Esempio n. 1
0
File: ipobj.c Progetto: sdnnfv/snort 
void test_ip4_parsing(void)
{
    unsigned host, mask, not_flag;
    PORTSET  portset;
    char **curip;
    int ret;
    IPADDRESS *adp;
    char *ips[] = {
        "138.26.1.24:25",
        "1.1.1.1/255.255.255.0:444",
        "1.1.1.1/16:25-28",
        "1.1.1.1/255.255.255.255:25 27-29",
        "z/24",
        "0/0",
        "0.0.0.0/0.0.0.0:25-26 28-29 31",
        "0.0.0.0/0.0.2.0",
        NULL
    };

    for(curip = ips; curip[0] != NULL; curip++)
    {

        portset_init(&portset);

        /* network byte order stuff */
        if((ret = ip4_parse(curip[0], 1, &not_flag, &host, &mask, &portset)) != 0)
        {
            fprintf(stderr, "Unable to parse %s with ret %d\n", curip[0], ret);
        }
        else
        {
            printf("%c", not_flag ? '!' : ' ');
            printf("%s/", inet_ntoa(*(struct in_addr *) &host));
            printf("%s", inet_ntoa(*(struct in_addr *) &mask));
            printf(" parsed successfully!\n");
        }

        /* host byte order stuff */
        if((ret = ip4_parse(curip[0], 0, &not_flag, &host, &mask, &portset)) != 0)
        {
            fprintf(stderr, "Unable to parse %s with ret %d\n", curip[0], ret);
        }
        else
        {
            adp = ip_new(IPV4_FAMILY);
            ip_set(adp, &host, IPV4_FAMILY);
            ip_fprint(stdout, adp);
            fprintf(stdout, "*****************\n");
            ip_free(adp);
        }
    }

    return;
}
Esempio n. 2
0
int ip4_setparse(IPSET *ipset, char *ipstr) 
{
    char *s_copy, *startIP, *endIP;
    int parse_count = 0;
    int set_not_flag = 0;
    int item_not_flag;
    unsigned host, mask;
    PORTSET portset;

    s_copy = strdup(ipstr);

    if(!s_copy)
        return -2;

    if (*s_copy == '!')
    {
        set_not_flag = 1;
        s_copy++;
    }

    startIP = s_copy;

    while (startIP)
    {
        while (isspace((int)*startIP) || (*startIP == '[') ) 
        {
            startIP++;
        }

        if ((*startIP == ']') || (*startIP == '\0'))
            break;

        /* if not found, endIP will be NULL */
        endIP = strstr(startIP, ",");

        if (endIP)
            *endIP = '\0';

        portset_init(&portset);

        if(ip4_parse(startIP, 0, &item_not_flag, &host, &mask, &portset) != 0)
        {
            free(s_copy);
            return -5;
        }

        if(ipset_add(ipset, &host, &mask, &portset,
                     (item_not_flag ^ set_not_flag), IPV4_FAMILY) != 0)
        {
            free(s_copy);
            return -6;
        }

        parse_count++;

        if (endIP)
            endIP++;

        startIP = endIP;
    }

    free(s_copy);

    if (!parse_count)
        return -7; 

    return 0;
}
Esempio n. 3
0
//  -----------------------------
void test_ipset()
{
    int      i,k;
    IPSET  * ipset, * ipset6;
    IPSET  * ipset_copyp, * ipset6_copyp;

    unsigned ipaddress, mask;
    unsigned short mask6[8];
    unsigned short ipaddress6[8];
    unsigned port_lo, port_hi;
    PORTSET        portset;

    printf("IPSET testing\n");

    ipset  = ipset_new(IPV4_FAMILY);
    ipset6 = ipset_new(IPV6_FAMILY);

    srand( time(0) );

    for(i=0;i<MAXIP;i++)
    {
        if( i % 2 )
        {
            ipaddress = rand() * rand();
            mask = 0xffffff00;
            port_lo = rand();
            port_hi = rand() % 5 + port_lo;
            portset_init(&portset);
            portset_add(&portset, port_lo, port_hi);

            ipset_add( ipset, &ipaddress, &mask, &portset, 0, IPV4_FAMILY ); //class C cidr blocks

            if( !ipset_contains( ipset, &ipaddress, &port_lo, IPV4_FAMILY ) )
                printf("error with ipset_contains\n");
        }
        else
        {
            for(k=0;k<8;k++) ipaddress6[k] = (char) (rand() % (1<<16)); 

            for(k=0;k<8;k++) mask6[k] = 0xffff;

            port_lo = rand();
            port_hi = rand() % 5 + port_lo;
            portset_init(&portset);
            portset_add(&portset, port_lo, port_hi);

            ipset_add( ipset6, ipaddress6, mask6, &portset, 0, IPV6_FAMILY );

            if( !ipset_contains( ipset6, &ipaddress6, &port_lo, IPV6_FAMILY ) )
                printf("error with ipset6_contains\n");
        }

