@ -1360,55 +1360,60 @@ START_TEST(set_filter_rule_07)
s = filter_rule_str ( opts - > filter_rules ) ;
s = filter_rule_str ( opts - > filter_rules ) ;
fail_unless ( ! strcmp ( s ,
fail_unless ( ! strcmp ( s ,
" filter rule 0: site=, substring, port=, , ip=, user=, keyword=, all=conns||sites|, action=divert||||, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=0\n "
" filter rule 0: site=, port=, ip=, user=, keyword=, exact=|||| , all=conns||sites|, action=divert||||, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=0\n "
" filter rule 1: site=, substring, port=, , ip=, user=, keyword=, all=conns||sites|, action=|split|||, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=0\n "
" filter rule 1: site=, port=, ip=, user=, keyword=, exact=|||| , all=conns||sites|, action=|split|||, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=0\n "
" filter rule 2: site=, substring, port=, , ip=, user=, keyword=, all=conns||sites|, action=||pass||, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=0\n "
" filter rule 2: site=, port=, ip=, user=, keyword=, exact=|||| , all=conns||sites|, action=||pass||, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=0\n "
" filter rule 3: site=, substring, port=, , ip=, user=, keyword=, all=|users|sites|, action=|||block|, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=1\n "
" filter rule 3: site=, port=, ip=, user=, keyword=, exact=|||| , all=|users|sites|, action=|||block|, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=1\n "
" filter rule 4: site=, substring, port=, , ip=, user=, keyword=desc, all=|users|sites|, action=||||match, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=2\n "
" filter rule 4: site=, port=, ip=, user=, keyword=desc, exact=||||keyword , all=|users|sites|, action=||||match, log=|||||, apply to=dstip|sni|cn|host|uri, precedence=2\n "
" filter rule 5: site=, substring, port=, , ip=, user=, keyword=, all=conns||sites|, action=||||match, log=connect|master|cert|content|pcap|mirror, apply to=dstip|sni|cn|host|uri, precedence=1" ) ,
" filter rule 5: site=, port=, ip=, user=, keyword=, exact=|||| , all=conns||sites|, action=||||match, log=connect|master|cert|content|pcap|mirror, apply to=dstip|sni|cn|host|uri, precedence=1" ) ,
" failed to parse rule: %s " , s ) ;
" failed to parse rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
close ( 2 ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
s = filter_str ( opts - > filter ) ;
s = filter_str ( opts - > filter ) ;
fail_unless ( ! strcmp ( s , " filter=> \n "
fail_unless ( ! strcmp ( s , " filter=> \n "
" userkeyword_filter-> \n "
" userkeyword_filter_exact-> \n "
" user_filter-> \n "
" userkeyword_filter_substr-> \n "
" keyword_filter-> \n "
" user_filter_exact-> \n "
" keyword 0 desc= \n "
" user_filter_substr-> \n "
" ip: \n "
" keyword_filter_exact-> \n "
" keyword 0 desc (exact)= \n "
" ip substring: \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" sni: \n "
" sni substring : \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" cn : \n "
" cn substring : \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" host : \n "
" host substring : \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" uri : \n "
" uri substring : \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=2) \n "
" keyword_filter_substr-> \n "
" all_user_filter-> \n "
" all_user_filter-> \n "
" ip : \n "
" ip substring : \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" sni : \n "
" sni substring : \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" cn : \n "
" cn substring : \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" host : \n "
" host substring : \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" uri : \n "
" uri substring : \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" 0: (all_sites, substring, action=|||block|, log=|||||, precedence=1) \n "
" ip_filter-> \n "
" ip_filter_exact-> \n "
" ip_filter_substr-> \n "
" all_filter-> \n "
" all_filter-> \n "
" ip : \n "
" ip substring : \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" sni : \n "
" sni substring : \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" cn : \n "
" cn substring : \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" host : \n "
" host substring : \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n "
" uri : \n "
" uri substring : \n "
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n " ) , " failed to translate rule: %s " , s ) ;
" 0: (all_sites, substring, action=divert|split|pass||match, log=connect|master|cert|content|pcap|mirror, precedence=1) \n " ) , " failed to translate rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
@ -1475,56 +1480,44 @@ START_TEST(set_filter_rule_08)
s = filter_rule_str ( opts - > filter_rules ) ;
s = filter_rule_str ( opts - > filter_rules ) ;
fail_unless ( ! strcmp ( s ,
fail_unless ( ! strcmp ( s ,
" filter rule 0: site=192.168.0.2, exact, port=, , ip=192.168.0.1, user=, keyword=, all=|||, action=divert||||, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 0: site=192.168.0.2, port=, ip=192.168.0.1, user=, keyword=, exact=site||ip|| , all=|||, action=divert||||, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 1: site=192.168.0.2, exact, port=, , ip=192.168.0.1, user=, keyword=, all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=dstip||||, precedence=2\n "
