diff options
| author | 郑超 <[email protected]> | 2024-03-27 11:19:39 +0000 |
|---|---|---|
| committer | liuwentan <[email protected]> | 2024-03-27 11:19:39 +0000 |
| commit | 99f98abbcdf6a9ae2da51b99aaa8dbf70568a4ff (patch) | |
| tree | dd7b00ac76051ca16936a42eaa9e4f61a68ed043 /test/maat_framework_gtest.cpp | |
| parent | 35d60d06b5bf18a8adf95cb4cfb00df5ab3c02da (diff) | |
Feature/scan ip port together support endpoint objectv4.1.32
Diffstat (limited to 'test/maat_framework_gtest.cpp')
| -rw-r--r-- | test/maat_framework_gtest.cpp | 495 |
1 files changed, 139 insertions, 356 deletions
diff --git a/test/maat_framework_gtest.cpp b/test/maat_framework_gtest.cpp index 56603c4..3c74a01 100644 --- a/test/maat_framework_gtest.cpp +++ b/test/maat_framework_gtest.cpp @@ -2,6 +2,7 @@ #include <dirent.h> #include <openssl/md5.h> +#include "test_utils.h" #include "maat.h" #include "maat_rule.h" #include "maat_utils.h" @@ -18,286 +19,12 @@ #define HIT_PATH_SIZE 128 #define WAIT_FOR_EFFECTIVE_S 2 -const char *table_info_path = "./table_info.conf"; -const char *json_path ="./maat_json.json"; -const char *json_filename = "maat_json.json"; +const char *g_table_info_path = "./table_info.conf"; +const char *g_json_filename = "maat_json.json"; size_t g_thread_num = 4; -int count_line_num_cb(const char *table_name, const char *line, void *u_para) -{ - (*((unsigned int *)u_para))++; - return 0; -} - -int line_idx = 0; -long long absolute_expire_time = 0; -int make_serial_rule(const char *table_name, const char *line, void *u_para) -{ - struct serial_rule *s_rule=(struct serial_rule *)u_para; - redisContext *ctx = s_rule->ref_ctx; - char *buff = ALLOC(char, strlen(line) + 1); - - memcpy(buff, line, strlen(line) + 1); - while (buff[strlen(line) - 1] == '\n' || buff[strlen(line) - 1] == '\t') { - buff[strlen(line) - 1] = '\0'; - } - - const char *redis_rule_key = "TEST_RULE_KEY"; - redisReply *reply = maat_wrap_redis_command(ctx, NULL, "INCRBY %s %d", - redis_rule_key, 1); - if (reply->type == REDIS_REPLY_NIL) { - printf("incrby redis_rule_key:%s failed.", redis_rule_key); - return -1; - } else { - s_rule->rule_id = maat_read_redis_integer(reply); - freeReplyObject(reply); - reply = NULL; - } - - maat_set_serial_rule(s_rule + line_idx, MAAT_OP_ADD, s_rule->rule_id, - table_name, buff, absolute_expire_time); - (s_rule + line_idx)->ref_ctx = ctx; - line_idx++; - - FREE(buff); - - return 0; -} - -int write_config_to_redis(char *redis_ip, int redis_port, int redis_db, - struct log_handle *logger) -{ - char json_iris_path[512] = {0}; - - snprintf(json_iris_path, sizeof(json_iris_path), "./%s_iris_tmp", - json_filename); - - redisContext *c = maat_connect_redis(redis_ip, redis_port, redis_db, logger); - if (NULL == c) { - return -1; - } - - redisReply *reply = maat_wrap_redis_command(c, logger, "flushdb"); - if (NULL == reply) { - return -1; - } else { - freeReplyObject(reply); - reply = NULL; - } - - if (0 == access(json_iris_path, F_OK)) { - system_cmd_rmdir(json_iris_path); - } - - if (access(json_iris_path, F_OK) < 0) { - char tmp_iris_path[128] = {0}; - char *json_buff = NULL; - size_t json_buff_sz = 0; - - int ret = load_file_to_memory(json_filename, (unsigned char **)&json_buff, - &json_buff_sz); - if (ret < 0) { - return -1; - } - - ret = json2iris(json_buff, json_filename, c, tmp_iris_path, - sizeof(tmp_iris_path), NULL, NULL, logger); - FREE(json_buff); - if (ret < 0) { - return -1; - } - } - - size_t total_line_cnt = 0; - char