suricata
detect-engine-address-ipv6.c
Go to the documentation of this file.
1/* Copyright (C) 2007-2010 Open Information Security Foundation
2 *
3 * You can copy, redistribute or modify this Program under the terms of
4 * the GNU General Public License version 2 as published by the Free
5 * Software Foundation.
6 *
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
11 *
12 * You should have received a copy of the GNU General Public License
13 * version 2 along with this program; if not, write to the Free Software
14 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
15 * 02110-1301, USA.
16 */
17
18/**
19 * \file
20 *
21 * \author Victor Julien <victor@inliniac.net>
22 *
23 * IPV6 Address part of the detection engine.
24 */
25
26#include "suricata-common.h"
27
28#include "decode.h"
29#include "detect.h"
30#include "flow-var.h"
31
32#include "util-cidr.h"
33#include "util-unittest.h"
34
35#include "detect-engine-address.h"
36#include "detect-engine-address-ipv6.h"
37#include "detect-engine-siggroup.h"
38#include "detect-engine-port.h"
39
40#include "util-debug.h"
41
42/**
43 * \brief Compares 2 ipv6 addresses and returns if the first address(a) is less
44 * than the second address(b) or not.
45 *
46 * \param a The first ipv6 address to be compared.
47 * \param b The second ipv6 address to be compared.
48 *
49 * \retval 1 If a < b.
50 * \retval 0 Otherwise, i.e. a >= b.
51 */
52int AddressIPv6Lt(const Address *a, const Address *b)
53{
54 int i = 0;
55
56 for (i = 0; i < 4; i++) {
57 if (SCNtohl(a->addr_data32[i]) < SCNtohl(b->addr_data32[i]))
58 return 1;
59 if (SCNtohl(a->addr_data32[i]) > SCNtohl(b->addr_data32[i]))
60 break;
61 }
62
63 return 0;
64}
65
66int AddressIPv6LtU32(uint32_t *a, uint32_t *b)
67{
68 int i = 0;
69
70 for (i = 0; i < 4; i++) {
71 if (SCNtohl(a[i]) < SCNtohl(b[i]))
72 return 1;
73 if (SCNtohl(a[i]) > SCNtohl(b[i]))
74 break;
75 }
76
77 return 0;
78}
79
80/**
81 * \brief Compares 2 ipv6 addresses and returns if the first address(a) is
82 * greater than the second address(b) or not.
83 *
84 * \param a The first ipv6 address to be compared.
85 * \param b The second ipv6 address to be compared.
86 *
87 * \retval 1 If a > b.
88 * \retval 0 Otherwise, i.e. a <= b.
89 */
90int AddressIPv6Gt(const Address *a, const Address *b)
91{
92 int i = 0;
93
94 for (i = 0; i < 4; i++) {
95 if (SCNtohl(a->addr_data32[i]) > SCNtohl(b->addr_data32[i]))
96 return 1;
97 if (SCNtohl(a->addr_data32[i]) < SCNtohl(b->addr_data32[i]))
98 break;
99 }
100
101 return 0;
102}
103
104int AddressIPv6GtU32(uint32_t *a, uint32_t *b)
105{
106 int i = 0;
107
108 for (i = 0; i < 4; i++) {
109 if (SCNtohl(a[i]) > SCNtohl(b[i]))
110 return 1;
111 if (SCNtohl(a[i]) < SCNtohl(b[i]))
112 break;
113 }
114
115 return 0;
116}
117
118/**
119 * \brief Compares 2 ipv6 addresses and returns if the addresses are equal
120 * or not.
121 *
122 * \param a The first ipv6 address to be compared.
123 * \param b The second ipv6 address to be compared.
124 *
125 * \retval 1 If a == b.
126 * \retval 0 Otherwise.
127 */
128int AddressIPv6Eq(const Address *a, const Address *b)
129{
130 int i = 0;
131
132 for (i = 0; i < 4; i++) {
133 if (a->addr_data32[i] != b->addr_data32[i])
134 return 0;
135 }
136
137 return 1;
138}
139
140int AddressIPv6EqU32(uint32_t *a, uint32_t *b)
141{
142 int i = 0;
143
144 for (i = 0; i < 4; i++) {
145 if (a[i] != b[i])
146 return 0;
147 }
148
149 return 1;
150}
151
152/**
153 * \brief Compares 2 ipv6 addresses and returns if the first address(a) is less
154 * than or equal to the second address(b) or not.
155 *
156 * \param a The first ipv6 address to be compared.
157 * \param b The second ipv6 address to be compared.
158 *
159 * \retval 1 If a <= b.
160 * \retval 0 Otherwise, i.e. a > b.
161 */
162int AddressIPv6Le(const Address *a, const Address *b)
163{
164
165 if (AddressIPv6Eq(a, b) == 1)
166 return 1;
167 if (AddressIPv6Lt(a, b) == 1)
168 return 1;
169
170 return 0;
171}
172
173int AddressIPv6LeU32(uint32_t *a, uint32_t *b)
174{
175
176 if (AddressIPv6EqU32(a, b) == 1)
177 return 1;
178 if (AddressIPv6LtU32(a, b) == 1)
179 return 1;
180
181 return 0;
182}
183
184/**
185 * \brief Compares 2 ipv6 addresses and returns if the first address(a) is
186 * greater than or equal to the second address(b) or not.
187 *
188 * \param a The first ipv6 address to be compared.
189 * \param b The second ipv6 address to be compared.
190 *
191 * \retval 1 If a >= b.
192 * \retval 0 Otherwise, i.e. a < b.
193 */
194int AddressIPv6Ge(const Address *a, const Address *b)
195{
196
197 if (AddressIPv6Eq(a, b) == 1)
198 return 1;
199 if (AddressIPv6Gt(a, b) == 1)
200 return 1;
201
202 return 0;
203}
204
205int AddressIPv6GeU32(uint32_t *a, uint32_t *b)
206{
207
208 if (AddressIPv6EqU32(a, b) == 1)
209 return 1;
210 if (AddressIPv6GtU32(a, b) == 1)
211 return 1;
212
213 return 0;
214}
215
216/**
217 * \brief Compares 2 addresses(address ranges) and returns the relationship
218 * between the 2 addresses.
219 *
220 * \param a Pointer to the first address instance to be compared.
221 * \param b Pointer to the second address instance to be compared.
222 *
223 * \retval ADDRESS_EQ If the 2 address ranges a and b, are equal.
224 * \retval ADDRESS_ES b encapsulates a. b_ip1[...a_ip1...a_ip2...]b_ip2.
225 * \retval ADDRESS_EB a encapsulates b. a_ip1[...b_ip1....b_ip2...]a_ip2.
226 * \retval ADDRESS_LE a_ip1(...b_ip1==a_ip2...)b_ip2
227 * \retval ADDRESS_LT a_ip1(...b_ip1...a_ip2...)b_ip2
228 * \retval ADDRESS_GE b_ip1(...a_ip1==b_ip2...)a_ip2
229 * \retval ADDRESS_GT a_ip1 > b_ip2, i.e. the address range for 'a' starts only
230 * after the end of the address range for 'b'
231 */
232int DetectAddressCmpIPv6(DetectAddress *a, DetectAddress *b)
233{
234 if (AddressIPv6Eq(&a->ip, &b->ip) == 1 &&
235 AddressIPv6Eq(&a->ip2, &b->ip2) == 1) {
236 return ADDRESS_EQ;
237 } else if (AddressIPv6Ge(&a->ip, &b->ip) == 1 &&
238 AddressIPv6Le(&a->ip, &b->ip2) == 1 &&
239 AddressIPv6Le(&a->ip2, &b->ip2) == 1) {
240 return ADDRESS_ES;
241 } else if (AddressIPv6Le(&a->ip, &b->ip) == 1 &&
242 AddressIPv6Ge(&a->ip2, &b->ip2) == 1) {
243 return ADDRESS_EB;
244 } else if (AddressIPv6Lt(&a->ip, &b->ip) == 1 &&
245 AddressIPv6Lt(&a->ip2, &b->ip2) == 1 &&
246 AddressIPv6Ge(&a->ip2, &b->ip) == 1) {
247 return ADDRESS_LE;
248 } else if (AddressIPv6Lt(&a->ip, &b->ip) == 1 &&
249 AddressIPv6Lt(&a->ip2, &b->ip2) == 1) {
250 return ADDRESS_LT;
251 } else if (AddressIPv6Gt(&a->ip, &b->ip) == 1 &&
252 AddressIPv6Le(&a->ip, &b->ip2) == 1 &&
253 AddressIPv6Gt(&a->ip2, &b->ip2) == 1) {
254 return ADDRESS_GE;
255 } else if (AddressIPv6Gt(&a->ip, &b->ip2) == 1) {
256 return ADDRESS_GT;
257 } else {
258 /* should be unreachable */
259 SCLogDebug("Internal Error: should be unreachable\n");
260 }
261
262 return ADDRESS_ER;
263}
264
265/**
266 * \brief Takes an IPv6 address in a, and returns in b an IPv6 address which is
267 * one less than the IPv6 address in a. The address sent in a is in host
268 * order, and the address in b will be returned in network order!