" filter rule 1: site=192.168.0.2, port=, ip=192.168.0.1, user=, keyword=, exact=site||ip|| , all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=dstip||||, precedence=2\n "
" filter rule 2: site=192.168.0.2, exact, port=, , ip=192.168.0.1, user=, keyword=, all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=dstip||||, precedence=2\n "
" filter rule 2: site=192.168.0.2, port=, ip=192.168.0.1, user=, keyword=, exact=site||ip|| , all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=dstip||||, precedence=2\n "
" filter rule 3: site=192.168.0.2, exact, port=, , ip=192.168.0.1, user=, keyword=, all=|||, action=|||block|, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 3: site=192.168.0.2, port=, ip=192.168.0.1, user=, keyword=, exact=site||ip|| , all=|||, action=|||block|, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 4: site=192.168.0.3, exact, port=, , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 4: site=192.168.0.3, port=, ip=192.168.0.1, user=, keyword=, exact=site||ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 5: site=192.168.0.1, exact, port=, , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 5: site=192.168.0.1, port=, ip=192.168.0.2, user=, keyword=, exact=site||ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 6: site=, substring, port=, , ip=192.168.0.2, user=, keyword=, all=||sites|, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 6: site=, port=, ip=192.168.0.2, user=, keyword=, exact=||ip|| , all=||sites|, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 7: site=192.168.0., substring, port=, , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 7: site=192.168.0., port=, ip=192.168.0.2, user=, keyword=, exact=||ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1\n "
" filter rule 8: site=192.168.0.3, exact, port=, , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1" ) ,
" filter rule 8: site=192.168.0.3, port=, ip=192.168.0.2, user=, keyword=, exact=site||ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=1" ) ,
" failed to parse rule: %s " , s ) ;
" failed to parse rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
close ( 2 ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
s = filter_str ( opts - > filter ) ;
s = filter_str ( opts - > filter ) ;
fail_unless ( ! strcmp ( s , " filter=> \n "
fail_unless ( ! strcmp ( s , " filter=> \n "
" userkeyword_filter-> \n "
" userkeyword_filter_exact-> \n "
" user_filter-> \n "
" userkeyword_filter_substr-> \n "
" keyword_filter-> \n "
" user_filter_exact-> \n "
" user_filter_substr-> \n "
" keyword_filter_exact-> \n "
" keyword_filter_substr-> \n "
" all_user_filter-> \n "
" all_user_filter-> \n "
" ip: \n "
" ip_filter_exact-> \n "
" sni: \n "
" ip 0 192.168.0.2 (exact)= \n "
" cn: \n "
" ip exact: \n "
" host: \n "
" 0: 192.168.0.3 (exact, action=||||match, log=|||||, precedence=1) \n "
" uri: \n "
" 1: 192.168.0.1 (exact, action=||||match, log=|||||, precedence=1) \n "
" ip_filter-> \n "
" ip substring: \n "
" ip 0 192.168.0.2= \n "
" 0: 192.168.0. (substring, action=||||match, log=|||||, precedence=1) \n "
" ip: \n "
" 1: (all_sites, substring, action=||||match, log=|||||, precedence=1) \n "
" 0: 192.168.0.1 (exact, action=||||match, log=|||||, precedence=1) \n "
" ip 1 192.168.0.1 (exact)= \n "
" 1: 192.168.0. (substring, action=||||match, log=|||||, precedence=1) \n "
" ip exact: \n "
" 2: 192.168.0.3 (exact, action=||||match, log=|||||, precedence=1) \n "
" 0: 192.168.0.3 (exact, action=||||match, log=|||||, precedence=1) \n "
" 3: (all_sites, substring, action=||||match, log=|||||, precedence=1) \n "
" 1: 192.168.0.2 (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=2) \n "
" sni: \n "
" ip_filter_substr-> \n "
" cn: \n "
" all_filter-> \n " ) , " failed to translate rule: %s " , s ) ;
" host: \n "
" uri: \n "
" ip 1 192.168.0.1= \n "
" ip: \n "
" 0: 192.168.0.2 (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=2) \n "
" 1: 192.168.0.3 (exact, action=||||match, log=|||||, precedence=1) \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n "
" all_filter-> \n "
" ip: \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n " ) , " failed to translate rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
opts_free ( opts ) ;
opts_free ( opts ) ;
@ -1596,63 +1589,51 @@ START_TEST(set_filter_rule_09)
s = filter_rule_str ( opts - > filter_rules ) ;
s = filter_rule_str ( opts - > filter_rules ) ;
fail_unless ( ! strcmp ( s ,
fail_unless ( ! strcmp ( s ,
" filter rule 0: site=192.168.0.2, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=divert||||, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 0: site=192.168.0.2, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=divert||||, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 1: site=192.168.0.2, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=dstip||||, precedence=3\n "
" filter rule 1: site=192.168.0.2, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=dstip||||, precedence=3\n "
