/* Address part of the detection engine. * * Copyright (c) 2008 Victor Julien * * TODO move this out of the detection plugin structure * rename to detect-engine-address.c * * */ #include "eidps-common.h" #include "decode.h" #include "detect.h" #include "flow-var.h" #include "util-cidr.h" #include "util-unittest.h" #include "detect-engine-siggroup.h" #include "detect-engine-address.h" #include "detect-engine-address-ipv4.h" #include "detect-engine-address-ipv6.h" #include "detect-engine-port.h" #include "util-debug.h" //#define DEBUG int DetectAddressSetup (DetectEngineCtx *, Signature *s, SigMatch *m, char *sidstr); void DetectAddressTests (void); void DetectAddressRegister (void) { sigmatch_table[DETECT_ADDRESS].name = "__address__"; sigmatch_table[DETECT_ADDRESS].Match = NULL; sigmatch_table[DETECT_ADDRESS].Setup = NULL; sigmatch_table[DETECT_ADDRESS].Free = NULL; sigmatch_table[DETECT_ADDRESS].RegisterTests = DetectAddressTests; } /* prototypes */ void DetectAddressDataPrint(DetectAddressData *); static int DetectAddressCut(DetectAddressData *, DetectAddressData *, DetectAddressData **); static int DetectAddressCutNot(DetectAddressData *, DetectAddressData **); static int DetectAddressGroupCut(DetectEngineCtx *, DetectAddressGroup *, DetectAddressGroup *, DetectAddressGroup **); /** memory usage counters * \todo not MT safe */ #ifdef DEBUG static uint32_t detect_address_group_memory = 0; static uint32_t detect_address_group_init_cnt = 0; static uint32_t detect_address_group_free_cnt = 0; static uint32_t detect_address_group_head_memory = 0; static uint32_t detect_address_group_head_init_cnt = 0; static uint32_t detect_address_group_head_free_cnt = 0; static uint32_t detect_address_memory = 0; static uint32_t detect_address_init_cnt = 0; static uint32_t detect_address_free_cnt = 0; #endif DetectAddressGroup *DetectAddressGroupInit(void) { DetectAddressGroup *ag = malloc(sizeof(DetectAddressGroup)); if (ag == NULL) { return NULL; } memset(ag,0,sizeof(DetectAddressGroup)); #ifdef DEBUG detect_address_group_memory += sizeof(DetectAddressGroup); detect_address_group_init_cnt++; #endif return ag; } /** \brief free a DetectAddressGroup object */ void DetectAddressGroupFree(DetectAddressGroup *ag) { if (ag == NULL) return; if (ag->ad != NULL) { DetectAddressDataFree(ag->ad); } ag->ad = NULL; /* only free the head if we have the original */ if (ag->sh != NULL && !(ag->flags & ADDRESS_GROUP_SIGGROUPHEAD_COPY)) { SigGroupHeadFree(ag->sh); } ag->sh = NULL; if (!(ag->flags & ADDRESS_GROUP_HAVEPORT)) { if (ag->dst_gh != NULL) { DetectAddressGroupsHeadFree(ag->dst_gh); } ag->dst_gh = NULL; } else { if (ag->port != NULL && !(ag->flags & PORT_GROUP_PORTS_COPY)) { DetectPortCleanupList(ag->port); } ag->port = NULL; } #ifdef DEBUG detect_address_group_memory -= sizeof(DetectAddressGroup); detect_address_group_free_cnt++; #endif free(ag); } void DetectAddressGroupPrintMemory(void) { #ifdef DEBUG printf(" * Address group memory stats (DetectAddressGroup %" PRIuMAX "):\n", (uintmax_t)sizeof(DetectAddressGroup)); printf(" - detect_address_group_memory %" PRIu32 "\n", detect_address_group_memory); printf(" - detect_address_group_init_cnt %" PRIu32 "\n", detect_address_group_init_cnt); printf(" - detect_address_group_free_cnt %" PRIu32 "\n", detect_address_group_free_cnt); printf(" - outstanding groups %" PRIu32 "\n", detect_address_group_init_cnt - detect_address_group_free_cnt); printf(" * Address group memory stats done\n"); printf(" * Address group head memory stats (DetectAddressGroupsHead %" PRIuMAX "):\n", (uintmax_t)sizeof(DetectAddressGroupsHead)); printf(" - detect_address_group_head_memory %" PRIu32 "\n", detect_address_group_head_memory); printf(" - detect_address_group_head_init_cnt %" PRIu32 "\n", detect_address_group_head_init_cnt); printf(" - detect_address_group_head_free_cnt %" PRIu32 "\n", detect_address_group_head_free_cnt); printf(" - outstanding groups %" PRIu32 "\n", detect_address_group_head_init_cnt - detect_address_group_head_free_cnt); printf(" * Address group head memory stats done\n"); printf(" * Address memory stats (DetectAddressData %" PRIuMAX "):\n", (uintmax_t)sizeof(DetectAddressData)); printf(" - detect_address_memory %" PRIu32 "\n", detect_address_memory); printf(" - detect_address_init_cnt %" PRIu32 "\n", detect_address_init_cnt); printf(" - detect_address_free_cnt %" PRIu32 "\n", detect_address_free_cnt); printf(" - outstanding addresses %" PRIu32 "\n", detect_address_init_cnt - detect_address_free_cnt); printf(" * Address memory stats done\n"); printf(" X Total %" PRIu32 "\n", detect_address_group_memory + detect_address_group_head_memory + detect_address_memory); #endif } /* used to see if the exact same address group exists in the list * returns a ptr to the match, or NULL if no match */ DetectAddressGroup *DetectAddressGroupLookup(DetectAddressGroup *head, DetectAddressData *ad) { DetectAddressGroup *cur; if (head != NULL) { for (cur = head; cur != NULL; cur = cur->next) { if (DetectAddressCmp(cur->ad, ad) == ADDRESS_EQ) return cur; } } return NULL; } void DetectAddressGroupPrintList(DetectAddressGroup *head) { DetectAddressGroup *cur; printf("list:\n"); if (head != NULL) { for (cur = head; cur != NULL; cur = cur->next) { printf("SIGS %6u ", cur->sh ? cur->sh->sig_cnt : 0); DetectAddressDataPrint(cur->ad); printf("\n"); } } printf("endlist\n"); } void DetectAddressGroupCleanupList (DetectAddressGroup *head) { if (head == NULL) return; DetectAddressGroup *cur, *next; for (cur = head; cur != NULL; ) { next = cur->next; DetectAddressGroupFree(cur); cur = next; } } /* do a sorted insert, where the top of the list should be the biggest * network/range. * * XXX current sorting only works for overlapping nets */ int DetectAddressGroupAdd(DetectAddressGroup **head, DetectAddressGroup *ag) { DetectAddressGroup *cur, *prev_cur = NULL; //printf("DetectAddressGroupAdd: adding "); DetectAddressDataPrint(ag->ad); printf("\n"); if (*head != NULL) { for (cur = *head; cur != NULL; cur = cur->next) { prev_cur = cur; int r = DetectAddressCmp(ag->ad,cur->ad); if (r == ADDRESS_EB) { //printf("r == EB, inserting here\n"); /* insert here */ ag->prev = cur->prev; ag->next = cur; cur->prev = ag; if (*head == cur) { *head = ag; } else { ag->prev->next = ag; } return 0; } } //printf("default append\n"); ag->prev = prev_cur; if (prev_cur != NULL) prev_cur->next = ag; } else { *head = ag; } return 0; } /* helper function for DetectAddress(Group)Insert: * set & get the head ptr */ static int SetHeadPtr(DetectAddressGroupsHead *gh, DetectAddressGroup *newhead) { if (newhead->ad->flags & ADDRESS_FLAG_ANY) gh->any_head = newhead; else if (newhead->ad->family == AF_INET) gh->ipv4_head = newhead; else if (newhead->ad->family == AF_INET6) gh->ipv6_head = newhead; else return -1; return 0; } static DetectAddressGroup *GetHeadPtr(DetectAddressGroupsHead *gh, DetectAddressData *new) { DetectAddressGroup *head = NULL; if (new->flags & ADDRESS_FLAG_ANY) head = gh->any_head; else if (new->family == AF_INET) head = gh->ipv4_head; else if (new->family == AF_INET6) head = gh->ipv6_head; return head; } //#define DBG /* Same as DetectAddressInsert, but then for inserting a address group * object. This also makes sure SigGroupContainer lists are handled * correctly. * * returncodes * -1: error * 0: not inserted, memory of new is freed * 1: inserted * */ int DetectAddressGroupInsert(DetectEngineCtx *de_ctx, DetectAddressGroupsHead *gh, DetectAddressGroup *new) { DetectAddressGroup *head = NULL; if (new == NULL) return 0; #ifdef DBG printf("DetectAddressGroupInsert: inserting (sig %" PRIu32 ") ", new->sh?new->sh->sig_cnt:0); DetectAddressDataPrint(new->ad); printf("\n"); DetectAddressGroupPrintList(gh->ipv4_head); #endif /* get our head ptr based on the address we want to insert */ head = GetHeadPtr(gh,new->ad); /* see if it already exists or overlaps with existing ag's */ if (head != NULL) { DetectAddressGroup *cur = NULL; int r = 0; for (cur = head; cur != NULL; cur = cur->next) { r = DetectAddressCmp(new->ad,cur->ad); if (r == ADDRESS_ER) { printf("ADDRESS_ER DetectAddressCmp compared:\n"); DetectAddressDataPrint(new->ad); printf(" vs. "); DetectAddressDataPrint(cur->ad); printf("\n"); goto error; } /* if so, handle that */ if (r == ADDRESS_EQ) { #ifdef DBG printf("DetectAddressGroupInsert: ADDRESS_EQ %p %p\n", cur, new); #endif /* exact overlap/match */ if (cur != new) { DetectPort *port = new->port; for ( ; port != NULL; port = port->next) { DetectPortInsertCopy(de_ctx,&cur->port,port); } SigGroupHeadCopySigs(de_ctx,new->sh,&cur->sh); cur->cnt += new->cnt; DetectAddressGroupFree(new); return 0; } return 1; } else if (r == ADDRESS_GT) { #ifdef DBG printf("DetectAddressGroupInsert: ADDRESS_GT\n"); #endif /* only add it now if we are bigger than the last * group. Otherwise we'll handle it later. */ if (cur->next == NULL) { #ifdef DBG printf("DetectAddressGroupInsert: adding GT\n"); #endif /* put in the list */ new->prev = cur; cur->next = new; return 1; } } else if (r == ADDRESS_LT) { #ifdef DBG printf("DetectAddressGroupInsert: ADDRESS_LT\n"); #endif /* see if we need to insert the ag anywhere */ /* put in the list */ if (cur->prev != NULL) cur->prev->next = new; new->prev = cur->prev; new->next = cur; cur->prev = new; /* update head if required */ if (head == cur) { head = new; if (SetHeadPtr(gh,head) < 0) goto error; } return 1; /* alright, those were the simple cases, * lets handle the more complex ones now */ } else if (r == ADDRESS_ES) { #ifdef DBG printf("DetectAddressGroupInsert: ADDRESS_ES\n"); #endif DetectAddressGroup *c = NULL; r = DetectAddressGroupCut(de_ctx, cur,new,&c); if (r == -1) goto error; DetectAddressGroupInsert(de_ctx, gh, new); if (c != NULL) { #ifdef DBG printf("DetectAddressGroupInsert: inserting C "); DetectAddressDataPrint(c->ad); printf("\n"); #endif DetectAddressGroupInsert(de_ctx, gh, c); } return 1; } else if (r == ADDRESS_EB) { #ifdef DBG printf("ADDRESS_EB\n"); #endif DetectAddressGroup *c = NULL; r = DetectAddressGroupCut(de_ctx, cur,new,&c); if (r == -1) goto error; //printf("DetectAddressGroupCut returned %" PRId32 "\n", r); DetectAddressGroupInsert(de_ctx, gh, new); if (c != NULL) { #ifdef DBG printf("DetectAddressGroupInsert: inserting C "); DetectAddressDataPrint(c->ad); printf("\n"); #endif DetectAddressGroupInsert(de_ctx, gh, c); } return 1; } else if (r == ADDRESS_LE) { #ifdef DBG printf("ADDRESS_LE\n"); #endif DetectAddressGroup *c = NULL; r = DetectAddressGroupCut(de_ctx, cur,new,&c); if (r == -1) goto error; DetectAddressGroupInsert(de_ctx, gh, new); if (c != NULL) { #ifdef DBG printf("DetectAddressGroupInsert: inserting C "); DetectAddressDataPrint(c->ad); printf("\n"); #endif DetectAddressGroupInsert(de_ctx, gh, c); } return 1; } else if (r == ADDRESS_GE) { #ifdef DBG printf("DetectAddressGroupInsert: ADDRESS_GE\n"); #endif DetectAddressGroup *c = NULL; r = DetectAddressGroupCut(de_ctx, cur,new,&c); if (r == -1) goto error; DetectAddressGroupInsert(de_ctx, gh, new); if (c != NULL) { #ifdef DBG printf("DetectAddressGroupInsert: inserting C "); DetectAddressDataPrint(c->ad); printf("\n"); #endif DetectAddressGroupInsert(de_ctx, gh, c); } return 1; } } /* head is NULL, so get a group and set head to it */ } else { #ifdef DBG printf("DetectAddressGroupInsert: Setting new head\n"); #endif head = new; if (SetHeadPtr(gh,head) < 0) goto error; } return 1; error: /* XXX */ return -1; } /** \brief Join two addresses together */ int DetectAddressGroupJoin(DetectEngineCtx *de_ctx, DetectAddressGroup *target, DetectAddressGroup *source) { if (target == NULL || source == NULL) return -1; if (target->ad->family != source->ad->family) return -1; target->cnt += source->cnt; SigGroupHeadCopySigs(de_ctx, source->sh,&target->sh); DetectPort *port = source->port; for ( ; port != NULL; port = port->next) { DetectPortInsertCopy(de_ctx,&target->port, port); } if (target->ad->family == AF_INET) { return DetectAddressGroupJoinIPv4(de_ctx, target,source); } else if (target->ad->family == AF_INET6) { return DetectAddressGroupJoinIPv6(de_ctx, target,source); } return -1; } /** * \retval 1 inserted * \retval 0 not inserted (no error), memory is cleared * \retval -1 error */ int DetectAddressInsert(DetectAddressGroupsHead *gh, DetectAddressData *new) { DetectAddressGroup *head = NULL; /* get our head ptr based on the address we want to insert */ head = GetHeadPtr(gh, new); /* see if it already exists or overlaps with existing ag's */ if (head != NULL) { DetectAddressGroup *ag = NULL, *cur = NULL; int r = 0; for (cur = head; cur != NULL; cur = cur->next) { r = DetectAddressCmp(new, cur->ad); if (r == ADDRESS_ER) { printf("ADDRESS_ER DetectAddressCmp compared:\n"); DetectAddressDataPrint(new); DetectAddressDataPrint(cur->ad); goto error; } /* if so, handle that */ if (r == ADDRESS_EQ) { /* exact overlap/match, we don't need to do a thing */ if (cur->ad != new) { DetectAddressDataFree(new); return 0; } return 1; } else if (r == ADDRESS_GT) { /* only add it now if we are bigger than the last * group. Otherwise we'll handle it later. */ if (cur->next == NULL) { /* append */ ag = DetectAddressGroupInit(); if (ag == NULL) { goto error; } ag->ad = new; /* put in the list */ ag->prev = cur; cur->next = ag; return 1; } } else if (r == ADDRESS_LT) { /* see if we need to insert the ag anywhere */ ag = DetectAddressGroupInit(); if (ag == NULL) { goto error; } ag->ad = new; /* put in the list */ if (cur->prev != NULL) cur->prev->next = ag; ag->prev = cur->prev; ag->next = cur; cur->prev = ag; /* update head if required */ if (head == cur) { head = ag; if (SetHeadPtr(gh, head) < 0) goto error; } return 1; /* alright, those were the simple cases, * lets handle the more complex ones now */ } else if (r == ADDRESS_ES) { DetectAddressData *c = NULL; r = DetectAddressCut(cur->ad, new, &c); if (r == -1) goto error; DetectAddressInsert(gh, new); if (c != NULL) DetectAddressInsert(gh, c); return 1; } else if (r == ADDRESS_EB) { DetectAddressData *c = NULL; r = DetectAddressCut(cur->ad, new, &c); if (r == -1) goto error; DetectAddressInsert(gh, new); if (c != NULL) DetectAddressInsert(gh, c); return 1; } else if (r == ADDRESS_LE) { DetectAddressData *c = NULL; r = DetectAddressCut(cur->ad, new, &c); if (r == -1) goto error; DetectAddressInsert(gh, new); if (c != NULL) DetectAddressInsert(gh, c); return 1; } else if (r == ADDRESS_GE) { DetectAddressData *c = NULL; r = DetectAddressCut(cur->ad, new, &c); if (r == -1) goto error; DetectAddressInsert(gh, new); if (c != NULL) DetectAddressInsert(gh, c); return 1; } } /* head is NULL, so get a group and set head to it */ } else { head = DetectAddressGroupInit(); if (head == NULL) { goto error; } head->ad = new; if (SetHeadPtr(gh, head) < 0) goto error; } return 1; error: /* XXX */ return -1; } int DetectAddressGroupSetup(DetectAddressGroupsHead *gh, char *s) { DetectAddressData *ad = NULL; int r = 0; SCLogDebug("gh %p, s %s", gh, s); /* parse the address */ ad = DetectAddressParse(s); if (ad == NULL) { printf("DetectAddressParse error \"%s\"\n",s); goto error; } /* handle the not case, we apply the negation * then insert the part(s) */ if (ad->flags & ADDRESS_FLAG_NOT) { DetectAddressData *ad2 = NULL; if (DetectAddressCutNot(ad, &ad2) < 0) { goto error; } /* normally a 'not' will result in two ad's * unless the 'not' is on the start or end * of the address space (e.g. 0.0.0.0 or * 255.255.255.255). */ if (ad2 != NULL) { if (DetectAddressInsert(gh, ad2) < 0) goto error; } } r = DetectAddressInsert(gh, ad); if (r < 0) goto error; /* if any, insert 0.0.0.0/0 and ::/0 as well */ if (r == 1 && ad->flags & ADDRESS_FLAG_ANY) { ad = DetectAddressParse("0.0.0.0/0"); if (ad == NULL) goto error; if (DetectAddressInsert(gh, ad) < 0) goto error; ad = DetectAddressParse("::/0"); if (ad == NULL) goto error; if (DetectAddressInsert(gh, ad) < 0) goto error; } return 0; error: printf("DetectAddressGroupSetup error\n"); /* XXX cleanup */ return -1; } /* XXX error handling */ int DetectAddressParse2(DetectAddressGroupsHead *gh, DetectAddressGroupsHead *ghn, char *s, int negate) { int i, x; int o_set = 0, n_set = 0; int depth = 0; size_t size = strlen(s); char address[1024] = ""; for (i = 0, x = 0; i < size && x < sizeof(address); i++) { address[x] = s[i]; x++; if (!o_set && s[i] == '!') { n_set = 1; x--; } else if (s[i] == '[') { if (!o_set) { o_set = 1; x = 0; } depth++; } else if (s[i] == ']') { if (depth == 1) { address[x - 1] = '\0'; x = 0; DetectAddressParse2(gh, ghn, address, negate? negate: n_set); n_set = 0; } depth--; } else if (depth == 0 && s[i] == ',') { if (o_set == 1) { o_set = 0; } else { address[x - 1] = '\0'; if (negate == 0 && n_set == 0) { DetectAddressGroupSetup(gh, address); } else { DetectAddressGroupSetup(ghn, address); } n_set = 0; } x = 0; } else if (depth == 0 && i == size - 1) { address[x] = '\0'; x = 0; if (negate == 0 && n_set == 0) { DetectAddressGroupSetup(gh, address); } else { DetectAddressGroupSetup(ghn, address); } n_set = 0; } } return 0; //error: // return -1; } /** \brief See if the addresses and ranges in a group head cover the entire * ip space. * \param gh group head to check * \retval 0 no * \retval 1 yes * \todo do the same for IPv6 * \internal */ static int DetectAddressGroupIsCompleteIPSpace(DetectAddressGroupsHead *gh) { int r = DetectAddressGroupIsCompleteIPSpaceIPv4(gh->ipv4_head); if (r == 1) { return 1; } return 0; } /** \brief Merge the + and the - list (+ positive match, - 'not' match) */ int DetectAddressGroupMergeNot(DetectAddressGroupsHead *gh, DetectAddressGroupsHead *ghn) { DetectAddressData *ad; DetectAddressGroup *ag, *ag2; int r = 0; /* check if the negated list covers the entire ip space. If so the user screwed up the rules/vars. */ if (DetectAddressGroupIsCompleteIPSpace(ghn) == 1) { printf("DetectAddressGroupMergeNot: complete IP space negated\n"); goto error; } /* step 0: if the gh list is empty, but the ghn list isn't * we have a pure not thingy. In that case we add a 0.0.0.0/0 * first. */ if (gh->ipv4_head == NULL && ghn->ipv4_head != NULL) { r = DetectAddressGroupSetup(gh,"0.0.0.0/0"); if (r < 0) { goto error; } } /* ... or ::/0 for ipv6 */ if (gh->ipv6_head == NULL && ghn->ipv6_head != NULL) { r = DetectAddressGroupSetup(gh,"::/0"); if (r < 0) { goto error; } } /* step 1: insert our ghn members into the gh list */ for (ag = ghn->ipv4_head; ag != NULL; ag = ag->next) { /* work with a copy of the ad so we can easily