Example #1
0
/*
   Port string can be:
   25
   25 26
   25-28
   25 28-29
   25,26 27 30-35

   portset is a list of port ranges.  A port range can be a single port (25-25).
   */
static int port_parse(char *portstr, PORTSET *portset)
{
    unsigned port_lo = 0, port_hi = 0;
    char *p;
    char *pc;
    char *phi;
    
    p = portstr;

    /* Get first range in list */
    pc = strstr(portstr, " ");
    if ( !pc )
        pc = strstr(portstr, "\t");
    if ( pc ) 
        *pc = '\0';
    while ( p && *p )
    {
        while ( isspace(*p) )
            p++;

        if ( *p == 0 )
            break;

        /* Get high port */
        phi = strstr(p, "-");
        
        if ( phi )
        {
            *phi++ = '\0';
            port_lo = atoi(p);
            port_hi = atoi(phi);
        }
        else
        {
            port_hi = port_lo = atoi(p);            
        }

        portset_add(portset, port_lo, port_hi);

        if ( !pc )
        {
            p = NULL;
        }
        else
        {
            p = pc + 1;
            pc = strstr(p, " ");
            if ( !pc )
                pc = strstr(p, "\t");
        }
    }

    return 0;
}
Example #2
0
static int ip4_parse(char *ipstr, int network_order, int *not_flag, unsigned *host,
                     unsigned *mask, PORTSET *portset)
{
    char *saved, *s_copy, *maskptr, *endp, *portptr = NULL, *addrend;
    struct in_addr addrstuff;

    if(!ipstr || !not_flag || !host || !mask) 
        return -1;


    if(*ipstr == '\0')
        return -3;

    saved = s_copy = strdup(ipstr);

    if(!s_copy)
    {
        return -2;
    }
    else
    {
        while(isspace((int)*s_copy))
            s_copy++;

        if(*s_copy == '\0')
        {
            free(saved);
            return -3;
        }

        if(*s_copy == '!')
        {
            *not_flag = 1;
            s_copy++;

            if(*s_copy == '\0')
            {
                free(saved);
                return -3;
            }
        }
        else
        {
            *not_flag = 0;
        }

        endp = strstr(s_copy, "]");
        if (endp)
        {
            /* Removing trailing ']' */
            *endp = 0;
        }

        endp = strstr(s_copy, ",");
        if (endp)
        {
            /* Removing trailing ',' */
            *endp = 0;
        }

        maskptr = strstr(s_copy, "/");

        portptr = strstr(s_copy, ":");

        if(!maskptr)
        {
            /* assume this is a host */
            *mask = 0xFFFFFFFF;
        }
        else
        {
            *maskptr = '\0';
            maskptr++;
        }

        if(!portptr)
        {
            /* no port */
        }
        else
        {
            *portptr = '\0';
            portptr++;
        }

        /* this will just be the address part as *maskptr and *portptr == '\0'
         * we shouldn't find anything after moving past trailing whitespace
         */
        addrend = strpbrk(s_copy, " \t");
        if (addrend != NULL)
        {
            while (isspace((int)(*addrend)))
                addrend++;

            if (*addrend != '\0')
            {
                free(saved);
                return -1;
            }
        }

        if(strncmp(s_copy, "0", 1) == 0 || strncmp(s_copy, "0.0.0.0", 7) == 0)
        {
            *host = 0;
        }
        else if((addrstuff.s_addr = inet_addr(s_copy)) == -1)
        {
            if(!strncmp(s_copy, "255.255.255.255", 15))
            {
                addrstuff.s_addr = INADDR_BROADCAST;
            }
            else
            {
                /* invalid ip address! */
                free(saved);
                return -3;
            }
        }
        else
        {
            *host = ntohl(addrstuff.s_addr);
        }            

        if(maskptr)
        {
            char *maskend;

            while (isspace((int)(*maskptr)))
                maskptr++;

            if(*maskptr == '\0')
            {
                /* Nothing beyond the / -- no bits in CIDR */
                free(saved);
                return -3;
            }