" filter rule 2: site=192.168.0.2, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 2: site=192.168.0.2, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 3: site=192.168.0.2, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=|||block|, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 3: site=192.168.0.2, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=|||block|, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 4: site=192.168.0.3, exact, port=, , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|||||!mirror, apply to=dstip||||, precedence=2\n "
" filter rule 4: site=192.168.0.3, port=, ip=192.168.0.1, user=, keyword=, exact=site||ip|| , all=|||, action=||||match, log=|||||!mirror, apply to=dstip||||, precedence=2\n "
" filter rule 5: site=192.168.0.3, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 5: site=192.168.0.3, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 6: site=192.168.0.3, exact, port=80, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 6: site=192.168.0.3, port=80, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 7: site=192.168.0.1, exact, port=443, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 7: site=192.168.0.1, port=443, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 8: site=192.168.0.1, exact, port=, substring_port , ip=192.168.0.2, user=, keyword=, all=|||ports, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 8: site=192.168.0.1, port=, ip=192.168.0.2, user=, keyword=, exact=site||ip|| , all=|||ports, action=||||match, log=|||||, apply to=dstip||||, precedence=2\n "
" filter rule 9: site=192.168.0.1, exact, port=80, substring_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2" ) ,
" filter rule 9: site=192.168.0.1, port=80, ip=192.168.0.2, user=, keyword=, exact=site||ip|| , all=|||, action=||||match, log=|||||, apply to=dstip||||, precedence=2" ) ,
" failed to parse rule: %s " , s ) ;
" failed to parse rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
close ( 2 ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
s = filter_str ( opts - > filter ) ;
s = filter_str ( opts - > filter ) ;
fail_unless ( ! strcmp ( s , " filter=> \n "
fail_unless ( ! strcmp ( s , " filter=> \n "
" userkeyword_filter-> \n "
" userkeyword_filter_exact-> \n "
" user_filter-> \n "
" userkeyword_filter_substr-> \n "
" keyword_filter-> \n "
" user_filter_exact-> \n "
" user_filter_substr-> \n "
" keyword_filter_exact-> \n "
" keyword_filter_substr-> \n "
" all_user_filter-> \n "
" all_user_filter-> \n "
" ip: \n "
" ip_filter_exact-> \n "
" sni: \n "
" ip 0 192.168.0.2 (exact)= \n "
" cn: \n "
" ip exact: \n "
" host: \n "
" uri: \n "
" ip_filter-> \n "
" ip 0 192.168.0.2= \n "
" ip: \n "
" 0: 192.168.0.1 (exact, action=||||, log=|||||, precedence=0) \n "
" 0: 192.168.0.1 (exact, action=||||, log=|||||, precedence=0) \n "
" port :\n "
" port exact: \n "
" 0: 443 (exact, action=||||match, log=|||||, precedence=2) \n "
" 0: 443 (exact, action=||||match, log=|||||, precedence=2) \n "
" 1: 80 (substring, action=||||match, log=|||||, precedence=2) \n "
" port substring: \n "
" 2: (all_ports, substring, action=||||match, log=|||||, precedence=2) \n "
" 0: 80 (substring, action=||||match, log=|||||, precedence=2) \n "
" sni: \n "
" 1: (all_ports, substring, action=||||match, log=|||||, precedence=2) \n "
" cn: \n "
" ip 1 192.168.0.1 (exact)= \n "
" host: \n "
" ip exact: \n "
" uri: \n "
" 0: 192.168.0.3 (exact, action=||||match, log=|||||!mirror, precedence=2) \n "
" ip 1 192.168.0.1= \n "
" port exact: \n "
" ip: \n "
" 0: 80 (exact, action=||||match, log=|||||, precedence=2) \n "
" 0: 192.168.0.2 (exact, action=||||, log=|||||, precedence=0) \n "
" 1: 443 (exact, action=||||match, log=|||||, precedence=2) \n "
" port: \n "
" 1: 192.168.0.2 (exact, action=||||, log=|||||, precedence=0) \n "
" port exact: \n "
" 0: 443 (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=3) \n "
" 0: 443 (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=3) \n "
" 1: 192.168.0.3 (exact, action=||||match, log=|||||!mirror, precedence=2) \n "
" ip_filter_substr-> \n "
" port: \n "
" all_filter-> \n " ) , " failed to translate rule: %s " , s ) ;
" 0: 443 (exact, action=||||match, log=|||||, precedence=2) \n "
" 1: 80 (exact, action=||||match, log=|||||, precedence=2) \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n "
" all_filter-> \n "
" ip: \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n " ) , " failed to translate rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
opts_free ( opts ) ;
opts_free ( opts ) ;
@ -1720,56 +1701,44 @@ START_TEST(set_filter_rule_10)
s = filter_rule_str ( opts - > filter_rules ) ;
s = filter_rule_str ( opts - > filter_rules ) ;
fail_unless ( ! strcmp ( s ,
fail_unless ( ! strcmp ( s ,
" filter rule 0: site=example.com, exact, port=, , ip=, user=root, keyword=, all=|||, action=divert||||, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 0: site=example.com, port=, ip=, user=root, keyword=, exact=site|||user| , all=|||, action=divert||||, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 1: site=example.com, exact, port=, , ip=, user=root, keyword=, all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=|sni|||, precedence=4\n "
