gfwleak/tango-maat
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OMPUB-1426: ipport_plugin table support ip range

Browse Source
This commit is contained in:
root
2024-09-18 11:06:41 +00:00
parent 2d77b9c88d
commit e0c20d27ed
9 changed files with 214 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
scanner/CMakeLists.txt
View File

@@ -4,6 +4,7 @@ add_definitions(-fPIC)
include_directories(${PROJECT_SOURCE_DIR}/deps)
include_directories(${PROJECT_SOURCE_DIR}/include)
include_directories(${PROJECT_SOURCE_DIR}/src/inc_internal)
include_directories(${PROJECT_SOURCE_DIR}/scanner/ip_matcher)
add_subdirectory(ip_matcher/IntervalIndex)

91
scanner/ipport_matcher/ipport_matcher.c
View File

@@ -7,6 +7,7 @@
* Copyright: (c) Since 2023 Geedge Networks, Ltd. All rights reserved.
***********************************************************************************************
*/
#include <assert.h>
#include "uthash/utarray.h"
#include "uthash/uthash.h"
@@ -23,13 +24,25 @@ struct port_range {
struct ipport_node {
int ip_type; //IPV4 or IPV6
uint32_t ip_addr[4];
uint32_t start_ip_addr[4];
uint32_t end_ip_addr[4];
UT_array *port_range_list; //array to store <struct port_range>
UT_hash_handle hh;
};
struct ipport_matcher {
struct ipport_node *ipport_hash;
struct ip_matcher *ip_matcher;
};
struct ipport_hash_key_ipv4 {
uint32_t start_ip_addr;
uint32_t end_ip_addr;
};
struct ipport_hash_key_ipv6 {
uint32_t start_ip_addr[4];
uint32_t end_ip_addr[4];
};
UT_icd ut_port_range_icd = {sizeof(struct port_range), NULL, NULL, NULL};
@@ -70,36 +83,39 @@ struct ipport_matcher *ipport_matcher_new(struct ipport_rule *rules, size_t rule
return NULL;
}
struct ip_rule *ip_rules = NULL;
struct ipport_matcher *matcher = ALLOC(struct ipport_matcher, 1);
struct ipport_node *node = NULL;
char *key = NULL;
size_t key_len = 0;
for (size_t i = 0; i < rule_num; i++) {
if (rules[i].ip.ip_type == IPV4) {
key = (char *)&rules[i].ip.ipv4;
key_len = 4;
if (rules[i].ip_type == IPV4) {
key = (char *)&rules[i].ipv4;
key_len = sizeof(rules[i].ipv4);
} else {
key = (char *)rules[i].ip.ipv6;
key_len = 16;
key = (char *)&rules[i].ipv6;
key_len = sizeof(rules[i].ipv6);
}
HASH_FIND(hh, matcher->ipport_hash, key, key_len, node);
if (NULL == node) {
node = ALLOC(struct ipport_node, 1);
if (rules[i].ip.ip_type == IPV4) {
if (rules[i].ip_type == IPV4) {
node->ip_type = IPV4;
node->ip_addr[0] = rules[i].ip.ipv4;
node->start_ip_addr[0] = rules[i].ipv4.start_ip;
node->end_ip_addr[0] = rules[i].ipv4.end_ip;
} else {
node->ip_type = IPV6;
