Adds capture action to RBL

Felipe Zimmerle · Felipe Zimmerle · commit 0f361b70653c · 2018-03-09T12:49:12.000-03:00
diff --git a/CHANGES b/CHANGES
@@ -1,6 +1,8 @@
 v3.0.x - YYYY-MMM-DD (To be released)
 -------------------------------------
 
+ - Adds capture action to rbl
+   [Issue #1698 - @zimmerle]
  - Adds capture action to verifyCC
    [Issue #1698 - @michaelgranzow-avi, @zimmerle]
  - Adds capture action to verifySSN
diff --git a/src/operators/rbl.cc b/src/operators/rbl.cc
@@ -196,9 +196,11 @@ void Rbl::furtherInfo(struct sockaddr_in *sin, std::string ipStr,
 }
 
 
-bool Rbl::evaluate(Transaction *transaction, const std::string &ipStr) {
+bool Rbl::evaluate(Transaction *t, Rule *rule,
+        const std::string& ipStr,
+        std::shared_ptr<RuleMessage> ruleMessage) {
     struct addrinfo *info = NULL;
-    std::string host = mapIpToAddress(ipStr, transaction);
+    std::string host = mapIpToAddress(ipStr, t);
     int rc = 0;
 
     if (host.empty()) {
@@ -211,15 +213,24 @@ bool Rbl::evaluate(Transaction *transaction, const std::string &ipStr) {
         if (info != NULL) {
             freeaddrinfo(info);
         }
-        debug(transaction, 5, "RBL lookup of " + ipStr + " failed.");
+        debug(t, 5, "RBL lookup of " + ipStr + " failed.");
         return false;
     }
 
     struct sockaddr *addr = info->ai_addr;
     struct sockaddr_in *sin = (struct sockaddr_in *) addr;
-    furtherInfo(sin, ipStr, transaction);
+    furtherInfo(sin, ipStr, t);
 
     freeaddrinfo(info);
+    if (rule && t
+        && rule->getActionsByName("capture").size() > 0) {
+        t->m_collections.m_tx_collection->storeOrUpdateFirst(
+        "0", std::string(ipStr));
+#ifndef NO_LOGS
+        t->debug(7, "Added RXL match TX.0: " + \
+            std::string(ipStr));
+#endif
+    }
 
     return true;
 }
diff --git a/src/operators/rbl.h b/src/operators/rbl.h
@@ -75,7 +75,9 @@ class Rbl : public Operator {
                 m_provider = RblProvider::httpbl;
             }
         }
-    bool evaluate(Transaction *transaction, const std::string  &str) override;
+    bool evaluate(Transaction *transaction, Rule *rule,
+        const std::string& input,
+        std::shared_ptr<RuleMessage> ruleMessage) override;
 
     std::string mapIpToAddress(std::string ipStr, Transaction *trans);
 

Original file line number	Diff line number	Diff line change
`@@ -75,7 +75,9 @@ class Rbl : public Operator {`
`75`	`75`	`m_provider = RblProvider::httpbl;`
`76`	`76`	`}`
`77`	`77`	`}`
`78`		`- bool evaluate(Transaction *transaction, const std::string &str) override;`
	`78`	`+ bool evaluate(Transaction transaction, Rule rule,`
	`79`	`+ const std::string& input,`
	`80`	`+ std::shared_ptr<RuleMessage> ruleMessage) override;`
`79`	`81`
`80`	`82`	`std::string mapIpToAddress(std::string ipStr, Transaction *trans);`
`81`	`83`