" filter rule 1: site=example.com, port=, ip=, user=root, keyword=, exact=site|||user| , all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=|sni|||, precedence=4\n "
" filter rule 2: site=example.com, exact, port=, , ip=, user=root, keyword=, all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=|sni|||, precedence=4\n "
" filter rule 2: site=example.com, port=, ip=, user=root, keyword=, exact=site|||user| , all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=|sni|||, precedence=4\n "
" filter rule 3: site=example.com, exact, port=, , ip=, user=root, keyword=, all=|||, action=|||block|, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 3: site=example.com, port=, ip=, user=root, keyword=, exact=site|||user| , all=|||, action=|||block|, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 4: site=example2.com, exact, port=, , ip=, user=root, keyword=, all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 4: site=example2.com, port=, ip=, user=root, keyword=, exact=site|||user| , all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 5: site=example.com, exact, port=, , ip=, user=daemon, keyword=, all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 5: site=example.com, port=, ip=, user=daemon, keyword=, exact=site|||user| , all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 6: site=, substring, port=, , ip=, user=daemon, keyword=, all=||sites|, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 6: site=, port=, ip=, user=daemon, keyword=, exact=|||user| , all=||sites|, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 7: site=.example.com, substring, port=, , ip=, user=daemon, keyword=, all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 7: site=.example.com, port=, ip=, user=daemon, keyword=, exact=|||user| , all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3\n "
" filter rule 8: site=example3.com, exact, port=, , ip=, user=daemon, keyword=, all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3" ) ,
" filter rule 8: site=example3.com, port=, ip=, user=daemon, keyword=, exact=site|||user| , all=|||, action=||||match, log=|||||, apply to=|sni|||, precedence=3" ) ,
" failed to parse rule: %s " , s ) ;
" failed to parse rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
close ( 2 ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
s = filter_str ( opts - > filter ) ;
s = filter_str ( opts - > filter ) ;
fail_unless ( ! strcmp ( s , " filter=> \n "
fail_unless ( ! strcmp ( s , " filter=> \n "
" userkeyword_filter-> \n "
" userkeyword_filter_exact-> \n "
" user_filter-> \n "
" userkeyword_filter_substr-> \n "
" user 0 daemon= \n "
" user_filter_exact-> \n "
" ip: \n "
" user 0 root (exact)= \n "
" sni: \n "
" sni exact: \n "
" 0: example.com (exact, action=||||match, log=|||||, precedence=3) \n "
" 0: example2.com (exact, action=||||match, log=|||||, precedence=3) \n "
" 1: .example.com (substring, action=||||match, log=|||||, precedence=3) \n "
" 1: example.com (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=4) \n "
" 2: example3.com (exact, action=||||match, log=|||||, precedence=3) \n "
" user 1 daemon (exact)= \n "
" 3: (all_sites, substring, action=||||match, log=|||||, precedence=3) \n "
" sni exact: \n "
" cn: \n "
" 0: example3.com (exact, action=||||match, log=|||||, precedence=3) \n "
" host: \n "
" 1: example.com (exact, action=||||match, log=|||||, precedence=3) \n "
" uri: \n "
" sni substring: \n "
" user 1 root= \n "
" 0: .example.com (substring, action=||||match, log=|||||, precedence=3) \n "
" ip: \n "
" 1: (all_sites, substring, action=||||match, log=|||||, precedence=3) \n "
" sni: \n "
" user_filter_substr-> \n "
" 0: example.com (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=4) \n "
" keyword_filter_exact-> \n "
" 1: example2.com (exact, action=||||match, log=|||||, precedence=3) \n "
" keyword_filter_substr-> \n "
" cn: \n "
" host: \n "
" uri: \n "
" keyword_filter-> \n "
" all_user_filter-> \n "
" all_user_filter-> \n "
" ip: \n "
" ip_filter_exact-> \n "
" sni: \n "
" ip_filter_substr-> \n "
" cn: \n "
" all_filter-> \n " ) , " failed to translate rule: %s " , s ) ;
" host: \n "
" uri: \n "
" ip_filter-> \n "
" all_filter-> \n "
" ip: \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n " ) , " failed to translate rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
opts_free ( opts ) ;
opts_free ( opts ) ;
@ -1861,84 +1830,63 @@ START_TEST(set_filter_rule_11)
s = filter_rule_str ( opts - > filter_rules ) ;
s = filter_rule_str ( opts - > filter_rules ) ;
fail_unless ( ! strcmp ( s ,
fail_unless ( ! strcmp ( s ,
" filter rule 0: site=example.com, exact, port=, , ip=, user=root, keyword=desc, all=|||, action=divert||||, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 0: site=example.com, port=, ip=, user=root, keyword=desc, exact=site|||user|keyword , all=|||, action=divert||||, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 1: site=example.com, exact, port=, , ip=, user=root, keyword=desc, all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=||cn||, precedence=5\n "
" filter rule 1: site=example.com, port=, ip=, user=root, keyword=desc, exact=site|||user|keyword , all=|||, action=|split|||, log=connect|master|cert|content|pcap|mirror, apply to=||cn||, precedence=5\n "
