|
|
@ -26,6 +26,7 @@ type Rule struct {
|
|
|
|
mode RuleMode
|
|
|
|
mode RuleMode
|
|
|
|
rtype RuleAction
|
|
|
|
rtype RuleAction
|
|
|
|
hostname string
|
|
|
|
hostname string
|
|
|
|
|
|
|
|
network *net.IPNet
|
|
|
|
addr uint32
|
|
|
|
addr uint32
|
|
|
|
saddr net.IP
|
|
|
|
saddr net.IP
|
|
|
|
port uint16
|
|
|
|
port uint16
|
|
|
@ -53,6 +54,8 @@ func (r *Rule) AddrString(redact bool) string {
|
|
|
|
port := "*"
|
|
|
|
port := "*"
|
|
|
|
if r.hostname != "" {
|
|
|
|
if r.hostname != "" {
|
|
|
|
addr = r.hostname
|
|
|
|
addr = r.hostname
|
|
|
|
|
|
|
|
} else if r.network != nil {
|
|
|
|
|
|
|
|
addr = r.network.String()
|
|
|
|
} else if r.addr != matchAny && r.addr != noAddress {
|
|
|
|
} else if r.addr != matchAny && r.addr != noAddress {
|
|
|
|
bs := make([]byte, 4)
|
|
|
|
bs := make([]byte, 4)
|
|
|
|
binary.BigEndian.PutUint32(bs, r.addr)
|
|
|
|
binary.BigEndian.PutUint32(bs, r.addr)
|
|
|
@ -96,6 +99,9 @@ log.Notice("comparison: ", hostname, " / ", dst, " : ", dstPort, " -> ", xip, "
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return r.hostname == hostname
|
|
|
|
return r.hostname == hostname
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if r.network != nil && r.network.Contains(dst) {
|
|
|
|
|
|
|
|
return true
|
|
|
|
|
|
|
|
}
|
|
|
|
return r.addr == binary.BigEndian.Uint32(dst.To4())
|
|
|
|
return r.addr == binary.BigEndian.Uint32(dst.To4())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -179,7 +185,7 @@ func (r *Rule) parse(s string) bool {
|
|
|
|
} else if len(parts) > 2 {
|
|
|
|
} else if len(parts) > 2 {
|
|
|
|
r.saddr = net.ParseIP(parts[2])
|
|
|
|
r.saddr = net.ParseIP(parts[2])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
fmt.Println("----- rule parser: srcip = ", r.saddr)
|
|
|
|
|
|
|
|
return r.parseVerb(parts[0]) && r.parseTarget(parts[1])
|
|
|
|
return r.parseVerb(parts[0]) && r.parseTarget(parts[1])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -200,6 +206,7 @@ func (r *Rule) parseTarget(t string) bool {
|
|
|
|
if len(addrPort) != 2 {
|
|
|
|
if len(addrPort) != 2 {
|
|
|
|
return false
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return r.parseAddr(addrPort[0]) && r.parsePort(addrPort[1])
|
|
|
|
return r.parseAddr(addrPort[0]) && r.parsePort(addrPort[1])
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -213,10 +220,12 @@ func (r *Rule) parseAddr(a string) bool {
|
|
|
|
r.hostname = a
|
|
|
|
r.hostname = a
|
|
|
|
return true
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
ip := net.ParseIP(a)
|
|
|
|
// ip := net.ParseIP(a)
|
|
|
|
if ip == nil {
|
|
|
|
ip, ipnet, err := net.ParseCIDR(a)
|
|
|
|
|
|
|
|
if err != nil || ip == nil {
|
|
|
|
return false
|
|
|
|
return false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
r.network = ipnet
|
|
|
|
r.addr = binary.BigEndian.Uint32(ip.To4())
|
|
|
|
r.addr = binary.BigEndian.Uint32(ip.To4())
|
|
|
|
return true
|
|
|
|
return true
|
|
|
|
}
|
|
|
|
}
|
|
|
|