            /* make sure if there are spaces at the end that we don't find
             * any more stuff, like another address that wasn't separated
             * with a comma
             */
            maskend = strpbrk(maskptr, " \t");
            if (maskend != NULL)
            {
                while (isspace((int)(*maskend)))
                    maskend++;

                if (*maskend != '\0')
                {
                    free(saved);
                    return -1;
                }
            }

            if(strstr(maskptr, "."))
            {
                if(strncmp(maskptr, "0", 1) == 0 || strncmp(maskptr, "0.0.0.0", 7) == 0)
                {
                    *mask = 0;
                }
                else if((addrstuff.s_addr = inet_addr(maskptr)) == -1)
                {
                    if(strncmp(maskptr, "255.255.255.255", 15) == 0)
                    {
                        addrstuff.s_addr = INADDR_BROADCAST;
                    }
                    else
                    {
                        /* invalid ip address! */
                        free(saved);
                        return -3;
                    }
                }
                else
                {
                    *mask = ntohl(addrstuff.s_addr);
                }           
            }
            else
            {
                int blocksize = atoi(maskptr);
                int i;

                if(blocksize == 0)
                {
                    *mask = 0;
                }
                else if(blocksize < 1 || blocksize > 32)
                {
                    free(saved);
                    return -4;
                }
                else
                {
                    *mask = 0;
                    for(i=0;i<blocksize;i++)
                    {
                        (*mask) |= (1 << 31) >> i;
                    }
                }
            }
        }

        if(portptr)
        {            
            while (isspace((int)(*portptr)))
                portptr++;

            if (*portptr == '\0')
            {
                free(saved);
                return -5;
            }

            if (port_parse(portptr, portset) != 0)
            {
                free(saved);
                return -6;
            }
        }
        else
        {
            /* Make sure we have at least one port range in list, but an invalid port range */
            portset_add(portset, 0, 0);
        }
    }

    /* convert the arguments by default */
    if(network_order)
    {
        *mask = htonl(*mask);
        *host = htonl(*host);	
    }

    free(saved);
    return 0;
}
Example #3
0
/*
   Port string can be:
   25
   25 26
   25-28
   25 28-29
   25,26 27 30-35

   portset is a list of port ranges.  A port range can be a single port (25-25).
 */
static int port_parse(char *portstr, PORTSET *portset)
{
    unsigned port_lo = 0, port_hi = 0;
    char *port1;
    char *port_begin;
    char *port_end;
    char *port2;
    char *portset_end;

    port_begin = portstr;

    portset_end = port_begin + strlen(port_begin);

    while (isspace((int)(*port_begin)))
        port_begin++;

    port_end = strpbrk(port_begin, " \t");

    if (port_end == NULL)
        port_end = portset_end;
    else
        *port_end = '\0';

    while (port_begin != portset_end)
    {
        port1 = port_begin;
        port2 = strstr(port_begin, "-");

        if (port2)
        {
            unsigned int i;

            *port2 = '\0';
            port2++;

            if (*port1 == '\0' || *port2 == '\0')
                return -1;

            for (i = 0; i < strlen(port1); i++)
            {
                if (!isdigit((int)port1[i]))
                    return -2;
            }

            for (i = 0; i < strlen(port2); i++)
            {
                if (!isdigit((int)port2[i]))
                    return -2;
            }

            port_lo = atoi(port1);
            port_hi = atoi(port2);
        }
        else
        {
            unsigned int i;

            if (*port1 == '\0')
                return -1;

            for (i = 0; i < strlen(port1); i++)
            {
                if (!isdigit((int)port1[i]))
                    return -2;
            }

            port_hi = port_lo = atoi(port1);            
        }

        /* check to see if port is out of range */
        if ( port_hi > 65535 || port_lo > 65535)
            return -3;

        /* swap ports if necessary */
        if (port_hi < port_lo)
        {
            unsigned tmp;

            tmp = port_hi;
            port_hi = port_lo;
            port_lo = tmp;
        }

        portset_add(portset, port_lo, port_hi);

        /* Move to next port/port range */
        port_begin = port_end;

        if (port_begin != portset_end)
            port_begin++;

        while (isspace((int)(*port_begin)))
            port_begin++;

        port_end = strpbrk(port_begin, " \t");

        if (port_end == NULL)
            port_end = portset_end;
        else
            *port_end = '\0';
    }

    return 0;
}
Example #4
0
//  -----------------------------
void test_ipset()
{
    int      i,k;
    IPSET  * ipset, * ipset6;
    IPSET  * ipset_copyp, * ipset6_copyp;

    unsigned ipaddress, mask;
    unsigned short mask6[8];
    unsigned short ipaddress6[8];
    unsigned port_lo, port_hi;
    PORTSET        portset;

    printf("IPSET testing\n");

    ipset  = ipset_new(IPV4_FAMILY);
    ipset6 = ipset_new(IPV6_FAMILY);