clean up * the ghn group later. */ ad = DetectAddressDataCopy(ag->ad); if (ad == NULL) { goto error; } r = DetectAddressInsert(gh,ad); if (r < 0) { goto error; } } /* ... and the same for ipv6 */ for (ag = ghn->ipv6_head; ag != NULL; ag = ag->next) { /* work with a copy of the ad so we can easily clean up * the ghn group later. */ ad = DetectAddressDataCopy(ag->ad); if (ad == NULL) { goto error; } r = DetectAddressInsert(gh,ad); if (r < 0) { goto error; } } /* step 2: pull the address blocks that match our 'not' blocks */ for (ag = ghn->ipv4_head; ag != NULL; ag = ag->next) { SCLogDebug("ag %p", ag); DetectAddressDataPrint(ag->ad); for (ag2 = gh->ipv4_head; ag2 != NULL; ) { SCLogDebug("ag2 %p", ag2); DetectAddressDataPrint(ag2->ad); r = DetectAddressCmp(ag->ad,ag2->ad); if (r == ADDRESS_EQ || r == ADDRESS_EB) { /* XXX more ??? */ if (ag2->prev == NULL) { gh->ipv4_head = ag2->next; } else { ag2->prev->next = ag2->next; } if (ag2->next != NULL) { ag2->next->prev = ag2->prev; } /* store the next ptr and remove the group */ DetectAddressGroup *next_ag2 = ag2->next; DetectAddressGroupFree(ag2); ag2 = next_ag2; } else { ag2 = ag2->next; } } } /* ... and the same for ipv6 */ for (ag = ghn->ipv6_head; ag != NULL; ag = ag->next) { for (ag2 = gh->ipv6_head; ag2 != NULL; ) { r = DetectAddressCmp(ag->ad,ag2->ad); if (r == ADDRESS_EQ || r == ADDRESS_EB) { /* XXX more ??? */ if (ag2->prev == NULL) { gh->ipv6_head = ag2->next; } else { ag2->prev->next = ag2->next; } if (ag2->next != NULL) { ag2->next->prev = ag2->prev; } /* store the next ptr and remove the group */ DetectAddressGroup *next_ag2 = ag2->next; DetectAddressGroupFree(ag2); ag2 = next_ag2; } else { ag2 = ag2->next; } } } /* if the result is that we have no addresses we return error */ if (gh->ipv4_head == NULL && gh->ipv6_head == NULL) { printf("no addresses left after merging addresses and not-addresses\n"); goto error; } return 0; error: return -1; } /* XXX rename this so 'Group' is out of the name */ int DetectAddressGroupParse(DetectAddressGroupsHead *gh, char *str) { int r; SCLogDebug("gh %p, str %s", gh, str); DetectAddressGroupsHead *ghn = DetectAddressGroupsHeadInit(); if (ghn == NULL) { goto error; } r = DetectAddressParse2(gh, ghn, str,/* start with negate no */0); if (r < 0) { goto error; } /* merge the 'not' address groups */ if (DetectAddressGroupMergeNot(gh, ghn) < 0) { goto error; } /* free the temp negate head */ DetectAddressGroupsHeadFree(ghn); return 0; error: DetectAddressGroupsHeadFree(ghn); return -1; } DetectAddressGroupsHead *DetectAddressGroupsHeadInit(void) { DetectAddressGroupsHead *gh = malloc(sizeof(DetectAddressGroupsHead)); if (gh == NULL) return NULL; memset(gh, 0, sizeof(DetectAddressGroupsHead)); #ifdef DEBUG detect_address_group_head_init_cnt++; detect_address_group_head_memory += sizeof(DetectAddressGroupsHead); #endif return gh; } void DetectAddressGroupsHeadCleanup(DetectAddressGroupsHead *gh) { if (gh != NULL) { DetectAddressGroupCleanupList(gh->any_head); gh->any_head = NULL; DetectAddressGroupCleanupList(gh->ipv4_head); gh->ipv4_head = NULL; DetectAddressGroupCleanupList(gh->ipv6_head); gh->ipv6_head = NULL; } } void DetectAddressGroupsHeadFree(DetectAddressGroupsHead *gh) { if (gh != NULL) { DetectAddressGroupsHeadCleanup(gh); free(gh); #ifdef DEBUG detect_address_group_head_free_cnt++; detect_address_group_head_memory -= sizeof(DetectAddressGroupsHead); #endif } } int DetectAddressGroupCut(DetectEngineCtx *de_ctx, DetectAddressGroup *a, DetectAddressGroup *b, DetectAddressGroup **c) { if (a->ad->family == AF_INET) { return DetectAddressGroupCutIPv4(de_ctx, a,b,c); } else if (a->ad->family == AF_INET6) { return DetectAddressGroupCutIPv6(de_ctx, a,b,c); } return -1; } /** \retval 0 ok * \retval -1 error */ int DetectAddressCut(DetectAddressData *a, DetectAddressData *b, DetectAddressData **c) { if (a->family == AF_INET) { return DetectAddressCutIPv4(a, b, c); } else if (a->family == AF_INET6) { return DetectAddressCutIPv6(a, b, c); } return -1; } /** \retval 0 ok * \retval -1 error */ int DetectAddressCutNot(DetectAddressData *a, DetectAddressData **b) { if (a->family == AF_INET) { return DetectAddressCutNotIPv4(a,b); } else if (a->family == AF_INET6) { return DetectAddressCutNotIPv6(a,b); } return -1; } int DetectAddressCmp(DetectAddressData *a, DetectAddressData *b) { if (a->family != b->family) return ADDRESS_ER; /* check any */ if (a->flags & ADDRESS_FLAG_ANY && b->flags & ADDRESS_FLAG_ANY) return ADDRESS_EQ; else if (a->family == AF_INET) return DetectAddressCmpIPv4(a, b); else if (a->family == AF_INET6) return DetectAddressCmpIPv6(a, b); return ADDRESS_ER; } void DetectAddressParseIPv6CIDR(int cidr, struct in6_addr *in6) { int i = 0; //printf("CIDR: %" PRId32 "\n", cidr); memset(in6, 0, sizeof(struct in6_addr)); while (cidr > 8) { in6->s6_addr[i] = 0xff; cidr -= 8; i++; } while (cidr > 0) { in6->s6_addr[i] |= 0x80; if (--cidr > 0) in6->s6_addr[i] = in6->s6_addr[i] >> 1; } } static int AddressParse(DetectAddressData *dd, char *str) { char *ipdup = strdup(str); char *ip2 = NULL; char *mask = NULL; int r = 0; /* first handle 'any' */ if (strcasecmp(str,"any") == 0) { dd->flags |= ADDRESS_FLAG_ANY; free(ipdup); return 0; } /* we dup so we can put a nul-termination in it later */ char *ip = ipdup; /* handle the negation case */ if (ip[0] == '!') { dd->flags |= ADDRESS_FLAG_NOT; ip++; } /* see if the address is an ipv4 or ipv6 address */ if ((strchr(str,':')) == NULL) { /* IPv4 Address */ struct in_addr in; dd->family = AF_INET; if ((mask = strchr(ip, '/')) != NULL) { /* 1.2.3.4/xxx format (either dotted or cidr notation */ ip[mask - ip] = '\0'; mask++; uint32_t ip4addr = 0; uint32_t netmask = 0; if ((strchr (mask,'.')) == NULL) { /* 1.2.3.4/24 format */ int cidr = atoi(mask); netmask = CIDRGet(cidr); } else { /* 1.2.3.4/255.255.255.0 format */ r = inet_pton(AF_INET, mask, &in); if (r <= 0) { goto error; } netmask = in.s_addr; //printf("AddressParse: dd->ip2 %" PRIX32 "\n", dd->ip2); } r = inet_pton(AF_INET, ip, &in); if (r <= 0) { goto error; } ip4addr = in.s_addr; dd->ip[0] = dd->ip2[0] = ip4addr & netmask; dd->ip2[0] |=~ netmask; //printf("AddressParse: dd->ip %" PRIX32 "\n", dd->ip); } else if ((ip2 = strchr(ip, '-')) != NULL) { /* 1.2.3.4-1.2.3.6 range format */ ip[ip2 - ip] = '\0'; ip2++; r = inet_pton(AF_INET, ip, &in); if (r <= 0) { goto error; } dd->ip[0] = in.s_addr; r = inet_pton(AF_INET, ip2, &in); if (r <= 0) { goto error; } dd->ip2[0] = in.s_addr; /* a>b is illegal, a=b is ok */ if (ntohl(dd->ip[0]) > ntohl(dd->ip2[0])) { goto error; } } else { /* 1.2.3.4 format */ r = inet_pton(AF_INET, ip, &in); if (r <= 0) { goto error; } /* single host */ dd->ip[0] = in.s_addr; dd->ip2[0] = in.s_addr; //printf("AddressParse: dd->ip %" PRIX32 "\n", dd->ip); } } else { /* IPv6 Address */ struct in6_addr in6, mask6; uint32_t ip6addr[4], netmask[4]; dd->family = AF_INET6; if ((mask = strchr(ip, '/')) != NULL) { ip[mask - ip] = '\0'; mask++; r = inet_pton(AF_INET6, ip, &in6); if (r <= 0) { goto error; } memcpy(&ip6addr, &in6.s6_addr, sizeof(ip6addr)); DetectAddressParseIPv6CIDR(atoi(mask), &mask6); memcpy(&netmask, &mask6.s6_addr, sizeof(netmask)); dd->ip2[0] = dd->ip[0] = ip6addr[0] & netmask[0]; dd->ip2[1] = dd->ip[1] = ip6addr[1] & netmask[1]; dd->ip2[2] = dd->ip[2] = ip6addr[2] & netmask[2]; dd->ip2[3] = dd->ip[3] = ip6addr[3] & netmask[3]; dd->ip2[0] |=~ netmask[0]; dd->ip2[1] |=~ netmask[1]; dd->ip2[2] |=~ netmask[2]; dd->ip2[3] |=~ netmask[3]; } else if ((ip2 = strchr(ip, '-')) != NULL) { /* 2001::1-2001::4 range format */ ip[ip2 - ip] = '\0'; ip2++; r = inet_pton(AF_INET6, ip, &in6); if (r <= 0) { goto error; } memcpy(dd->ip, &in6.s6_addr, sizeof(ip6addr)); r = inet_pton(AF_INET6, ip2, &in6); if (r <= 0) { goto error; } memcpy(dd->ip2, &in6.s6_addr, sizeof(ip6addr)); /* a>b is illegal, a=b is ok */ if (AddressIPv6Gt(dd->ip, dd->ip2)) { goto error; } } else { r = inet_pton(AF_INET6, ip, &in6); if (r <= 0) { goto error; } memcpy(&dd->ip, &in6.s6_addr, sizeof(dd->ip)); memcpy(&dd->ip2, &in6.s6_addr, sizeof(dd->ip2)); } } free(ipdup); return 0; error: if (ipdup) free(ipdup); return -1; } DetectAddressData *DetectAddressParse(char *str) { DetectAddressData *dd; dd = DetectAddressDataInit(); if (dd == NULL) { goto error; } if (AddressParse(dd, str) < 0) { goto error; } return dd; error: if (dd) DetectAddressDataFree(dd); return NULL; } DetectAddressData *DetectAddressDataInit(void) { DetectAddressData *dd; dd = malloc(sizeof(DetectAddressData)); if (dd == NULL) { printf("DetectAddressSetup malloc failed\n"); goto error; } memset(dd,0,sizeof(DetectAddressData)); #ifdef DEBUG detect_address_init_cnt++; detect_address_memory += sizeof(DetectAddressData); #endif return dd; error: if (dd) free(dd); return NULL; } DetectAddressData *DetectAddressDataCopy(DetectAddressData *src) { DetectAddressData *dst = DetectAddressDataInit(); if (dst == NULL) { goto error; } memcpy(dst,src,sizeof(DetectAddressData)); return dst; error: return NULL; } void DetectAddressDataFree(DetectAddressData *dd) { if (dd != NULL) { free(dd); #ifdef DEBUG detect_address_free_cnt++; detect_address_memory -= sizeof(DetectAddressData); #endif } } int DetectAddressMatch (DetectAddressData *dd, Address *a) { if (dd->family != a->family) return 0; switch (a->family) { case AF_INET: /* XXX figure out a way to not need to do this ntohl * if we switch to Address inside DetectAddressData * we can do uint8_t checks */ if (ntohl(a->addr_data32[0]) >= ntohl(dd->ip[0]) && ntohl(a->addr_data32[0]) <= ntohl(dd->ip2[0])) { return 1; } else { return 0; } break; case AF_INET6: if (AddressIPv6Ge(a->addr_data32, dd->ip) == 1 && AddressIPv6Le(a->addr_data32, dd->ip2) == 1) { return 1; } else { return 0; } break; } return 0; } void DetectAddressDataPrint(DetectAddressData *ad) { if (ad == NULL) return; if (ad->flags & ADDRESS_FLAG_ANY) { printf("ANY"); } else if (ad->family == AF_INET) { struct in_addr in; char ip[16], mask[16]; memcpy(&in, &ad->ip[0], sizeof(in)); inet_ntop(AF_INET, &in, ip, sizeof(ip)); memcpy(&in, &ad->ip2[0], sizeof(in)); inet_ntop(AF_INET, &in, mask, sizeof(mask)); SCLogDebug("%s/%s", ip, mask); } else if (ad->family == AF_INET6) { struct in6_addr in6; char ip[66], mask[66]; memcpy(&in6, &ad->ip, sizeof(in6)); inet_ntop(AF_INET6, &in6, ip, sizeof(ip)); memcpy(&in6, &ad->ip2, sizeof(in6)); inet_ntop(AF_INET6, &in6, mask, sizeof(mask)); SCLogDebug("%s/%s", ip, mask); } } /** \brief find the group matching address in a group head */ DetectAddressGroup * DetectAddressLookupGroup(DetectAddressGroupsHead *gh, Address *a) { DetectAddressGroup *g; //printf("DetectAddressLookupGroup: start %p\n", gh); if (gh == NULL) return NULL; //printf("DetectAddressLookupGroup: gh 4%p 6%p a%p\n", gh->ipv4_head, gh->ipv6_head, gh->any_head); /* XXX should we really do this check every time we run * this function? */ if (a->family == AF_INET) g = gh->ipv4_head; else if (a->family == AF_INET6) g = gh->ipv6_head; else g = gh->any_head; //printf("g %p\n", g); for ( ; g != NULL; g = g->next) { //printf("DetectAddressLookupGroup: checking \n"); DetectAddressDataPrint(g->ad); printf("\n"); if (DetectAddressMatch(g->ad,a) == 1) { return g; } } return NULL; } /* TESTS */ #ifdef UNITTESTS int AddressTestParse01 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("1.2.3.4"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse02 (void) { DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4"); if (dd) { if (dd->ip2[0] != 0x04030201 || dd->ip[0] != 0x04030201) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse03 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("1.2.3.4/255.255.255.0"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse04 (void) { DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4/255.255.255.0"); if (dd) { if (dd->ip2[0] != 0xff030201 || dd->ip[0] != 0x00030201) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse05 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("1.2.3.4/24"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse06 (void) { DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4/24"); if (dd) { if (dd->ip2[0] != 0xff030201 || dd->ip[0] != 0x00030201) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse07 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/3"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse08 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/3"); if (dd) { int result = 1; if (dd->ip[0] != 0x00000020 || dd->ip[1] != 0x00000000 || dd->ip[2] != 0x00000000 || dd->ip[3] != 0x00000000 || dd->ip2[0] != 0xFFFFFF3F || dd->ip2[1] != 0xFFFFFFFF || dd->ip2[2] != 0xFFFFFFFF || dd->ip2[3] != 0xFFFFFFFF) { DetectAddressDataPrint(dd); result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse09 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::1/128"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse10 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/128"); if (dd) { int result = 1; if (dd->ip[0] != 0x00000120 || dd->ip[1] != 0x00000000 || dd->ip[2] != 0x00000000 || dd->ip[3] != 0x00000000 || dd->ip2[0] != 0x00000120 || dd->ip2[1] != 0x00000000 || dd->ip2[2] != 0x00000000 || dd->ip2[3] != 0x00000000) { DetectAddressDataPrint(dd); result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse11 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/48"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse12 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/48"); if (dd) { int result = 1; if (dd->ip[0] != 0x00000120 || dd->ip[1] != 0x00000000 || dd->ip[2] != 0x00000000 || dd->ip[3] != 0x00000000 || dd->ip2[0] != 0x00000120 || dd->ip2[1] != 0xFFFF0000 || dd->ip2[2] != 0xFFFFFFFF || dd->ip2[3] != 0xFFFFFFFF) { DetectAddressDataPrint(dd); result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse13 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/16"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse14 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/16"); if (dd) { int result = 1; if (dd->ip[0] != 0x00000120 || dd->ip[1] != 0x00000000 || dd->ip[2] != 0x00000000 || dd->ip[3] != 0x00000000 || dd->ip2[0] != 0xFFFF0120 || dd->ip2[1] != 0xFFFFFFFF || dd->ip2[2] != 0xFFFFFFFF || dd->ip2[3] != 0xFFFFFFFF) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse15 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/0"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse16 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::/0"); if (dd) { int result = 1; if (dd->ip[0] != 0x00000000 || dd->ip[1] != 0x00000000 || dd->ip[2] != 0x00000000 || dd->ip[3] != 0x00000000 || dd->ip2[0] != 0xFFFFFFFF || dd->ip2[1] != 0xFFFFFFFF || dd->ip2[2] != 0xFFFFFFFF || dd->ip2[3] != 0xFFFFFFFF) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse17 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("1.2.3.4-1.2.3.6"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse18 (void) { DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4-1.2.3.6"); if (dd) { if (dd->ip2[0] != 0x06030201 || dd->ip[0] != 0x04030201) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse19 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("1.2.3.6-1.2.3.4"); if (dd) { DetectAddressDataFree(dd); return 0; } return 1; } int AddressTestParse20 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::1-2001::4"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse21 (void) { DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("2001::1-2001::4"); if (dd) { if (dd->ip[0] != 0x00000120 || dd->ip[1] != 0x00000000 || dd->ip[2] != 0x00000000 || dd->ip[3] != 0x01000000 || dd->ip2[0] != 0x00000120 || dd->ip2[1] != 0x00000000 || dd->ip2[2] != 0x00000000 || dd->ip2[3] != 0x04000000) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse22 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("2001::4-2001::1"); if (dd) { DetectAddressDataFree(dd); return 0; } return 1; } int AddressTestParse23 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("any"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse24 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("Any"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse25 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("ANY"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse26 (void) { int result = 0; DetectAddressData *dd = NULL; dd = DetectAddressParse("any"); if (dd) { if (dd->flags & ADDRESS_FLAG_ANY) result = 1; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse27 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("!192.168.0.1"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse28 (void) { int result = 0; DetectAddressData *dd = NULL; dd = DetectAddressParse("!1.2.3.4"); if (dd) { if (dd->flags & ADDRESS_FLAG_NOT && dd->ip[0] == 0x04030201) { result = 1; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse29 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("!1.2.3.0/24"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse30 (void) { int result = 0; DetectAddressData *dd = NULL; dd = DetectAddressParse("!1.2.3.4/24"); if (dd) { if (dd->flags & ADDRESS_FLAG_NOT && dd->ip[0] == 0x00030201 && dd->ip2[0] == 0xFF030201) { result = 1; } DetectAddressDataFree(dd); return result; } return 0; } /** \test make sure !any is rejected */ int AddressTestParse31 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("!any"); if (dd) { DetectAddressDataFree(dd); return 0; } return 1; } int AddressTestParse32 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("!2001::1"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse33 (void) { int result = 0; DetectAddressData *dd = NULL; dd = DetectAddressParse("!2001::1"); if (dd) { if (dd->flags & ADDRESS_FLAG_NOT && dd->ip[0] == 0x00000120 && dd->ip[1] == 0x00000000 && dd->ip[2] == 0x00000000 && dd->ip[3] == 0x01000000) { result = 1; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestParse34 (void) { DetectAddressData *dd = NULL; dd = DetectAddressParse("!2001::/16"); if (dd) { DetectAddressDataFree(dd); return 1; } return 0; } int AddressTestParse35 (void) { int result = 0; DetectAddressData *dd = NULL; dd = DetectAddressParse("!2001::/16"); if (dd) { if (dd->flags & ADDRESS_FLAG_NOT && dd->ip[0] == 0x00000120 && dd->ip[1] == 0x00000000 && dd->ip[2] == 0x00000000 && dd->ip[3] == 0x00000000 && dd->ip2[0] == 0xFFFF0120 && dd->ip2[1] == 0xFFFFFFFF && dd->ip2[2] == 0xFFFFFFFF && dd->ip2[3] == 0xFFFFFFFF) { result = 1; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch01 (void) { struct