269 *
270 * \param a Pointer to an IPv6 address in host order.
271 * \param b Pointer to an IPv6 address store in memory which has to be updated
272 * with the new address(a - 1).
273 */
274static void AddressCutIPv6CopySubOne(uint32_t *a, uint32_t *b)
275{
276 uint32_t t = a[3];
277
278 b[0] = a[0];
279 b[1] = a[1];
280 b[2] = a[2];
281 b[3] = a[3];
282
283 b[3]--;
284 if (b[3] > t) {
285 t = b[2];
286 b[2]--;
287 if (b[2] > t) {
288 t = b[1];
289 b[1]--;
290 if (b[1] > t)
291 b[0]--;
292 }
293 }
294
295 b[0] = htonl(b[0]);
296 b[1] = htonl(b[1]);
297 b[2] = htonl(b[2]);
298 b[3] = htonl(b[3]);
299}
300
301/**
302 * \brief Takes an IPv6 address in a, and returns in b an IPv6 address which is
303 * one more than the IPv6 address in a. The address sent in a is in host
304 * order, and the address in b will be returned in network order!
305 *
306 * \param a Pointer to an IPv6 address in host order.
307 * \param b Pointer to an IPv6 address store in memory which has to be updated
308 * with the new address(a + 1).
309 */
310static void AddressCutIPv6CopyAddOne(uint32_t *a, uint32_t *b)
311{
312 uint32_t t = a[3];
313
314 b[0] = a[0];
315 b[1] = a[1];
316 b[2] = a[2];
317 b[3] = a[3];
318
319 b[3]++;
320 if (b[3] < t) {
321 t = b[2];
322 b[2]++;
323 if (b[2] < t) {
324 t = b[1];
325 b[1]++;
326 if (b[1] < t)
327 b[0]++;
328 }
329 }
330
331 b[0] = htonl(b[0]);
332 b[1] = htonl(b[1]);
333 b[2] = htonl(b[2]);
334 b[3] = htonl(b[3]);
335}
336
337/**
338 * \brief Copies an IPv6 address in a to the b. The address in a is in host
339 * order and will be copied in network order to b!
340 *
341 * \param a Pointer to the IPv6 address to be copied.
342 * \param b Pointer to an IPv6 address in memory which will be updated with the
343 * address in a.
344 */
345static void AddressCutIPv6Copy(uint32_t *a, uint32_t *b)
346{
347 b[0] = htonl(a[0]);
348 b[1] = htonl(a[1]);
349 b[2] = htonl(a[2]);
350 b[3] = htonl(a[3]);
351}
352
353int DetectAddressCutIPv6(DetectEngineCtx *de_ctx, DetectAddress *a,
354 DetectAddress *b, DetectAddress **c)
355{
356 uint32_t a_ip1[4] = { SCNtohl(a->ip.addr_data32[0]), SCNtohl(a->ip.addr_data32[1]),
357 SCNtohl(a->ip.addr_data32[2]), SCNtohl(a->ip.addr_data32[3]) };
358 uint32_t a_ip2[4] = { SCNtohl(a->ip2.addr_data32[0]), SCNtohl(a->ip2.addr_data32[1]),
359 SCNtohl(a->ip2.addr_data32[2]), SCNtohl(a->ip2.addr_data32[3]) };
360 uint32_t b_ip1[4] = { SCNtohl(b->ip.addr_data32[0]), SCNtohl(b->ip.addr_data32[1]),
361 SCNtohl(b->ip.addr_data32[2]), SCNtohl(b->ip.addr_data32[3]) };
362 uint32_t b_ip2[4] = { SCNtohl(b->ip2.addr_data32[0]), SCNtohl(b->ip2.addr_data32[1]),
363 SCNtohl(b->ip2.addr_data32[2]), SCNtohl(b->ip2.addr_data32[3]) };
364
365 /* default to NULL */
366 *c = NULL;
367
368 int r = DetectAddressCmpIPv6(a, b);
369 if (r != ADDRESS_ES && r != ADDRESS_EB && r != ADDRESS_LE && r != ADDRESS_GE) {
370 goto error;
371 }
372
373 /* we have 3 parts: [aaa[abab]bbb]
374 * part a: a_ip1 <-> b_ip1 - 1
375 * part b: b_ip1 <-> a_ip2
376 * part c: a_ip2 + 1 <-> b_ip2
377 */
378 if (r == ADDRESS_LE) {
379 AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
380 AddressCutIPv6CopySubOne(b_ip1, a->ip2.addr_data32);
381
382 AddressCutIPv6Copy(b_ip1, b->ip.addr_data32);
383 AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
384
385 DetectAddress *tmp_c;
386 tmp_c = DetectAddressInit();
387 if (tmp_c == NULL)
388 goto error;
389 tmp_c->ip.family = AF_INET6;
390
391 AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip.addr_data32);
392 AddressCutIPv6Copy(b_ip2, tmp_c->ip2.addr_data32);
393
394 *c = tmp_c;
395
396 /* we have 3 parts: [bbb[baba]aaa]
397 * part a: b_ip1 <-> a_ip1 - 1
398 * part b: a_ip1 <-> b_ip2
399 * part c: b_ip2 + 1 <-> a_ip2
400 */
401 } else if (r == ADDRESS_GE) {
402 AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
403 AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
404
405 AddressCutIPv6Copy(a_ip1, b->ip.addr_data32);
406 AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
407
408 DetectAddress *tmp_c;
409 tmp_c = DetectAddressInit();
410 if (tmp_c == NULL)
411 goto error;
412 tmp_c->ip.family = AF_INET6;
413
414 AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip.addr_data32);
415 AddressCutIPv6Copy(a_ip2, tmp_c->ip2.addr_data32);
416 *c = tmp_c;
417
418 /* we have 2 or three parts:
419 *
420 * 2 part: [[abab]bbb] or [bbb[baba]]
421 * part a: a_ip1 <-> a_ip2
422 * part b: a_ip2 + 1 <-> b_ip2
423 *
424 * part a: b_ip1 <-> a_ip1 - 1
425 * part b: a_ip1 <-> a_ip2
426 *
427 * 3 part [bbb[aaa]bbb]
428 * part a: b_ip1 <-> a_ip1 - 1
429 * part b: a_ip1 <-> a_ip2
430 * part c: a_ip2 + 1 <-> b_ip2
431 */
432 } else if (r == ADDRESS_ES) {
433 if (AddressIPv6EqU32(a_ip1, b_ip1) == 1) {
434 AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
435 AddressCutIPv6Copy(a_ip2, a->ip2.addr_data32);
436
437 AddressCutIPv6CopyAddOne(a_ip2, b->ip.addr_data32);
438 AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
439
440 } else if (AddressIPv6EqU32(a_ip2, b_ip2) == 1) {
441 AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
442 AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
443
444 AddressCutIPv6Copy(a_ip1, b->ip.addr_data32);
445 AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
446
447 } else {
448 AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
449 AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
450
451 AddressCutIPv6Copy(a_ip1, b->ip.addr_data32);
452 AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
453
454 DetectAddress *tmp_c;
455 tmp_c = DetectAddressInit();
456 if (tmp_c == NULL) {
457 goto error;
458 }
459 tmp_c->ip.family = AF_INET6;
460 AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip.addr_data32);
461 AddressCutIPv6Copy(b_ip2, tmp_c->ip2.addr_data32);
462 *c = tmp_c;
463
464 }
465 /* we have 2 or three parts:
466 *
467 * 2 part: [[baba]aaa] or [aaa[abab]]
468 * part a: b_ip1 <-> b_ip2
469 * part b: b_ip2 + 1 <-> a_ip2
470 *
471 * part a: a_ip1 <-> b_ip1 - 1
472 * part b: b_ip1 <-> b_ip2
473 *
474 * 3 part [aaa[bbb]aaa]
475 * part a: a_ip1 <-> b_ip2 - 1
476 * part b: b_ip1 <-> b_ip2
477 * part c: b_ip2 + 1 <-> a_ip2
478 */
479 } else if (r == ADDRESS_EB) {
480 if (AddressIPv6EqU32(a_ip1, b_ip1) == 1) {
481 AddressCutIPv6Copy(b_ip1, a->ip.addr_data32);
482 AddressCutIPv6Copy(b_ip2, a->ip2.addr_data32);
483
484 AddressCutIPv6CopyAddOne(b_ip2, b->ip.addr_data32);
485 AddressCutIPv6Copy(a_ip2, b->ip2.addr_data32);
486 } else if (AddressIPv6EqU32(a_ip2, b_ip2) == 1) {
487 AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
488 AddressCutIPv6CopySubOne(b_ip1, a->ip2.addr_data32);
489
490 AddressCutIPv6Copy(b_ip1, b->ip.addr_data32);
491 AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
492 } else {
493 AddressCutIPv6Copy(a_ip1, a->ip.addr_data32);
494 AddressCutIPv6CopySubOne(b_ip1, a->ip2.addr_data32);
495
496 AddressCutIPv6Copy(b_ip1, b->ip.addr_data32);
497 AddressCutIPv6Copy(b_ip2, b->ip2.addr_data32);
498
499 DetectAddress *tmp_c;
500 tmp_c = DetectAddressInit();
501 if (tmp_c == NULL)
502 goto error;
503
504 tmp_c->ip.family = AF_INET6;
505 AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip.addr_data32);
506 AddressCutIPv6Copy(a_ip2, tmp_c->ip2.addr_data32);
507 *c = tmp_c;
508 }
509 }
510
511 return 0;
512
513error:
514 return -1;
515}
516
517#if 0
518int DetectAddressCutIPv6(DetectAddressData *a, DetectAddressData *b,
519 DetectAddressData **c)
520{
521 uint32_t a_ip1[4] = { SCNtohl(a->ip[0]), SCNtohl(a->ip[1]),
522 SCNtohl(a->ip[2]), SCNtohl(a->ip[3]) };
523 uint32_t a_ip2[4] = { SCNtohl(a->ip2[0]), SCNtohl(a->ip2[1]),
524 SCNtohl(a->ip2[2]), SCNtohl(a->ip2[3]) };
525 uint32_t b_ip1[4] = { SCNtohl(b->ip[0]), SCNtohl(b->ip[1]),
526 SCNtohl(b->ip[2]), SCNtohl(b->ip[3]) };
527 uint32_t b_ip2[4] = { SCNtohl(b->ip2[0]), SCNtohl(b->ip2[1]),
528 SCNtohl(b->ip2[2]), SCNtohl(b->ip2[3]) };