for (size_t j = 0; j < 4; j++) {
node->ip_addr[j] = rules[i].ip.ipv6[j];
node->start_ip_addr[j] = rules[i].ipv6.start_ip[j];
node->end_ip_addr[j] = rules[i].ipv6.end_ip[j];
}
}
utarray_new(node->port_range_list, &ut_port_range_icd);
HASH_ADD_KEYPTR(hh, matcher->ipport_hash, (char *)node->ip_addr, key_len, node);
HASH_ADD_KEYPTR(hh, matcher->ipport_hash, key, key_len, node);
}
struct port_range range;
@@ -110,11 +126,41 @@ struct ipport_matcher *ipport_matcher_new(struct ipport_rule *rules, size_t rule
utarray_push_back(node->port_range_list, &range);
}
int ip_matcher_cnt = HASH_COUNT(matcher->ipport_hash);
int ip_matcher_idx = 0;
ip_rules = ALLOC(struct ip_rule, ip_matcher_cnt);
struct ipport_node *tmp_node = NULL;
HASH_ITER(hh, matcher->ipport_hash, node, tmp_node) {
utarray_sort(node->port_range_list, compare_port_range_for_sort);
struct port_range *range = utarray_front(node->port_range_list);
ip_rules[ip_matcher_idx].type = node->ip_type;
ip_rules[ip_matcher_idx].rule_id = range->rule_id;
ip_rules[ip_matcher_idx].user_tag = node;
if (node->ip_type == IPV4) {
ip_rules[ip_matcher_idx].ipv4_rule.start_ip = node->start_ip_addr[0];
ip_rules[ip_matcher_idx].ipv4_rule.end_ip = node->end_ip_addr[0];
} else {
for (size_t j = 0; j < 4; j++) {
ip_rules[ip_matcher_idx].ipv6_rule.start_ip[j] = node->start_ip_addr[j];
ip_rules[ip_matcher_idx].ipv6_rule.end_ip[j] = node->end_ip_addr[j];
}
}
ip_matcher_idx++;
}
assert(ip_matcher_idx == ip_matcher_cnt);
size_t mem_used = 0;
struct ip_matcher *ip_matcher = ip_matcher_new(ip_rules, ip_matcher_cnt, &mem_used);
if (NULL == ip_matcher) {
FREE(ip_rules);
ipport_matcher_free(matcher);
return NULL;
}
matcher->ip_matcher = ip_matcher;
return matcher;
}
@@ -125,23 +171,22 @@ int ipport_matcher_match(struct ipport_matcher *matcher, const struct ip_addr *i
return -1;
}
char *key = NULL;
size_t key_len = 0;
struct scan_result result;
struct ip_data ip_data = *(const struct ip_data *)ip_addr;
if (ip_data.type == IPv4) {
ip_data.ipv4 = ntohl(ip_data.ipv4);
} else {
memcpy(ip_data.ipv6, ip_data.ipv6, sizeof(ip_data.ipv6));
}
if (ip_addr->ip_type == IPV4) {
key = (char *)&ip_addr->ipv4;
key_len = 4;
} else {
key = (char *)ip_addr->ipv6;
key_len = 16;
}
struct ipport_node *node = NULL;
HASH_FIND(hh, matcher->ipport_hash, key, key_len, node);
if (NULL == node) {
int n_result = ip_matcher_match(matcher->ip_matcher, &ip_data,
&result, 1);
if (n_result <= 0) {
return 0;
}
struct ipport_node *node = result.tag;
uint16_t host_port = ntohs(port);
struct port_range range;
range.min_port = host_port;