in_addr in; Address a; inet_pton(AF_INET, "1.2.3.4", &in); memset(&a, 0, sizeof(Address)); a.family = AF_INET; a.addr_data32[0] = in.s_addr; DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4/24"); if (dd) { if (DetectAddressMatch(dd,&a) == 0) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch02 (void) { struct in_addr in; Address a; inet_pton(AF_INET, "1.2.3.127", &in); memset(&a, 0, sizeof(Address)); a.family = AF_INET; a.addr_data32[0] = in.s_addr; DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4/25"); if (dd) { if (DetectAddressMatch(dd,&a) == 0) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch03 (void) { struct in_addr in; Address a; inet_pton(AF_INET, "1.2.3.128", &in); memset(&a, 0, sizeof(Address)); a.family = AF_INET; a.addr_data32[0] = in.s_addr; DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4/25"); if (dd) { if (DetectAddressMatch(dd,&a) == 1) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch04 (void) { struct in_addr in; Address a; inet_pton(AF_INET, "1.2.2.255", &in); memset(&a, 0, sizeof(Address)); a.family = AF_INET; a.addr_data32[0] = in.s_addr; DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4/25"); if (dd) { if (DetectAddressMatch(dd,&a) == 1) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch05 (void) { struct in_addr in; Address a; inet_pton(AF_INET, "1.2.3.4", &in); memset(&a, 0, sizeof(Address)); a.family = AF_INET; a.addr_data32[0] = in.s_addr; DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("1.2.3.4/32"); if (dd) { if (DetectAddressMatch(dd,&a) == 0) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch06 (void) { struct in_addr in; Address a; inet_pton(AF_INET, "1.2.3.4", &in); memset(&a, 0, sizeof(Address)); a.family = AF_INET; a.addr_data32[0] = in.s_addr; DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("0.0.0.0/0.0.0.0"); if (dd) { if (DetectAddressMatch(dd,&a) == 0) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch07 (void) { struct in6_addr in6; Address a; inet_pton(AF_INET6, "2001::1", &in6); memset(&a, 0, sizeof(Address)); a.family = AF_INET6; memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr)); DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("2001::/3"); if (dd) { if (DetectAddressMatch(dd,&a) == 0) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch08 (void) { struct in6_addr in6; Address a; inet_pton(AF_INET6, "1999:ffff:ffff:ffff:ffff:ffff:ffff:ffff", &in6); memset(&a, 0, sizeof(Address)); a.family = AF_INET6; memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr)); DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("2001::/3"); if (dd) { if (DetectAddressMatch(dd,&a) == 1) { result = 0; } DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch09 (void) { struct in6_addr in6; Address a; inet_pton(AF_INET6, "2001::2", &in6); memset(&a, 0, sizeof(Address)); a.family = AF_INET6; memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr)); DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("2001::1/128"); if (dd) { if (DetectAddressMatch(dd,&a) == 1) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch10 (void) { struct in6_addr in6; Address a; inet_pton(AF_INET6, "2001::2", &in6); memset(&a, 0, sizeof(Address)); a.family = AF_INET6; memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr)); DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("2001::1/126"); if (dd) { if (DetectAddressMatch(dd,&a) == 0) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestMatch11 (void) { struct in6_addr in6; Address a; inet_pton(AF_INET6, "2001::3", &in6); memset(&a, 0, sizeof(Address)); a.family = AF_INET6; memcpy(&a.addr_data32, &in6.s6_addr, sizeof(in6.s6_addr)); DetectAddressData *dd = NULL; int result = 1; dd = DetectAddressParse("2001::1/127"); if (dd) { if (DetectAddressMatch(dd,&a) == 1) result = 0; DetectAddressDataFree(dd); return result; } return 0; } int AddressTestCmp01 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.0.0/255.255.255.0"); if (da == NULL) goto error; db = DetectAddressParse("192.168.0.0/255.255.255.0"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_EQ) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp02 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.0.0/255.255.0.0"); if (da == NULL) goto error; db = DetectAddressParse("192.168.0.0/255.255.255.0"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_EB) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp03 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.0.0/255.255.255.0"); if (da == NULL) goto error; db = DetectAddressParse("192.168.0.0/255.255.0.0"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_ES) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp04 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.0.0/255.255.255.0"); if (da == NULL) goto error; db = DetectAddressParse("192.168.1.0/255.255.255.0"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_LT) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp05 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.1.0/255.255.255.0"); if (da == NULL) goto error; db = DetectAddressParse("192.168.0.0/255.255.255.0"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_GT) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp06 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.1.0/255.255.0.0"); if (da == NULL) goto error; db = DetectAddressParse("192.168.0.0/255.255.0.0"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_EQ) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmpIPv407 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.1.0/255.255.255.0"); if (da == NULL) goto error; db = DetectAddressParse("192.168.1.128-192.168.2.128"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_LE) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmpIPv408 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("192.168.1.128-192.168.2.128"); if (da == NULL) goto error; db = DetectAddressParse("192.168.1.0/255.255.255.0"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_GE) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp07 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("2001::/3"); if (da == NULL) goto error; db = DetectAddressParse("2001::1/3"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_EQ) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp08 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("2001::/3"); if (da == NULL) goto error; db = DetectAddressParse("2001::/8"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_EB) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp09 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("2001::/8"); if (da == NULL) goto error; db = DetectAddressParse("2001::/3"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_ES) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp10 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("2001:1:2:3:0:0:0:0/64"); if (da == NULL) goto error; db = DetectAddressParse("2001:1:2:4:0:0:0:0/64"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_LT) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp11 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("2001:1:2:4:0:0:0:0/64"); if (da == NULL) goto error; db = DetectAddressParse("2001:1:2:3:0:0:0:0/64"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_GT) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestCmp12 (void) { DetectAddressData *da = NULL, *db = NULL; int result = 1; da = DetectAddressParse("2001:1:2:3:1:0:0:0/64"); if (da == NULL) goto error; db = DetectAddressParse("2001:1:2:3:2:0:0:0/64"); if (db == NULL) goto error; if (DetectAddressCmp(da,db) != ADDRESS_EQ) result = 0; DetectAddressDataFree(da); DetectAddressDataFree(db); return result; error: if (da) DetectAddressDataFree(da); if (db) DetectAddressDataFree(db); return 0; } int AddressTestAddressGroupSetup01 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "1.2.3.4"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup02 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "1.2.3.4"); if (r == 0 && gh->ipv4_head != NULL) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup03 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "1.2.3.4"); if (r == 0 && gh->ipv4_head != NULL) { DetectAddressGroup *prev_head = gh->ipv4_head; r = DetectAddressGroupParse(gh, "1.2.3.3"); if (r == 0 && gh->ipv4_head != prev_head && gh->ipv4_head != NULL && gh->ipv4_head->next == prev_head) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup04 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "1.2.3.4"); if (r == 0 && gh->ipv4_head != NULL) { DetectAddressGroup *prev_head = gh->ipv4_head; r = DetectAddressGroupParse(gh, "1.2.3.3"); if (r == 0 && gh->ipv4_head != prev_head && gh->ipv4_head != NULL && gh->ipv4_head->next == prev_head) { DetectAddressGroup *prev_head = gh->ipv4_head; r = DetectAddressGroupParse(gh, "1.2.3.2"); if (r == 0 && gh->ipv4_head != prev_head && gh->ipv4_head != NULL && gh->ipv4_head->next == prev_head) { result = 1; } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup05 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "1.2.3.2"); if (r == 0 && gh->ipv4_head != NULL) { DetectAddressGroup *prev_head = gh->ipv4_head; r = DetectAddressGroupParse(gh, "1.2.3.3"); if (r == 0 && gh->ipv4_head == prev_head && gh->ipv4_head != NULL && gh->ipv4_head->next != prev_head) { DetectAddressGroup *prev_head = gh->ipv4_head; r = DetectAddressGroupParse(gh, "1.2.3.4"); if (r == 0 && gh->ipv4_head == prev_head && gh->ipv4_head != NULL && gh->ipv4_head->next != prev_head) { result = 1; } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup06 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "1.2.3.2"); if (r == 0 && gh->ipv4_head != NULL) { DetectAddressGroup *prev_head = gh->ipv4_head; r = DetectAddressGroupParse(gh, "1.2.3.2"); if (r == 0 && gh->ipv4_head == prev_head && gh->ipv4_head != NULL && gh->ipv4_head->next == NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup07 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "10.0.0.0/8"); if (r == 0 && gh->ipv4_head != NULL) { r = DetectAddressGroupParse(gh, "10.10.10.10"); if (r == 0 && gh->ipv4_head != NULL && gh->ipv4_head->next != NULL && gh->ipv4_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup08 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "10.10.10.10"); if (r == 0 && gh->ipv4_head != NULL) { r = DetectAddressGroupParse(gh, "10.0.0.0/8"); if (r == 0 && gh->ipv4_head != NULL && gh->ipv4_head->next != NULL && gh->ipv4_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup09 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "10.10.10.0/24"); if (r == 0 && gh->ipv4_head != NULL) { r = DetectAddressGroupParse(gh, "10.10.10.10-10.10.11.1"); if (r == 0 && gh->ipv4_head != NULL && gh->ipv4_head->next != NULL && gh->ipv4_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup10 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "10.10.10.10-10.10.11.1"); if (r == 0 && gh->ipv4_head != NULL) { r = DetectAddressGroupParse(gh, "10.10.10.0/24"); if (r == 0 && gh->ipv4_head != NULL && gh->ipv4_head->next != NULL && gh->ipv4_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup11 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "10.10.10.10-10.10.11.1"); if (r == 0) { r = DetectAddressGroupParse(gh, "10.10.10.0/24"); if (r == 0) { r = DetectAddressGroupParse(gh, "0.0.0.0/0"); if (r == 0) { DetectAddressGroup *one = gh->ipv4_head, *two = one->next, *three = two->next, *four = three->next, *five = four->next; /* result should be: * 0.0.0.0/10.10.9.255 * 10.10.10.0/10.10.10.9 * 10.10.10.10/10.10.10.255 * 10.10.11.0/10.10.11.1 * 10.10.11.2/255.255.255.255 */ if (one->ad->ip[0] == 0x00000000 && one->ad->ip2[0] == 0xFF090A0A && two->ad->ip[0] == 0x000A0A0A && two->ad->ip2[0] == 0x090A0A0A && three->ad->ip[0] == 0x0A0A0A0A && three->ad->ip2[0] == 0xFF0A0A0A && four->ad->ip[0] == 0x000B0A0A && four->ad->ip2[0] == 0x010B0A0A && five->ad->ip[0] == 0x020B0A0A && five->ad->ip2[0] == 0xFFFFFFFF) { result = 1; } } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup12 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "10.10.10.10-10.10.11.1"); if (r == 0) { r = DetectAddressGroupParse(gh, "0.0.0.0/0"); if (r == 0) { r = DetectAddressGroupParse(gh, "10.10.10.0/24"); if (r == 0) { DetectAddressGroup *one = gh->ipv4_head, *two = one->next, *three = two->next, *four = three->next, *five = four->next; /* result should be: * 0.0.0.0/10.10.9.255 * 10.10.10.0/10.10.10.9 * 10.10.10.10/10.10.10.255 * 10.10.11.0/10.10.11.1 * 10.10.11.2/255.255.255.255 */ if (one->ad->ip[0] == 0x00000000 && one->ad->ip2[0] == 0xFF090A0A && two->ad->ip[0] == 0x000A0A0A && two->ad->ip2[0] == 0x090A0A0A && three->ad->ip[0] == 0x0A0A0A0A && three->ad->ip2[0] == 0xFF0A0A0A && four->ad->ip[0] == 0x000B0A0A && four->ad->ip2[0] == 0x010B0A0A && five->ad->ip[0] == 0x020B0A0A && five->ad->ip2[0] == 0xFFFFFFFF) { result = 1; } } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup13 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "0.0.0.0/0"); if (r == 0) { r = DetectAddressGroupParse(gh, "10.10.10.10-10.10.11.1"); if (r == 0) { r = DetectAddressGroupParse(gh, "10.10.10.0/24"); if (r == 0) { DetectAddressGroup *one = gh->ipv4_head, *two = one->next, *three = two->next, *four = three->next, *five = four->next; /* result should be: * 0.0.0.0/10.10.9.255 * 10.10.10.0/10.10.10.9 * 10.10.10.10/10.10.10.255 * 10.10.11.0/10.10.11.1 * 10.10.11.2/255.255.255.255 */ if (one->ad->ip[0] == 0x00000000 && one->ad->ip2[0] == 0xFF090A0A && two->ad->ip[0] == 0x000A0A0A && two->ad->ip2[0] == 0x090A0A0A && three->ad->ip[0] == 0x0A0A0A0A && three->ad->ip2[0] == 0xFF0A0A0A && four->ad->ip[0] == 0x000B0A0A && four->ad->ip2[0] == 0x010B0A0A && five->ad->ip[0] == 0x020B0A0A && five->ad->ip2[0] == 0xFFFFFFFF) { result = 1; } } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetupIPv414 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "!1.2.3.4"); if (r == 0) { DetectAddressGroup *one = gh->ipv4_head; DetectAddressGroup *two = one ? one->next : NULL; if (one && two) { /* result should be: * 0.0.0.0/1.2.3.3 * 1.2.3.5/255.255.255.255 */ if (one->ad->ip[0] == 0x00000000 && one->ad->ip2[0] == 0x03030201 && two->ad->ip[0] == 0x05030201 && two->ad->ip2[0] == 0xFFFFFFFF) { result = 1; } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetupIPv415 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "!0.0.0.0"); if (r == 0) { DetectAddressGroup *one = gh->ipv4_head; if (one && one->next == NULL) { /* result should be: * 0.0.0.1/255.255.255.255 */ if (one->ad->ip[0] == 0x01000000 && one->ad->ip2[0] == 0xFFFFFFFF) { result = 1; } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetupIPv416 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "!255.255.255.255"); if (r == 0) { DetectAddressGroup *one = gh->ipv4_head; if (one && one->next == NULL) { /* result should be: * 0.0.0.0/255.255.255.254 */ if (one->ad->ip[0] == 0x00000000 && one->ad->ip2[0] == 0xFEFFFFFF) { result = 1; } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup14 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::1"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup15 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::1"); if (r == 0 && gh->ipv6_head != NULL) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup16 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::4"); if (r == 0 && gh->ipv6_head != NULL) { DetectAddressGroup *prev_head = gh->ipv6_head; r = DetectAddressGroupParse(gh, "2001::3"); if (r == 0 && gh->ipv6_head != prev_head && gh->ipv6_head != NULL && gh->ipv6_head->next == prev_head) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup17 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::4"); if (r == 0 && gh->ipv6_head != NULL) { DetectAddressGroup *prev_head = gh->ipv6_head; r = DetectAddressGroupParse(gh, "2001::3"); if (r == 0 && gh->ipv6_head != prev_head && gh->ipv6_head != NULL && gh->ipv6_head->next == prev_head) { DetectAddressGroup *prev_head = gh->ipv6_head; r = DetectAddressGroupParse(gh, "2001::2"); if (r == 0 && gh->ipv6_head != prev_head && gh->ipv6_head != NULL && gh->ipv6_head->next == prev_head) { result = 1; } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup18 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::2"); if (r == 0 && gh->ipv6_head != NULL) { DetectAddressGroup *prev_head = gh->ipv6_head; r = DetectAddressGroupParse(gh, "2001::3"); if (r == 0 && gh->ipv6_head == prev_head && gh->ipv6_head != NULL && gh->ipv6_head->next != prev_head) { DetectAddressGroup *prev_head = gh->ipv6_head; r = DetectAddressGroupParse(gh, "2001::4"); if (r == 0 && gh->ipv6_head == prev_head && gh->ipv6_head != NULL && gh->ipv6_head->next != prev_head) { result = 1; } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup19 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::2"); if (r == 0 && gh->ipv6_head != NULL) { DetectAddressGroup *prev_head = gh->ipv6_head; r = DetectAddressGroupParse(gh, "2001::2"); if (r == 0 && gh->ipv6_head == prev_head && gh->ipv6_head != NULL && gh->ipv6_head->next == NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup20 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2000::/3"); if (r == 0 && gh->ipv6_head != NULL) { r = DetectAddressGroupParse(gh, "2001::4"); if (r == 0 && gh->ipv6_head != NULL && gh->ipv6_head->next != NULL && gh->ipv6_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup21 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::4"); if (r == 0 && gh->ipv6_head != NULL) { r = DetectAddressGroupParse(gh, "2000::/3"); if (r == 0 && gh->ipv6_head != NULL && gh->ipv6_head->next != NULL && gh->ipv6_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup22 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2000::/3"); if (r == 0 && gh->ipv6_head != NULL) { r = DetectAddressGroupParse(gh, "2001::4-2001::6"); if (r == 0 && gh->ipv6_head != NULL && gh->ipv6_head->next != NULL && gh->ipv6_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup23 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::4-2001::6"); if (r == 0 && gh->ipv6_head != NULL) { r = DetectAddressGroupParse(gh, "2000::/3"); if (r == 0 && gh->ipv6_head != NULL && gh->ipv6_head->next != NULL && gh->ipv6_head->next->next != NULL) { result = 1; } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup24 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::4-2001::6"); if (r == 0) { r = DetectAddressGroupParse(gh, "2001::/3"); if (r == 0) { r = DetectAddressGroupParse(gh, "::/0"); if (r == 