" filter rule 2: site=example.com, exact, port=, , ip=, user=root, keyword=desc, all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=||cn||, precedence=5\n "
" filter rule 2: site=example.com, port=, ip=, user=root, keyword=desc, exact=site|||user|keyword , all=|||, action=||pass||, log=!connect||!cert||!pcap|, apply to=||cn||, precedence=5\n "
" filter rule 3: site=example.com, exact, port=, , ip=, user=root, keyword=desc, all=|||, action=|||block|, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 3: site=example.com, port=, ip=, user=root, keyword=desc, exact=site|||user|keyword , all=|||, action=|||block|, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 4: site=example2.com, exact, port=, , ip=, user=root, keyword=desc, all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 4: site=example2.com, port=, ip=, user=root, keyword=desc, exact=site|||user|keyword , all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 5: site=example.com, exact, port=, , ip=, user=daemon, keyword=desc, all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 5: site=example.com, port=, ip=, user=daemon, keyword=desc, exact=site|||user|keyword , all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 6: site=, substring, port=, , ip=, user=daemon, keyword=desc, all=||sites|, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 6: site=, port=, ip=, user=daemon, keyword=desc, exact=|||user|keyword , all=||sites|, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 7: site=.example.com, substring, port=, , ip=, user=daemon, keyword=desc, all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 7: site=.example.com, port=, ip=, user=daemon, keyword=desc, exact=|||user|keyword , all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 8: site=example3.com, exact, port=, , ip=, user=daemon, keyword=desc, all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 8: site=example3.com, port=, ip=, user=daemon, keyword=desc, exact=site|||user|keyword , all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 9: site=example4.com, exact, port=, , ip=, user=daemon, keyword=desc2, all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 9: site=example4.com, port=, ip=, user=daemon, keyword=desc2, exact=site|||user|keyword , all=|||, action=||||match, log=|||||, apply to=||cn||, precedence=4\n "
" filter rule 10: site=example5.com, exact, port=, , ip=, user=, keyword=desc, all=|users||, action=||||match, log=|||||, apply to=||cn||, precedence=3\n "
" filter rule 10: site=example5.com, port=, ip=, user=, keyword=desc, exact=site||||keyword , all=|users||, action=||||match, log=|||||, apply to=||cn||, precedence=3\n "
" filter rule 11: site=, substring, port=, , ip=, user=, keyword=desc, all=|users|sites|, action=||||match, log=|||||, apply to=|||host|, precedence=3\n "
" filter rule 11: site=, port=, ip=, user=, keyword=desc, exact=||||keyword , all=|users|sites|, action=||||match, log=|||||, apply to=|||host|, precedence=3\n "
" filter rule 12: site=example6.com, exact, port=, , ip=, user=, keyword=desc3, all=|users||, action=||||match, log=|||||, apply to=||||uri, precedence=3" ) ,
" filter rule 12: site=example6.com, port=, ip=, user=, keyword=desc3, exact=site||||keyword , all=|users||, action=||||match, log=|||||, apply to=||||uri, precedence=3" ) ,
" failed to parse rule: %s " , s ) ;
" failed to parse rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
close ( 2 ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
s = filter_str ( opts - > filter ) ;
s = filter_str ( opts - > filter ) ;
fail_unless ( ! strcmp ( s , " filter=> \n "
fail_unless ( ! strcmp ( s , " filter=> \n "
" userkeyword_filter-> \n "
" userkeyword_filter_exact-> \n "
" user 0 daemon= \n "
" user 0 root (exact)= \n "
" keyword 0 desc2= \n "
" keyword exact: \n "
" ip: \n "
" keyword 0 desc (exact)= \n "
" sni: \n "
" cn exact: \n "
" cn: \n "
" 0: example2.com (exact, action=||||match, log=|||||, precedence=4) \n "
" 1: example.com (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=5) \n "
" user 1 daemon (exact)= \n "
" keyword exact: \n "
" keyword 0 desc2 (exact)= \n "
" cn exact: \n "
" 0: example4.com (exact, action=||||match, log=|||||, precedence=4) \n "
" 0: example4.com (exact, action=||||match, log=|||||, precedence=4) \n "
" host: \n "
" keyword 1 desc (exact)= \n "
" uri: \n "
" cn exact: \n "
" keyword 1 desc= \n "
" 0: example3.com (exact, action=||||match, log=|||||, precedence=4) \n "
" ip: \n "
" 1: example.com (exact, action=||||match, log=|||||, precedence=4) \n "
" sni: \n "
" cn substring: \n "
" cn: \n "
" 0: .example.com (substring, action=||||match, log=|||||, precedence=4) \n "
" 0: example.com (exact, action=||||match, log=|||||, precedence=4) \n "
" 1: (all_sites, substring, action=||||match, log=|||||, precedence=4) \n "
" 1: .example.com (substring, action=||||match, log=|||||, precedence=4) \n "
" userkeyword_filter_substr-> \n "
" 2: example3.com (exact, action=||||match, log=|||||, precedence=4) \n "
" user_filter_exact-> \n "
" 3: (all_sites, substring, action=||||match, log=|||||, precedence=4) \n "
" user_filter_substr-> \n "
" host: \n "
