Пример #1
0
def treatip(dataset, es_ip):
    mylog = set_logger()
    full, segment, subnet = blacklist_tools.separate_ip(
        dataset)  #dataset is dict
    # match procedure
    # full match
    full_list = full.keys()
    # return fullmatchlist,type is list
    fullmatchlist = blacklist_tools.ip_full_match(full_list, es_ip)
    # segment match, segmentlist:[{ip:ipsegment},{},...]
    segmentlist = blacklist_tools.int_ip_range(segment, es_ip)
    subnet_lpm = {}
    subnet_full = {}
    sndict = {}
    sn_lte16 = {}
    # read conf file to choose the methods
    flg_lpm, flg_full = parser_config.get_method()
    if (1 == flg_lpm):
        # subnet match by lpm,subnet_lpm is match results;sndict and sn_lte16 is original subnet data
        #mylog.info('start lpm match')
        #atime=time.time()
        subnet_lpm, sndict, sn_lte16, sn_gte24 = blacklist_tools.subnet_lpm(
            subnet, es_ip)
        #ftime=time.time()-atime
        #mylog.info('times:{}'.format(ftime))
        #mylog.info('finish lpm match')
    if (1 == flg_full):
        #subnet match by zhou, parameters are snlist and es_ip
        # mylog.info('sndict size: %d'%len(sndict))
        # mylog.info('sn_lte16 size: %d' % len(sn_lte16))
        #mylog.info('start range subnet match')
        subnet_full = blacklist_tools.subnet_range_match(sn_gte24, es_ip)
        #mylog.info('finish range subnet match')
    #whitelist
    wlflg, whitepath = parser_config.get_self_filelist('whitelist')
    if (wlflg == 1):
        #get whilelist
        if (os.path.exists(whitepath)):
            filelist = get_all_file(whitepath)
            for fname in filelist:
                fpath = whitepath + fname
                #白名单读取方式不一样, whitedata is dict
                whitedata = blacklist_tools.load_whitelist(fpath)
                #filter procedure
                fullmatchlist, segmentlist, subnet_lpm, subnet_full = blacklist_tools.whitelist_filter(
                    fullmatchlist, segmentlist, subnet_lpm, subnet_full,
                    whitedata)
        else:
            mylog.warn('[mal_ip] Match_insert warn: no self_whitelist_path')

    # return match results
    return fullmatchlist, segmentlist, subnet_lpm, subnet_full
Пример #2
0
def treatip(dataset, es_ip):
    full, segment, subnet = treat_ip.separate_ip(dataset)
    # match procedure
    # full match
    full_list = full.keys()
    # return fullmatchlist
    fullmatchlist = treat_ip.ip_full_match(full_list, es_ip)
    # segment match, segmentlist:[{},{},...]
    segmentlist = treat_ip.int_ip_range(segment, es_ip)
    subnet_lpm = {}
    subnet_full = {}
    sndict = {}
    sn_lte16 = {}
    # read conf file to choose the methods
    flg_lpm, flg_full = parser_config.get_method()
    if (1 == flg_lpm):
        # subnet match by lpm
        subnet_lpm, sndict, sn_lte16 = subnet_range.subnet_lpm(subnet, es_ip)
    if (1 == flg_full):
        #subnet match by zhou, parameters are snlist and es_ip
        subnet_full = subnet_range.subnet_range_match(sndict, sn_lte16, es_ip)

    return fullmatchlist, segmentlist, subnet_lpm, subnet_full