0) { DetectAddressGroup *one = gh->ipv6_head, *two = one->next, *three = two->next, *four = three->next, *five = four->next; if (one->ad->ip[0] == 0x00000000 && one->ad->ip[1] == 0x00000000 && one->ad->ip[2] == 0x00000000 && one->ad->ip[3] == 0x00000000 && one->ad->ip2[0] == 0xFFFFFF1F && one->ad->ip2[1] == 0xFFFFFFFF && one->ad->ip2[2] == 0xFFFFFFFF && one->ad->ip2[3] == 0xFFFFFFFF && two->ad->ip[0] == 0x00000020 && two->ad->ip[1] == 0x00000000 && two->ad->ip[2] == 0x00000000 && two->ad->ip[3] == 0x00000000 && two->ad->ip2[0] == 0x00000120 && two->ad->ip2[1] == 0x00000000 && two->ad->ip2[2] == 0x00000000 && two->ad->ip2[3] == 0x03000000 && three->ad->ip[0] == 0x00000120 && three->ad->ip[1] == 0x00000000 && three->ad->ip[2] == 0x00000000 && three->ad->ip[3] == 0x04000000 && three->ad->ip2[0] == 0x00000120 && three->ad->ip2[1] == 0x00000000 && three->ad->ip2[2] == 0x00000000 && three->ad->ip2[3] == 0x06000000 && four->ad->ip[0] == 0x00000120 && four->ad->ip[1] == 0x00000000 && four->ad->ip[2] == 0x00000000 && four->ad->ip[3] == 0x07000000 && four->ad->ip2[0] == 0xFFFFFF3F && four->ad->ip2[1] == 0xFFFFFFFF && four->ad->ip2[2] == 0xFFFFFFFF && four->ad->ip2[3] == 0xFFFFFFFF && five->ad->ip[0] == 0x00000040 && five->ad->ip[1] == 0x00000000 && five->ad->ip[2] == 0x00000000 && five->ad->ip[3] == 0x00000000 && five->ad->ip2[0] == 0xFFFFFFFF && five->ad->ip2[1] == 0xFFFFFFFF && five->ad->ip2[2] == 0xFFFFFFFF && five->ad->ip2[3] == 0xFFFFFFFF) { result = 1; } } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup25 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "2001::4-2001::6"); if (r == 0) { r = DetectAddressGroupParse(gh, "::/0"); if (r == 0) { r = DetectAddressGroupParse(gh, "2001::/3"); if (r == 0) { DetectAddressGroup *one = gh->ipv6_head, *two = one->next, *three = two->next, *four = three->next, *five = four->next; if (one->ad->ip[0] == 0x00000000 && one->ad->ip[1] == 0x00000000 && one->ad->ip[2] == 0x00000000 && one->ad->ip[3] == 0x00000000 && one->ad->ip2[0] == 0xFFFFFF1F && one->ad->ip2[1] == 0xFFFFFFFF && one->ad->ip2[2] == 0xFFFFFFFF && one->ad->ip2[3] == 0xFFFFFFFF && two->ad->ip[0] == 0x00000020 && two->ad->ip[1] == 0x00000000 && two->ad->ip[2] == 0x00000000 && two->ad->ip[3] == 0x00000000 && two->ad->ip2[0] == 0x00000120 && two->ad->ip2[1] == 0x00000000 && two->ad->ip2[2] == 0x00000000 && two->ad->ip2[3] == 0x03000000 && three->ad->ip[0] == 0x00000120 && three->ad->ip[1] == 0x00000000 && three->ad->ip[2] == 0x00000000 && three->ad->ip[3] == 0x04000000 && three->ad->ip2[0] == 0x00000120 && three->ad->ip2[1] == 0x00000000 && three->ad->ip2[2] == 0x00000000 && three->ad->ip2[3] == 0x06000000 && four->ad->ip[0] == 0x00000120 && four->ad->ip[1] == 0x00000000 && four->ad->ip[2] == 0x00000000 && four->ad->ip[3] == 0x07000000 && four->ad->ip2[0] == 0xFFFFFF3F && four->ad->ip2[1] == 0xFFFFFFFF && four->ad->ip2[2] == 0xFFFFFFFF && four->ad->ip2[3] == 0xFFFFFFFF && five->ad->ip[0] == 0x00000040 && five->ad->ip[1] == 0x00000000 && five->ad->ip[2] == 0x00000000 && five->ad->ip[3] == 0x00000000 && five->ad->ip2[0] == 0xFFFFFFFF && five->ad->ip2[1] == 0xFFFFFFFF && five->ad->ip2[2] == 0xFFFFFFFF && five->ad->ip2[3] == 0xFFFFFFFF) { result = 1; } } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup26 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "::/0"); if (r == 0) { r = DetectAddressGroupParse(gh, "2001::4-2001::6"); if (r == 0) { r = DetectAddressGroupParse(gh, "2001::/3"); if (r == 0) { DetectAddressGroup *one = gh->ipv6_head, *two = one->next, *three = two->next, *four = three->next, *five = four->next; if (one->ad->ip[0] == 0x00000000 && one->ad->ip[1] == 0x00000000 && one->ad->ip[2] == 0x00000000 && one->ad->ip[3] == 0x00000000 && one->ad->ip2[0] == 0xFFFFFF1F && one->ad->ip2[1] == 0xFFFFFFFF && one->ad->ip2[2] == 0xFFFFFFFF && one->ad->ip2[3] == 0xFFFFFFFF && two->ad->ip[0] == 0x00000020 && two->ad->ip[1] == 0x00000000 && two->ad->ip[2] == 0x00000000 && two->ad->ip[3] == 0x00000000 && two->ad->ip2[0] == 0x00000120 && two->ad->ip2[1] == 0x00000000 && two->ad->ip2[2] == 0x00000000 && two->ad->ip2[3] == 0x03000000 && three->ad->ip[0] == 0x00000120 && three->ad->ip[1] == 0x00000000 && three->ad->ip[2] == 0x00000000 && three->ad->ip[3] == 0x04000000 && three->ad->ip2[0] == 0x00000120 && three->ad->ip2[1] == 0x00000000 && three->ad->ip2[2] == 0x00000000 && three->ad->ip2[3] == 0x06000000 && four->ad->ip[0] == 0x00000120 && four->ad->ip[1] == 0x00000000 && four->ad->ip[2] == 0x00000000 && four->ad->ip[3] == 0x07000000 && four->ad->ip2[0] == 0xFFFFFF3F && four->ad->ip2[1] == 0xFFFFFFFF && four->ad->ip2[2] == 0xFFFFFFFF && four->ad->ip2[3] == 0xFFFFFFFF && five->ad->ip[0] == 0x00000040 && five->ad->ip[1] == 0x00000000 && five->ad->ip[2] == 0x00000000 && five->ad->ip[3] == 0x00000000 && five->ad->ip2[0] == 0xFFFFFFFF && five->ad->ip2[1] == 0xFFFFFFFF && five->ad->ip2[2] == 0xFFFFFFFF && five->ad->ip2[3] == 0xFFFFFFFF) { result = 1; } } } } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup27 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[1.2.3.4]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup28 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[1.2.3.4,4.3.2.1]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup29 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[1.2.3.4,4.3.2.1,10.10.10.10]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup30 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[[1.2.3.4,2.3.4.5],4.3.2.1,[10.10.10.10,11.11.11.11]]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup31 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[[1.2.3.4,[2.3.4.5,3.4.5.6]],4.3.2.1,[10.10.10.10,[11.11.11.11,12.12.12.12]]]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup32 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[[1.2.3.4,[2.3.4.5,[3.4.5.6,4.5.6.7]]],4.3.2.1,[10.10.10.10,[11.11.11.11,[12.12.12.12,13.13.13.13]]]]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup33 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "![1.1.1.1,[2.2.2.2,[3.3.3.3,4.4.4.4]]]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup34 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[1.0.0.0/8,![1.1.1.1,[1.2.1.1,1.3.1.1]]]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup35 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[1.0.0.0/8,[2.0.0.0/8,![1.1.1.1,2.2.2.2]]]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup36 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[1.0.0.0/8,[2.0.0.0/8,[3.0.0.0/8,!1.1.1.1]]]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestAddressGroupSetup37 (void) { int result = 0; DetectAddressGroupsHead *gh = DetectAddressGroupsHeadInit(); if (gh != NULL) { int r = DetectAddressGroupParse(gh, "[0.0.0.0/0,::/0]"); if (r == 0) { result = 1; } DetectAddressGroupsHeadFree(gh); } return result; } int AddressTestCutIPv401(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.0/255.255.255.0"); b = DetectAddressParse("1.2.2.0-1.2.3.4"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv402(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.0/255.255.255.0"); b = DetectAddressParse("1.2.2.0-1.2.3.4"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c == NULL) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv403(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.0/255.255.255.0"); b = DetectAddressParse("1.2.2.0-1.2.3.4"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c == NULL) { goto error; } if (a->ip[0] != 0x00020201 && a->ip2[0] != 0xff020201) { goto error; } if (b->ip[0] != 0x00030201 && b->ip2[0] != 0x04030201) { goto error; } if (c->ip[0] != 0x05030201 && c->ip2[0] != 0xff030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv404(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.3-1.2.3.6"); b = DetectAddressParse("1.2.3.0-1.2.3.5"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c == NULL) { goto error; } if (a->ip[0] != 0x00030201 && a->ip2[0] != 0x02030201) { goto error; } if (b->ip[0] != 0x03030201 && b->ip2[0] != 0x04030201) { goto error; } if (c->ip[0] != 0x05030201 && c->ip2[0] != 0x06030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv405(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.3-1.2.3.6"); b = DetectAddressParse("1.2.3.0-1.2.3.9"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c == NULL) { goto error; } if (a->ip[0] != 0x00030201 && a->ip2[0] != 0x02030201) { goto error; } if (b->ip[0] != 0x03030201 && b->ip2[0] != 0x06030201) { goto error; } if (c->ip[0] != 0x07030201 && c->ip2[0] != 0x09030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv406(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.0-1.2.3.9"); b = DetectAddressParse("1.2.3.3-1.2.3.6"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c == NULL) { goto error; } if (a->ip[0] != 0x00030201 && a->ip2[0] != 0x02030201) { goto error; } if (b->ip[0] != 0x03030201 && b->ip2[0] != 0x06030201) { goto error; } if (c->ip[0] != 0x07030201 && c->ip2[0] != 0x09030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv407(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.0-1.2.3.6"); b = DetectAddressParse("1.2.3.0-1.2.3.9"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c != NULL) { goto error; } if (a->ip[0] != 0x00030201 && a->ip2[0] != 