529
530 /* default to NULL */
531 *c = NULL;
532
533 int r = DetectAddressCmpIPv6(a, b);
534 if (r != ADDRESS_ES && r != ADDRESS_EB && r != ADDRESS_LE && r != ADDRESS_GE) {
535 goto error;
536 }
537
538 /* we have 3 parts: [aaa[abab]bbb]
539 * part a: a_ip1 <-> b_ip1 - 1
540 * part b: b_ip1 <-> a_ip2
541 * part c: a_ip2 + 1 <-> b_ip2
542 */
543 if (r == ADDRESS_LE) {
544 AddressCutIPv6Copy(a_ip1, a->ip);
545 AddressCutIPv6CopySubOne(b_ip1, a->ip2);
546
547 AddressCutIPv6Copy(b_ip1, b->ip);
548 AddressCutIPv6Copy(a_ip2, b->ip2);
549
550 DetectAddressData *tmp_c;
551 tmp_c = DetectAddressDataInit();
552 if (tmp_c == NULL)
553 goto error;
554 tmp_c->family = AF_INET6;
555
556 AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip);
557 AddressCutIPv6Copy(b_ip2, tmp_c->ip2);
558
559 *c = tmp_c;
560
561 /* we have 3 parts: [bbb[baba]aaa]
562 * part a: b_ip1 <-> a_ip1 - 1
563 * part b: a_ip1 <-> b_ip2
564 * part c: b_ip2 + 1 <-> a_ip2
565 */
566 } else if (r == ADDRESS_GE) {
567 AddressCutIPv6Copy(b_ip1, a->ip);
568 AddressCutIPv6CopySubOne(a_ip1, a->ip2);
569
570 AddressCutIPv6Copy(a_ip1, b->ip);
571 AddressCutIPv6Copy(b_ip2, b->ip2);
572
573 DetectAddressData *tmp_c;
574 tmp_c = DetectAddressDataInit();
575 if (tmp_c == NULL)
576 goto error;
577 tmp_c->family = AF_INET6;
578
579 AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip);
580 AddressCutIPv6Copy(a_ip2, tmp_c->ip2);
581
582 *c = tmp_c;
583
584 /* we have 2 or three parts:
585 *
586 * 2 part: [[abab]bbb] or [bbb[baba]]
587 * part a: a_ip1 <-> a_ip2
588 * part b: a_ip2 + 1 <-> b_ip2
589 *
590 * part a: b_ip1 <-> a_ip1 - 1
591 * part b: a_ip1 <-> a_ip2
592 *
593 * 3 part [bbb[aaa]bbb]
594 * part a: b_ip1 <-> a_ip1 - 1
595 * part b: a_ip1 <-> a_ip2
596 * part c: a_ip2 + 1 <-> b_ip2
597 */
598 } else if (r == ADDRESS_ES) {
599 if (AddressIPv6Eq(a_ip1,b_ip1) == 1) {
600 AddressCutIPv6Copy(a_ip1, a->ip);
601 AddressCutIPv6Copy(a_ip2, a->ip2);
602
603 AddressCutIPv6CopyAddOne(a_ip2, b->ip);
604 AddressCutIPv6Copy(b_ip2, b->ip2);
605 } else if (AddressIPv6Eq(a_ip2, b_ip2) == 1) {
606 AddressCutIPv6Copy(b_ip1, a->ip);
607 AddressCutIPv6CopySubOne(a_ip1, a->ip2);
608
609 AddressCutIPv6Copy(a_ip1, b->ip);
610 AddressCutIPv6Copy(a_ip2, b->ip2);
611 } else {
612 AddressCutIPv6Copy(b_ip1, a->ip);
613 AddressCutIPv6CopySubOne(a_ip1, a->ip2);
614
615 AddressCutIPv6Copy(a_ip1, b->ip);
616 AddressCutIPv6Copy(a_ip2, b->ip2);
617
618 DetectAddressData *tmp_c;
619 tmp_c = DetectAddressDataInit();
620 if (tmp_c == NULL)
621 goto error;
622
623 tmp_c->family = AF_INET6;
624
625 AddressCutIPv6CopyAddOne(a_ip2, tmp_c->ip);
626 AddressCutIPv6Copy(b_ip2, tmp_c->ip2);
627 *c = tmp_c;
628 }
629 /* we have 2 or three parts:
630 *
631 * 2 part: [[baba]aaa] or [aaa[abab]]
632 * part a: b_ip1 <-> b_ip2
633 * part b: b_ip2 + 1 <-> a_ip2
634 *
635 * part a: a_ip1 <-> b_ip1 - 1
636 * part b: b_ip1 <-> b_ip2
637 *
638 * 3 part [aaa[bbb]aaa]
639 * part a: a_ip1 <-> b_ip2 - 1
640 * part b: b_ip1 <-> b_ip2
641 * part c: b_ip2 + 1 <-> a_ip2
642 */
643 } else if (r == ADDRESS_EB) {
644 if (AddressIPv6Eq(a_ip1, b_ip1) == 1) {
645 AddressCutIPv6Copy(b_ip1, a->ip);
646 AddressCutIPv6Copy(b_ip2, a->ip2);
647
648 AddressCutIPv6CopyAddOne(b_ip2, b->ip);
649 AddressCutIPv6Copy(a_ip2, b->ip2);
650 } else if (AddressIPv6Eq(a_ip2, b_ip2) == 1) {
651 AddressCutIPv6Copy(a_ip1, a->ip);
652 AddressCutIPv6CopySubOne(b_ip1, a->ip2);
653
654 AddressCutIPv6Copy(b_ip1, b->ip);
655 AddressCutIPv6Copy(b_ip2, b->ip2);
656 } else {
657 AddressCutIPv6Copy(a_ip1, a->ip);
658 AddressCutIPv6CopySubOne(b_ip1, a->ip2);
659
660 AddressCutIPv6Copy(b_ip1, b->ip);
661 AddressCutIPv6Copy(b_ip2, b->ip2);
662
663 DetectAddressData *tmp_c;
664 tmp_c = DetectAddressDataInit();
665 if (tmp_c == NULL)
666 goto error;
667 tmp_c->family = AF_INET6;
668
669 AddressCutIPv6CopyAddOne(b_ip2, tmp_c->ip);
670 AddressCutIPv6Copy(a_ip2, tmp_c->ip2);
671 *c = tmp_c;
672 }
673 }
674
675 return 0;
676
677error:
678 return -1;
679}
680#endif
681
682/**
683 * \brief Cuts and returns an address range, which is the complement of the
684 * address range that is supplied as the argument.
685 *
686 * For example:
687 *
688 * If a = ::-2000::,
689 * then a = 2000::1-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF and b = NULL
690 * If a = 2000::1-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF,
691 * then a = ::-2000:: and b = NULL
692 * If a = 2000::1-20FF::2,
693 * then a = ::-2000:: and
694 * b = 20FF::3-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF
695 *
696 * \param a Pointer to an address range (DetectAddress) instance whose complement
697 * has to be returned in a and b.
698 * \param b Pointer to DetectAddress pointer, that will be supplied back with a
699 * new DetectAddress instance, if the complement demands so.
700 *
701 * \retval 0 On success.
702 * \retval -1 On failure.
703 */
704int DetectAddressCutNotIPv6(DetectAddress *a, DetectAddress **b)
705{
706 uint32_t a_ip1[4] = { SCNtohl(a->ip.addr_data32[0]), SCNtohl(a->ip.addr_data32[1]),
707 SCNtohl(a->ip.addr_data32[2]), SCNtohl(a->ip.addr_data32[3]) };
708 uint32_t a_ip2[4] = { SCNtohl(a->ip2.addr_data32[0]), SCNtohl(a->ip2.addr_data32[1]),
709 SCNtohl(a->ip2.addr_data32[2]), SCNtohl(a->ip2.addr_data32[3]) };
710 uint32_t ip_nul[4] = { 0x00000000, 0x00000000, 0x00000000, 0x00000000 };
711 uint32_t ip_max[4] = { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
712
713 /* default to NULL */
714 *b = NULL;
715
716 if (!(a_ip1[0] == 0x00000000 && a_ip1[1] == 0x00000000 &&
717 a_ip1[2] == 0x00000000 && a_ip1[3] == 0x00000000) &&
718 !(a_ip2[0] == 0xFFFFFFFF && a_ip2[1] == 0xFFFFFFFF &&
719 a_ip2[2] == 0xFFFFFFFF && a_ip2[3] == 0xFFFFFFFF)) {
720 AddressCutIPv6Copy(ip_nul, a->ip.addr_data32);
721 AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
722
723 DetectAddress *tmp_b = DetectAddressInit();
724 if (tmp_b == NULL)
725 goto error;
726
727 tmp_b->ip.family = AF_INET6;
728 AddressCutIPv6CopyAddOne(a_ip2, tmp_b->ip.addr_data32);
729 AddressCutIPv6Copy(ip_max, tmp_b->ip2.addr_data32);
730 *b = tmp_b;
731 } else if ((a_ip1[0] == 0x00000000 && a_ip1[1] == 0x00000000 &&
732 a_ip1[2] == 0x00000000 && a_ip1[3] == 0x00000000) &&
733 !(a_ip2[0] == 0xFFFFFFFF && a_ip2[1] == 0xFFFFFFFF &&
734 a_ip2[2] == 0xFFFFFFFF && a_ip2[3] == 0xFFFFFFFF)) {
735 AddressCutIPv6CopyAddOne(a_ip2, a->ip.addr_data32);
736 AddressCutIPv6Copy(ip_max, a->ip2.addr_data32);
737 } else if (!(a_ip1[0] == 0x00000000 && a_ip1[1] == 0x00000000 &&
738 a_ip1[2] == 0x00000000 && a_ip1[3] == 0x00000000) &&
739 (a_ip2[0] == 0xFFFFFFFF && a_ip2[1] == 0xFFFFFFFF &&
740 a_ip2[2] == 0xFFFFFFFF && a_ip2[3] == 0xFFFFFFFF)) {
741 AddressCutIPv6Copy(ip_nul, a->ip.addr_data32);
742 AddressCutIPv6CopySubOne(a_ip1, a->ip2.addr_data32);
743 } else {
744 goto error;
745 }
746
747 return 0;
748
749error:
750 return -1;
751}
752
753
754/***************************************Unittests******************************/
755
756#ifdef UNITTESTS
757
758static int AddressTestIPv6Gt01(void)
759{
760 int result = 0;
761
762 uint32_t a[4] = { 1, 2, 3, 4 };
763 uint32_t b[4] = { 0, 2, 3, 4 };
764
765 if (AddressIPv6GtU32(a, b) == 1)
766 result = 1;
767
768 return result;
769}
770
771static int AddressTestIPv6Gt02(void)
772{
773 int result = 0;
774
775 uint32_t a[4] = { 0, 2, 3, 4 };
776 uint32_t b[4] = { 1, 2, 3, 4 };
777
778 if (AddressIPv6GtU32(a, b) == 0)
779 result = 1;
780
781 return result;
782}
783
784static int AddressTestIPv6Gt03(void)
785{
786 int result = 0;
787
788 uint32_t a[4] = { 1, 2, 3, 4 };
789 uint32_t b[4] = { 1, 2, 3, 4 };
790
791 if (AddressIPv6GtU32(a, b) == 0)
792 result = 1;
793
794 return result;
795}
796
797static int AddressTestIPv6Gt04(void)
798{
799 int result = 0;
800
801 uint32_t a[4] = { 1, 2, 3, 5 };
802 uint32_t b[4] = { 1, 2, 3, 4 };
803
804 if (AddressIPv6GtU32(a, b) == 1)
