issues/682 v4 (#727)

Added support for host addresses in whitelist. Closes #682
2018-08-03 01:53:47 +03:00 · 2018-08-03 01:53:47 +03:00 · bccc10d50d
commit bccc10d50d
parent a330d92b8c
4 changed files with 22 additions and 14 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
 *.pyc
 __pycache__
 *.DS_Store
+src/build/
--- a/src/fast_library.cpp
+++ b/src/fast_library.cpp
@ -208,13 +208,10 @@ uint32_t convert_cidr_to_binary_netmask(unsigned int cidr) {
 }


-bool is_cidr_subnet(const char* subnet) {
+bool is_cidr_subnet(std::string subnet) {
    boost::cmatch what;
-    if (regex_match(subnet, what, regular_expression_cidr_pattern)) {
-        return true;
-    } else {
-        return false;
-    }
+
+    return regex_match(subnet.c_str(), what, regular_expression_cidr_pattern);
 }

 bool is_v4_host(std::string host) {
--- a/src/fast_library.h
+++ b/src/fast_library.h
@ -68,7 +68,7 @@ uint64_t MurmurHash64A(const void* key, int len, uint64_t seed);
 std::string print_tcp_flags(uint8_t flag_value);
 int timeval_subtract(struct timeval* result, struct timeval* x, struct timeval* y);
 bool folder_exists(std::string path);
-bool is_cidr_subnet(const char* subnet);
+bool is_cidr_subnet(std::string subnet);
 bool is_v4_host(std::string host);
 bool file_exists(std::string path);
 uint32_t convert_cidr_to_binary_netmask(unsigned int cidr);
--- a/src/fastnetmon.cpp
+++ b/src/fastnetmon.cpp
@ -1493,18 +1493,28 @@ void zeroify_all_flow_counters() {

 bool load_our_networks_list() {
    if (file_exists(white_list_path)) {
+        unsigned int network_entries = 0;
        std::vector<std::string> network_list_from_config = read_file_to_vector(white_list_path);

        for (std::vector<std::string>::iterator ii = network_list_from_config.begin();
             ii != network_list_from_config.end(); ++ii) {
-            if (ii->length() > 0 && is_cidr_subnet(ii->c_str())) {
-                make_and_lookup(whitelist_tree_ipv4, const_cast<char*>(ii->c_str()));
-            } else {
-                logger << log4cpp::Priority::ERROR << "Can't parse line from whitelist: " << *ii;
+            std::string text_subnet = *ii;
+            if (text_subnet.empty()) {
+                continue;
            }
+            if (is_v4_host(text_subnet)) {
+                logger << log4cpp::Priority::INFO << "Assuming /32 netmask for " << text_subnet;
+                text_subnet += "/32";
+            } else if (!is_cidr_subnet(text_subnet)) {
+                logger << log4cpp::Priority::ERROR << "Can't parse line from whitelist: " << text_subnet;
+                continue;
+            }
+            network_entries++;
+            make_and_lookup(whitelist_tree_ipv4, const_cast<char*> (text_subnet.c_str()));
+
        }

-        logger << log4cpp::Priority::INFO << "We loaded " << network_list_from_config.size()
+        logger << log4cpp::Priority::INFO << "We loaded " << network_entries
               << " networks from whitelist file";
    }

@ -1600,7 +1610,7 @@ bool load_our_networks_list() {
    for (std::vector<std::string>::iterator ii = networks_list_ipv4_as_string.begin();
         ii != networks_list_ipv4_as_string.end(); ++ii) {
        
-        if (!is_cidr_subnet(ii->c_str())) {
+        if (!is_cidr_subnet(*ii)) {
            logger << log4cpp::Priority::ERROR << "Can't parse line from subnet list: '" << *ii << "'";
            continue;
        }