From: Giuseppe Longo Date: Fri, 5 Sep 2014 13:58:44 +0000 (+0200) Subject: iprep: add unit tests for cidr X-Git-Tag: suricata-2.1beta2~52 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=395d5b7f61ff4738f9e677fbd84346ca66fb51af;p=thirdparty%2Fsuricata.git iprep: add unit tests for cidr Implements unit tests to test the new API --- diff --git a/src/detect-iprep.c b/src/detect-iprep.c index 9a386056cd..89b297a5f1 100644 --- a/src/detect-iprep.c +++ b/src/detect-iprep.c @@ -41,6 +41,9 @@ #include "detect-engine-state.h" #include "util-debug.h" +#include "util-unittest.h" +#include "util-unittest-helper.h" +#include "util-fmemopen.h" #include "reputation.h" #include "host.h" @@ -394,6 +397,618 @@ void DetectIPRepFree (void *ptr) } #ifdef UNITTESTS +FILE *DetectIPRepGenerateCategoriesDummy() +{ + FILE *fd = NULL; + const char *buffer = "1,BadHosts,Know bad hosts"; + + fd = SCFmemopen((void *)buffer, strlen(buffer), "r"); + if (fd == NULL) + SCLogDebug("Error with SCFmemopen()"); + + return fd; +} + +FILE *DetectIPRepGenerateCategoriesDummy2() +{ + FILE *fd = NULL; + const char *buffer = + "1,BadHosts,Know bad hosts\n" + "2,GoodHosts,Know good hosts\n"; + + fd = SCFmemopen((void *)buffer, strlen(buffer), "r"); + if (fd == NULL) + SCLogDebug("Error with SCFmemopen()"); + + return fd; +} + +FILE *DetectIPRepGenerateNetworksDummy() +{ + FILE *fd = NULL; + const char *buffer = "10.0.0.0/24,1,20"; + + fd = SCFmemopen((void *)buffer, strlen(buffer), "r"); + if (fd == NULL) + SCLogDebug("Error with SCFmemopen()"); + + return fd; +} + +FILE *DetectIPRepGenerateNetworksDummy2() +{ + FILE *fd = NULL; + const char *buffer = + "0.0.0.0/0,1,10\n" + "192.168.0.0/16,2,127"; + + fd = SCFmemopen((void *)buffer, strlen(buffer), "r"); + if (fd == NULL) + SCLogDebug("Error with SCFmemopen()"); + + return fd; +} + +static int DetectIPRepTest01(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->src.addr_data32[0] = UTHSetIPv4Address("10.0.0.1"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:any,BadHosts,>,1; sid:1;rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest02(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->src.addr_data32[0] = UTHSetIPv4Address("10.0.0.1"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:src,BadHosts,>,1; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest03(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->dst.addr_data32[0] = UTHSetIPv4Address("10.0.0.2"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:dst,BadHosts,>,1; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest04(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->src.addr_data32[0] = UTHSetIPv4Address("10.0.0.1"); + p->dst.addr_data32[0] = UTHSetIPv4Address("10.0.0.2"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:both,BadHosts,>,1; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest05(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->src.addr_data32[0] = UTHSetIPv4Address("1.0.0.1"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:any,BadHosts,>,1; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest06(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->src.addr_data32[0] = UTHSetIPv4Address("1.0.0.1"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:any,BadHosts,>,1; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest07(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->dst.addr_data32[0] = UTHSetIPv4Address("1.0.0.2"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:any,BadHosts,>,1; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest08(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->src.addr_data32[0] = UTHSetIPv4Address("1.0.0.1"); + p->dst.addr_data32[0] = UTHSetIPv4Address("1.0.0.2"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"IPREP