805 result = 1;
806
807 return result;
808}
809
810static int AddressTestIPv6Lt01(void)
811{
812 int result = 0;
813
814 uint32_t a[4] = { 0, 2, 3, 4 };
815 uint32_t b[4] = { 1, 2, 3, 4 };
816
817 if (AddressIPv6LtU32(a, b) == 1)
818 result = 1;
819
820 return result;
821}
822
823static int AddressTestIPv6Lt02(void)
824{
825 int result = 0;
826
827 uint32_t a[4] = { 1, 2, 3, 4 };
828 uint32_t b[4] = { 0, 2, 3, 4 };
829
830 if (AddressIPv6LtU32(a, b) == 0)
831 result = 1;
832
833 return result;
834}
835
836static int AddressTestIPv6Lt03(void)
837{
838 int result = 0;
839
840 uint32_t a[4] = { 1, 2, 3, 4 };
841 uint32_t b[4] = { 1, 2, 3, 4 };
842
843 if (AddressIPv6LtU32(a, b) == 0)
844 result = 1;
845
846 return result;
847}
848
849static int AddressTestIPv6Lt04(void)
850{
851 int result = 0;
852
853 uint32_t a[4] = { 1, 2, 3, 4 };
854 uint32_t b[4] = { 1, 2, 3, 5 };
855
856 if (AddressIPv6LtU32(a, b) == 1)
857 result = 1;
858
859 return result;
860}
861
862static int AddressTestIPv6Eq01(void)
863{
864 int result = 0;
865
866 uint32_t a[4] = { 0, 2, 3, 4 };
867 uint32_t b[4] = { 1, 2, 3, 4 };
868
869 if (AddressIPv6EqU32(a, b) == 0)
870 result = 1;
871
872 return result;
873}
874
875static int AddressTestIPv6Eq02(void)
876{
877 int result = 0;
878
879 uint32_t a[4] = { 1, 2, 3, 4 };
880 uint32_t b[4] = { 0, 2, 3, 4 };
881
882 if (AddressIPv6EqU32(a, b) == 0)
883 result = 1;
884
885 return result;
886}
887
888static int AddressTestIPv6Eq03(void)
889{
890 int result = 0;
891
892 uint32_t a[4] = { 1, 2, 3, 4 };
893 uint32_t b[4] = { 1, 2, 3, 4 };
894
895 if (AddressIPv6EqU32(a, b) == 1)
896 result = 1;
897
898 return result;
899}
900
901static int AddressTestIPv6Eq04(void)
902{
903 int result = 0;
904
905 uint32_t a[4] = { 1, 2, 3, 4 };
906 uint32_t b[4] = { 1, 2, 3, 5 };
907
908 if (AddressIPv6EqU32(a, b) == 0)
909 result = 1;
910
911 return result;
912}
913
914static int AddressTestIPv6Le01(void)
915{
916 int result = 0;
917
918 uint32_t a[4] = { 0, 2, 3, 4 };
919 uint32_t b[4] = { 1, 2, 3, 4 };
920
921 if (AddressIPv6LeU32(a, b) == 1)
922 result = 1;
923
924 return result;
925}
926
927static int AddressTestIPv6Le02(void)
928{
929 int result = 0;
930
931 uint32_t a[4] = { 1, 2, 3, 4 };
932 uint32_t b[4] = { 0, 2, 3, 4 };
933
934 if (AddressIPv6LeU32(a, b) == 0)
935 result = 1;
936
937 return result;
938}
939
940static int AddressTestIPv6Le03(void)
941{
942 int result = 0;
943
944 uint32_t a[4] = { 1, 2, 3, 4 };
945 uint32_t b[4] = { 1, 2, 3, 4 };
946
947 if (AddressIPv6LeU32(a, b) == 1)
948 result = 1;
949
950 return result;
951}
952
953static int AddressTestIPv6Le04(void)
954{
955 int result = 0;
956
957 uint32_t a[4] = { 1, 2, 3, 4 };
958 uint32_t b[4] = { 1, 2, 3, 5 };
959
960 if (AddressIPv6LeU32(a, b) == 1)
961 result = 1;
962
963 return result;
964}
965
966static int AddressTestIPv6Le05(void)
967{
968 int result = 0;
969
970 uint32_t a[4];
971 uint32_t b[4];
972 struct in6_addr in6;
973
974 if (inet_pton(AF_INET6, "1999:ffff:ffff:ffff:ffff:ffff:ffff:ffff", &in6) != 1)
975 return 0;
976 memcpy(&a, &in6.s6_addr, sizeof(in6.s6_addr));
977
978 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
979 return 0;
980 memcpy(&b, &in6.s6_addr, sizeof(in6.s6_addr));
981
982 if (AddressIPv6LeU32(a, b) == 1)
983 result = 1;
984
985 return result;
986}
987
988static int AddressTestIPv6Ge01(void)
989{
990 int result = 0;
991
992 uint32_t a[4] = { 0, 2, 3, 4 };
993 uint32_t b[4] = { 1, 2, 3, 4 };
994
995 if (AddressIPv6GeU32(a, b) == 0)
996 result = 1;
997
998 return result;
999}
1000
1001static int AddressTestIPv6Ge02(void)
1002{
1003 int result = 0;
1004
1005 uint32_t a[4] = { 1, 2, 3, 4 };
1006 uint32_t b[4] = { 0, 2, 3, 4 };
1007
1008 if (AddressIPv6GeU32(a, b) == 1)
1009 result = 1;
1010
1011 return result;
1012}
1013
1014static int AddressTestIPv6Ge03(void)
1015{
1016 int result = 0;
1017
1018 uint32_t a[4] = { 1, 2, 3, 4 };
1019 uint32_t b[4] = { 1, 2, 3, 4 };
1020
1021 if (AddressIPv6GeU32(a, b) == 1)
1022 result = 1;
1023
1024 return result;
1025}
1026
1027static int AddressTestIPv6Ge04(void)
1028{
1029 int result = 0;
1030
1031 uint32_t a[4] = { 1, 2, 3, 4 };
1032 uint32_t b[4] = { 1, 2, 3, 5 };
1033
1034 if (AddressIPv6GeU32(a, b) == 0)
1035 result = 1;
1036
1037 return result;
1038}
1039
1040static int AddressTestIPv6Ge05(void)
1041{
1042 int result = 0;
1043
1044 uint32_t a[4];
1045 uint32_t b[4];
1046 struct in6_addr in6;
1047
1048 if (inet_pton(AF_INET6, "1999:ffff:ffff:ffff:ffff:ffff:ffff:ffff", &in6) != 1)
1049 return 0;
1050 memcpy(&a, &in6.s6_addr, sizeof(in6.s6_addr));
1051
1052 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1053 return 0;
1054 memcpy(&b, &in6.s6_addr, sizeof(in6.s6_addr));
1055
1056 if (AddressIPv6GeU32(a, b) == 0)
1057 result = 1;
1058
1059 return result;
1060}
1061
1062static int AddressTestIPv6SubOne01(void)
1063{
1064 int result = 0;
1065
1066 uint32_t a[4], b[4];
1067 struct in6_addr in6;
1068
1069 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1070 return 0;
1071 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1072
1073 a[0] = SCNtohl(a[0]);
1074 a[1] = SCNtohl(a[1]);
1075 a[2] = SCNtohl(a[2]);
1076 a[3] = SCNtohl(a[3]);
1077
1078 AddressCutIPv6CopySubOne(a, b);
1079
1080 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1081 return 0;
1082 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1083 if (b[0] == a[0] && b[1] == a[1] &&
1084 b[2] == a[2] && b[3] == a[3]) {
1085 result = 1;
1086 }
1087
1088 return result;
1089}
1090
1091static int AddressTestIPv6SubOne02(void)
1092{
1093 int result = 0;
1094
1095 uint32_t a[4], b[4];
1096 struct in6_addr in6;
1097
1098 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1099 return 0;
1100 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1101
1102 a[0] = SCNtohl(a[0]);
1103 a[1] = SCNtohl(a[1]);
1104 a[2] = SCNtohl(a[2]);
1105 a[3] = SCNtohl(a[3]);
1106
1107 AddressCutIPv6CopySubOne(a, b);
1108
1109 if (inet_pton(AF_INET6, "1FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1110 return 0;
1111 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1112 if (b[0] == a[0] && b[1] == a[1] &&
1113 b[2] == a[2] && b[3] == a[3]) {
1114 result = 1;
1115 }
1116
1117 return result;
1118}
1119
1120static int AddressTestIPv6AddOne01(void)
1121{
1122 int result = 0;
1123
1124 uint32_t a[4], b[4];
1125 struct in6_addr in6;
1126
1127 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1128 return 0;
1129 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1130
1131 a[0] = SCNtohl(a[0]);
1132 a[1] = SCNtohl(a[1]);
1133 a[2] = SCNtohl(a[2]);
1134 a[3] = SCNtohl(a[3]);
1135
1136 AddressCutIPv6CopyAddOne(a, b);
1137
1138 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1139 return 0;
1140 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1141 if (b[0] == a[0] && b[1] == a[1] &&
1142 b[2] == a[2] && b[3] == a[3]) {
1143 result = 1;
1144 }
1145
1146 return result;
1147}
1148
1149static int AddressTestIPv6AddOne02(void)
1150{
1151 int result = 0;
1152
1153 uint32_t a[4], b[4];
1154 struct in6_addr in6;
1155
1156 if (inet_pton(AF_INET6, "1FFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1157 return 0;
1158 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1159
1160 a[0] = SCNtohl(a[0]);
1161 a[1] = SCNtohl(a[1]);
1162 a[2] = SCNtohl(a[2]);
1163 a[3] = SCNtohl(a[3]);
1164
1165 AddressCutIPv6CopyAddOne(a, b);
1166
1167 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1168 return 0;
1169 memcpy(a, in6.s6_addr, sizeof(in6.s6_addr));
1170 if (b[0] == a[0] && b[1] == a[1] &&
1171 b[2] == a[2] && b[3] == a[3]) {
1172 result = 1;
1173 }
1174
1175 return result;
1176}
1177
1178static int AddressTestIPv6AddressCmp01(void)
1179{
1180 DetectAddress *a = DetectAddressInit();
1181 DetectAddress *b = DetectAddressInit();
1182 struct in6_addr in6;
1183 int result = 1;
1184
