1 /* $Id$ */
2 /*
3  * Copyright (C) 2014-2021 Cisco and/or its affiliates. All rights reserved.
4  * Copyright (C) 2002-2013 Sourcefire, Inc.
5  *
6  * Author(s):  Andrew R. Baker <andrewb@snort.org>
7  *             Martin Roesch   <roesch@sourcefire.com>
8  *
9  * This program is free software; you can redistribute it and/or modify
10  * it under the terms of the GNU General Public License Version 2 as
11  * published by the Free Software Foundation.  You may not use, modify or
12  * distribute this program under any other version of the GNU General
13  * Public License.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License
21  * along with this program; if not, write to the Free Software
22  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
23  *
24  */
25 
26 /* includes */
27 
28 #ifdef HAVE_CONFIG_H
29 #include "config.h"
30 #endif
31 
32 #include <errno.h>
33 #include <stdio.h>
34 #include <string.h>
35 #include <stdlib.h>
36 #ifndef WIN32
37 #include <netdb.h>
38 #include <ctype.h>
39 #include <sys/types.h>
40 #include <sys/socket.h>
41 #include <netinet/in.h>
42 #include <arpa/inet.h>
43 #endif
44 
45 #ifdef HAVE_STRINGS_H
46 #include <strings.h>
47 #endif
48 
49 #include "util.h"
50 #include "mstring.h"
51 #include "parser.h"
52 #include "snort_debug.h"
53 #include "snort.h"
54 #include "sfPolicy.h"
55 
56 #include "IpAddrSet.h"
57 
58 # include "ipv6_port.h"
59 
60 extern char *file_name;     /* current rules file being processed */
61 extern int line_num;        /* current rules file line */
62 
63 
64 
IpAddrSetParse(SnortConfig * sc,char * addr)65 IpAddrSet *IpAddrSetParse(SnortConfig *sc, char *addr)
66 {
67     IpAddrSet *ret;
68     int ret_code;
69     vartable_t *ip_vartable;
70 
71     if ((sc == NULL) || (sc->targeted_policies[getParserPolicy(sc)] == NULL))
72     {
73         FatalError("%s(%d) Snort conf for parsing is NULL.\n",
74                    __FILE__, __LINE__);
75     }
76 
77     ip_vartable = sc->targeted_policies[getParserPolicy(sc)]->ip_vartable;
78 
79     DEBUG_WRAP(DebugMessage(DEBUG_CONFIGRULES,"Got address string: %s\n",
80                 addr););
81 
82     ret = (IpAddrSet*)SnortAlloc(sizeof(IpAddrSet));
83 
84     if((ret_code = sfvt_add_to_var(ip_vartable, ret, addr)) != SFIP_SUCCESS)
85     {
86         if(ret_code == SFIP_LOOKUP_FAILURE)
87             FatalError("%s(%d) => Undefined variable in the string: %s\n",
88                 file_name, file_line, addr);
89         else if(ret_code == SFIP_CONFLICT)
90             FatalError("%s(%d) => Negated IP ranges that equal to or are"
91                 " more-specific than non-negated ranges are not allowed."
92                 " Consider inverting the logic: %s.\n",
93                 file_name, file_line, addr);
94         else
95             FatalError("%s(%d) => Unable to process the IP address: %s\n",
96                 file_name, file_line, addr);
97     }
98 
99     return ret;
100 }
101 
IpAddrSetDestroy(IpAddrSet * ipAddrSet)102 void IpAddrSetDestroy(IpAddrSet *ipAddrSet)
103 {
104 
105     if(!ipAddrSet)
106         return;
107 
108     sfvar_free(ipAddrSet);
109 }
110 
111