@ -1,4 +1,4 @@
/* Copyright (C) 2007-20 10 Open Information Security Foundation
/* Copyright (C) 2007-20 22 Open Information Security Foundation
*
* You can copy , redistribute or modify this Program under the terms of
* the GNU General Public License version 2 as published by the Free
@ -26,24 +26,46 @@
# include "suricata-common.h"
# include "util-cidr.h"
static uint32_t cidrs [ 33 ] ;
uint32_t CIDRGet ( int cidr )
{
if ( cidr < = 0 | | cidr > 32 )
return 0 ;
uint32_t netmask = htonl ( 0xFFFFFFFF < < ( 32UL - ( uint32_t ) cidr ) ) ;
SCLogDebug ( " CIDR %d -> netmask %08X " , cidr , netmask ) ;
return netmask ;
}
void CIDRInit ( void )
/**
* \ brief Creates a cidr ipv6 netblock , based on the cidr netblock value .
*
* For example if we send a cidr of 7 as argument , an ipv6 address
* mask of the value FE : 00 : 00 : 00 : 00 : 00 : 00 : 00 is created and updated
* in the argument struct in6_addr * in6 .
*
* \ todo I think for the final section : while ( cidr > 0 ) , we can simply
* replace it with a
* if ( cidr > 0 ) {
* in6 - > s6_addr [ i ] = - 1 < < ( 8 - cidr ) ;
*
* \ param cidr The value of the cidr .
* \ param in6 Pointer to an ipv6 address structure ( struct in6_addr ) which will
* hold the cidr netblock result .
*/
void CIDRGetIPv6 ( int cidr , struct in6_addr * in6 )
{
int i = 0 ;
/* skip 0 as it will result in 0xffffffff */
cidrs [ 0 ] = 0 ;
for ( i = 1 ; i < 33 ; i + + ) {
cidrs [ i ] = htonl ( 0xFFFFFFFF < < ( 32 - i ) ) ;
//printf("CIDRInit: cidrs[%02d] = 0x%08X\n", i, cidrs[i]);
memset ( in6 , 0 , sizeof ( struct in6_addr ) ) ;
while ( cidr > 8 ) {
in6 - > s6_addr [ i ] = 0xff ;
cidr - = 8 ;
i + + ;
}
}
uint32_t CIDRGet ( int cidr )
{
if ( cidr < 0 | | cidr > 32 )
return 0 ;
return cidrs [ cidr ] ;
while ( cidr > 0 ) {
in6 - > s6_addr [ i ] | = 0x80 ;
if ( - - cidr > 0 )
in6 - > s6_addr [ i ] = in6 - > s6_addr [ i ] > > 1 ;
}
}
Victor Julien
3 years ago