1185 if (a == NULL || b == NULL)
1186 goto error;
1187
1188 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1189 goto error;
1190 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1191 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1192 goto error;
1193 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1194 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1195 goto error;
1196 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1197 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1198 goto error;
1199 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1200 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EQ);
1201
1202 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1203 goto error;
1204 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1205 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1206 goto error;
1207 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1208 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1209 goto error;
1210 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1211 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1212 goto error;
1213 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1214 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1215
1216 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1217 goto error;
1218 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1219 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1220 goto error;
1221 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1222 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1223 goto error;
1224 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1225 if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1226 goto error;
1227 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1228 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1229
1230 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1231 goto error;
1232 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1233 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1234 goto error;
1235 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1236 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1237 goto error;
1238 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1239 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1240 goto error;
1241 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1242 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1243
1244 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1245 goto error;
1246 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1247 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1248 goto error;
1249 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1250 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1251 goto error;
1252 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1253 if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1254 goto error;
1255 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1256 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_ES);
1257
1258 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1259 goto error;
1260 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1261 if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1262 goto error;
1263 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1264 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1265 goto error;
1266 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1267 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1268 goto error;
1269 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1270 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_ES);
1271
1272 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1273 goto error;
1274 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1275 if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1276 goto error;
1277 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1278 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1279 goto error;
1280 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1281 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1282 goto error;
1283 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1284 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EB);
1285
1286 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1287 goto error;
1288 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1289 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1290 goto error;
1291 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1292 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1293 goto error;
1294 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1295 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1296 goto error;
1297 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1298 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EB);
1299
1300 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1301 goto error;
1302 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1303 if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1304 goto error;
1305 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1306 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1307 goto error;
1308 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1309 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1310 goto error;
1311 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1312 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_EB);
1313
1314 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1315 goto error;
1316 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1317 if (inet_pton(AF_INET6, "2000::11", &in6) != 1)
1318 goto error;
1319 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1320 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1321 goto error;
1322 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1323 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1324 goto error;
1325 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1326 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_EB);
1327
1328 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1329 goto error;
1330 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1331 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1332 goto error;
1333 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1334 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1335 goto error;
1336 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1337 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1338 goto error;
1339 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1340 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LE);
1341
1342 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1343 goto error;
1344 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1345 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1346 goto error;
1347 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1348 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1349 goto error;
1350 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1351 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1352 goto error;
1353 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1354 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LE);
1355
1356 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1357 goto error;
1358 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1359 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1360 goto error;
1361 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1362 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1363 goto error;
1364 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1365 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1366 goto error;
1367 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1368 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LE);