tmp_iris_full_idx_path[PATH_MAX] = {0}; - snprintf(tmp_iris_full_idx_path, sizeof(tmp_iris_full_idx_path), "%s/index", - json_iris_path); - config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, count_line_num_cb, - NULL, &total_line_cnt, NULL, logger); - - struct serial_rule *s_rule = ALLOC(struct serial_rule, total_line_cnt); - s_rule->ref_ctx = c; - long long server_time = maat_redis_server_time_s(c); - if (server_time < 0) { - return -1; - } - absolute_expire_time = server_time + 300; - config_monitor_traverse(0, tmp_iris_full_idx_path, NULL, make_serial_rule, - NULL, s_rule, NULL, logger); - s_rule->ref_ctx = NULL; - line_idx = 0; - absolute_expire_time = 0; - - int success_cnt = 0; - do { - success_cnt = maat_cmd_write_rule(c, s_rule, total_line_cnt, - server_time, logger); - } while (success_cnt < 0); - - EXPECT_EQ(success_cnt, (int)total_line_cnt); - - for (size_t i = 0; i < total_line_cnt; i++) { - maat_clear_rule_cache(s_rule + i); - } - FREE(s_rule); - redisFree(c); - - return 0; -} - -int compile_table_set_line(struct maat *maat_inst, const char *table_name, - enum maat_operation op, long long compile_id, - const char *user_region, int clause_num, - int expire_after) -{ - char table_line[1024 * 16] = {0}; - sprintf(table_line, "%lld\t0\t0\t0\t0\t0\t%s\t%d\t%d\t0.0", - compile_id, user_region, clause_num, op); - - struct maat_cmd_line line_rule; - line_rule.rule_id = compile_id; - line_rule.table_line = table_line; - line_rule.table_name = table_name; - line_rule.expire_after = expire_after; - - return maat_cmd_set_line(maat_inst, &line_rule); -} - -#define TO_GROUP2X_KEY(group_id, parent_id, clause_index) (((unsigned long)group_id<<32|parent_id) + clause_index) - -int group2compile_table_set_line(struct maat *maat_inst, const char *table_name, - enum maat_operation op, long long group_id, - long long compile_id, int not_flag, - const char *vtable_name, int clause_index, - int expire_after) -{ - char table_line[128] = {0}; - sprintf(table_line, "%lld\t%lld\t%d\t%s\t%d\t%d", - group_id, compile_id, not_flag, vtable_name, clause_index, op); - - struct maat_cmd_line line_rule; - line_rule.rule_id = TO_GROUP2X_KEY(group_id, compile_id, clause_index); - line_rule.table_line = table_line; - line_rule.table_name = table_name; - line_rule.expire_after = expire_after; - - return maat_cmd_set_line(maat_inst, &line_rule); -} - -int group2group_table_set_line(struct maat *maat_inst, const char *table_name, - enum maat_operation op, long long group_id, - long long sub_group_id, int expire_after) -{ - char table_line[128] = {0}; - sprintf(table_line, "%lld\t%lld\t%s\t%d", group_id, sub_group_id, - "null", op); - - struct maat_cmd_line line_rule; - line_rule.rule_id = TO_GROUP2X_KEY(group_id, sub_group_id, 0); - line_rule.table_line = table_line; - line_rule.table_name = table_name; - line_rule.expire_after = expire_after; - - return maat_cmd_set_line(maat_inst, &line_rule); -} - -int expr_table_set_line(struct maat *maat_inst, const char *table_name, - enum maat_operation op, long long item_id, - long long group_id, const char *keywords, - const char *district, int expr_type, - int match_method, int is_hexbin, int expire_after) -{ - char table_line[1024] = {0}; - int table_id = maat_get_table_id(maat_inst, table_name); - if (table_id < 0) { - return 0; - } - - enum table_type table_type = table_manager_get_table_type(maat_inst->tbl_mgr, - table_id); - assert(table_type == TABLE_TYPE_EXPR || table_type == TABLE_TYPE_EXPR_PLUS); - - if (table_type == TABLE_TYPE_EXPR_PLUS) { - sprintf(table_line, "%lld\t%lld\t%s\t%s\t%d\t%d\t%d\t%d", - item_id, group_id, district, keywords, expr_type, - match_method, is_hexbin, op); - } else { - sprintf(table_line, "%lld\t%lld\t%s\t%d\t%d\t%d\t%d", - item_id, group_id, keywords, expr_type, - match_method, is_hexbin, op); - } - - struct maat_cmd_line line_rule; - line_rule.rule_id = item_id; - line_rule.table_line = table_line; - line_rule.table_name = table_name; - line_rule.expire_after = expire_after; - - return maat_cmd_set_line(maat_inst, &line_rule); -} - -int -interval_table_set_line(struct maat *maat_inst, const char *table_name, - enum maat_operation op, long long item_id, long long group_id, - unsigned int low_boundary, unsigned int up_boundary, - const char *district, int expire_after) -{ - char table_line[1024] = {0}; - int table_id = maat_get_table_id(maat_inst, table_name); - if (table_id < 0) { - return 0; - } - - enum table_type table_type = table_manager_get_table_type(maat_inst->tbl_mgr, - table_id); - assert(table_type == TABLE_TYPE_INTERVAL || table_type == TABLE_TYPE_INTERVAL_PLUS); - - if (table_type == TABLE_TYPE_INTERVAL_PLUS) { - sprintf(table_line, "%lld\t%lld\t%s\t%u\t%u\t%d", - item_id, group_id, district, low_boundary, up_boundary, op); - } else { - sprintf(table_line, "%lld\t%lld\t%u\t%u\t%d", - item_id, group_id, low_boundary, up_boundary, op); - } - - struct maat_cmd_line line_rule; - line_rule.rule_id = item_id; - line_rule.table_line = table_line; - line_rule.table_name = table_name; - line_rule.expire_after = expire_after; - - return maat_cmd_set_line(maat_inst, &line_rule); -} - -int ip_table_set_line(struct maat *maat_inst, const char *table_name, - enum maat_operation op, long long item_id, - long long group_id, enum IP_TYPE type, const char *ip1, - const char *ip2, int expire_after) -{ - char table_line[1024] = {0}; - int table_id = maat_get_table_id(maat_inst, table_name); - if (table_id < 0) { - return 0; - } - - int ip_type = IPV4; - if (type == IPv6) { - ip_type = IPV6; - } - - sprintf(table_line, "%lld\t%lld\t%d\t%s\t%s\t%s\t%d", - item_id, group_id, ip_type, "range", ip1, ip2, op); - struct maat_cmd_line line_rule; - - line_rule.rule_id = item_id; - line_rule.table_line = table_line; - line_rule.table_name = table_name; - line_rule.expire_after = expire_after; - - return maat_cmd_set_line(maat_inst, &line_rule); -} int test_add_expr_command(struct maat *maat_inst, const char *expr_table, long long compile_id, int timeout, @@ -369,7 +96,7 @@ protected: maat_options_set_json_file_decrypt_key(opts, json_decrypt_key); maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -467,7 +194,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__); @@ -481,7 +208,7 @@ protected: maat_options_set_accept_tags(opts, accept_tags); maat_options_set_hit_path_enabled(opts); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -773,7 +500,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -789,7 +516,7 @@ protected: maat_options_set_hit_path_enabled(opts); maat_options_set_expr_engine(opts, MAAT_EXPR_ENGINE_HS); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -1685,7 +1412,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -1701,7 +1428,7 @@ protected: maat_options_set_expr_engine(opts, MAAT_EXPR_ENGINE_RS); maat_options_set_hit_path_enabled(opts); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -2607,18 +2334,17 @@ protected: maat_options_set_redis(opts, redis_ip, redis_port, redis_db); maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); assert(_shared_maat_inst != NULL); maat_cmd_flushDB(_shared_maat_inst); maat_free(_shared_maat_inst); maat_options_set_foreign_cont_dir(opts, "./foreign_files/"); - maat_options_set_rule_effect_interval_ms(opts, 0); maat_options_set_gc_timeout_ms(opts, 0); // start