From: Victor Julien Date: Fri, 20 Dec 2013 13:38:22 +0000 (+0100) Subject: detect ip-only: update radix usage X-Git-Tag: suricata-2.0rc1~11 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F835%2Fhead;p=thirdparty%2Fsuricata.git detect ip-only: update radix usage Update IP-only lookups to the changed radix API. The return of user_data is treated as a succesful lookup, instead of the node. --- diff --git a/src/detect-engine-iponly.c b/src/detect-engine-iponly.c index 6f8fc24018..b523687938 100644 --- a/src/detect-engine-iponly.c +++ b/src/detect-engine-iponly.c @@ -955,52 +955,31 @@ void IPOnlyMatchPacket(ThreadVars *tv, DetectEngineIPOnlyCtx *io_ctx, DetectEngineIPOnlyThreadCtx *io_tctx, Packet *p) { - SCRadixNode *srcnode = NULL, *dstnode = NULL; SigNumArray *src = NULL; SigNumArray *dst = NULL; + void *user_data_src = NULL, *user_data_dst = NULL; if (p->src.family == AF_INET) { - srcnode = SCRadixFindKeyIPV4BestMatch((uint8_t *)&GET_IPV4_SRC_ADDR_U32(p), - io_ctx->tree_ipv4src); + (void)SCRadixFindKeyIPV4BestMatch((uint8_t *)&GET_IPV4_SRC_ADDR_U32(p), + io_ctx->tree_ipv4src, &user_data_src); } else if (p->src.family == AF_INET6) { - srcnode = SCRadixFindKeyIPV6BestMatch((uint8_t *)&GET_IPV6_SRC_ADDR(p), - io_ctx->tree_ipv6src); + (void)SCRadixFindKeyIPV6BestMatch((uint8_t *)&GET_IPV6_SRC_ADDR(p), + io_ctx->tree_ipv6src, &user_data_src); } if (p->dst.family == AF_INET) { - dstnode = SCRadixFindKeyIPV4BestMatch((uint8_t *)&GET_IPV4_DST_ADDR_U32(p), - io_ctx->tree_ipv4dst); + (void)SCRadixFindKeyIPV4BestMatch((uint8_t *)&GET_IPV4_DST_ADDR_U32(p), + io_ctx->tree_ipv4dst, &user_data_dst); } else if (p->dst.family == AF_INET6) { - dstnode = SCRadixFindKeyIPV6BestMatch((uint8_t *)&GET_IPV6_DST_ADDR(p), - io_ctx->tree_ipv6dst); + (void)SCRadixFindKeyIPV6BestMatch((uint8_t *)&GET_IPV6_DST_ADDR(p), + io_ctx->tree_ipv6dst, &user_data_dst); } + src = user_data_src; + dst = user_data_dst; - /* The radix trees are printed without our logging format - comment this out if you need to debug - printf("Src: \n"); - SCRadixPrintNodeInfo(srcnode, 4, SigNumArrayPrint); - printf("Dst: \n"); - SCRadixPrintNodeInfo(dstnode, 4, SigNumArrayPrint); - */ - - if (srcnode != NULL && srcnode->prefix != NULL && - srcnode->prefix->user_data_result != NULL) { - src = srcnode->prefix->user_data_result; - } else { - //SCLogError(SC_ERR_IPONLY_RADIX, "Error, no userdata found at the radix" - // " on src node!"); - return; - } - - if (dstnode != NULL && dstnode->prefix != NULL && - dstnode->prefix->user_data_result != NULL) { - dst = dstnode->prefix->user_data_result; - } else { - //SCLogError(SC_ERR_IPONLY_RADIX, "Error, no userdata found at the radix" - // " on dst node!"); + if (src == NULL || dst == NULL) return; - } uint32_t u; for (u = 0; u < src->size; u++) { @@ -1124,23 +1103,24 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { src->signum); */ + void *user_data = NULL; if (src->netmask == 32) - node = SCRadixFindKeyIPV4ExactMatch((uint8_t *)&src->ip[0], - (de_ctx->io_ctx).tree_ipv4src); + (void)SCRadixFindKeyIPV4ExactMatch((uint8_t *)&src->ip[0], + (de_ctx->io_ctx).tree_ipv4src, + &user_data); else - node = SCRadixFindKeyIPV4Netblock((uint8_t *)&src->ip[0], + (void)SCRadixFindKeyIPV4Netblock((uint8_t *)&src->ip[0], (de_ctx->io_ctx).tree_ipv4src, - src->netmask); - - if (node == NULL) { + src->netmask, &user_data); + if (user_data == NULL) { SCLogDebug("Exact match not found"); /** Not found, look if there's a subnet of this range with * bigger netmask */ - node = SCRadixFindKeyIPV4BestMatch((uint8_t *)&src->ip[0], - (de_ctx->io_ctx).tree_ipv4src); - - if (node == NULL) { + (void)SCRadixFindKeyIPV4BestMatch((uint8_t *)&src->ip[0], + (de_ctx->io_ctx).tree_ipv4src, + &user_data); + if (user_data == NULL) { SCLogDebug("best match not found"); /* Not found, insert a new one */ @@ -1172,7 +1152,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { /* Found, copy the sig num table, add this signum and insert */ SigNumArray *sna = NULL; - sna = SigNumArrayCopy((SigNumArray *) node->prefix->user_data_result); + sna = SigNumArrayCopy((SigNumArray *) user_data); /* Update the sig */ uint8_t tmp = 1 << (src->signum % 8); @@ -1205,7 +1185,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { SCLogDebug("Exact match found"); /* it's already inserted. Update it */ - SigNumArray *sna = (SigNumArray *)node->prefix->user_data_result; + SigNumArray *sna = (SigNumArray *)user_data; /* Update the sig */ uint8_t tmp = 1 << (src->signum % 8); @@ -1220,20 +1200,23 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { } else if (src->family == AF_INET6) { SCLogDebug("To IPv6"); + void *user_data = NULL; if (src->netmask == 128) - node = SCRadixFindKeyIPV6ExactMatch((uint8_t *)&src->ip[0], - (de_ctx->io_ctx).tree_ipv6src); + (void)SCRadixFindKeyIPV6ExactMatch((uint8_t *)&src->ip[0], + (de_ctx->io_ctx).tree_ipv6src, + &user_data); else - node = SCRadixFindKeyIPV6Netblock((uint8_t *)&src->ip[0], + (void)SCRadixFindKeyIPV6Netblock((uint8_t *)&src->ip[0], (de_ctx->io_ctx).tree_ipv6src, - src->netmask); + src->netmask, &user_data); - if (node == NULL) { + if (user_data == NULL) { /* Not found, look if there's a subnet of this range with bigger netmask */ - node = SCRadixFindKeyIPV6BestMatch((uint8_t *)&src->ip[0], - (de_ctx->io_ctx).tree_ipv6src); + (void)SCRadixFindKeyIPV6BestMatch((uint8_t *)&src->ip[0], + (de_ctx->io_ctx).tree_ipv6src, + &user_data); - if (node == NULL) { + if (user_data == NULL) { /* Not found, insert a new one */ SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx); @@ -1260,7 +1243,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { } else { /* Found, copy the sig num table, add this signum and insert */ SigNumArray *sna = NULL; - sna = SigNumArrayCopy((SigNumArray *)node->prefix->user_data_result); + sna = SigNumArrayCopy((SigNumArray *)user_data); /* Update the sig */ uint8_t tmp = 1 << (src->signum % 8); @@ -1284,7 +1267,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { } } else { /* it's already inserted. Update it */ - SigNumArray *sna = (SigNumArray *)node->prefix->user_data_result; + SigNumArray *sna = (SigNumArray *)user_data; /* Update the sig */ uint8_t tmp = 1 << (src->signum % 8); @@ -1312,24 +1295,28 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { " %"PRIu16"", dst->netmask, (dst->negated)?"yes":"no", inet_ntoa(*(struct in_addr*)&dst->ip[0]), dst->signum); + void *user_data = NULL; if (dst->netmask == 32) - node = SCRadixFindKeyIPV4ExactMatch((uint8_t *) &dst->ip[0], - (de_ctx->io_ctx).tree_ipv4dst); + (void) SCRadixFindKeyIPV4ExactMatch((uint8_t *) &dst->ip[0], + (de_ctx->io_ctx).tree_ipv4dst, + &user_data); else - node = SCRadixFindKeyIPV4Netblock((uint8_t *) &dst->ip[0], + (void) SCRadixFindKeyIPV4Netblock((uint8_t *) &dst->ip[0], (de_ctx->io_ctx).tree_ipv4dst, - dst->netmask); + dst->netmask, + &user_data); - if (node == NULL) { + if (user_data == NULL) { SCLogDebug("Exact match not found"); /** * Not found, look if there's a subnet of this range * with bigger netmask */ - node = SCRadixFindKeyIPV4BestMatch((uint8_t *)&dst->ip[0], - (de_ctx->io_ctx).tree_ipv4dst); - if (node == NULL) { + (void) SCRadixFindKeyIPV4BestMatch((uint8_t *)&dst->ip[0], + (de_ctx->io_ctx).tree_ipv4dst, + &user_data); + if (user_data == NULL) { SCLogDebug("Best match not found"); /** Not found, insert a new one */ @@ -1360,7 +1347,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { /* Found, copy the sig num table, add this signum and insert */ SigNumArray *sna = NULL; - sna = SigNumArrayCopy((SigNumArray *)node->prefix->user_data_result); + sna = SigNumArrayCopy((SigNumArray *) user_data); /* Update the sig */ uint8_t tmp = 1 << (dst->signum % 8); @@ -1387,7 +1374,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { SCLogDebug("Exact match found"); /* it's already inserted. Update it */ - SigNumArray *sna = (SigNumArray *)node->prefix->user_data_result; + SigNumArray *sna = (SigNumArray *)user_data; /* Update the sig */ uint8_t tmp = 1 << (dst->signum % 8); @@ -1401,22 +1388,25 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { } else if (dst->family == AF_INET6) { SCLogDebug("To IPv6"); + void *user_data = NULL; if (dst->netmask == 128) - node = SCRadixFindKeyIPV6ExactMatch((uint8_t *)&dst->ip[0], - (de_ctx->io_ctx).tree_ipv6dst); + (void) SCRadixFindKeyIPV6ExactMatch((uint8_t *)&dst->ip[0], + (de_ctx->io_ctx).tree_ipv6dst, + &user_data); else - node = SCRadixFindKeyIPV6Netblock((uint8_t *)&dst->ip[0], + (void) SCRadixFindKeyIPV6Netblock((uint8_t *)&dst->ip[0], (de_ctx->io_ctx).tree_ipv6dst, - dst->netmask); + dst->netmask, &user_data); - if (node == NULL) { + if (user_data == NULL) { /** Not found, look if there's a subnet of this range with * bigger netmask */ - node = SCRadixFindKeyIPV6BestMatch((uint8_t *)&dst->ip[0], - (de_ctx->io_ctx).tree_ipv6dst); + (void) SCRadixFindKeyIPV6BestMatch((uint8_t *)&dst->ip[0], + (de_ctx->io_ctx).tree_ipv6dst, + &user_data); - if (node == NULL) { + if (user_data == NULL) { /* Not found, insert a new one */ SigNumArray *sna = SigNumArrayNew(de_ctx, &de_ctx->io_ctx); @@ -1443,7 +1433,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { } else { /* Found, copy the sig num table, add this signum and insert */ SigNumArray *sna = NULL; - sna = SigNumArrayCopy((SigNumArray *)node->prefix->user_data_result); + sna = SigNumArrayCopy((SigNumArray *)user_data); /* Update the sig */ uint8_t tmp = 1 << (dst->signum % 8); @@ -1468,7 +1458,7 @@ void IPOnlyPrepare(DetectEngineCtx *de_ctx) { } } else { /* it's already inserted. Update it */ - SigNumArray *sna = (SigNumArray *)node->prefix->user_data_result; + SigNumArray *sna = (SigNumArray *)user_data; /* Update the sig */ uint8_t tmp = 1 << (dst->signum % 8);