Ejemplos de ipset_new en C++ (Cpp)

Ejemplo n.º 1

0

Mostrar archivo

Archivo: ipobj.c Proyecto: sdnnfv/snort

IPSET * ipset_copy( IPSET *ipsp )
{
    IPSET * newset = ipset_new();
    IP_PORT *ip_port;

    for(ip_port =(IP_PORT*)sflist_first( &ipsp->ip_list );
            ip_port !=NULL;
            ip_port =(IP_PORT*)sflist_next( &ipsp->ip_list ) )
    {
        ipset_add(newset, &ip_port->ip, &ip_port->portset, ip_port->notflag);
    }
    return newset;
}

Ejemplo n.º 2

0

Mostrar archivo

Archivo: ipobj.c Proyecto: sdnnfv/snort

void test_ip4set_parsing(void)
{
    char **curip;
    int ret;
    char *ips[] = {
        "12.24.24.1/32,!24.24.24.1",
        "[0.0.0.0/0.0.2.0,241.242.241.22]",
        "138.26.1.24",
        "1.1.1.1",
        "1.1.1.1/16",
        "1.1.1.1/255.255.255.255",
        "z/24",
        "0/0",
        "0.0.0.0/0.0.0.0",
        "0.0.0.0/0.0.2.0",
        NULL
    };

    for(curip = ips; curip[0] != NULL; curip++)
    {
        IPSET *ipset = ipset_new(IPV4_FAMILY);

        /* network byte order stuff */
        if((ret = ip4_setparse(ipset, curip[0])) != 0)
        {
            ipset_free(ipset);
            fprintf(stderr, "Unable to parse %s with ret %d\n", curip[0], ret);
        }
        else
        {
            printf("-[%s]\n ", curip[0]);
            ipset_print(ipset);
            printf("---------------------\n ");
        }
    }

    return;
}

Ejemplo n.º 3

0

Mostrar archivo

Archivo: ipobj.c Proyecto: remfalc/vyt-vyatta-snort

IPSET * ipset_copy( IPSET *ipsp )
{
    int family;
    IPSET * newset = NULL;
    CIDRBLOCK *cbp;
    CIDRBLOCK6 *cbp6;

    if(ipsp)
    {
        family = ipset_family( ipsp );
        newset = ipset_new(family) ;

        if( family == IPV4_FAMILY )
        {
            for(cbp =(CIDRBLOCK*)sflist_first( &ipsp->cidr_list );
                cbp !=NULL;
                cbp =(CIDRBLOCK*)sflist_next( &ipsp->cidr_list ) )
            {
                ipset_add(newset, &cbp->ip, &cbp->mask, &cbp->portset, cbp->notflag, family);
            }

        }
        else
        {
            for(cbp6 =(CIDRBLOCK6*)sflist_first( &ipsp->cidr_list );
                cbp6 !=NULL;
                cbp6 =(CIDRBLOCK6*)sflist_next( &ipsp->cidr_list ) )
            {
                ipset_add(newset, &cbp6->ip, &cbp6->mask, &cbp6->portset, cbp6->notflag, family);
            }

        }
    }

    return newset;
}

Ejemplo n.º 4

0

Mostrar archivo

Archivo: storage.c Proyecto: janies/ipset

ip_set_t *
ipset_load(GInputStream *stream,
           GError **err)
{
    ip_set_t  *set;
    ipset_node_id_t  node;

    set = ipset_new();
    if (set == NULL) return NULL;

    GError  *suberror = NULL;

    node = ipset_node_cache_load
           (stream, ipset_cache, &suberror);
    if (suberror != NULL)
    {
        g_propagate_error(err, suberror);
        ipset_free(set);
        return NULL;
    }

    set->set_bdd = node;
    return set;
}

Ejemplo n.º 5

0

Mostrar archivo

Archivo: flowps_snort.c Proyecto: remfalc/vyt-vyatta-snort

static void FlowPSParseOption(PS_CONFIG *config,
                              char *fname, int lineno,
                              char *key, char *value)
{
    int ivalue;

    if(!key || !value)
    {
        FatalError("%s:(%d) Invalid command line arguments!\n");
    }

    if(s_debug > 1)
        flow_printf("key: %s value: %s\n", key, value);
    