GC immediately maat_options_set_stat_file(opts, "./stat.log"); maat_options_set_perf_on(opts); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); } @@ -2721,19 +2447,18 @@ protected: maat_options_set_redis(opts, redis_ip, redis_port, redis_db); maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); assert(_shared_maat_inst != NULL); maat_cmd_flushDB(_shared_maat_inst); maat_free(_shared_maat_inst); maat_options_set_foreign_cont_dir(opts, "./foreign_files/"); - maat_options_set_rule_effect_interval_ms(opts, 0); maat_options_set_gc_timeout_ms(opts, 0); // start GC immediately maat_options_set_stat_file(opts, "./stat.log"); maat_options_set_perf_on(opts); maat_options_set_expr_engine(opts, MAAT_EXPR_ENGINE_RS); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); } @@ -2828,7 +2553,7 @@ TEST_F(MaatRsStreamScan, dynamic_config) { state = NULL; } -class MaatIPScan : public testing::Test +class IPScan : public testing::Test { protected: static void SetUpTestCase() { @@ -2839,7 +2564,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -2853,11 +2578,11 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, - "[%s:%d] create maat instance in MaatIPScan failed.", + "[%s:%d] create maat instance in IPScan failed.", __FUNCTION__, __LINE__); } } @@ -2871,12 +2596,12 @@ protected: static struct maat *_shared_maat_inst; }; -struct maat *MaatIPScan::_shared_maat_inst; -struct log_handle *MaatIPScan::logger; +struct maat *IPScan::_shared_maat_inst; +struct log_handle *IPScan::logger; -TEST_F(MaatIPScan, IPv4ScanDataFull_0) { +TEST_F(IPScan, IPv4Unspecified) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -2903,9 +2628,9 @@ TEST_F(MaatIPScan, IPv4ScanDataFull_0) { state = NULL; } -TEST_F(MaatIPScan, IPv4ScanDataFull_1) { +TEST_F(IPScan, IPv4Broadcast) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -2932,9 +2657,9 @@ TEST_F(MaatIPScan, IPv4ScanDataFull_1) { state = NULL; } -TEST_F(MaatIPScan, IPv4RuleFull_0) { +TEST_F(IPScan, MatchSingleIPv4) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -2962,9 +2687,9 @@ TEST_F(MaatIPScan, IPv4RuleFull_0) { state = NULL; } -TEST_F(MaatIPScan, IPv6ScanDataFull_0) { +TEST_F(IPScan, IPv6Unspecified) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -2991,9 +2716,9 @@ TEST_F(MaatIPScan, IPv6ScanDataFull_0) { maat_state_free(state); } -TEST_F(MaatIPScan, IPv6ScanDataFull_1) { +TEST_F(IPScan, IPv6Broadcast) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -3019,9 +2744,9 @@ TEST_F(MaatIPScan, IPv6ScanDataFull_1) { maat_state_free(state); } -TEST_F(MaatIPScan, IPv6RuleFull_0) { +TEST_F(IPScan, MatchSingleIPv6) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -3050,9 +2775,9 @@ TEST_F(MaatIPScan, IPv6RuleFull_0) { state = NULL; } -TEST_F(MaatIPScan, IPv4_IPPort) { +TEST_F(IPScan, MatchIPv4Range) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -3080,10 +2805,39 @@ TEST_F(MaatIPScan, IPv4_IPPort) { maat_state_free(state); state = NULL; } +TEST_F(IPScan, MatchIPv4Port) { + const char *table_name = "IP_PLUS_CONFIG"; + struct maat *maat_inst = IPScan::_shared_maat_inst; + int thread_id = 0; + + int table_id = maat_get_table_id(maat_inst, table_name); + ASSERT_GT(table_id, 0); + + char ip_str[32] = "192.168.30.44"; + uint32_t sip; + int ret = inet_pton(AF_INET, ip_str, &sip); + EXPECT_EQ(ret, 1); + + long long results[ARRAY_SIZE] = {0}; + size_t n_hit_result = 0; + struct maat_state *state = maat_state_new(maat_inst, thread_id); + ret = maat_scan_ipv4_port(maat_inst, table_id, sip, 443, results, ARRAY_SIZE, + &n_hit_result, state); + EXPECT_EQ(ret, MAAT_SCAN_OK); + EXPECT_EQ(n_hit_result, 0); -TEST_F(MaatIPScan, IPv6_IPPort) { + ret = maat_scan_ipv4_port(maat_inst, table_id, sip, 80, results, ARRAY_SIZE, + &n_hit_result, state); + EXPECT_EQ(ret, MAAT_SCAN_HIT); + EXPECT_EQ(n_hit_result, 1); + EXPECT_EQ(results[0], 232); + + maat_state_free(state); + state = NULL; +} +TEST_F(IPScan, MatchIPv6Range) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -3109,10 +2863,43 @@ TEST_F(MaatIPScan, IPv6_IPPort) { maat_state_free(state); state = NULL; } +TEST_F(IPScan, MatchIPv6Port) { + const char *table_name = "IP_PLUS_CONFIG"; + struct maat *maat_inst = IPScan::_shared_maat_inst; + int thread_id = 0; + + int table_id = maat_get_table_id(maat_inst, table_name); + char ip_str[32] = "2607:5d00:2:2::32:28"; + int port=443; + uint8_t sip[16]; + int ret = inet_pton(AF_INET6, ip_str, &sip); + EXPECT_EQ(ret, 1); -TEST_F(MaatIPScan, BugReport20210515) { + long long results[ARRAY_SIZE] = {0}; + size_t n_hit_result = 0; + struct maat_state *state = maat_state_new(maat_inst, thread_id); + ret = maat_scan_ipv6_port(maat_inst, table_id, sip, port, results, ARRAY_SIZE, + &n_hit_result, state); + EXPECT_EQ(ret, MAAT_SCAN_HIT); + EXPECT_EQ(n_hit_result, 2); + EXPECT_EQ(results[0], 230); + EXPECT_EQ(results[1], 210); + + maat_state_reset(state); + //If the port is not present, should not match rules with port range. In this case, only rule 210 "::/0" should match. + ret = maat_scan_ipv6(maat_inst, table_id, sip, results, ARRAY_SIZE, + &n_hit_result, state); + EXPECT_EQ(ret, MAAT_SCAN_HIT); + EXPECT_EQ(n_hit_result, 1); + EXPECT_EQ(results[0], 210); + + maat_state_free(state); + state = NULL; +} + +TEST_F(IPScan, BugReport20210515) { const char *table_name = "IP_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -3136,9 +2923,9 @@ TEST_F(MaatIPScan, BugReport20210515) { state = NULL; } -TEST_F(MaatIPScan, dynamic_config) { +TEST_F(IPScan, RuleUpdates) { const char *table_name = "IP_PLUS_CONFIG"; - struct maat *maat_inst = MaatIPScan::_shared_maat_inst; + struct maat *maat_inst = IPScan::_shared_maat_inst; int thread_id = 0; int table_id = maat_get_table_id(maat_inst, table_name); @@ -3236,7 +3023,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__); @@ -3249,7 +3036,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -3372,7 +3159,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__); @@ -3385,7 +3172,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -3471,7 +3258,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -3485,7 +3272,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -4730,7 +4517,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -4744,7 +4531,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -5117,7 +4904,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -5131,7 +4918,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_DEBUG); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -5381,7 +5168,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -5395,7 +5182,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -5521,7 +5308,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -5535,7 +5322,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -5661,7 +5448,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -5675,7 +5462,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -5832,7 +5619,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -5846,7 +5633,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -5919,7 +5706,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -5933,7 +5720,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -5985,7 +5772,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -6000,7 +5787,7 @@ protected: maat_options_set_accept_tags(opts, accept_tags); maat_options_set_hit_path_enabled(opts); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -6138,7 +5925,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -6153,7 +5940,7 @@ protected: maat_options_set_accept_tags(opts, accept_tags); maat_options_set_hit_path_enabled(opts); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -6320,7 +6107,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -6335,7 +6122,7 @@ protected: maat_options_set_accept_tags(opts, accept_tags); maat_options_set_hit_path_enabled(opts); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -6732,7 +6519,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -6746,7 +6533,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -6806,8 +6593,6 @@ protected: static void SetUpTestCase() { const char *rule_folder = "./ntcrule/full/index"; const char *table_info = "./file_test_tableinfo.conf"; - int scan_interval_ms = 500; - int effective_interval_ms = 0; struct maat_options *opts = maat_options_new(); maat_options_set_caller_thread_number(opts, g_thread_num); @@ -6815,8 +6600,7 @@ protected: maat_options_set_stat_file(opts, "./stat.log"); maat_options_set_perf_on(opts); maat_options_set_iris(opts, rule_folder, rule_folder); - maat_options_set_rule_update_checking_interval_ms(opts, scan_interval_ms); - maat_options_set_rule_effect_interval_ms(opts, effective_interval_ms); + maat_options_set_rule_update_checking_interval_ms(opts, 500); maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); _shared_maat_inst = maat_new(opts, table_info); @@ -6909,7 +6693,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", @@ -6923,7 +6707,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -7282,15 +7066,14 @@ protected: maat_options_set_hit_path_enabled(opts); maat_options_set_hit_group_enabled(opts); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); assert(_shared_maat_inst != NULL); maat_cmd_flushDB(_shared_maat_inst); maat_free(_shared_maat_inst); maat_options_set_foreign_cont_dir(opts, "./foreign_files/"); - maat_options_set_rule_effect_interval_ms(opts, 1000); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); _ex_data_counter = ALLOC(int, 1); @@ -11207,7 +10990,7 @@ protected: int redis_db = 0; logger = log_handle_create("./maat_framework_gtest.log", 0); - int ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + int ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); if (ret < 0) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, "[%s:%d] write config to redis failed.", __FUNCTION__, __LINE__); @@ -11220,7 +11003,7 @@ protected: maat_options_set_logger(opts, "./maat_framework_gtest.log", LOG_LEVEL_INFO); maat_options_set_accept_tags(opts, accept_tags); - _shared_maat_inst = maat_new(opts, table_info_path); + _shared_maat_inst = maat_new(opts, g_table_info_path); maat_options_free(opts); if (NULL == _shared_maat_inst) { log_fatal(logger, MODULE_FRAMEWORK_GTEST, @@ -11368,7 +11151,7 @@ TEST_F(MaatRollbackTest, FullConfigRollback) { ret = clear_config_in_redis(c, logger); EXPECT_EQ(ret, 0); - ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); EXPECT_EQ(ret, 0); ret = rollback_redis_version(c, logger); @@ -11428,7 +11211,7 @@ TEST_F(MaatRollbackTest, FullConfigRollbackWhenScanUnfinished) { ret = clear_config_in_redis(c, logger); EXPECT_EQ(ret, 0); - ret = write_config_to_redis(redis_ip, redis_port, redis_db, logger); + ret = write_json_to_redis(g_json_filename, redis_ip, redis_port, redis_db, logger); EXPECT_EQ(ret, 0); ret = rollback_redis_version(c, logger); |