7
scanner/ipport_matcher/ipport_matcher.h
View File

@@ -18,12 +18,17 @@ extern "C"
#include <stddef.h>
#include "ip_matcher.h"
#include "maat.h"
struct ipport_rule {
long long rule_id; /* rule id */
void *user_tag; /* point to user-defined data which will return with hit results */
struct ip_addr ip;
int ip_type;
union {
struct ipv4_range ipv4;
struct ipv6_range ipv6;
};
uint16_t min_port; /* host order */
uint16_t max_port; /* host order */
};

82
src/maat_ipport_plugin.c
View File

@@ -25,7 +25,8 @@
struct ipport_plugin_schema {
int item_id_column;
int ip_type_column;
int ip_addr_column;
int ip1_column;
int ip2_column;
int port1_column;
int port2_column;
int gc_timeout_s;
@@ -117,13 +118,24 @@ void *ipport_plugin_schema_new(cJSON *json, struct table_manager *tbl_mgr,
goto error;
}
custom_item = cJSON_GetObjectItem(item, "ip_addr");
custom_item = cJSON_GetObjectItem(item, "start_ip");
if (custom_item != NULL && custom_item->type == cJSON_Number) {
schema->ip_addr_column = custom_item->valueint;
schema->ip1_column = custom_item->valueint;
} else {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport_plugin table:<%s> schema has no"
" ip_addr column", __FUNCTION__, __LINE__,
" ip1 column", __FUNCTION__, __LINE__,
table_name);
goto error;
}
custom_item = cJSON_GetObjectItem(item, "end_ip");
if (custom_item != NULL && custom_item->type == cJSON_Number) {
schema->ip2_column = custom_item->valueint;
} else {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport_plugin table:<%s> schema has no"
" ip2 column", __FUNCTION__, __LINE__,
table_name);
goto error;
}
@@ -273,7 +285,8 @@ ipport_item_new(struct ipport_plugin_schema *schema, const char *table_name,
{
size_t column_offset = 0;
size_t column_len = 0;
char ip_str[40] = {0};
char ip1_str[40] = {0};
char ip2_str[40] = {0};
struct ipport_item *ipport_item = ALLOC(struct ipport_item, 1);
int ret = get_column_pos(line, schema->item_id_column, &column_offset,
@@ -303,38 +316,67 @@ ipport_item_new(struct ipport_plugin_schema *schema, const char *table_name,
goto error;
}
ret = get_column_pos(line, schema->ip_addr_column, &column_offset,
ret = get_column_pos(line, schema->ip1_column, &column_offset,
&column_len);
if (ret < 0) {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> has no ip_addr in line:%s",
"[%s:%d] ipport table:<%s> has no ip1 in line:%s",
__FUNCTION__, __LINE__, table_name, line);
goto error;
}
memcpy(ip_str, (line + column_offset), column_len);
memcpy(ip1_str, (line + column_offset), column_len);
ret = get_column_pos(line, schema->ip2_column, &column_offset,
&column_len);
if (ret < 0) {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> has no ip2 in line:%s",
__FUNCTION__, __LINE__, table_name, line);
goto error;
}
memcpy(ip2_str, (line + column_offset), column_len);
if (IPV4 == ipport_item->ip_type) {
uint32_t ipv4_addr = 0;
ret = inet_pton(AF_INET, ip_str, &ipv4_addr);
uint32_t ipv4_addr1 = 0;
uint32_t ipv4_addr2 = 0;
ret = inet_pton(AF_INET, ip1_str, &ipv4_addr1);
if (ret < 0) {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> ip_format2range(ip4) failed in line:%s",
__FUNCTION__, __LINE__, table_name, line);
goto error;
}
ipport_item->ipv4.min_ip = ipv4_addr;
ipport_item->ipv4.max_ip = ipv4_addr;
ret = inet_pton(AF_INET, ip2_str, &ipv4_addr2);
if (ret < 0) {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> ip_format2range(ip4) failed in line:%s",
__FUNCTION__, __LINE__, table_name, line);
goto error;
}
ipport_item->ipv4.min_ip = ntohl(ipv4_addr1);
ipport_item->ipv4.max_ip = ntohl(ipv4_addr2);
} else {
//ipv6
uint32_t ipv6_addr[4] = {0};
ret = inet_pton(AF_INET6, ip_str, ipv6_addr);
uint32_t ipv6_addr1[4] = {0};
uint32_t ipv6_addr2[4] = {0};
ret = inet_pton(AF_INET6, ip1_str, ipv6_addr1);
if (ret < 0) {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> ip_format2range(ip6) failed in line:%s",
__FUNCTION__, __LINE__, table_name, line);
goto error;
}
memcpy(ipport_item->ipv6.min_ip, ipv6_addr, sizeof(ipv6_addr));
ret = inet_pton(AF_INET6, ip2_str, ipv6_addr2);
if (ret < 0) {
log_fatal(logger, MODULE_IPPORT_PLUGIN,
"[%s:%d] ipport table:<%s> ip_format2range(ip6) failed in line:%s",
__FUNCTION__, __LINE__, table_name, line);
goto error;
}
memcpy(ipport_item->ipv6.min_ip, ipv6_addr1, sizeof(ipv6_addr1));
memcpy(ipport_item->ipv6.max_ip, ipv6_addr2, sizeof(ipv6_addr2));
}
ret = get_column_pos(line, schema->port1_column, &column_offset,
@@ -485,13 +527,15 @@ static void
ipport_item_to_ipport_rule(struct ipport_item *item, struct ipport_rule *rule)
{
if (IPV4 == item->ip_type) {
rule->ip.ip_type= IPV4;
rule->ip.ipv4 = item->ipv4.min_ip;
rule->ip_type = IPV4;
rule->ipv4.start_ip = item->ipv4.min_ip;
rule->ipv4.end_ip = item->ipv4.max_ip;
rule->min_port = item->min_port;
rule->max_port = item->max_port;
} else {
rule->ip.ip_type = IPV6;
memcpy(rule->ip.ipv6, item->ipv6.min_ip, sizeof(item->ipv6.min_ip));
rule->ip_type = IPV6;
memcpy(rule->ipv6.start_ip, item->ipv6.min_ip, sizeof(item->ipv6.min_ip));
memcpy(rule->ipv6.end_ip, item->ipv6.max_ip, sizeof(item->ipv6.max_ip));
rule->min_port = item->min_port;
rule->max_port = item->max_port;
}

