diff options
| author | liuxueli <[email protected]> | 2024-11-08 11:22:50 +0000 |
|---|---|---|
| committer | liuxueli <[email protected]> | 2024-11-27 06:36:57 +0000 |
| commit | 0069278e8deacac477faca6296aad8ee37d6bb16 (patch) | |
| tree | 75e827db5ce99bf46d76762219dbcdbe3e77f7f0 | |
| parent | b3ee13fad85492b30db3ea006efb60d6b1b5b2b0 (diff) | |
Implement scanner_state.c/scanner_maat.c/attribute_schema.c
| -rw-r--r-- | include/stellar/scanner.h | 2 | ||||
| -rw-r--r-- | scanner/scanner.c | 59 | ||||
| -rw-r--r-- | scanner/scanner_maat.c | 265 |
3 files changed, 278 insertions, 48 deletions
diff --git a/include/stellar/scanner.h b/include/stellar/scanner.h index febe777..512b77c 100644 --- a/include/stellar/scanner.h +++ b/include/stellar/scanner.h @@ -52,7 +52,7 @@ size_t scanner_state_get_history_rules(struct scanner_state *exdata, enum RULE_T size_t scanner_state_get_current_packet_rule_count(struct scanner_state *exdata, enum RULE_TYPE rule_type); size_t scanner_state_get_current_packet_rules(struct scanner_state *exdata, enum RULE_TYPE rule_type, uuid_t rule_uuids[], size_t n_rule_uuids); -struct maat *scanne_get_maat_instance(struct scanner *scanner); +struct maat *scanner_get_maat_instance(struct scanner *scanner); const char *scanner_get_application_sub_action(struct scanner *scanner, int32_t appid); const char *scanner_get_security_settings(struct scanner *scanner, int32_t t_vsys_id); diff --git a/scanner/scanner.c b/scanner/scanner.c index aa69573..00ec4e9 100644 --- a/scanner/scanner.c +++ b/scanner/scanner.c @@ -76,41 +76,6 @@ int32_t is_dup_tag_uuid(uuid_t *tag_uuids, size_t tag_uuids_num, uuid_t tag_uuid return FALSE; } -const char *scanner_get_device_id(struct scanner *scanner) -{ - return ((scanner->global_para.device_id[0]=='\0') ? NULL : scanner->device_id); -} - -const char *scanner_get_device_group(struct scanner *scanner) -{ - return ((scanner->global_para.device_group[0]=='\0') ? NULL : scanner->device_group); -} - -const char *scanner_get_data_center(struct scanner *scanner) -{ - return ((scanner->global_para.data_center[0]=='\0') ? NULL : scanner->data_center); -} - -const char *scanner_get_device_tag(struct scanner *scanner) -{ - return ((scanner->global_para.device_tag[0]=='\0') ? NULL : scanner->device_tag); -} - -const char *scanner_get_device_sn(struct scanner *scanner) -{ - return ((scanner->global_para.device_sn[0]=='\0') ? NULL : scanner->device_sn); -} - -const char *scanner_get__sled_ip(struct scanner *scanner) -{ - return ((scanner->global_para.sled_ip[0]=='\0') ? NULL : scanner->sled_ip); -} - -int scanner_get_traffic_vsystem_id(struct scanner *scanner) -{ - return scanner->global_para.traffic_vsystem_id; -} - void device_sn_value_parser(char *filename, char *device_sn, size_t device_sn_sz) { if(filename==NULL || device_sn==NULL || device_sn_sz==0) @@ -732,11 +697,11 @@ enum MAAT_RULE_TABLE maat_rule_table_string2type(char *rule_name, size_t rule_na { if(rule_name==NULL || rule_name_sz==0) { - return MAAT_RULE_TABLE_UNKNOWN; + return RULE_TYPE_UNKNOWN; } struct rule_table_string2type rule_name_array[RULE_TYPE_MAX]={ - {MAAT_RULE_TABLE_UNKNOWN, 0, NULL}, + {RULE_TYPE_UNKNOWN, 0, NULL}, {RULE_TYPE_SECURITY, 13, (char *)"SECURITY_RULE"}, {RULE_TYPE_PXY_INTERCEPT, 18, (char *)"PXY_INTERCEPT_RULE"}, {RULE_TYPE_SERVICE_CHAINING, 21, (char *)"SERVICE_CHAINING_RULE"}, @@ -762,7 +727,7 @@ enum MAAT_RULE_TABLE maat_rule_table_string2type(char *rule_name, size_t rule_na } } - return MAAT_RULE_TABLE_UNKNOWN; + return RULE_TYPE_UNKNOWN; } void scanner_convert_rule(const char *readable_addr, struct maat_state *scan_state, struct scanner_state *policy_state, uuid_t *rule_uuids, size_t n_rule_uuids) @@ -824,7 +789,7 @@ void scanner_scan_not_logic_attribute(const char *readable_addr, struct attribut size_t n_rule_uuids=0; uuid_t rule_uuids[MAX_HITS_RULES_NUM]; - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); int hits_status=maat_scan_not_logic(cm_maat, table_name, schema->scan_attribute_name, rule_uuids, MAX_HITS_RULES_NUM, &n_rule_uuids, scan_state); scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); @@ -852,7 +817,7 @@ void scanner_scan_object_attribute(const char *readable_addr, struct attribute_s size_t n_rule_uuids=0; uuid_t rule_uuids[MAX_HITS_RULES_NUM]; - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); int hits_status=maat_scan_object(cm_maat, table_name, schema->scan_attribute_name, objects, n_object, rule_uuids, MAX_HITS_RULES_NUM, &n_rule_uuids, scan_state); scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); @@ -881,7 +846,7 @@ void scanner_scan_string_attribute(const char *readable_addr, struct attribute_s size_t n_rule_uuids=0; uuid_t rule_uuids[MAX_HITS_RULES_NUM]; - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); int hits_status=maat_scan_string(cm_maat, table_name, schema->scan_attribute_name, scan_string, scan_string_sz, rule_uuids, MAX_HITS_RULES_NUM, &n_rule_uuids, scan_state); scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); @@ -909,7 +874,7 @@ void scanner_scan_integer_attribute(const char *readable_addr, struct attribute_ size_t n_rule_uuids=0; uuid_t rule_uuids[MAX_HITS_RULES_NUM]; - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); int hits_status=maat_scan_integer(cm_maat, table_name, schema->scan_attribute_name, scan_integer, rule_uuids, MAX_HITS_RULES_NUM, &n_rule_uuids, scan_state); scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); @@ -938,7 +903,7 @@ void scanner_scan_flag_attribute(const char *readable_addr, struct attribute_sch size_t n_rule_uuids=0; uuid_t rule_uuids[MAX_HITS_RULES_NUM]; - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); int hits_status=maat_scan_flag(cm_maat, table_name, schema->scan_attribute_name, scan_flag, rule_uuids, MAX_HITS_RULES_NUM, &n_rule_uuids, scan_state); scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); @@ -967,7 +932,7 @@ void scanner_scan_ipv4_attribute(const char *readable_addr, struct attribute_sch size_t n_rule_uuids=0; uuid_t rule_uuids[MAX_HITS_RULES_NUM]; - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); int hits_status=maat_scan_ipv4_port(cm_maat, table_name, schema->scan_attribute_name, scan_ipv4, scan_port, rule_uuids, MAX_HITS_RULES_NUM, &n_rule_uuids, scan_state); scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); @@ -996,7 +961,7 @@ void scanner_scan_ipv6_attribute(const char *readable_addr, struct attribute_sch size_t n_rule_uuids=0; uuid_t rule_uuids[MAX_HITS_RULES_NUM]; - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); int hits_status=maat_scan_ipv6_port(cm_maat, table_name, schema->scan_attribute_name, scan_ipv6, scan_port, rule_uuids, MAX_HITS_RULES_NUM, &n_rule_uuids, scan_state); scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); @@ -1029,7 +994,7 @@ void scanner_scan_stream_attribute(const char *readable_addr, struct attribute_s if(*stream_handle==NULL) { - const char *table_name=firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name); + const char *table_name=scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name); *stream_handle=maat_stream_new(cm_maat, table_name, schema->scan_attribute_name, scan_state); FIREWALL_DEBUG_LOG("maat_stream_new", "new table: %s attribute: %s %s addr: %s", table_name, @@ -1045,7 +1010,7 @@ void scanner_scan_stream_attribute(const char *readable_addr, struct attribute_s scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); FIREWALL_DEBUG_LOG("maat_stream_scan", "scan table: %s attribute: %s hits_status: %d, n_hits: %d, addr: %s", - firewall_attribuite_mapping_table_name_get0(cm_maat, schema->scan_attribute_name), + scanner_maat_get_object_table_name(cm_maat, schema->scan_attribute_name), schema->scan_attribute_name, hits_status, n_rule_uuids, diff --git a/scanner/scanner_maat.c b/scanner/scanner_maat.c index ed9a7f7..e8ae674 100644 --- a/scanner/scanner_maat.c +++ b/scanner/scanner_maat.c @@ -8,6 +8,9 @@ #include "scanner_maat.h" #include "scanner_toml.h" +#include "scanner_state.h" + +#define MAX_MATCH_RULES_NUM 128 struct maat_parameter { @@ -1034,4 +1037,266 @@ struct scanner_maat *scanner_sd_maat_new(struct logger *logger, const char *toml sd_maat->plugin_table=scaner_maat_sd_plugin_new(sd_maat); return