" keyword_filter_exact-> \n "
" uri: \n "
" keyword 0 desc3 (exact)= \n "
" user 1 root= \n "
" uri exact: \n "
" keyword 0 desc= \n "
" ip: \n "
" sni: \n "
" cn: \n "
" 0: example.com (exact, action=divert|split|pass||, log=!connect|master|!cert|content|!pcap|mirror, precedence=5) \n "
" 1: example2.com (exact, action=||||match, log=|||||, precedence=4) \n "
" host: \n "
" uri: \n "
" user_filter-> \n "
" keyword_filter-> \n "
" keyword 0 desc3= \n "
" ip: \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n "
" 0: example6.com (exact, action=||||match, log=|||||, precedence=3) \n "
" 0: example6.com (exact, action=||||match, log=|||||, precedence=3) \n "
" keyword 1 desc= \n "
" keyword 1 desc (exact)= \n "
" ip: \n "
" cn exact: \n "
" sni: \n "
" cn: \n "
" 0: example5.com (exact, action=||||match, log=|||||, precedence=3) \n "
" 0: example5.com (exact, action=||||match, log=|||||, precedence=3) \n "
" host : \n "
" host substring: \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=3) \n "
" 0: (all_sites, substring, action=||||match, log=|||||, precedence=3) \n "
" uri: \n "
" keyword_filter_substr-> \n "
" all_user_filter-> \n "
" all_user_filter-> \n "
" ip: \n "
" ip_filter_exact-> \n "
" sni: \n "
" ip_filter_substr-> \n "
" cn: \n "
" all_filter-> \n " ) , " failed to translate rule: %s " , s ) ;
" host: \n "
" uri: \n "
" ip_filter-> \n "
" all_filter-> \n "
" ip: \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n " ) , " failed to translate rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
opts_free ( opts ) ;
opts_free ( opts ) ;
@ -1978,73 +1926,60 @@ START_TEST(set_filter_rule_12)
s = filter_rule_str ( opts - > filter_rules ) ;
s = filter_rule_str ( opts - > filter_rules ) ;
fail_unless ( ! strcmp ( s ,
fail_unless ( ! strcmp ( s ,
" filter rule 0: site=192.168.0.3, exact, port=80, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 0: site=192.168.0.3, port=80, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 1: site=192.168.0.3, exact, port=80, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 1: site=192.168.0.3, port=80, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 2: site=192.168.0.3, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 2: site=192.168.0.3, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 3: site=192.168.0.3, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 3: site=192.168.0.3, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 4: site=192.168.0.4, exact, port=80, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 4: site=192.168.0.4, port=80, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 5: site=192.168.0.4, exact, port=80, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 5: site=192.168.0.4, port=80, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 6: site=192.168.0.4, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 6: site=192.168.0.4, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 7: site=192.168.0.4, exact, port=443, exact_port , ip=192.168.0.1, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 7: site=192.168.0.4, port=443, ip=192.168.0.1, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 8: site=192.168.0.3, exact, port=80, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 8: site=192.168.0.3, port=80, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 9: site=192.168.0.3, exact, port=80, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 9: site=192.168.0.3, port=80, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 10: site=192.168.0.3, exact, port=443, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 10: site=192.168.0.3, port=443, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 11: site=192.168.0.3, exact, port=443, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 11: site=192.168.0.3, port=443, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 12: site=192.168.0.4, exact, port=80, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 12: site=192.168.0.4, port=80, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 13: site=192.168.0.4, exact, port=80, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 13: site=192.168.0.4, port=80, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3\n "
" filter rule 14: site=192.168.0.4, exact, port=443, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 14: site=192.168.0.4, port=443, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=|!master||||, apply to=dstip||||, precedence=3\n "
" filter rule 15: site=192.168.0.4, exact, port=443, exact_port , ip=192.168.0.2, user=, keyword=, all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3" ) ,
" filter rule 15: site=192.168.0.4, port=443, ip=192.168.0.2, user=, keyword=, exact=site|port|ip|| , all=|||, action=||||match, log=||||!pcap|, apply to=dstip||||, precedence=3" ) ,
" failed to parse rule: %s " , s ) ;
" failed to parse rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
close ( 2 ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
s = filter_str ( opts - > filter ) ;
s = filter_str ( opts - > filter ) ;
fail_unless ( ! strcmp ( s , " filter=> \n "
fail_unless ( ! strcmp ( s , " filter=> \n "
" userkeyword_filter-> \n "
" userkeyword_filter_exact-> \n "