4
src/maat_stat.c
View File

@@ -243,9 +243,9 @@ static void fs_table_row_output(FILE *fp, struct maat_stat *stat, int perf_on)
long long total_scan_times = 0, total_hit_times = 0, total_scan_cpu_time = 0;
long long total_regv6_num = 0, total_hit_item_num = 0, total_hit_pattern_num = 0;
long long g2c_not_clause_num = 0, g2g_excl_rule_num = 0;
struct fieldstat_tag cell_tag = {
struct field cell_tag = {
.key = "TBL",
.type = TAG_CSTRING
.type = FIELD_VALUE_CSTRING
};
size_t max_table_count = table_manager_table_size(stat->ref_tbl_mgr);

83
test/ipport_matcher_gtest.cpp
View File

@@ -19,10 +19,11 @@ TEST(IPv4PortMatcher, MatchedOneRuleInPortRange) {
struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV4;
rules[0].ip_type = IPV4;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[0].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[0].ipv4.end_ip);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
ASSERT_TRUE(matcher != NULL);
@@ -30,6 +31,7 @@ TEST(IPv4PortMatcher, MatchedOneRuleInPortRange) {
struct ip_addr ip;
ip.ip_type = IPV4;
inet_pton(AF_INET, ip1_str, &ip.ipv4);
ip.ipv4 = htonl(ip.ipv4);
uint16_t port = htons(120);
struct ipport_result results[MAX_ARRAY_SIZE];
@@ -46,10 +48,11 @@ TEST(IPv4PortMatcher, MatchedOneRuleOnPortRangeBoundary) {
struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV4;
rules[0].ip_type = IPV4;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[0].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[0].ipv4.end_ip);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
ASSERT_TRUE(matcher != NULL);
@@ -57,6 +60,7 @@ TEST(IPv4PortMatcher, MatchedOneRuleOnPortRangeBoundary) {
struct ip_addr ip;
ip.ip_type = IPV4;
inet_pton(AF_INET, ip1_str, &ip.ipv4);
ip.ipv4 = htonl(ip.ipv4);
uint16_t port = htons(100);
struct ipport_result results[MAX_ARRAY_SIZE];
@@ -82,40 +86,46 @@ TEST(IPv4PortMatcher, MatchedMultiRuleInPortRange) {
memset(rules, 0, sizeof(rules));
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV4;
rules[0].ip_type = IPV4;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET, ip1_str, &rules[0].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[0].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[0].ipv4.end_ip);
rules[1].rule_id = 200;
rules[1].ip.ip_type = IPV4;
rules[1].ip_type = IPV4;
rules[1].min_port = 110;
rules[1].max_port = 160;
inet_pton(AF_INET, ip1_str, &rules[1].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[1].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[1].ipv4.end_ip);
rules[2].rule_id = 300;
rules[2].ip.ip_type = IPV4;
rules[2].ip_type = IPV4;
rules[2].min_port = 120;
rules[2].max_port = 170;
inet_pton(AF_INET, ip1_str, &rules[2].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[2].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[2].ipv4.end_ip);
rules[3].rule_id = 400;
rules[3].ip.ip_type = IPV4;
rules[3].ip_type = IPV4;
rules[3].min_port = 130;
rules[3].max_port = 180;
inet_pton(AF_INET, ip1_str, &rules[3].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[3].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[3].ipv4.end_ip);
rules[4].rule_id = 500;
rules[4].ip.ip_type = IPV4;
rules[4].ip_type = IPV4;
rules[4].min_port = 140;
rules[4].max_port = 190;
inet_pton(AF_INET, ip1_str, &rules[4].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[4].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[4].ipv4.end_ip);
rules[5].rule_id = 600;
rules[5].ip.ip_type = IPV4;