sd_maat; +} + +struct rule_table_string2type +{ + enum RULE_TYPE type; + size_t string_sz; + char *string; +}; + +enum RULE_TYPE maat_rule_table_string2type(char *rule_name, size_t rule_name_sz) +{ + if(rule_name==NULL || rule_name_sz==0) + { + return RULE_TYPE_UNKNOWN; + } + + struct rule_table_string2type rule_name_array[RULE_TYPE_MAX]={ + {RULE_TYPE_UNKNOWN, 0, NULL}, + {RULE_TYPE_SECURITY, 13, (char *)"SECURITY_RULE"}, + {RULE_TYPE_PXY_INTERCEPT, 18, (char *)"PXY_INTERCEPT_RULE"}, + {RULE_TYPE_SERVICE_CHAINING, 21, (char *)"SERVICE_CHAINING_RULE"}, + {RULE_TYPE_SHAPING, 20, (char *)"TRAFFIC_SHAPING_RULE"}, + {RULE_TYPE_APP_SIGNATURE, 12, (char *)"APP_SIG_RULE"}, + {RULE_TYPE_STATISTICS, 15, (char *)"STATISTICS_RULE"}, + {RULE_TYPE_MONITOR, 12, (char *)"MONITOR_RULE"}, + {RULE_TYPE_DOS_PROTECTION, 19, (char *)"DOS_PROTECTION_RULE"}, + {RULE_TYPE_TUNNEL, 11, (char *)"TUNNEL_RULE"} + }; + + for(int i=0; i<RULE_TYPE_MAX; i++) + { + if(rule_name_array[i].string_sz==0) + { + continue; + } + + if(rule_name_array[i].string_sz==rule_name_sz && (strncasecmp(rule_name_array[i].string, rule_name, rule_name_array[i].string_sz))==0 + ) + { + return rule_name_array[i].type; + } + } + + return RULE_TYPE_UNKNOWN; +} + +void scanner_convert_rule(const char *readable_addr __attribute__((unused)), struct maat_state *scan_state, struct scanner_state *policy_state, uuid_t *rule_uuids, size_t n_rule_uuids) +{ + if(scan_state==NULL || policy_state==NULL || rule_uuids==NULL || n_rule_uuids==0) + { + return ; + } + + for(size_t i=0; i<n_rule_uuids; i++) + { + char *rule_table_name=NULL; + int ret=maat_state_get_rule_table_names(scan_state, &(rule_uuids[i]), 1, &rule_table_name); + if(ret<=0) + { + return ; + } + size_t rule_table_name_sz=((rule_table_name!=NULL) ? strlen(rule_table_name) : 0); + enum RULE_TYPE rule_type=maat_rule_table_string2type(rule_table_name, rule_table_name_sz); + scanner_state_add_current_packet_rules(policy_state, rule_type, &(rule_uuids[i]), 1); + } +} + +void scanner_scan_not_logic_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, struct scanner_state *policy_state) +{ + if(scan_state==NULL || policy_state==NULL || attribute_name==NULL) + { + return ; + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + int hits_status=maat_scan_not_logic(cm_maat->feather, table_name, attribute_name, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_scan_not_logic: scan table: %s attribute_name: %s hits_status: %d n_hits: %d addr: %s", + table_name, + attribute_name, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); +} + +void scanner_scan_object_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, struct maat_hit_object *objects, size_t n_object, struct scanner_state *policy_state) +{ + if(scan_state==NULL || policy_state==NULL || attribute_name==NULL || objects==NULL || n_object==0) + { + return ; + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + int hits_status=maat_scan_object(cm_maat->feather, table_name, attribute_name, objects, n_object, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_scan_object: scan table: %s attribute_name: %s object_ids: %d hits_status: %d n_hits: %d addr: %s", + table_name, + attribute_name, + n_object, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); +} + +void scanner_scan_string_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, const char *scan_string, size_t scan_string_sz, struct scanner_state *policy_state) +{ + if(scan_state==NULL || scan_string==NULL || attribute_name==NULL || scan_string_sz==0 || policy_state==NULL) + { + return ; + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + int hits_status=maat_scan_string(cm_maat->feather, table_name, attribute_name, scan_string, scan_string_sz, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_scan_string: scan table: %s attribute_name: %s string: hits_status: %d n_hits: %d addr: %s", + table_name, + attribute_name, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); +} + +void scanner_scan_integer_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, uint64_t scan_integer, struct scanner_state *policy_state) +{ + if(scan_state==NULL || policy_state==NULL || attribute_name==NULL) + { + return ; + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + int hits_status=maat_scan_integer(cm_maat->feather, table_name, attribute_name, scan_integer, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_scan_integer: scan table: %s attribute_name: %s integer: %lu hits_status: %d n_hits: %d addr: %s", + table_name, + attribute_name, + scan_integer, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); +} + +void scanner_scan_flag_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, uint64_t scan_flag, struct scanner_state *policy_state) +{ + if(scan_state==NULL || policy_state==NULL || attribute_name==NULL) + { + return ; + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + int hits_status=maat_scan_flag(cm_maat->feather, table_name, attribute_name, scan_flag, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_scan_flags: scan table: %s attribute_name: %s flags: %lu hits_status: %d n_hits: %d addr: %s", + table_name, + attribute_name, + scan_flag, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); +} + +void scanner_scan_ipv4_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, uint32_t scan_ipv4, int32_t scan_port, struct scanner_state *policy_state) +{ + if(scan_state==NULL || policy_state==NULL || attribute_name==NULL) + { + return ; + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + int hits_status=maat_scan_ipv4_port(cm_maat->feather, table_name, attribute_name, scan_ipv4, scan_port, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_scan_ipv4_port: scan ipv4: %u port: %d table: %s attribute_name: %s hits_status: %d n_hits: %d addr: %s", + scan_ipv4, + scan_port, + table_name, + attribute_name, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); +} + +void scanner_scan_ipv6_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, uint8_t *scan_ipv6, int32_t scan_port, struct scanner_state *policy_state) +{ + if(scan_state==NULL || policy_state==NULL || attribute_name) + { + return ; + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + int hits_status=maat_scan_ipv6_port(cm_maat->feather, table_name, attribute_name, scan_ipv6, scan_port, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_scan_ipv6_port: scan ipv6: %.08x-%.08x-%.08x-%.08x port: %d table: %s attribute_name: %s hits_status: %d, n_hits: %d, addr: %s", + ((uint32_t *)scan_ipv6)[0], + ((uint32_t *)scan_ipv6)[1], + ((uint32_t *)scan_ipv6)[2], + ((uint32_t *)scan_ipv6)[3], + scan_port, + table_name, + attribute_name, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); +} + +void scanner_scan_stream_attribute(const char *readable_addr, char *attribute_name, struct scanner_maat *cm_maat, struct maat_state *scan_state, struct maat_stream **stream_handle, const char *scan_string, size_t scan_string_sz, struct scanner_state *policy_state) +{ + if(scan_state==NULL || policy_state==NULL || attribute_name==NULL || scan_string==NULL || scan_string_sz==0 || stream_handle==NULL) + { + return ; + } + + if(*stream_handle==NULL) + { + const char *table_name=scanner_maat_get_object_table_name(cm_maat, attribute_name); + *stream_handle=maat_stream_new(cm_maat->feather, table_name, attribute_name, scan_state); + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_stream_new: new table: %s attribute_name: %s %s addr: %s", + table_name, + attribute_name, + (*stream_handle!=NULL) ? "success" : "failed", + ((readable_addr!=NULL) ? readable_addr : "") + ); + } + + size_t n_rule_uuids=0; + uuid_t rule_uuids[MAX_MATCH_RULES_NUM]; + int hits_status=maat_stream_scan(*stream_handle, scan_string, scan_string_sz, rule_uuids, MAX_MATCH_RULES_NUM, &n_rule_uuids, scan_state); + scanner_convert_rule(readable_addr, scan_state, policy_state, rule_uuids, n_rule_uuids); + + STELLAR_LOG_TRACE(cm_maat->logger, SCANNER_MODULE_NAME, "maat_stream_scan: scan table: %s attribute_name: %s hits_status: %d, n_hits: %d, addr: %s", + scanner_maat_get_object_table_name(cm_maat, attribute_name), + attribute_name, + hits_status, + n_rule_uuids, + ((readable_addr!=NULL) ? readable_addr : "") + ); }
\ No newline at end of file |