High value badhost\"; iprep:any,BadHosts,>,1; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} + +static int DetectIPRepTest09(void) +{ + ThreadVars th_v; + DetectEngineThreadCtx *det_ctx = NULL; + Signature *sig = NULL; + FILE *fd = NULL; + int result = 0, r = 0; + Packet *p = UTHBuildPacket((uint8_t *)"lalala", 6, IPPROTO_TCP); + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + + HostInitConfig(HOST_QUIET); + memset(&th_v, 0, sizeof(th_v)); + + if (de_ctx == NULL || p == NULL) + goto end; + + p->src.addr_data32[0] = UTHSetIPv4Address("192.168.0.1"); + p->dst.addr_data32[0] = UTHSetIPv4Address("192.168.0.2"); + de_ctx->flags |= DE_QUIET; + + SRepInit(de_ctx); + SRepResetVersion(); + + fd = DetectIPRepGenerateCategoriesDummy2(); + r = SRepLoadCatFileFromFD(fd); + if (r < 0) { + goto end; + } + + fd = DetectIPRepGenerateNetworksDummy2(); + r = SRepLoadFileFromFD(de_ctx->srepCIDR_ctx, fd); + if (r < 0) { + goto end; + } + + sig = de_ctx->sig_list = SigInit(de_ctx, "alert tcp any any -> any any (msg:\"test\"; iprep:src,BadHosts,>,9; sid:1; rev:1;)"); + if (sig == NULL) { + goto end; + } + + SigGroupBuild(de_ctx); + DetectEngineThreadCtxInit(&th_v, (void *)de_ctx, (void *)&det_ctx); + + p->alerts.cnt = 0; + p->action = 0; + SigMatchSignatures(&th_v, de_ctx, det_ctx, p); + if (p->alerts.cnt != 1 || PACKET_TEST_ACTION(p, ACTION_DROP)) { + goto end; + } + + result = 1; +end: + UTHFreePacket(p); + SigGroupCleanup(de_ctx); + SigCleanSignatures(de_ctx); + + DetectEngineThreadCtxDeinit(&th_v, (void *)det_ctx); + DetectEngineCtxFree(de_ctx); + + HostShutdown(); + return result; +} #endif /* UNITTESTS */ /** @@ -402,5 +1017,14 @@ void DetectIPRepFree (void *ptr) void IPRepRegisterTests(void) { #ifdef UNITTESTS + UtRegisterTest("DetectIPRepTest01", DetectIPRepTest01, 1); + UtRegisterTest("DetectIPRepTest02", DetectIPRepTest02, 1); + UtRegisterTest("DetectIPRepTest03", DetectIPRepTest03, 1); + UtRegisterTest("DetectIPRepTest04", DetectIPRepTest04, 1); + UtRegisterTest("DetectIPRepTest05", DetectIPRepTest05, 0); + UtRegisterTest("DetectIPRepTest06", DetectIPRepTest06, 0); + UtRegisterTest("DetectIPRepTest07", DetectIPRepTest07, 0); + UtRegisterTest("DetectIPRepTest08", DetectIPRepTest08, 0); + UtRegisterTest("DetectIPRepTest09", DetectIPRepTest09, 1); #endif /* UNITTESTS */ } diff --git a/src/reputation.c b/src/reputation.c index f8f4c62053..bce8946ad7 100644 --- a/src/reputation.c +++ b/src/reputation.c @@ -665,41 +665,70 @@ int SRepInit(DetectEngineCtx *de_ctx) } #ifdef UNITTESTS + +#include "conf-yaml-loader.h" +#include "detect-engine.h" +#include "stream-tcp-private.h" +#include "stream-tcp-reassemble.h" +#include "stream-tcp.h" +#include "util-unittest.h" +#include "util-unittest-helper.h" + static int SRepTest01(void) { char str[] = "1.2.3.4,1,2"; + int result = 0; + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + if (de_ctx == NULL) { + return 0; + } + SRepInit(de_ctx); uint32_t ip = 0; uint8_t cat = 0, value = 0; - if (SRepSplitLine(str, &ip, &cat, &value) != 0) { - return 0; + if (SRepSplitLine(de_ctx->srepCIDR_ctx, str, &ip, &cat, &value) != 