rules[5].ip_type = IPV4;
rules[5].min_port = 150;
rules[5].max_port = 200;
inet_pton(AF_INET, ip1_str, &rules[5].ip.ipv4);
inet_pton(AF_INET, ip1_str, &rules[5].ipv4.start_ip);
inet_pton(AF_INET, ip1_str, &rules[5].ipv4.end_ip);
struct ipport_matcher *matcher = ipport_matcher_new(rules, MAX_ARRAY_SIZE);
ASSERT_TRUE(matcher != NULL);
@@ -123,6 +133,7 @@ TEST(IPv4PortMatcher, MatchedMultiRuleInPortRange) {
struct ip_addr ip;
ip.ip_type = IPV4;
inet_pton(AF_INET, ip1_str, &ip.ipv4);
ip.ipv4 = htonl(ip.ipv4);
uint16_t port = htons(90);
//no match rule_id
@@ -226,10 +237,11 @@ TEST(IPv6PortMatcher, MatchedOneRuleInPortRange) {
struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV6;
rules[0].ip_type = IPV6;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET6, ip1_str, rules[0].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[0].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[0].ipv6.end_ip);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
ASSERT_TRUE(matcher != NULL);
@@ -253,10 +265,11 @@ TEST(IPv6PortMatcher, MatchedOneRuleOnPortRangeBoundary) {
struct ipport_rule rules[MAX_ARRAY_SIZE];
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV6;
rules[0].ip_type = IPV6;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET6, ip1_str, rules[0].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[0].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[0].ipv6.end_ip);
struct ipport_matcher *matcher = ipport_matcher_new(rules, 1);
ASSERT_TRUE(matcher != NULL);
@@ -289,40 +302,46 @@ TEST(IPv6PortMatcher, MatchedMultiRuleInPortRange) {
memset(rules, 0, sizeof(rules));
rules[0].rule_id = 100;
rules[0].ip.ip_type = IPV6;
rules[0].ip_type = IPV6;
rules[0].min_port = 100;
rules[0].max_port = 150;
inet_pton(AF_INET6, ip1_str, rules[0].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[0].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[0].ipv6.end_ip);
rules[1].rule_id = 200;
rules[1].ip.ip_type = IPV6;
rules[1].ip_type = IPV6;
rules[1].min_port = 110;
rules[1].max_port = 160;
inet_pton(AF_INET6, ip1_str, rules[1].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[1].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[1].ipv6.end_ip);
rules[2].rule_id = 300;
rules[2].ip.ip_type = IPV6;
rules[2].ip_type = IPV6;
rules[2].min_port = 120;
rules[2].max_port = 170;
inet_pton(AF_INET6, ip1_str, rules[2].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[2].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[2].ipv6.end_ip);
rules[3].rule_id = 400;
rules[3].ip.ip_type = IPV6;
rules[3].ip_type = IPV6;
rules[3].min_port = 130;
rules[3].max_port = 180;
inet_pton(AF_INET6, ip1_str, rules[3].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[3].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[3].ipv6.end_ip);
rules[4].rule_id = 500;
rules[4].ip.ip_type = IPV6;
rules[4].ip_type = IPV6;
rules[4].min_port = 140;
rules[4].max_port = 190;
inet_pton(AF_INET6, ip1_str, rules[4].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[4].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[4].ipv6.end_ip);
rules[5].rule_id = 600;
rules[5].ip.ip_type = IPV6;
rules[5].ip_type = IPV6;
rules[5].min_port = 150;
rules[5].max_port = 200;
inet_pton(AF_INET6, ip1_str, rules[5].ip.ipv6);
inet_pton(AF_INET6, ip1_str, rules[5].ipv6.start_ip);
inet_pton(AF_INET6, ip1_str, rules[5].ipv6.end_ip);
struct ipport_matcher *matcher = ipport_matcher_new(rules, MAX_ARRAY_SIZE);
ASSERT_TRUE(matcher != NULL);