1369
1370 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1371 goto error;
1372 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1373 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1374 goto error;
1375 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1376 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1377 goto error;
1378 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1379 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1380 goto error;
1381 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1382 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LE);
1383
1384 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1385 goto error;
1386 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1387 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1388 goto error;
1389 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1390 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1391 goto error;
1392 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1393 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1394 goto error;
1395 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1396 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LE);
1397
1398 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1399 goto error;
1400 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1401 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1402 goto error;
1403 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1404 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1405 goto error;
1406 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1407 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1408 goto error;
1409 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1410 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_LT);
1411
1412 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1413 goto error;
1414 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1415 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1416 goto error;
1417 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1418 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1419 goto error;
1420 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1421 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1422 goto error;
1423 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1424 /* we could get a LE */
1425 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1426
1427 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1428 goto error;
1429 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1430 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1431 goto error;
1432 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1433 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1434 goto error;
1435 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1436 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1437 goto error;
1438 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1439 /* we could get a LE */
1440 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1441
1442 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1443 goto error;
1444 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1445 if (inet_pton(AF_INET6, "2000::19", &in6) != 1)
1446 goto error;
1447 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1448 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1449 goto error;
1450 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1451 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1452 goto error;
1453 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1454 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1455
1456 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1457 goto error;
1458 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1459 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1460 goto error;
1461 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1462 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1463 goto error;
1464 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1465 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1466 goto error;
1467 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1468 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1469
1470 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1471 goto error;
1472 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1473 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1474 goto error;
1475 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1476 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1477 goto error;
1478 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1479 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1480 goto error;
1481 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1482 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_LT);
1483
1484 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1485 goto error;
1486 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1487 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1488 goto error;
1489 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1490 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1491 goto error;
1492 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1493 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1494 goto error;
1495 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1496 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GE);
1497
1498 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1499 goto error;
1500 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1501 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1502 goto error;
1503 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1504 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1505 goto error;
1506 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1507 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1508 goto error;
1509 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1510 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GE);
1511
1512 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1513 goto error;
1514 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1515 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1516 goto error;
1517 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1518 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1519 goto error;
1520 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1521 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1522 goto error;
1523 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1524 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GE);
1525
1526 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1527 goto error;
1528 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1529 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1530 goto error;
1531 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1532 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1533 goto error;
1534 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1535 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1536 goto error;
1537 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1538 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GE);
1539
1540 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1541 goto error;
1542 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1543 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1544 goto error;
1545 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1546 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1547 goto error;
1548 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1549 if (inet_pton(AF_INET6, "2000::19", &in6) != 1)
1550 goto error;
1551 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1552 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GE);
