From: Giuseppe Longo <giuseppelng@gmail.com>
Date: Wed, 3 Sep 2014 13:30:08 +0000 (+0200)
Subject: detect-iprep: extends cidr
X-Git-Tag: suricata-2.1beta2~53
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=5499cb71b097be10751fd873e7d784b42902edca;p=thirdparty%2Fsuricata.git

detect-iprep: extends cidr

Adds new API to check if an IP address is belong
to a netblock and gets the value.
---

diff --git a/src/detect-iprep.c b/src/detect-iprep.c
index 820bfee3ae..9a386056cd 100644
--- a/src/detect-iprep.c
+++ b/src/detect-iprep.c
@@ -197,11 +197,15 @@ int DetectIPRepMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p,
     switch(rd->cmd) {
         case DETECT_IPREP_CMD_ANY:
             val = GetHostRepSrc(p, rd->cat, version);
+            if (val == 0)
+                val = SRepCIDRGetIPRepSrc(det_ctx->de_ctx->srepCIDR_ctx, p, rd->cat, version);
             if (val > 0) {
                 if (RepMatch(rd->op, val, rd->val) == 1)
                     return 1;
             }
             val = GetHostRepDst(p, rd->cat, version);
+            if (val == 0)
+                val = SRepCIDRGetIPRepDst(det_ctx->de_ctx->srepCIDR_ctx, p, rd->cat, version);
             if (val > 0) {
                 return RepMatch(rd->op, val, rd->val);
             }
@@ -210,6 +214,8 @@ int DetectIPRepMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p,
         case DETECT_IPREP_CMD_SRC:
             val = GetHostRepSrc(p, rd->cat, version);
             SCLogDebug("checking src -- val %u (looking for cat %u, val %u)", val, rd->cat, rd->val);
+            if (val == 0)
+                val = SRepCIDRGetIPRepSrc(det_ctx->de_ctx->srepCIDR_ctx, p, rd->cat, version);
             if (val > 0) {
                 return RepMatch(rd->op, val, rd->val);
             }
@@ -218,6 +224,8 @@ int DetectIPRepMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p,
         case DETECT_IPREP_CMD_DST:
             SCLogDebug("checking dst");
             val = GetHostRepDst(p, rd->cat, version);
+            if (val == 0)
+                val = SRepCIDRGetIPRepDst(det_ctx->de_ctx->srepCIDR_ctx, p, rd->cat, version);
             if (val > 0) {
                 return RepMatch(rd->op, val, rd->val);
             }
@@ -225,9 +233,13 @@ int DetectIPRepMatch (ThreadVars *t, DetectEngineThreadCtx *det_ctx, Packet *p,
 
         case DETECT_IPREP_CMD_BOTH:
             val = GetHostRepSrc(p, rd->cat, version);
+            if (val == 0)
+                val = SRepCIDRGetIPRepSrc(det_ctx->de_ctx->srepCIDR_ctx, p, rd->cat, version);
             if (val == 0 || RepMatch(rd->op, val, rd->val) == 0)
                 return 0;
             val = GetHostRepDst(p, rd->cat, version);
+            if (val == 0)
+                val = SRepCIDRGetIPRepDst(det_ctx->de_ctx->srepCIDR_ctx, p, rd->cat, version);
             if (val > 0) {
                 return RepMatch(rd->op, val, rd->val);
             }