15
test/maat_framework_gtest.cpp
View File

@@ -5624,7 +5624,7 @@ void ipport_plugin_ex_new_cb(const char *table_name, int table_id, const char *k
ud->rule_id = atoll(table_line + column_offset);
ret = get_column_pos(table_line, 5, &column_offset, &column_len);
ret = get_column_pos(table_line, 6, &column_offset, &column_len);
EXPECT_EQ(ret, 0);
ud->buffer = ALLOC(char, column_len + 1);
@@ -5684,6 +5684,18 @@ TEST_F(IPPortPluginTable, EX_DATA) {
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0]->rule_id, 103);
ret = inet_pton(AF_INET, "192.168.100.5", &ipv4.ipv4);
EXPECT_EQ(ret, 1);
port = htons(150);
memset(results, 0, sizeof(results));
ret = maat_ipport_plugin_table_get_ex_data(maat_inst, table_id, &ipv4, port,
(void **)results, ARRAY_SIZE);
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0]->rule_id, 102);
port = htons(255);
struct ip_addr ipv6;
ipv6.ip_type = IPv6;
inet_pton(AF_INET6, "2001:db8:1234::5210", ipv6.ipv6);
@@ -5694,6 +5706,7 @@ TEST_F(IPPortPluginTable, EX_DATA) {
EXPECT_EQ(ret, 1);
EXPECT_EQ(results[0]->rule_id, 104);
port = htons(255);
inet_pton(AF_INET6, "240e:97c:4010:104::17", ipv6.ipv6);
ret = maat_ipport_plugin_table_get_ex_data(maat_inst, table_id, &ipv6, port,
(void**)results, ARRAY_SIZE);

8
test/maat_json.json
View File

@@ -4189,10 +4189,10 @@
{
"table_name": "TEST_IPPORT_PLUGIN_WITH_EXDATA",
"table_content": [
"101\t4\t192.168.100.1\t0\t255\t1",
"102\t4\t192.168.100.2\t100\t200\t1",
"103\t4\t192.168.100.1\t255\t300\t1",
"104\t6\t2001:db8:1234::5210\t255\t512\t1"
"101\t4\t192.168.100.1\t192.168.100.1\t0\t255\t1",
"102\t4\t192.168.100.2\t192.168.100.100\t100\t200\t1",
"103\t4\t192.168.100.1\t192.168.100.1\t255\t300\t1",
"104\t6\t2001:db8:1234::5210\t2001:db8:1234::5220\t255\t512\t1"
]
},
{

9
test/table_info.conf
View File

@@ -634,14 +634,15 @@
"table_id":52,
"table_name":"TEST_IPPORT_PLUGIN_WITH_EXDATA",
"table_type":"ipport_plugin",
"valid_column":6,
"valid_column":7,
"custom": {
"gc_timeout_s": 3,
"item_id":1,
"ip_type":2,
"ip_addr":3,
"port1":4,
"port2":5
"start_ip":3,
"end_ip":4,
"port1":5,
"port2":6
}
},
{