0) { + goto end; } char ipstr[16]; PrintInet(AF_INET, (const void *)&ip, ipstr, sizeof(ipstr)); if (strcmp(ipstr, "1.2.3.4") != 0) - return 0; + goto end; if (cat != 1) - return 0; + goto end; if (value != 2) - return 0; + goto end; - return 1; + result = 1; + +end: + DetectEngineCtxFree(de_ctx); + return result; } static int SRepTest02(void) { char str[] = "1.1.1.1,"; + int result = 0; + DetectEngineCtx *de_ctx = DetectEngineCtxInit(); + if (de_ctx == NULL) { + return 0; + } + SRepInit(de_ctx); uint32_t ip = 0; uint8_t cat = 0, value = 0; - if (SRepSplitLine(str, &ip, &cat, &value) == 0) { - return 0; + if (SRepSplitLine(de_ctx->srepCIDR_ctx, str, &ip, &cat, &value) == 0) { + goto end; } - return 1; + result = 1; + +end: + DetectEngineCtxFree(de_ctx); + return result; } static int SRepTest03(void) @@ -727,7 +756,115 @@ static int SRepTest03(void) return 1; } +static int SRepTest04(void) +{ + int result = 0; + + DetectEngineCtx *de_ctx; + de_ctx = DetectEngineCtxInit(); + if (de_ctx == NULL) { + goto end; + } + SRepInit(de_ctx); + + char str[] = "10.0.0.0/16,1,2"; + + uint32_t ip = 0; + uint8_t cat = 0, value = 0; + if (SRepSplitLine(de_ctx->srepCIDR_ctx, str, &ip, &cat, &value) != 1) { + goto end; + } + + result = 1; + +end: + DetectEngineCtxFree(de_ctx); + return result; +} + +static int SRepTest05(void) +{ + Packet *p = NULL; + int result = 0; + uint8_t *buf = (uint8_t *)"Hi all!"; + uint16_t buflen = strlen((char *)buf); + + p = UTHBuildPacket((uint8_t *)buf, buflen, IPPROTO_TCP); + if (p == NULL) { + return result; + } + + p->src.addr_data32[0] = UTHSetIPv4Address("10.0.0.1"); + + DetectEngineCtx *de_ctx; + de_ctx = DetectEngineCtxInit(); + if (de_ctx == NULL) { + return result; + } + SRepInit(de_ctx); + + char str[] = "10.0.0.0/16,1,20"; + + uint32_t ip = 0; + uint8_t cat = 0, value = 0; + if (SRepSplitLine(de_ctx->srepCIDR_ctx, str, &ip, &cat, &value) != 1) { + goto end; + } + cat = 1; + value = SRepCIDRGetIPRepSrc(de_ctx->srepCIDR_ctx, p, cat, 0); + if (value != 20) { + goto end; + } + result = 1; + +end: + UTHFreePacket(p); + DetectEngineCtxFree(de_ctx); + return result; +} +static int SRepTest06(void) +{ + Packet *p = NULL; + int result = 0; + uint8_t *buf = (uint8_t *)"Hi all!"; + uint16_t buflen = strlen((char *)buf); + + p = UTHBuildPacket((uint8_t *)buf, buflen, IPPROTO_TCP); + if (p == NULL) { + return result; + } + + p->src.addr_data32[0] = UTHSetIPv4Address("192.168.0.1"); + + DetectEngineCtx *de_ctx; + de_ctx = DetectEngineCtxInit(); + if (de_ctx == NULL) { + return result; + } + SRepInit(de_ctx); + + char str[] = + "0.0.0.0/0,1,10\n" + "192.168.0.0/16,2,127"; + + uint32_t ip = 0; + uint8_t cat = 0, value = 0; + if (SRepSplitLine(de_ctx->srepCIDR_ctx, str, &ip, &cat, &value) != 1) { + goto end; + } + cat = 1; + value = SRepCIDRGetIPRepSrc(de_ctx->srepCIDR_ctx, p, cat, 0); + if (value != 10) { + goto end; + } + result = 1; + +end: + UTHFreePacket(p); + DetectEngineCtxFree(de_ctx); + return result; +} #endif /** Global trees that hold host reputation for IPV4 and IPV6 hosts */ @@ -2162,6 +2299,9 @@ void SCReputationRegisterTests(void) UtRegisterTest("SRepTest01", SRepTest01, 1); UtRegisterTest("SRepTest02", SRepTest02, 1); UtRegisterTest("SRepTest03", SRepTest03, 1); + UtRegisterTest("SRepTest04", SRepTest04, 1); + UtRegisterTest("SRepTest05", SRepTest05, 1); + UtRegisterTest("SRepTest06", SRepTest06, 1); #endif /* UNITTESTS */ }