added multiple variables management and fixed equal filter bug

CHANGELOG.md

@@ -1,3 +1,9 @@
+## 2.3.x
+### 2.3.0
+#### Changes
+* Added multiple variables management
+#### Bugfix
+* Fixed bug in equal filter about upper and lower case
 ## 2.2.x
 ### 2.2.9
 #### Bugfix

routing_test.py

@@ -3,6 +3,7 @@
 import os
 import unittest
 
+from IPy import IP
 from routingfilter.filters import filters
 from routingfilter.routing import Routing
 
@@ -385,6 +386,17 @@ def test_variables_list_more_elements(self):
         )
         self.assertTrue(self.routing.match(self.test_event_4))
 
+    def test_multiple_variables_list(self):
+        self.routing.load_from_dicts([load_test_data("test_rule_33_network_multiple_variables")], variables={"$HOME_NET": ["192.168.1.0/24"]})
+        self.assertDictEqual(self.routing.variables, {"$HOME_NET": ["192.168.1.0/24"]})
+        values = self.routing.streams._ruleManagers["ip_traffic"]._rules[0]._filters[0]._value
+        self.assertEqual([IP("192.168.1.0/24"), IP("10.0.0.1")], values)
+        self.assertTrue(self.routing.match(self.test_event_4))
+
+    def test_rule_upper_case_value(self):
+        self.routing.load_from_dicts([load_test_data("test_rule_34_upper_case")])
+        self.assertTrue(self.routing.match(load_test_data("test_event_upper_case_value")))
+
     def test_rule_in_routing_history(self):
         rule = {
             "streams": {

routingfilter/filters/filters.py

@@ -93,7 +93,7 @@ def __init__(self, key, value):
     def _check_value(self) -> Exception | NoReturn:
         tmp = []
         for value in self._value:
-            value = value.lower() if isinstance(value, str) else str(value)
+            value = str(value).lower()
             tmp.append(value)
         self._value = tmp
 
@@ -110,7 +110,7 @@ def match(self, event: DictQuery):
             event_value = event.get(key, [])
             event_value = event_value if isinstance(event_value, list) else [event_value]
             for value in event_value:
-                value = value.lower() if isinstance(value, str) else str(value)
+                value = str(value).lower()
                 if value in self._value:
                     return True
         return False
@@ -245,6 +245,7 @@ def _check_keyword(self, value: str) -> bool:
         :return: true or false
         :rtype: bool
         """
+        value = value.lower()
         for keyword in self._value:
             if keyword in value.lower():
                 return True

routingfilter/routing.py

@@ -210,6 +210,8 @@ def _substitute_variables(self, values: str) -> List | str:
                 if not isinstance(self.variables[value], list):
                     self.variables[value] = [self.variables[value]]
                 variable_values.extend(self.variables[value])
+            elif not value.startswith("$"):
+                variable_values.append(value)
         if variable_values:
             res = variable_values
         else:

setup.py

@@ -5,7 +5,7 @@
 
 setup(
     name="routingfilter",
-    version="2.2.9",
+    version="2.3.0",
     packages=find_packages(include=["routingfilter", "routingfilter.*"]),
     include_package_data=True,
     install_requires=["IPy~=1.1", "macaddress~=2.0.2"],

test_data/test_event_upper_case_value.json

@@ -0,0 +1,10 @@
+{
+    "tags": ["mountain_bike", "city_bike"],
+    "wheel_model": "SuperLight",
+    "is_phishing": true,
+    "gears": "1x12",
+    "suspension": "full",
+    "ip": "127.0.0.1",
+    "ip2": "100.0.0.1",
+    "price": 600
+}

test_data/test_rule_27_network_variables_list2.json

@@ -1,22 +1,25 @@
 {
-    "streams": {
-      "rules": {
-        "ip_traffic": [
-          {
-            "filters": [
-              {
-                "type": "NETWORK",
-                "key": "src_addr",
-                "value": ["$INTERNAL_IPS", "$HOME_NET"]
-              }
-            ],
-            "streams": {
-              "Workshop": {
-                "workers_needed": 1
-              }
+  "streams": {
+    "rules": {
+      "ip_traffic": [
+        {
+          "filters": [
+            {
+              "type": "NETWORK",
+              "key": "src_addr",
+              "value": [
+                "$INTERNAL_IPS",
+                "$HOME_NET"
+              ]
+            }
+          ],
+          "streams": {
+            "Workshop": {
+              "workers_needed": 1
             }
           }
-        ]
-      }
+        }
+      ]
     }
-  }
+  }
+}

test_data/test_rule_33_network_multiple_variables.json

@@ -0,0 +1,25 @@
+{
+  "streams": {
+    "rules": {
+      "ip_traffic": [
+        {
+          "filters": [
+            {
+              "type": "NETWORK",
+              "key": "src_addr",
+              "value": [
+                "$HOME_NET",
+                "10.0.0.1"
+              ]
+            }
+          ],
+          "streams": {
+            "Workshop": {
+              "workers_needed": 1
+            }
+          }
+        }
+      ]
+    }
+  }
+}

test_data/test_rule_34_upper_case.json

@@ -0,0 +1,38 @@
+{
+  "streams": {
+    "rules": {
+      "city_bike": [
+        {
+          "filters": [
+            {
+              "type": "EQUALS",
+              "key": [
+                "wheel_model"
+              ],
+              "value": [
+                "sUPerLight"
+              ]
+            },
+            {
+              "type": "EQUALS",
+              "key": "is_phishing",
+              "value": [
+                "TRUE"
+              ]
+            },
+            {
+              "type": "EQUALS",
+              "key": "price",
+              "value": [
+                600
+              ]
+            }
+          ],
+          "streams": {
+          }
+        }
+      ]
+    }
+  }
+}
+