📄 ipaddrset.c

📁 著名的入侵检测系统snort的最新版本的源码
💻 C
📖 第 1 页 / 共 2 页
字号:
12 下一页
/* $Id$ *//* * Copyright(C) 2002 Sourcefire, Inc. *  * Author(s):  Andrew R. Baker <andrewb@snort.org> *             Martin Roesch   <roesch@sourcefire.com> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License Version 2 as * published by the Free Software Foundation.  You may not use, modify or * distribute this program under any other version of the GNU General * Public License. *  * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * *//* includes */#ifdef HAVE_CONFIG_H#include "config.h"#endif#include <errno.h>#include <stdio.h>#include <string.h>#include <stdlib.h>#ifndef WIN32#include <netdb.h>#include <ctype.h>#include <sys/types.h>#include <sys/socket.h>#include <netinet/in.h>#include <arpa/inet.h>#endif#ifdef HAVE_STRINGS_H#include <strings.h>#endif#include "util.h"#include "mstring.h"#include "parser.h"#include "debug.h"#include "IpAddrSet.h"#ifdef SUP_IP6#include "ipv6_port.h"#elseextern char *file_name;     /* current rules file being processed */extern int line_num;        /* current rules file line */IpAddrSet *IpAddrSetCreate(){    IpAddrSet *tmp;    tmp = (IpAddrSet *) SnortAlloc(sizeof(IpAddrSet));    return tmp;}void IpAddrSetDestroy(IpAddrSet *ipAddrSet){    IpAddrNode *node, *tmp;    if(!ipAddrSet)         return;    node = ipAddrSet->iplist;    while(node)    {        tmp = node;        node = node->next;        free(tmp);    }    node = ipAddrSet->neg_iplist;    while(node)    {        tmp = node;        node = node->next;        free(tmp);    }}static char buffer[1024];void IpAddrSetPrint(char *prefix, IpAddrSet *ipAddrSet){    IpAddrNode *iplist, *neglist;    struct in_addr in;    int ret;    if(!ipAddrSet) return;    iplist = ipAddrSet->iplist;    neglist = ipAddrSet->neg_iplist;    while(iplist)     {        buffer[0] = '\0';        in.s_addr = iplist->ip_addr;        ret = SnortSnprintfAppend(buffer, sizeof(buffer), "%s/", inet_ntoa(in));        if (ret != SNORT_SNPRINTF_SUCCESS)            return;        in.s_addr = iplist->netmask;        ret = SnortSnprintfAppend(buffer, sizeof(buffer), "%s", inet_ntoa(in));        if (ret != SNORT_SNPRINTF_SUCCESS)            return;        if (prefix)            LogMessage("%s%s\n", prefix, buffer);        else            LogMessage("%s\n", buffer);        iplist = iplist->next;           }    while(neglist)     {        buffer[0] = '\0';        in.s_addr = neglist->ip_addr;        ret = SnortSnprintfAppend(buffer, sizeof(buffer), "NOT %s/", inet_ntoa(in));        if (ret != SNORT_SNPRINTF_SUCCESS)            return;        in.s_addr = neglist->netmask;        ret = SnortSnprintfAppend(buffer, sizeof(buffer), "%s", inet_ntoa(in));        if (ret != SNORT_SNPRINTF_SUCCESS)            return;        if (prefix)            LogMessage("%s%s\n", prefix, buffer);        else            LogMessage("%s\n", buffer);        neglist = neglist->next;    }}IpAddrSet *IpAddrSetCopy(IpAddrSet *ipAddrSet){    IpAddrSet *newIpAddrSet;    IpAddrNode *current;    IpAddrNode *iplist, *neglist;    IpAddrNode *prev = NULL;    if(!ipAddrSet) return NULL;    newIpAddrSet = (IpAddrSet *)calloc(sizeof(IpAddrSet), 1);    if(!newIpAddrSet)     {        goto failed;    }    iplist = ipAddrSet->iplist;    neglist = ipAddrSet->neg_iplist;    while(iplist)    {        current = (IpAddrNode *)malloc(sizeof(IpAddrNode));        if (!current)        {            goto failed;        }        if(!newIpAddrSet->iplist)            newIpAddrSet->iplist = current;                current->ip_addr = iplist->ip_addr;        current->netmask = iplist->netmask;        current->addr_flags = iplist->addr_flags;        current->next = NULL;        if(prev)            prev->next = current;        prev = current;        iplist = iplist->next;    }    while(neglist)    {        current = (IpAddrNode *)malloc(sizeof(IpAddrNode));        if (!current)        {            goto failed;        }                if(!newIpAddrSet->neg_iplist)            newIpAddrSet->neg_iplist = current;        current->ip_addr = neglist->ip_addr;        current->netmask = neglist->netmask;        current->addr_flags = neglist->addr_flags;        current->next = NULL;        if(prev)            prev->next = current;        prev = current;        neglist = neglist->next;    }    return newIpAddrSet;failed:    if(newIpAddrSet)        IpAddrSetDestroy(newIpAddrSet);    return NULL; /* XXX ENOMEM */}/* XXX: legacy support function *//* * Function: ParseIP(char *, IpAddrSet *) * * Purpose: Convert a supplied IP address to it's network order 32-bit long *          value.  Also convert the CIDR block notation into a real *          netmask. * * Arguments: char *addr  => address string to convert *            IpAddrSet * => *             * * Returns: 0 for normal addresses, 1 for an "any" address */int ParseIP(char *paddr, IpAddrSet *ias, int negate) //, IpAddrNode *node){    char **toks;        /* token dbl buffer */    int num_toks;       /* number of tokens found by mSplit() */    int cidr = 1;       /* is network expressed in CIDR format */    int nmask = -1;     /* netmask temporary storage */    char *addr;         /* string to parse, eventually a                         * variable-contents */    struct hostent *host_info;  /* various struct pointers for stuff */    struct sockaddr_in sin; /* addr struct */    char broadcast_addr_set = 0;    IpAddrNode *address_data = (IpAddrNode*)SnortAlloc(sizeof(IpAddrNode));    if(!paddr || !ias)         return 1;    addr = paddr;    if(*addr == '!')    {        negate = !negate;//        address_data->addr_flags |= EXCEPT_IP;        addr++;  /* inc past the '!' */    }    /* check for wildcards */    if(!strcasecmp(addr, "any"))    {        if(negate)         {            FatalError("%s(%d) => !any is not allowed\n", file_name, file_line);        }            /* Make first node 0, which matches anything */        if(!ias->iplist)         {            ias->iplist = (IpAddrNode*)SnortAlloc(sizeof(IpAddrNode));        }        ias->iplist->ip_addr = 0;        ias->iplist->netmask = 0;        return 1;    }    /* break out the CIDR notation from the IP address */    toks = mSplit(addr, "/", 2, &num_toks, 0);    /* "/" was not used as a delimeter, try ":" */    if(num_toks == 1)    {        mSplitFree(&toks, num_toks);        toks = mSplit(addr, ":", 2, &num_toks, 0);    }    /*     * if we have a mask spec and it is more than two characters long, assume     * it is netmask format     */    if((num_toks > 1) && strlen(toks[1]) > 2)    {        cidr = 0;    }    switch(num_toks)    {        case 1:            address_data->netmask = netmasks[32];            break;        case 2:            if(cidr)            {                /* convert the CIDR notation into a real live netmask */                nmask = atoi(toks[1]);                /* it's pain to differ whether toks[1] is correct if netmask */                /* is /0, so we deploy some sort of evil hack with isdigit */                if(!isdigit((int) toks[1][0]))                    nmask = -1;                /* if second char is != '\0', it must be a digit                 * by Daniel B. Cid, dcid@sourcefire.com                 */                 if((toks[1][1] != '\0')&&(!isdigit((int) toks[1][1]) ))                    nmask = -1;                                if((nmask > -1) && (nmask < 33))                {                    address_data->netmask = netmasks[nmask];
12 下一页
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -