From b6a371f32d0292a01151f46e11847e3e7a8e440b Mon Sep 17 00:00:00 2001 From: Jon Siwek Date: Sat, 23 Jul 2011 16:45:29 -0500 Subject: [PATCH] mask_addr bif now returns subnet (addresses #512) --- policy/frameworks/metrics/base/main.bro | 3 +- policy/utils/site.bro | 6 ++-- src/bro.bif | 4 +-- testing/btest/Baseline/bifs.mask_addr/output | 32 ++++++++++++++++++++ testing/btest/bifs/mask_addr.bro | 9 ++++++ 5 files changed, 47 insertions(+), 7 deletions(-) create mode 100644 testing/btest/Baseline/bifs.mask_addr/output create mode 100644 testing/btest/bifs/mask_addr.bro diff --git a/policy/frameworks/metrics/base/main.bro b/policy/frameworks/metrics/base/main.bro index 354172fd42..fc0aa8dfa0 100644 --- a/policy/frameworks/metrics/base/main.bro +++ b/policy/frameworks/metrics/base/main.bro @@ -122,8 +122,7 @@ function add_data(name: ID, index: Index, increment: count) if ( conf?$aggregation_mask ) { local agg_mask = conf$aggregation_mask; - local agg = mask_addr(index$host, agg_mask); - agg_subnet = fmt("%s/%d", agg, agg_mask); + agg_subnet = fmt("%s", mask_addr(index$host, agg_mask)); } else if ( conf?$aggregation_table ) agg_subnet = fmt("%s", conf$aggregation_table[index$host]); diff --git a/policy/utils/site.bro b/policy/utils/site.bro index f6e14f457f..bac5ed04b3 100644 --- a/policy/utils/site.bro +++ b/policy/utils/site.bro @@ -97,13 +97,13 @@ function find_all_emails(ip: addr): set[string] if ( ip !in local_admins ) return set(); local output_values: set[string] = set(); - local tmp_ip: addr; + local tmp_subnet: subnet; local i: count; local emails: string; for ( i in one_to_32 ) { - tmp_ip = mask_addr(ip, one_to_32[i]); - for ( email in local_admins[tmp_ip] ) + tmp_subnet = mask_addr(ip, one_to_32[i]); + for ( email in local_admins[tmp_subnet] ) { if ( email != "" ) add output_values[email]; diff --git a/src/bro.bif b/src/bro.bif index 6472e4b259..9a21e82772 100644 --- a/src/bro.bif +++ b/src/bro.bif @@ -639,9 +639,9 @@ function to_port%(num: count, proto: transport_proto%): port return new PortVal(num, (TransportProto)proto->AsEnum()); %} -function mask_addr%(a: addr, top_bits_to_keep: count%): addr +function mask_addr%(a: addr, top_bits_to_keep: count%): subnet %{ - return new AddrVal(mask_addr(a, top_bits_to_keep)); + return new SubNetVal(mask_addr(a, top_bits_to_keep), top_bits_to_keep); %} # Take some top bits (e.g. subnet address) from a1 and the other diff --git a/testing/btest/Baseline/bifs.mask_addr/output b/testing/btest/Baseline/bifs.mask_addr/output new file mode 100644 index 0000000000..73ad62f40a --- /dev/null +++ b/testing/btest/Baseline/bifs.mask_addr/output @@ -0,0 +1,32 @@ +128.0.0.0/1 +192.0.0.0/2 +224.0.0.0/3 +240.0.0.0/4 +248.0.0.0/5 +252.0.0.0/6 +254.0.0.0/7 +255.0.0.0/8 +255.128.0.0/9 +255.192.0.0/10 +255.224.0.0/11 +255.240.0.0/12 +255.248.0.0/13 +255.252.0.0/14 +255.254.0.0/15 +255.255.0.0/16 +255.255.128.0/17 +255.255.192.0/18 +255.255.224.0/19 +255.255.240.0/20 +255.255.248.0/21 +255.255.252.0/22 +255.255.254.0/23 +255.255.255.0/24 +255.255.255.128/25 +255.255.255.192/26 +255.255.255.224/27 +255.255.255.240/28 +255.255.255.248/29 +255.255.255.252/30 +255.255.255.254/31 +255.255.255.255/32 diff --git a/testing/btest/bifs/mask_addr.bro b/testing/btest/bifs/mask_addr.bro new file mode 100644 index 0000000000..e1e3bccfb6 --- /dev/null +++ b/testing/btest/bifs/mask_addr.bro @@ -0,0 +1,9 @@ +# @TEST-EXEC: bro %INPUT >output +# @TEST-EXEC: btest-diff output + +const one_to_32: vector of count = {1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32}; + +for ( i in one_to_32 ) + { + print mask_addr(255.255.255.255, one_to_32[i]); + }