" user_filter-> \n "
" userkeyword_filter_substr-> \n "
" keyword_filter-> \n "
" user_filter_exact-> \n "
" user_filter_substr-> \n "
" keyword_filter_exact-> \n "
" keyword_filter_substr-> \n "
" all_user_filter-> \n "
" all_user_filter-> \n "
" ip: \n "
" ip_filter_exact-> \n "
" sni: \n "
" ip 0 192.168.0.2 (exact)= \n "
" cn: \n "
" ip exact: \n "
" host: \n "
" 0: 192.168.0.4 (exact, action=||||, log=|||||, precedence=0) \n "
" uri: \n "
" port exact: \n "
" ip_filter-> \n "
" ip 0 192.168.0.2= \n "
" ip: \n "
" 0: 192.168.0.3 (exact, action=||||, log=|||||, precedence=0) \n "
" port: \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 192.168.0. 4 (exact, action=||||, log=|||||, precedence=0)\n "
" 1: 192.168.0.3 (exact, action=||||, log=|||||, precedence=0) \n "
" port :\n "
" port exact: \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" sni: \n "
" ip 1 192.168.0.1 (exact)= \n "
" cn: \n "
" ip exact: \n "
" host: \n "
" 0: 192.168.0.4 (exact, action=||||, log=|||||, precedence=0) \n "
" uri: \n "
" port exact: \n "
" ip 1 192.168.0.1= \n "
" ip: \n "
" 0: 192.168.0.3 (exact, action=||||, log=|||||, precedence=0) \n "
" port: \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 192.168.0. 4 (exact, action=||||, log=|||||, precedence=0)\n "
" 1: 192.168.0.3 (exact, action=||||, log=|||||, precedence=0) \n "
" port :\n "
" port exact: \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 0: 80 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" 1: 443 (exact, action=||||match, log=|!master|||!pcap|, precedence=3) \n "
" sni: \n "
" ip_filter_substr-> \n "
" cn: \n "
" all_filter-> \n " ) , " failed to translate rule: %s " , s ) ;
" host: \n "
" uri: \n "
" all_filter-> \n "
" ip: \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n " ) , " failed to translate rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
opts_free ( opts ) ;
opts_free ( opts ) ;
@ -2075,7 +2010,9 @@ START_TEST(set_filter_rule_13)
// check errors out if we add all log actions to the macro:
// check errors out if we add all log actions to the macro:
// "../../src/check_pack.c:306: Message string too long"
// "../../src/check_pack.c:306: Message string too long"
// so use 3 log actions only
// so use 3 log actions only
s = strdup ( " $logs connect content mirror " ) ;
// Also, the compiler gives:
// warning: string length ‘ 4186’ is greater than the length ‘ 4095’ ISO C99 compilers are required to support [-Woverlength-strings]
s = strdup ( " $logs connect content " ) ;
rv = filter_macro_set ( opts , s , 0 ) ;
rv = filter_macro_set ( opts , s , 0 ) ;
fail_unless ( rv = = 0 , " failed to set macro " ) ;
fail_unless ( rv = = 0 , " failed to set macro " ) ;
free ( s ) ;
free ( s ) ;
@ -2089,87 +2026,60 @@ START_TEST(set_filter_rule_13)
s = filter_rule_str ( opts - > filter_rules ) ;
s = filter_rule_str ( opts - > filter_rules ) ;
fail_unless ( ! strcmp ( s ,
fail_unless ( ! strcmp ( s ,
" filter rule 0: site=site1, exact, port=, , ip=, user=root, keyword=desc1, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 0: site=site1, port=, ip=, user=root, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 1: site=site1, exact, port=, , ip=, user=root, keyword=desc1, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 1: site=site1, port=, ip=, user=root, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 2: site=site1, exact, port=, , ip=, user=root, keyword=desc1, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 \n "
" filter rule 2: site=site2, port=, ip=, user=root, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 3: site=site2, exact, port=, , ip=, user=root, keyword=desc1, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 3: site=site2, port=, ip=, user=root, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 4: site=site2, exact, port=, , ip=, user=root, keyword=desc1, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 4: site=site1, port=, ip=, user=root, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 5: site=site2, exact, port=, , ip=, user=root, keyword=desc1, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 \n "
" filter rule 5: site=site1, port=, ip=, user=root, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 6: site=site1, exact, port=, , ip=, user=root, keyword=desc2, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 6: site=site2, port=, ip=, user=root, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 7: site=site1, exact, port=, , ip=, user=root, keyword=desc2, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 7: site=site2, port=, ip=, user=root, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 8: site=site1, exact, port=, , ip=, user=root, keyword=desc2, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 \n "
" filter rule 8: site=site1, port=, ip=, user=daemon, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 9: site=site2, exact, port=, , ip=, user=root, keyword=desc2, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 9: site=site1, port=, ip=, user=daemon, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 10: site=site2, exact, port=, , ip=, user=root, keyword=desc2, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 10: site=site2, port=, ip=, user=daemon, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 11: site=site2, exact, port=, , ip=, user=root, keyword=desc2, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 \n "