    if(!strcasecmp(key, "scoreboard-memcap-talker"))
    {
        ivalue = atoi(value);
        config->sb_memcap_talker = ivalue;
    }
    else if(!strcasecmp(key, "scoreboard-memcap-scanner"))
    {
        ivalue = atoi(value);
        config->sb_memcap_scanner = ivalue;
    }
    else if(!strcasecmp(key,"unique-memcap"))
    {
        ivalue = atoi(value);
        config->ut_memcap = ivalue;
    }
    else if(!strcasecmp(key,"server-memcap"))
    {
        ivalue = atoi(value);
        config->server_memcap = ivalue;
    }
    else if(!strcasecmp(key, "scoreboard-rows-talker"))
    {
        ivalue = atoi(value);
        config->sb_rows_talker = ivalue;
    }
    else if(!strcasecmp(key, "scoreboard-rows-scanner"))
    {
        ivalue = atoi(value);
        config->sb_rows_scanner = ivalue;
    }
    else if(!strcasecmp(key,"unique-rows"))
    {
        ivalue = atoi(value);
        config->ut_rows = ivalue;
    }
    else if(!strcasecmp(key,"server-rows"))
    {
        ivalue = atoi(value);
        config->server_rows = ivalue;
    }
    else if(!strcasecmp(key, "server-watchnet"))
    {
        IPSET *ipset = ipset_new(IPV4_FAMILY);

        if(!ipset || ip4_setparse(ipset, value) !=0)
        {
            FatalError("%s(%d) Unable to create an IPSet from %s\n",
                            file_name,file_line,value);
        }

        config->server_watchnet_ipv4 = ipset;        
    }
    else if(!strcasecmp(key, "src-ignore-net"))
    {
        IPSET *ipset = ipset_new(IPV4_FAMILY);

        if(!ipset || ip4_setparse(ipset, value) !=0)
        {
            FatalError("%s(%d) Unable to create an IPSet from %s\n",
                            file_name,file_line,value);
        }

        config->src_ignore_ipv4 = ipset;        
    }
    else if(!strcasecmp(key, "dst-ignore-net"))
    {
        IPSET *ipset = ipset_new(IPV4_FAMILY);

        if(!ipset || ip4_setparse(ipset, value) !=0)
        {
            FatalError("%s(%d) Unable to create an IPSet from %s\n",
                       file_name,file_line,value);
        }

        config->dst_ignore_ipv4 = ipset;        
    }
    else if(!strcasecmp(key, "tcp-penalties"))
    {
        if(toggle_option(key, value, &config->tcp_penalties))
        {
            FatalError("%s(%d) Error processing %s directive (value = %s)\n",
                       file_name,file_line,key,value);
        }
    }
    else if(!strcasecmp(key, "server-learning-time"))
    {
        ivalue = atoi(value);
        config->server_learning_time = ivalue;
    }   
    else if(!strcasecmp(key, "server-ignore-limit"))
    {
        ivalue = atoi(value);
        config->server_ignore_limit = ivalue;
    }
    else if(!strcasecmp(key, "server-scanner-limit"))
    {
        ivalue = atoi(value);
        config->server_scanner_limit = ivalue;
    }
    else if(!strcasecmp(key, "talker-fixed-threshold"))
    {
        ivalue = atoi(value);
        config->limit_talker.fixed = ivalue;
    }
    else if(!strcasecmp(key, "talker-sliding-threshold"))
    {
        ivalue = atoi(value);
        config->limit_talker.sliding = ivalue;
    }
    else if(!strcasecmp(key, "talker-fixed-window"))
    {
        ivalue = atoi(value);
        config->limit_talker.fixed_size = ivalue;
    }
    else if(!strcasecmp(key, "talker-sliding-window"))
    {
        ivalue = atoi(value);
        config->limit_talker.sliding_size = ivalue;
    }
    else if(!strcasecmp(key, "talker-sliding-scale-factor"))
    {
        config->limit_talker.window_scale = (float)strtod(value, NULL);
    }
    else if(!strcasecmp(key, "scanner-fixed-threshold"))
    {
        ivalue = atoi(value);
        config->limit_scanner.fixed = ivalue;
    }
    else if(!strcasecmp(key, "scanner-sliding-threshold"))
    {
        ivalue = atoi(value);
        config->limit_scanner.sliding = ivalue;
    }
    else if(!strcasecmp(key, "scanner-fixed-window"))
    {
        ivalue = atoi(value);
        config->limit_scanner.fixed_size = ivalue;
    }
    else if(!strcasecmp(key, "scanner-sliding-window"))
    {
        ivalue = atoi(value);
        config->limit_scanner.sliding_size = ivalue;
    }
    else if(!strcasecmp(key, "scanner-sliding-scale-factor"))
    {
        config->limit_scanner.window_scale = (float)strtod(value, NULL);
    }
    else if(!strcasecmp(key, "base-score"))
    {
        config->base_score = atoi(value);
    }
    else if(!strcasecmp(key, "dumpall"))
    {
        config->dumpall = atoi(value);
    }
    else if(!strcasecmp(key, "alert-mode"))
    {
        if(!strcasecmp(value, "once"))
        {
            config->alert_once = 1;
        }
        else if(!strcasecmp(value, "all"))
        {
            config->alert_once = 0;
        }
        else
        {
            FatalError("%s(%d) Bad option to %s => %s\n",
                       file_name, file_line, key, value);
        }
    }
    else if(!strcasecmp(key, "output-mode"))
    {
        if(!strcasecmp(value, "msg"))
        {
            config->output_mode = VARIABLEMSG;
        }
        else if(!strcasecmp(value, "pktkludge"))
        {
            config->output_mode = PKTKLUDGE;
        }
        else
        {
            FatalError("%s(%d) Bad option to %s => %s\n",
                       file_name, file_line, key, value);
        }
    }
    else        
    {
        FatalError("%s(%d) Unknown Arguments: key(%s) value(%s)\n",
                   fname, lineno, key, value);
    }
    