    }

    ipset_copyp = ipset_copy( ipset );
    ipset6_copyp = ipset_copy( ipset6 );


    printf("-----IP SET-----\n");
    ipset_print( ipset );
    printf("\n");

    printf("-----IP SET6-----\n");
    ipset_print( ipset6 );
    printf("\n");

    printf("-----IP SET COPY -----\n");
    ipset_print( ipset_copyp );
    printf("\n");

    printf("-----IP SET6 COPY -----\n");
    ipset_print( ipset6_copyp );
    printf("\n");

    printf("IP set testing completed\n");
}
Esempio n. 4
0
int ip4_setparse(IPSET *ipset, char *ipstr) 
{
    char *s_copy, *startIP, *endIP;
    int parse_count = 0;
    int set_not_flag = 0;
    int item_not_flag;
    unsigned host, mask;
    PORTSET portset;

    s_copy = strdup(ipstr);

    if(!s_copy)
        return -2;

    if (*s_copy == '!')
    {
        set_not_flag = 1;
        s_copy++;
    }

    startIP = s_copy;

    while (startIP)
    {
        while (isspace((int)*startIP) || (*startIP == '[') ) 
        {
            startIP++;
        }
    
        if ((*startIP == ']') || (*startIP == '\0'))
            break;

        endIP = startIP;

        /* The following two loops and conditional address bug 30042 */
        /* Traverse the IP */
        while(isdigit((int)*endIP) || (*endIP == '.') || (*endIP == '/'))
        {
            endIP++;
        }
        
        /* Skip any whitespace after the IP or CIDR block */
        while(isspace((int)*endIP) || (*endIP == '[') || (*endIP == ']')) 
        {
            endIP++;
        }

        if(*endIP != ',' && *endIP)
        {
             FatalError("ip4_setparse: only commas are allowed as "
                         "delimiters in the IP list: %s\n", ipstr);
        }
        
        portset_init(&portset);

        if(ip4_parse(startIP, 0, &item_not_flag, &host, &mask, &portset) != 0)
        {
            free(s_copy);
            return -5;
        }

        if(ipset_add(ipset, &host, &mask, &portset,
                     (item_not_flag ^ set_not_flag), IPV4_FAMILY) != 0)
        {
            free(s_copy);
            return -6;
        }

        parse_count++;
    
        if(*endIP) 
        {
            endIP++;
        }
        
        startIP = endIP;
    }

    free(s_copy);

    if (!parse_count)
        return -7; 

    return 0;
}
Esempio n. 5
0
File: ipobj.c Progetto: sdnnfv/snort 
int ipset_parse(IPSET *ipset, char *ipstr)
{
    char *copy, *startIP, *endIP;
    int parse_count = 0;
    char set_not_flag = 0;
    char item_not_flag;
    char open_bracket = 0;
    sfip_t ip;
    PORTSET portset;

    copy = strdup(ipstr);

    if(!copy)
        return -2;

    startIP = copy;

    if (*startIP == '!')
    {
        set_not_flag = 1;
        startIP++;
    }

    while (startIP)
    {
        if (*startIP == '[')
        {
            open_bracket++;
            startIP++;
            if (!*startIP)
                break;
        }

        if ((*startIP == ']') || (*startIP == '\0'))
        {
            open_bracket--;
            break;
        }

        portset_init(&portset);

        if(ip_parse(startIP, &ip, &item_not_flag, &portset, &endIP) != 0)
        {
            free(copy);
            return -5;
        }

        if(ipset_add(ipset, &ip, &portset, (item_not_flag ^ set_not_flag)) != 0)
        {
            free(copy);
            return -6;
        }

        parse_count++;

        if (endIP && (*endIP != ']'))
        {
            endIP++;
        }

        startIP = endIP;
    }

    free(copy);

    if (!parse_count)
        return -7;

    if (open_bracket)
        return -8;

    return 0;
}