" filter rule 11: site=site2, port=, ip=, user=daemon, keyword=desc1, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 12: site=site1, exact, port=, , ip=, user=daemon, keyword=desc1, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 12: site=site1, port=, ip=, user=daemon, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 13: site=site1, exact, port=, , ip=, user=daemon, keyword=desc1, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 13: site=site1, port=, ip=, user=daemon, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 14: site=site1, exact, port=, , ip=, user=daemon, keyword=desc1, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 \n "
" filter rule 14: site=site2, port=, ip=, user=daemon, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 15: site=site2, exact, port=, , ip=, user=daemon, keyword=desc1, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 15: site=site2, port=, ip=, user=daemon, keyword=desc2, exact=site|||user|keyword, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 " ) ,
" filter rule 16: site=site2, exact, port=, , ip=, user=daemon, keyword=desc1, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 17: site=site2, exact, port=, , ip=, user=daemon, keyword=desc1, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 \n "
" filter rule 18: site=site1, exact, port=, , ip=, user=daemon, keyword=desc2, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 19: site=site1, exact, port=, , ip=, user=daemon, keyword=desc2, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 20: site=site1, exact, port=, , ip=, user=daemon, keyword=desc2, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 \n "
" filter rule 21: site=site2, exact, port=, , ip=, user=daemon, keyword=desc2, all=|||, action=||||match, log=connect|||||, apply to=|sni|||, precedence=5 \n "
" filter rule 22: site=site2, exact, port=, , ip=, user=daemon, keyword=desc2, all=|||, action=||||match, log=|||content||, apply to=|sni|||, precedence=5 \n "
" filter rule 23: site=site2, exact, port=, , ip=, user=daemon, keyword=desc2, all=|||, action=||||match, log=|||||mirror, apply to=|sni|||, precedence=5 " ) ,
" failed to parse rule: %s " , s ) ;
" failed to parse rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
close ( 2 ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
opts - > filter = filter_set ( opts - > filter_rules ) ;
s = filter_str ( opts - > filter ) ;
s = filter_str ( opts - > filter ) ;
fail_unless ( ! strcmp ( s , " filter=> \n "
fail_unless ( ! strcmp ( s , " filter=> \n "
" userkeyword_filter-> \n "
" userkeyword_filter_exact-> \n "
" user 0 daemon= \n "
" user 0 root (exact)= \n "
" keyword 0 desc2= \n "
" keyword exact: \n "
" ip: \n "
" keyword 0 desc2 (exact)= \n "
" sni: \n "
" sni exact: \n "
" 0: site1 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" 0: site2 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" 1: site2 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" 1: site1 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" cn: \n "
" keyword 1 desc1 (exact)= \n "
" host: \n "
" sni exact: \n "
" uri: \n "
" 0: site2 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" keyword 1 desc1= \n "
" 1: site1 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" ip: \n "
" user 1 daemon (exact)= \n "
" sni: \n "
" keyword exact: \n "
" 0: site1 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" keyword 0 desc2 (exact)= \n "
" 1: site2 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" sni exact: \n "
" cn: \n "
" 0: site2 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" host: \n "
" 1: site1 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" uri: \n "
" keyword 1 desc1 (exact)= \n "
" user 1 root= \n "
" sni exact: \n "
" keyword 0 desc2= \n "
" 0: site2 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" ip: \n "
" 1: site1 (exact, action=||||match, log=connect|||content||, precedence=5) \n "
" sni: \n "
" userkeyword_filter_substr-> \n "
" 0: site1 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" user_filter_exact-> \n "
" 1: site2 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" user_filter_substr-> \n "
" cn: \n "
" keyword_filter_exact-> \n "
" host: \n "
" keyword_filter_substr-> \n "
" uri: \n "
" keyword 1 desc1= \n "
" ip: \n "
" sni: \n "
" 0: site1 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" 1: site2 (exact, action=||||match, log=connect|||content||mirror, precedence=5) \n "
" cn: \n "
" host: \n "
" uri: \n "
" user_filter-> \n "
" keyword_filter-> \n "
" all_user_filter-> \n "
" all_user_filter-> \n "
" ip: \n "
" ip_filter_exact-> \n "
" sni: \n "
" ip_filter_substr-> \n "
" cn: \n "
" all_filter-> \n " ) , " failed to translate rule: %s " , s ) ;
" host: \n "
" uri: \n "
" ip_filter-> \n "
" all_filter-> \n "
" ip: \n "
" sni: \n "
" cn: \n "
" host: \n "
" uri: \n " ) , " failed to translate rule: %s " , s ) ;
free ( s ) ;
free ( s ) ;
opts_free ( opts ) ;
opts_free ( opts ) ;