    srand( time(0) );

    for(i=0;i<MAXIP;i++)
    {
        if( i % 2 )
        {
            ipaddress = rand() * rand();
            mask = 0xffffff00;
            port_lo = rand();
            port_hi = rand() % 5 + port_lo;
            portset_init(&portset);
            portset_add(&portset, port_lo, port_hi);

            ipset_add( ipset, &ipaddress, &mask, &portset, 0, IPV4_FAMILY ); //class C cidr blocks

            if( !ipset_contains( ipset, &ipaddress, &port_lo, IPV4_FAMILY ) )
                printf("error with ipset_contains\n");
        }
        else
        {
            for(k=0;k<8;k++) ipaddress6[k] = (char) (rand() % (1<<16)); 

            for(k=0;k<8;k++) mask6[k] = 0xffff;

            port_lo = rand();
            port_hi = rand() % 5 + port_lo;
            portset_init(&portset);
            portset_add(&portset, port_lo, port_hi);

            ipset_add( ipset6, ipaddress6, mask6, &portset, 0, IPV6_FAMILY );

            if( !ipset_contains( ipset6, &ipaddress6, &port_lo, IPV6_FAMILY ) )
                printf("error with ipset6_contains\n");
        }

    }

    ipset_copyp = ipset_copy( ipset );
    ipset6_copyp = ipset_copy( ipset6 );


    printf("-----IP SET-----\n");
    ipset_print( ipset );
    printf("\n");

    printf("-----IP SET6-----\n");
    ipset_print( ipset6 );
    printf("\n");

    printf("-----IP SET COPY -----\n");
    ipset_print( ipset_copyp );
    printf("\n");

    printf("-----IP SET6 COPY -----\n");
    ipset_print( ipset6_copyp );
    printf("\n");

    printf("IP set testing completed\n");
}
Example #5
0
static int ip4_parse(char *ipstr, int network_order, int *not_flag, unsigned *host,
                                                unsigned *mask, PORTSET *portset)
{
    char *saved, *s_copy, *maskptr, *endp, *portptr = NULL;
    struct in_addr addrstuff;
    
    if(!ipstr || !not_flag || !host || !mask) 
        return -1;


    if(*ipstr == '\0')
        return -3;

    saved = s_copy = strdup(ipstr);
    
    if(!s_copy)
    {
        return -2;
    }
    else
    {
        while(isspace((int)*s_copy))
            s_copy++;

        if(*s_copy == '\0')
        {
            free(saved);
            return -3;
        }

        if(*s_copy == '!')
        {
            *not_flag = 1;
            s_copy++;

            if(*s_copy == '\0')
            {
                free(saved);
                return -3;
            }
        }
        else
        {
            *not_flag = 0;
        }
        
        if( (endp = strstr(s_copy, "]")) ) 
        {
            /* Removing trailing ']' */
            *endp = 0;
        }
        if( (endp = strstr(s_copy, ",")) ) 
        {
            /* Removing trailing ',' */
            *endp = 0;
        }

        portptr = strstr(s_copy, ":");

        maskptr = strstr(s_copy, "/");

      
        if(!maskptr)
        {
            /* assume this is a host */
            *mask = 0xFFFFFFFF;
        }
        else
        {
            *maskptr = '\0';
            maskptr++;
        }

        if(!portptr)
        {
            /* no port */
        }
        else
        {
            *portptr = '\0';
            portptr++;
        }

        if(!strncmp(s_copy, "0", 1) || !strncmp(s_copy, "0.0.0.0", 7))
        {
            *host = 0;
        }
        else if((addrstuff.s_addr = inet_addr(s_copy)) == -1)
        {
            if(!strncmp(s_copy, "255.255.255.255", 15))
            {
                addrstuff.s_addr = INADDR_BROADCAST;
            }
            else
            {
                /* invalid ip address! */
                free(saved);
                return -3;
            }
        }
        else
        {
            *host = ntohl(addrstuff.s_addr);
        }            
        
        if(maskptr)
        {
            if(*maskptr == '\0')
            {
                /* Nothing beyond the / -- no bits in CIDR */
                free(saved);
                return -3;
            }

            if(strstr(maskptr, "."))
            {
                if(!strncmp(maskptr, "0", 1) || !strncmp(maskptr, "0.0.0.0", 7))
                {
                    *mask = 0;
                }
                else if((addrstuff.s_addr = inet_addr(maskptr)) == -1)
                {
                    if(!strncmp(maskptr, "255.255.255.255", 15))
                    {
                        addrstuff.s_addr = INADDR_BROADCAST;
                    }
                    else
                    {
                        /* invalid ip address! */
                        free(saved);
                        return -3;
                    }
                }
                else
                {
                    memcpy(mask, &addrstuff.s_addr, sizeof(unsigned));
                }           
            }
            else
            {
                int blocksize = atoi(maskptr);
                int i;

                if(blocksize == 0)
                {
                    *mask = 0;
                }
                else if(blocksize < 1 || blocksize > 32)
                {
                    free(saved);
                    return -4;
                }
                else
                {
                    *mask = 0;
                    for(i=0;i<blocksize;i++)
                    {
                        (*mask) |= (1 << 31) >> i;
                    }
                }
            }
        }
        if(portptr)
        {            
            port_parse(portptr, portset);
        }
        else
        {
            /* Make sure we have at least one port range in list, but an invalid port range */
            portset_add(portset, 0, 0);
        }
    }

    /* convert the arguments by default */
    if(network_order)
    {
        *mask = htonl(*mask);
        *host = htonl(*host);	
    }
    
    free(saved);
    return 0;
}
Example #6
0
File: ipobj.c Project: sdnnfv/snort
static int ip_parse(char *ipstr, sfip_t *ip, char *not_flag, PORTSET *portset, char **endIP)
{
    char *port_str;
    char *comma;
    char *end_bracket;

    if (*ipstr == '!')
    {
        ipstr++;
        *not_flag = 1;
    }
    else
    {
        *not_flag = 0;
    }

    comma = strchr(ipstr, ',');
    end_bracket = strrchr(ipstr, ']');

    if (comma)
    {
        *comma = '\0';
    }
    else if (end_bracket)
    {
        *end_bracket = '\0';
    }

    if (sfip_pton(ipstr, ip) != SFIP_SUCCESS)
        return -1;

    /* Just to get the IP string out of the way */
    port_str = strtok(ipstr, " \t");
    /* Is either the port after the 1st space, or NULL */
    port_str = strtok(NULL, " \t");

    while (port_str)
    {
        if (!comma)
        {
            comma = strchr(port_str, ',');
            if (comma)
                *comma = '\0';
        }

        if (!end_bracket)
        {
            end_bracket = strrchr(port_str, ']');
            if (end_bracket)
                *end_bracket = '\0';
        }

        port_parse(port_str, portset);
        port_str = strtok(NULL, " \t");
    }

    if (portset->port_list.count == 0)
    {
        /* Make sure we have at least one port range in list, but
         * an invalid port range to convey all is good.  */
        portset_add(portset, 0, 0);
    }

    if (comma)
    {
        *endIP = comma;
        *comma = ',';
    }
    else if (end_bracket)
    {
        *end_bracket = ']';
        *endIP = end_bracket;
    }
    else
    {
        /* Didn't see the comma or end bracket, so set endIP now */
        *endIP = port_str;
    }

    return 0;
}
Example #7
0
File: ipobj.c Project: sdnnfv/snort
static int port_parse(char *portstr, PORTSET *portset)
{
    unsigned port_lo = 0, port_hi = 0;
    char *port1;
    char *port_begin;
    char *port_end;
    char *port2 = '\0';

    port_begin = strdup(portstr);

    port1 = port_begin;
    port2 = strstr(port_begin, "-");

    {
        if (*port1 == '\0')
        {
            free(port_begin);
            return -1;
        }

        if (port2)
        {
            *port2 = '\0';
            port2++;
        }

        port_lo = strtoul(port1, &port_end, 10);
        if (port_end == port1)
        {
            free(port_begin);
            return -2;
        }

        if (port2)
        {
            port_hi = strtoul(port2, &port_end, 10);
            if (port_end == port2)
            {
                free(port_begin);
                return -3;
            }
        }
        else
        {
            port_hi = port_lo;
        }

        /* check to see if port is out of range */
        if ( port_hi > MAXPORTS-1 || port_lo > MAXPORTS-1)
        {
            free(port_begin);
            return -4;
        }

        /* swap ports if necessary */
        if (port_hi < port_lo)
        {
            unsigned tmp;

            tmp = port_hi;
            port_hi = port_lo;
            port_lo = tmp;
        }

        portset_add(portset, port_lo, port_hi);
    }

    free(port_begin);

    return 0;
}