(feather); - group1.table_name=group_table_name; + group1.table_name=g2c_tn; group1.virtual_table_name="HTTP_REQUEST_HEADER"; - group1.parent_id=compile1.config_id; - group1.parent_type=PARENT_TYPE_COMPILE; - Maat_command_raw_set_group(feather, MAAT_OP_ADD, &group1); + group1.compile_id=compile1.config_id; + group1.Nth_clause=1; + Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &group1); //region1->group1->compile1 @@ -2612,17 +2665,22 @@ TEST_F(MaatCmdTest, VirtualTable) region1.expr_rule.expr_type=EXPR_TYPE_STRING; Maat_command_raw_set_region(feather, MAAT_OP_ADD, ®ion1, group1.group_id); - - //group2->compile1 + // region1->group1->compile1 + // / + // group2-/ memset(&group2, 0, sizeof(group2)); group2.group_id=Maat_cmd_get_new_group_id(feather); - group2.table_name=group_table_name; + group2.table_name=g2c_tn; group2.virtual_table_name="HTTP_RESPONSE_HEADER"; - group2.parent_id=compile1.config_id; - group2.parent_type=PARENT_TYPE_COMPILE; - Maat_command_raw_set_group(feather, MAAT_OP_ADD, &group2); + group2.compile_id=compile1.config_id; + group2.Nth_clause=2; + Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &group2); + + + //region1->group1->compile1 + // / + // region2->group2-/ - //region2->group2 memset(®ion2, 0, sizeof(region2)); region2.region_id=Maat_cmd_get_new_region_id(feather); region2.region_type=REGION_EXPR; @@ -2670,9 +2728,9 @@ TEST_F(MaatCmdTest, VirtualTable) Maat_clean_status(&mid); //Delete group1 - Maat_command_raw_set_group(feather, MAAT_OP_DEL, &group1); - Maat_command_raw_set_compile(feather, MAAT_OP_DEL, &compile1, compile_table_name, NULL, 2); - Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 1); + Maat_command_raw_set_group2compile(feather, MAAT_OP_DEL, &group1); + Maat_command_raw_set_compile(feather, MAAT_OP_DEL, &compile1, compile_table_name, NULL, 2, 0, 0); + Maat_command_raw_set_compile(feather, MAAT_OP_ADD, &compile1, compile_table_name, NULL, 1, 0, 0); sleep(1); @@ -2691,7 +2749,8 @@ TEST_F(MaatCmdTest, VirtualTable) return; } -*/ + + TEST_F(MaatCmdTest, SetLines) { const int TEST_CMD_LINE_NUM=4; @@ -3011,7 +3070,9 @@ TEST_F(MaatCmdTest, PluginEXData) TEST_F(MaatCmdTest, HitPath) { Maat_feather_t feather=MaatCmdTest::_shared_feather; - const char* group_table_name="GROUP"; + + const char* g2g_tn="GROUP2GROUP"; + const char* g2c_tn="GROUP2COMPILE"; const char* compile_table_name="COMPILE"; const char* table_http_sig="HTTP_SIGNATURE"; const char* table_ip="IP_CONFIG"; @@ -3030,9 +3091,10 @@ TEST_F(MaatCmdTest, HitPath) //group1->compile1 memset(&group1, 0, sizeof(group1)); group1.group_id=Maat_cmd_get_new_group_id(feather); - group1.table_name=group_table_name; + group1.table_name=g2c_tn; group1.virtual_table_name="HTTP_REQUEST_HEADER"; group1.compile_id=compile1.config_id; + group1.Nth_clause=1; Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &group1); @@ -3049,14 +3111,15 @@ TEST_F(MaatCmdTest, HitPath) // region1->group1->compile1 - // / - // group21/ + // / + // group21/ memset(&group21, 0, sizeof(group21)); group21.group_id=Maat_cmd_get_new_group_id(feather); - group21.table_name=group_table_name; + group21.table_name=g2c_tn; group21.virtual_table_name="HTTP_RESPONSE_HEADER"; group21.compile_id=compile1.config_id; + group21.Nth_clause=2; Maat_command_raw_set_group2compile(feather, MAAT_OP_ADD, &group21); @@ -3066,7 +3129,7 @@ TEST_F(MaatCmdTest, HitPath) memset(&group2, 0, sizeof(group2)); group2.group_id=Maat_cmd_get_new_group_id(feather); - group2.table_name=group_table_name; + group2.table_name=g2g_tn; group2.superior_group_id=group21.group_id; Maat_command_raw_set_group2group(feather, MAAT_OP_ADD, &group2); @@ -3150,6 +3213,7 @@ TEST_F(MaatCmdTest, HitPath) EXPECT_EQ(ret, -2); struct Maat_hit_path_t hit_path[128]; + memset(hit_path, 0, sizeof(hit_path)); int n_read=0; n_read=Maat_get_scan_status(feather, &mid, MAAT_GET_SCAN_HIT_PATH, hit_path, sizeof(hit_path)); EXPECT_EQ(n_read, 1); @@ -3213,7 +3277,7 @@ that the edges be all directed in the same direction."; EXPECT_EQ(hit_path[path_idx].Nth_scan, Nth_scan); EXPECT_EQ(hit_path[path_idx].region_id, region4.region_id); EXPECT_EQ(hit_path[path_idx].sub_group_id, group4.group_id); - EXPECT_EQ(hit_path[path_idx].top_group_id, group4.group_id); + EXPECT_EQ(hit_path[path_idx].top_group_id, -1); EXPECT_EQ(hit_path[path_idx].virtual_table_id, 0); EXPECT_EQ(hit_path[path_idx].compile_id, -1); @@ -3231,7 +3295,7 @@ that the edges be all directed in the same direction."; EXPECT_EQ(hit_path[path_idx].Nth_scan, Nth_scan); EXPECT_EQ(hit_path[path_idx].region_id, region3.region_id); EXPECT_EQ(hit_path[path_idx].sub_group_id, group3.group_id); - EXPECT_EQ(hit_path[path_idx].top_group_id, group3.group_id); + EXPECT_EQ(hit_path[path_idx].top_group_id, -1); EXPECT_EQ(hit_path[path_idx].virtual_table_id, 0); EXPECT_EQ(hit_path[path_idx].compile_id, -1); @@ -3245,7 +3309,7 @@ that the edges be all directed in the same direction."; EXPECT_EQ(hit_path[path_idx].Nth_scan, Nth_scan); EXPECT_EQ(hit_path[path_idx].region_id, region4.region_id); EXPECT_EQ(hit_path[path_idx].sub_group_id, group4.group_id); - EXPECT_EQ(hit_path[path_idx].top_group_id, group4.group_id); + EXPECT_EQ(hit_path[path_idx].top_group_id, -1); EXPECT_EQ(hit_path[path_idx].virtual_table_id, 0); EXPECT_EQ(hit_path[path_idx].compile_id, -1); Maat_stream_scan_string_end(&stream_para);