0x06030201) { goto error; } if (b->ip[0] != 0x07030201 && b->ip2[0] != 0x09030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv408(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.3-1.2.3.9"); b = DetectAddressParse("1.2.3.0-1.2.3.9"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c != NULL) { goto error; } if (a->ip[0] != 0x00030201 && a->ip2[0] != 0x02030201) { goto error; } if (b->ip[0] != 0x03030201 && b->ip2[0] != 0x09030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv409(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.0-1.2.3.9"); b = DetectAddressParse("1.2.3.0-1.2.3.6"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c != NULL) { goto error; } if (a->ip[0] != 0x00030201 && a->ip2[0] != 0x06030201) { goto error; } if (b->ip[0] != 0x07030201 && b->ip2[0] != 0x09030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } int AddressTestCutIPv410(void) { DetectAddressData *a, *b, *c; a = DetectAddressParse("1.2.3.0-1.2.3.9"); b = DetectAddressParse("1.2.3.3-1.2.3.9"); if (DetectAddressCut(a,b,&c) == -1) { goto error; } if (c != NULL) { goto error; } if (a->ip[0] != 0x00030201 && a->ip2[0] != 0x02030201) { goto error; } if (b->ip[0] != 0x03030201 && b->ip2[0] != 0x09030201) { goto error; } DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 1; error: DetectAddressDataFree(a); DetectAddressDataFree(b); DetectAddressDataFree(c); return 0; } #endif /* UNITTESTS */ void DetectAddressTests(void) { #ifdef UNITTESTS DetectAddressIPv6Tests(); UtRegisterTest("AddressTestParse01", AddressTestParse01, 1); UtRegisterTest("AddressTestParse02", AddressTestParse02, 1); UtRegisterTest("AddressTestParse03", AddressTestParse03, 1); UtRegisterTest("AddressTestParse04", AddressTestParse04, 1); UtRegisterTest("AddressTestParse05", AddressTestParse05, 1); UtRegisterTest("AddressTestParse06", AddressTestParse06, 1); UtRegisterTest("AddressTestParse07", AddressTestParse07, 1); UtRegisterTest("AddressTestParse08", AddressTestParse08, 1); UtRegisterTest("AddressTestParse09", AddressTestParse09, 1); UtRegisterTest("AddressTestParse10", AddressTestParse10, 1); UtRegisterTest("AddressTestParse11", AddressTestParse11, 1); UtRegisterTest("AddressTestParse12", AddressTestParse12, 1); UtRegisterTest("AddressTestParse13", AddressTestParse13, 1); UtRegisterTest("AddressTestParse14", AddressTestParse14, 1); UtRegisterTest("AddressTestParse15", AddressTestParse15, 1); UtRegisterTest("AddressTestParse16", AddressTestParse16, 1); UtRegisterTest("AddressTestParse17", AddressTestParse17, 1); UtRegisterTest("AddressTestParse18", AddressTestParse18, 1); UtRegisterTest("AddressTestParse19", AddressTestParse19, 1); UtRegisterTest("AddressTestParse20", AddressTestParse20, 1); UtRegisterTest("AddressTestParse21", AddressTestParse21, 1); UtRegisterTest("AddressTestParse22", AddressTestParse22, 1); UtRegisterTest("AddressTestParse23", AddressTestParse23, 1); UtRegisterTest("AddressTestParse24", AddressTestParse24, 1); UtRegisterTest("AddressTestParse25", AddressTestParse25, 1); UtRegisterTest("AddressTestParse26", AddressTestParse26, 1); UtRegisterTest("AddressTestParse27", AddressTestParse27, 1); UtRegisterTest("AddressTestParse28", AddressTestParse28, 1); UtRegisterTest("AddressTestParse29", AddressTestParse29, 1); UtRegisterTest("AddressTestParse30", AddressTestParse30, 1); UtRegisterTest("AddressTestParse31", AddressTestParse31, 1); UtRegisterTest("AddressTestParse32", AddressTestParse32, 1); UtRegisterTest("AddressTestParse33", AddressTestParse33, 1); UtRegisterTest("AddressTestParse34", AddressTestParse34, 1); UtRegisterTest("AddressTestParse35", AddressTestParse35, 1); UtRegisterTest("AddressTestMatch01", AddressTestMatch01, 1); UtRegisterTest("AddressTestMatch02", AddressTestMatch02, 1); UtRegisterTest("AddressTestMatch03", AddressTestMatch03, 1); UtRegisterTest("AddressTestMatch04", AddressTestMatch04, 1); UtRegisterTest("AddressTestMatch05", AddressTestMatch05, 1); UtRegisterTest("AddressTestMatch06", AddressTestMatch06, 1); UtRegisterTest("AddressTestMatch07", AddressTestMatch07, 1); UtRegisterTest("AddressTestMatch08", AddressTestMatch08, 1); UtRegisterTest("AddressTestMatch09", AddressTestMatch09, 1); UtRegisterTest("AddressTestMatch10", AddressTestMatch10, 1); UtRegisterTest("AddressTestMatch11", AddressTestMatch11, 1); UtRegisterTest("AddressTestCmp01", AddressTestCmp01, 1); UtRegisterTest("AddressTestCmp02", AddressTestCmp02, 1); UtRegisterTest("AddressTestCmp03", AddressTestCmp03, 1); UtRegisterTest("AddressTestCmp04", AddressTestCmp04, 1); UtRegisterTest("AddressTestCmp05", AddressTestCmp05, 1); UtRegisterTest("AddressTestCmp06", AddressTestCmp06, 1); UtRegisterTest("AddressTestCmpIPv407", AddressTestCmpIPv407, 1); UtRegisterTest("AddressTestCmpIPv408", AddressTestCmpIPv408, 1); UtRegisterTest("AddressTestCmp07", AddressTestCmp07, 1); UtRegisterTest("AddressTestCmp08", AddressTestCmp08, 1); UtRegisterTest("AddressTestCmp09", AddressTestCmp09, 1); UtRegisterTest("AddressTestCmp10", AddressTestCmp10, 1); UtRegisterTest("AddressTestCmp11", AddressTestCmp11, 1); UtRegisterTest("AddressTestCmp12", AddressTestCmp12, 1); UtRegisterTest("AddressTestAddressGroupSetup01", AddressTestAddressGroupSetup01, 1); UtRegisterTest("AddressTestAddressGroupSetup02", AddressTestAddressGroupSetup02, 1); UtRegisterTest("AddressTestAddressGroupSetup03", AddressTestAddressGroupSetup03, 1); UtRegisterTest("AddressTestAddressGroupSetup04", AddressTestAddressGroupSetup04, 1); UtRegisterTest("AddressTestAddressGroupSetup05", AddressTestAddressGroupSetup05, 1); UtRegisterTest("AddressTestAddressGroupSetup06", AddressTestAddressGroupSetup06, 1); UtRegisterTest("AddressTestAddressGroupSetup07", AddressTestAddressGroupSetup07, 1); UtRegisterTest("AddressTestAddressGroupSetup08", AddressTestAddressGroupSetup08, 1); UtRegisterTest("AddressTestAddressGroupSetup09", AddressTestAddressGroupSetup09, 1); UtRegisterTest("AddressTestAddressGroupSetup10", AddressTestAddressGroupSetup10, 1); UtRegisterTest("AddressTestAddressGroupSetup11", AddressTestAddressGroupSetup11, 1); UtRegisterTest("AddressTestAddressGroupSetup12", AddressTestAddressGroupSetup12, 1); UtRegisterTest("AddressTestAddressGroupSetup13", AddressTestAddressGroupSetup13, 1); UtRegisterTest("AddressTestAddressGroupSetupIPv414", AddressTestAddressGroupSetupIPv414, 1); UtRegisterTest("AddressTestAddressGroupSetupIPv415", AddressTestAddressGroupSetupIPv415, 1); UtRegisterTest("AddressTestAddressGroupSetupIPv416", AddressTestAddressGroupSetupIPv416, 1); UtRegisterTest("AddressTestAddressGroupSetup14", AddressTestAddressGroupSetup14, 1); UtRegisterTest("AddressTestAddressGroupSetup15", AddressTestAddressGroupSetup15, 1); UtRegisterTest("AddressTestAddressGroupSetup16", AddressTestAddressGroupSetup16, 1); UtRegisterTest("AddressTestAddressGroupSetup17", AddressTestAddressGroupSetup17, 1); UtRegisterTest("AddressTestAddressGroupSetup18", AddressTestAddressGroupSetup18, 1); UtRegisterTest("AddressTestAddressGroupSetup19", AddressTestAddressGroupSetup19, 1); UtRegisterTest("AddressTestAddressGroupSetup20", AddressTestAddressGroupSetup20, 1); UtRegisterTest("AddressTestAddressGroupSetup21", AddressTestAddressGroupSetup21, 1); UtRegisterTest("AddressTestAddressGroupSetup22", AddressTestAddressGroupSetup22, 1); UtRegisterTest("AddressTestAddressGroupSetup23", AddressTestAddressGroupSetup23, 1); UtRegisterTest("AddressTestAddressGroupSetup24", AddressTestAddressGroupSetup24, 1); UtRegisterTest("AddressTestAddressGroupSetup25", AddressTestAddressGroupSetup25, 1); UtRegisterTest("AddressTestAddressGroupSetup26", AddressTestAddressGroupSetup26, 1); UtRegisterTest("AddressTestAddressGroupSetup27", AddressTestAddressGroupSetup27, 1); UtRegisterTest("AddressTestAddressGroupSetup28", AddressTestAddressGroupSetup28, 1); UtRegisterTest("AddressTestAddressGroupSetup29", AddressTestAddressGroupSetup29, 1); UtRegisterTest("AddressTestAddressGroupSetup30", AddressTestAddressGroupSetup30, 1); UtRegisterTest("AddressTestAddressGroupSetup31", AddressTestAddressGroupSetup31, 1); UtRegisterTest("AddressTestAddressGroupSetup32", AddressTestAddressGroupSetup32, 1); UtRegisterTest("AddressTestAddressGroupSetup33", AddressTestAddressGroupSetup33, 1); UtRegisterTest("AddressTestAddressGroupSetup34", AddressTestAddressGroupSetup34, 1); UtRegisterTest("AddressTestAddressGroupSetup35", AddressTestAddressGroupSetup35, 1); UtRegisterTest("AddressTestAddressGroupSetup36", AddressTestAddressGroupSetup36, 1); UtRegisterTest("AddressTestAddressGroupSetup37", AddressTestAddressGroupSetup37, 1); UtRegisterTest("AddressTestCutIPv401", AddressTestCutIPv401, 1); UtRegisterTest("AddressTestCutIPv402", AddressTestCutIPv402, 1); UtRegisterTest("AddressTestCutIPv403", AddressTestCutIPv403, 1); UtRegisterTest("AddressTestCutIPv404", AddressTestCutIPv404, 1); UtRegisterTest("AddressTestCutIPv405", AddressTestCutIPv405, 1); UtRegisterTest("AddressTestCutIPv406", AddressTestCutIPv406, 1); UtRegisterTest("AddressTestCutIPv407", AddressTestCutIPv407, 1); UtRegisterTest("AddressTestCutIPv408", AddressTestCutIPv408, 1); UtRegisterTest("AddressTestCutIPv409", AddressTestCutIPv409, 1); UtRegisterTest("AddressTestCutIPv410", AddressTestCutIPv410, 1); #endif /* UNITTESTS */ }