}

Ejemplo n.º 6

0

Mostrar archivo

Archivo: ipobj.c Proyecto: remfalc/vyt-vyatta-snort

//  -----------------------------
void test_ipset()
{
    int      i,k;
    IPSET  * ipset, * ipset6;
    IPSET  * ipset_copyp, * ipset6_copyp;

    unsigned ipaddress, mask;
    unsigned short mask6[8];
    unsigned short ipaddress6[8];
    unsigned port_lo, port_hi;
    PORTSET        portset;

    printf("IPSET testing\n");

    ipset  = ipset_new(IPV4_FAMILY);
    ipset6 = ipset_new(IPV6_FAMILY);

    srand( time(0) );

    for(i=0;i<MAXIP;i++)
    {
        if( i % 2 )
        {
            ipaddress = rand() * rand();
            mask = 0xffffff00;
            port_lo = rand();
            port_hi = rand() % 5 + port_lo;
            portset_init(&portset);
            portset_add(&portset, port_lo, port_hi);

            ipset_add( ipset, &ipaddress, &mask, &portset, 0, IPV4_FAMILY ); //class C cidr blocks

            if( !ipset_contains( ipset, &ipaddress, &port_lo, IPV4_FAMILY ) )
                printf("error with ipset_contains\n");
        }
        else
        {
            for(k=0;k<8;k++) ipaddress6[k] = (char) (rand() % (1<<16)); 

            for(k=0;k<8;k++) mask6[k] = 0xffff;

            port_lo = rand();
            port_hi = rand() % 5 + port_lo;
            portset_init(&portset);
            portset_add(&portset, port_lo, port_hi);

            ipset_add( ipset6, ipaddress6, mask6, &portset, 0, IPV6_FAMILY );

            if( !ipset_contains( ipset6, &ipaddress6, &port_lo, IPV6_FAMILY ) )
                printf("error with ipset6_contains\n");
        }

    }

    ipset_copyp = ipset_copy( ipset );
    ipset6_copyp = ipset_copy( ipset6 );


    printf("-----IP SET-----\n");
    ipset_print( ipset );
    printf("\n");

    printf("-----IP SET6-----\n");
    ipset_print( ipset6 );
    printf("\n");

    printf("-----IP SET COPY -----\n");
    ipset_print( ipset_copyp );
    printf("\n");

    printf("-----IP SET6 COPY -----\n");
    ipset_print( ipset6_copyp );
    printf("\n");

    printf("IP set testing completed\n");
}