From c48f8e5782d45a8c4b64a53cb887c4dae885b575 Mon Sep 17 00:00:00 2001 From: Daniel Date: Wed, 20 May 2020 14:53:14 +0200 Subject: [PATCH] Fix endpoint scope --- profile/endpoints/endpoint-scopes.go | 28 +++++++++++----------------- profile/endpoints/endpoint.go | 2 +- profile/endpoints/endpoint_test.go | 6 ++++++ profile/endpoints/endpoints_test.go | 2 +- 4 files changed, 19 insertions(+), 19 deletions(-) diff --git a/profile/endpoints/endpoint-scopes.go b/profile/endpoints/endpoint-scopes.go index 1c73aebe..ea22126d 100644 --- a/profile/endpoints/endpoint-scopes.go +++ b/profile/endpoints/endpoint-scopes.go @@ -29,10 +29,6 @@ type EndpointScope struct { scopes uint8 } -// Localhost -// LAN -// Internet - // Matches checks whether the given entity matches this endpoint definition. func (ep *EndpointScope) Matches(entity *intel.Entity) (EPResult, Reason) { if entity.IP == nil { @@ -64,16 +60,14 @@ func (ep *EndpointScope) Matches(entity *intel.Entity) (EPResult, Reason) { // Scopes returns the string representation of all scopes. func (ep *EndpointScope) Scopes() string { - if ep.scopes == 3 || ep.scopes > 4 { - // single scope - switch ep.scopes { - case scopeLocalhost: - return scopeLocalhostName - case scopeLAN: - return scopeLANName - case scopeInternet: - return scopeInternetName - } + // single scope + switch ep.scopes { + case scopeLocalhost: + return scopeLocalhostName + case scopeLAN: + return scopeLANName + case scopeInternet: + return scopeInternetName } // multiple scopes @@ -99,11 +93,11 @@ func parseTypeScope(fields []string) (Endpoint, error) { for _, val := range strings.Split(strings.ToLower(fields[1]), ",") { switch val { case scopeLocalhostMatcher: - ep.scopes &= scopeLocalhost + ep.scopes ^= scopeLocalhost case scopeLANMatcher: - ep.scopes &= scopeLAN + ep.scopes ^= scopeLAN case scopeInternetMatcher: - ep.scopes &= scopeInternet + ep.scopes ^= scopeInternet default: return nil, nil } diff --git a/profile/endpoints/endpoint.go b/profile/endpoints/endpoint.go index 4e73d1d4..2e0a4e85 100644 --- a/profile/endpoints/endpoint.go +++ b/profile/endpoints/endpoint.go @@ -201,7 +201,7 @@ func invalidDefinitionError(fields []string, msg string) error { return fmt.Errorf(`invalid endpoint definition: "%s" - %s`, strings.Join(fields, " "), msg) } -func parseEndpoint(value string) (endpoint Endpoint, err error) { +func parseEndpoint(value string) (endpoint Endpoint, err error) { //nolint:gocognit fields := strings.Fields(value) if len(fields) < 2 { return nil, fmt.Errorf(`invalid endpoint definition: "%s"`, value) diff --git a/profile/endpoints/endpoint_test.go b/profile/endpoints/endpoint_test.go index d8aabee8..21ef057e 100644 --- a/profile/endpoints/endpoint_test.go +++ b/profile/endpoints/endpoint_test.go @@ -43,6 +43,12 @@ func TestEndpointParsing(t *testing.T) { testParsing(t, "+ AS1234") testParsing(t, "+ AS12345") + // network scope + testParsing(t, "+ Localhost") + testParsing(t, "+ LAN") + testParsing(t, "+ Internet") + testParsing(t, "+ Localhost,LAN,Internet") + // protocol and ports testParsing(t, "+ * TCP/1-1024") testParsing(t, "+ * */DNS") diff --git a/profile/endpoints/endpoints_test.go b/profile/endpoints/endpoints_test.go index ad23d352..dbc3119d 100644 --- a/profile/endpoints/endpoints_test.go +++ b/profile/endpoints/endpoints_test.go @@ -358,7 +358,7 @@ func TestEndpointMatching(t *testing.T) { // Lists - ep, err = parseEndpoint("+ L:A,B,C") + _, err = parseEndpoint("+ L:A,B,C") if err != nil { t.Fatal(err) }