1553
1554 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1555 goto error;
1556 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1557 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1558 goto error;
1559 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1560 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1561 goto error;
1562 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1563 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1564 goto error;
1565 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1566 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GE);
1567
1568 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1569 goto error;
1570 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1571 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1572 goto error;
1573 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1574 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1575 goto error;
1576 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1577 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1578 goto error;
1579 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1580 result &= (DetectAddressCmpIPv6(a, b) == ADDRESS_GT);
1581
1582 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1583 goto error;
1584 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1585 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1586 goto error;
1587 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1588 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1589 goto error;
1590 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1591 if (inet_pton(AF_INET6, "2000::15", &in6) != 1)
1592 goto error;
1593 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1594 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GT);
1595
1596 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1597 goto error;
1598 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1599 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1600 goto error;
1601 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1602 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1603 goto error;
1604 memcpy(&b->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1605 if (inet_pton(AF_INET6, "2000::10", &in6) != 1)
1606 goto error;
1607 memcpy(&b->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1608 result &= (DetectAddressCmpIPv6(a, b) != ADDRESS_GT);
1609
1610 if (a != NULL)
1611 DetectAddressFree(a);
1612 if (b != NULL)
1613 DetectAddressFree(b);
1614 return result;
1615
1616 error:
1617 if (a != NULL)
1618 DetectAddressFree(a);
1619 if (b != NULL)
1620 DetectAddressFree(b);
1621 return 0;
1622}
1623
1624static int AddressTestIPv6CutNot01(void)
1625{
1626 DetectAddress *a = NULL;
1627 DetectAddress *b = NULL;
1628 struct in6_addr in6;
1629 int result = 1;
1630
1631 if ( (a = DetectAddressInit()) == NULL)
1632 goto error;
1633
1634 if (inet_pton(AF_INET6, "::", &in6) != 1)
1635 goto error;
1636 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1637 if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1638 goto error;
1639 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1640 result &= (DetectAddressCutNotIPv6(a, &b) == -1);
1641
1642 if (a != NULL)
1643 DetectAddressFree(a);
1644 if (b != NULL)
1645 DetectAddressFree(b);
1646 return result;
1647
1648 error:
1649 if (a != NULL)
1650 DetectAddressFree(a);
1651 if (b != NULL)
1652 DetectAddressFree(b);
1653 return 0;
1654}
1655
1656static int AddressTestIPv6CutNot02(void)
1657{
1658 DetectAddress *a = NULL;
1659 DetectAddress *b = NULL;
1660 DetectAddress *temp = NULL;
1661 struct in6_addr in6;
1662 int result = 1;
1663
1664 if ( (a = DetectAddressInit()) == NULL)
1665 goto error;
1666 if ( (temp = DetectAddressInit()) == NULL)
1667 goto error;
1668
1669 if (inet_pton(AF_INET6, "::", &in6) != 1)
1670 goto error;
1671 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1672 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1673 goto error;
1674 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1675 result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1676
1677 result &= (b == NULL);
1678
1679 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1680 goto error;
1681 memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1682 if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1683 goto error;
1684 memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1685
1686 result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1687
1688 if (a != NULL)
1689 DetectAddressFree(a);
1690 if (b != NULL)
1691 DetectAddressFree(b);
1692 if (temp != NULL)
1693 DetectAddressFree(temp);
1694 return result;
1695
1696 error:
1697 if (a != NULL)
1698 DetectAddressFree(a);
1699 if (b != NULL)
1700 DetectAddressFree(b);
1701 if (temp != NULL)
1702 DetectAddressFree(temp);
1703 return 0;
1704}
1705
1706static int AddressTestIPv6CutNot03(void)
1707{
1708 DetectAddress *a = NULL;
1709 DetectAddress *b = NULL;
1710 DetectAddress *temp = NULL;
1711 struct in6_addr in6;
1712 int result = 1;
1713
1714 if ( (a = DetectAddressInit()) == NULL)
1715 goto error;
1716 if ( (temp = DetectAddressInit()) == NULL)
1717 goto error;
1718
1719 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1720 goto error;
1721 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1722 if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1723 goto error;
1724 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1725 result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1726
1727 result &= (b == NULL);
1728
1729 if (inet_pton(AF_INET6, "::", &in6) != 1)
1730 goto error;
1731 memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1732 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1733 goto error;
1734 memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1735
1736 result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1737
1738 if (a != NULL)
1739 DetectAddressFree(a);
1740 if (b != NULL)
1741 DetectAddressFree(b);
1742 if (temp != NULL)
1743 DetectAddressFree(temp);
1744 return result;
1745
1746 error:
1747 if (a != NULL)
1748 DetectAddressFree(a);
1749 if (b != NULL)
1750 DetectAddressFree(b);
1751 if (temp != NULL)
1752 DetectAddressFree(temp);
1753 return 0;
1754}
1755
1756static int AddressTestIPv6CutNot04(void)
1757{
1758 DetectAddress *a = NULL;
1759 DetectAddress *b = NULL;
1760 DetectAddress *temp = NULL;
1761 struct in6_addr in6;
1762 int result = 1;
1763
1764 if ( (a = DetectAddressInit()) == NULL)
1765 goto error;
1766 if ( (temp = DetectAddressInit()) == NULL)
1767 goto error;
1768
1769 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1770 goto error;
1771 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1772 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1773 goto error;
1774 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1775 result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1776
1777 if (inet_pton(AF_INET6, "::", &in6) != 1)
1778 goto error;
1779 memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1780 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1781 goto error;
1782 memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1783 result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1784
1785 result &= (b != NULL);
1786 if (result == 0)
1787 goto error;
1788 if (inet_pton(AF_INET6, "2000::2", &in6) != 1)
1789 goto error;
1790 memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1791 if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1792 goto error;
1793 memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1794 result = (DetectAddressCmpIPv6(b, temp) == ADDRESS_EQ);
1795
1796 if (a != NULL)
1797 DetectAddressFree(a);
1798 if (b != NULL)
1799 DetectAddressFree(b);
1800 if (temp != NULL)
1801 DetectAddressFree(temp);
1802 return result;
1803
1804 error:
1805 if (a != NULL)
1806 DetectAddressFree(a);
1807 if (b != NULL)
1808 DetectAddressFree(b);
1809 if (temp != NULL)
1810 DetectAddressFree(temp);
1811 return 0;
1812}
1813
1814static int AddressTestIPv6CutNot05(void)
1815{
1816 DetectAddress *a = NULL;
1817 DetectAddress *b = NULL;
1818 DetectAddress *temp = NULL;
1819 struct in6_addr in6;
1820 int result = 1;
1821
1822 if ( (a = DetectAddressInit()) == NULL)
1823 goto error;
1824 if ( (temp = DetectAddressInit()) == NULL)
1825 goto error;
1826
1827 if (inet_pton(AF_INET6, "2000::1", &in6) != 1)
1828 goto error;
1829 memcpy(&a->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1830 if (inet_pton(AF_INET6, "2000::20", &in6) != 1)
1831 goto error;
1832 memcpy(&a->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1833 result &= (DetectAddressCutNotIPv6(a, &b) == 0);
1834
1835 if (inet_pton(AF_INET6, "::", &in6) != 1)
1836 goto error;
1837 memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1838 if (inet_pton(AF_INET6, "2000::0", &in6) != 1)
1839 goto error;
1840 memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1841 result = (DetectAddressCmpIPv6(a, temp) == ADDRESS_EQ);
1842
1843 result &= (b != NULL);
1844 if (result == 0)
1845 goto error;
1846 if (inet_pton(AF_INET6, "2000::21", &in6) != 1)
1847 goto error;
1848 memcpy(&temp->ip.address, in6.s6_addr, sizeof(in6.s6_addr));
1849 if (inet_pton(AF_INET6, "FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", &in6) != 1)
1850 goto error;
1851 memcpy(&temp->ip2.address, in6.s6_addr, sizeof(in6.s6_addr));
1852 result = (DetectAddressCmpIPv6(b, temp) == ADDRESS_EQ);
1853
1854 if (a != NULL)
1855 DetectAddressFree(a);
1856 if (b != NULL)
1857 DetectAddressFree(b);
1858 if (temp != NULL)
1859 DetectAddressFree(temp);
1860 return result;
1861
1862 error:
1863 if (a != NULL)
1864 DetectAddressFree(a);
1865 if (b != NULL)
1866 DetectAddressFree(b);
1867 if (temp != NULL)
1868 DetectAddressFree(temp);
1869 return 0;
1870}
1871
1872#endif /* UNITTESTS */
1873
1874void DetectAddressIPv6Tests(void)
1875{
1876
1877#ifdef UNITTESTS
1878 UtRegisterTest("AddressTestIPv6Gt01", AddressTestIPv6Gt01);
1879 UtRegisterTest("AddressTestIPv6Gt02", AddressTestIPv6Gt02);
1880 UtRegisterTest("AddressTestIPv6Gt03", AddressTestIPv6Gt03);
1881 UtRegisterTest("AddressTestIPv6Gt04", AddressTestIPv6Gt04);
1882
1883 UtRegisterTest("AddressTestIPv6Lt01", AddressTestIPv6Lt01);
1884 UtRegisterTest("AddressTestIPv6Lt02", AddressTestIPv6Lt02);
1885 UtRegisterTest("AddressTestIPv6Lt03", AddressTestIPv6Lt03);
1886 UtRegisterTest("AddressTestIPv6Lt04", AddressTestIPv6Lt04);
1887
1888 UtRegisterTest("AddressTestIPv6Eq01", AddressTestIPv6Eq01);
1889 UtRegisterTest("AddressTestIPv6Eq02", AddressTestIPv6Eq02);
1890 UtRegisterTest("AddressTestIPv6Eq03", AddressTestIPv6Eq03);
1891 UtRegisterTest("AddressTestIPv6Eq04", AddressTestIPv6Eq04);
1892
1893 UtRegisterTest("AddressTestIPv6Le01", AddressTestIPv6Le01);
1894 UtRegisterTest("AddressTestIPv6Le02", AddressTestIPv6Le02);
1895 UtRegisterTest("AddressTestIPv6Le03", AddressTestIPv6Le03);
1896 UtRegisterTest("AddressTestIPv6Le04", AddressTestIPv6Le04);
1897 UtRegisterTest("AddressTestIPv6Le05", AddressTestIPv6Le05);
1898
1899 UtRegisterTest("AddressTestIPv6Ge01", AddressTestIPv6Ge01);
1900 UtRegisterTest("AddressTestIPv6Ge02", AddressTestIPv6Ge02);
1901 UtRegisterTest("AddressTestIPv6Ge03", AddressTestIPv6Ge03);
1902 UtRegisterTest("AddressTestIPv6Ge04", AddressTestIPv6Ge04);
1903 UtRegisterTest("AddressTestIPv6Ge05", AddressTestIPv6Ge05);
1904
1905 UtRegisterTest("AddressTestIPv6SubOne01", AddressTestIPv6SubOne01);
1906 UtRegisterTest("AddressTestIPv6SubOne02", AddressTestIPv6SubOne02);
1907
1908 UtRegisterTest("AddressTestIPv6AddOne01", AddressTestIPv6AddOne01);
1909 UtRegisterTest("AddressTestIPv6AddOne02", AddressTestIPv6AddOne02);
1910
1911 UtRegisterTest("AddressTestIPv6AddressCmp01", AddressTestIPv6AddressCmp01);
1912
1913 UtRegisterTest("AddressTestIPv6CutNot01", AddressTestIPv6CutNot01);
1914 UtRegisterTest("AddressTestIPv6CutNot02", AddressTestIPv6CutNot02);
1915 UtRegisterTest("AddressTestIPv6CutNot03", AddressTestIPv6CutNot03);
1916 UtRegisterTest("AddressTestIPv6CutNot04", AddressTestIPv6CutNot04);
1917 UtRegisterTest("AddressTestIPv6CutNot05", AddressTestIPv6CutNot05);
1918#endif /* UNITTESTS */
1919}
AddressIPv6GeU32
int AddressIPv6GeU32(uint32_t *a, uint32_t *b)
Definition detect-engine-address-ipv6.c:205
AddressIPv6LeU32
int AddressIPv6LeU32(uint32_t *a, uint32_t *b)
Definition detect-engine-address-ipv6.c:173
AddressIPv6Gt
int AddressIPv6Gt(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is greater than the second address(b) o...
Definition detect-engine-address-ipv6.c:90
AddressIPv6Le
int AddressIPv6Le(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is less than or equal to the second add...
Definition detect-engine-address-ipv6.c:162
DetectAddressCutIPv6
int DetectAddressCutIPv6(DetectEngineCtx *de_ctx, DetectAddress *a, DetectAddress *b, DetectAddress **c)
Definition detect-engine-address-ipv6.c:353
AddressIPv6Ge
int AddressIPv6Ge(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is greater than or equal to the second ...
Definition detect-engine-address-ipv6.c:194
DetectAddressIPv6Tests
void DetectAddressIPv6Tests(void)
Definition detect-engine-address-ipv6.c:1874
AddressIPv6EqU32
int AddressIPv6EqU32(uint32_t *a, uint32_t *b)
Definition detect-engine-address-ipv6.c:140
DetectAddressCutNotIPv6
int DetectAddressCutNotIPv6(DetectAddress *a, DetectAddress **b)
Cuts and returns an address range, which is the complement of the address range that is supplied as t...
Definition detect-engine-address-ipv6.c:704
AddressIPv6Eq
int AddressIPv6Eq(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the addresses are equal or not.
Definition detect-engine-address-ipv6.c:128
AddressIPv6LtU32
int AddressIPv6LtU32(uint32_t *a, uint32_t *b)
Definition detect-engine-address-ipv6.c:66
AddressIPv6Lt
int AddressIPv6Lt(const Address *a, const Address *b)
Compares 2 ipv6 addresses and returns if the first address(a) is less than the second address(b) or n...
Definition detect-engine-address-ipv6.c:52
DetectAddressCmpIPv6
int DetectAddressCmpIPv6(DetectAddress *a, DetectAddress *b)
Compares 2 addresses(address ranges) and returns the relationship between the 2 addresses.
Definition detect-engine-address-ipv6.c:232
AddressIPv6GtU32
int AddressIPv6GtU32(uint32_t *a, uint32_t *b)
Definition detect-engine-address-ipv6.c:104
DetectAddressInit
DetectAddress * DetectAddressInit(void)
Creates and returns a new instance of a DetectAddress.
Definition detect-engine-address.c:69
DetectAddressFree
void DetectAddressFree(DetectAddress *ag)
Frees a DetectAddress instance.
Definition detect-engine-address.c:82
ADDRESS_ER
@ ADDRESS_ER
Definition detect.h:152
ADDRESS_GT
@ ADDRESS_GT
Definition detect.h:159
ADDRESS_EB
@ ADDRESS_EB
Definition detect.h:157
ADDRESS_EQ
@ ADDRESS_EQ
Definition detect.h:155
ADDRESS_ES
@ ADDRESS_ES
Definition detect.h:156
ADDRESS_GE
@ ADDRESS_GE
Definition detect.h:158
ADDRESS_LE
@ ADDRESS_LE
Definition detect.h:154
ADDRESS_LT
@ ADDRESS_LT
Definition detect.h:153
de_ctx
DetectEngineCtx * de_ctx
Definition fuzz_siginit.c:18
UtRegisterTest
void UtRegisterTest(const char *name, int(*TestFn)(void))
Register unit test.
Definition util-unittest.c:103
Address_
Definition decode.h:112
Address_::address
union Address_::@30 address
Address_::family
char family
Definition decode.h:113
DetectAddress_
address structure for use in the detection engine.
Definition detect.h:168
DetectAddress_::ip2
Address ip2
Definition detect.h:171
DetectAddress_::ip
Address ip
Definition detect.h:170
DetectEngineCtx_
main detection engine ctx
Definition detect.h:932
SCNtohl
#define SCNtohl(x)
Definition suricata-common.h:430
SCLogDebug
#define SCLogDebug(...)
Definition util-debug.h:275