Renaming to 'Blacklisted Client Contact' and 'Blacklisted Server Cont…

…act'. (ntop#8354)

include/flow_alerts/BlacklistClientContactAlert.h → include/flow_alerts/BlacklistedClientContactAlert.h

@@ -24,18 +24,18 @@
 
 #include "ntop_includes.h"
 
-class BlacklistClientContactAlert : public FlowAlert {
+class BlacklistedClientContactAlert : public FlowAlert {
  private:
   ndpi_serializer* getAlertJSON(ndpi_serializer* serializer);
 
  public:
   static FlowAlertType getClassType() {
-    return {flow_alert_blacklist_client_contact, alert_category_security};
+    return {flow_alert_blacklisted_client_contact, alert_category_security};
   }
   static u_int8_t getDefaultScore() { return SCORE_LEVEL_NOTICE; };
 
-  BlacklistClientContactAlert(FlowCheck* c, Flow* f) : FlowAlert(c, f) {};
-  ~BlacklistClientContactAlert(){};
+  BlacklistedClientContactAlert(FlowCheck* c, Flow* f) : FlowAlert(c, f) {};
+  ~BlacklistedClientContactAlert(){};
 
   bool autoAck() const { return false; };
 

include/flow_alerts/BlacklistServerContactAlert.h → include/flow_alerts/BlacklistedServerContactAlert.h

@@ -24,18 +24,18 @@
 
 #include "ntop_includes.h"
 
-class BlacklistServerContactAlert : public FlowAlert {
+class BlacklistedServerContactAlert : public FlowAlert {
  private:
   ndpi_serializer* getAlertJSON(ndpi_serializer* serializer);
 
  public:
   static FlowAlertType getClassType() {
-    return {flow_alert_blacklist_server_contact, alert_category_security};
+    return {flow_alert_blacklisted_server_contact, alert_category_security};
   }
   static u_int8_t getDefaultScore() { return SCORE_LEVEL_CRITICAL; };
 
-  BlacklistServerContactAlert(FlowCheck* c, Flow* f) : FlowAlert(c, f) {};
-  ~BlacklistServerContactAlert(){};
+  BlacklistedServerContactAlert(FlowCheck* c, Flow* f) : FlowAlert(c, f) {};
+  ~BlacklistedServerContactAlert(){};
 
   bool autoAck() const { return false; };
 

include/flow_alerts_includes.h

@@ -83,8 +83,8 @@
 #include "flow_alerts/IECInvalidTransitionAlert.h"
 #include "flow_alerts/IECInvalidCommandTransitionAlert.h"
 #include "flow_alerts/IECUnexpectedTypeIdAlert.h"
-#include "flow_alerts/BlacklistClientContactAlert.h"
-#include "flow_alerts/BlacklistServerContactAlert.h"
+#include "flow_alerts/BlacklistedClientContactAlert.h"
+#include "flow_alerts/BlacklistedServerContactAlert.h"
 
 /* Pro Alerts - do NOT use #ifdef as alerts must always be available */
 #include "flow_alerts/FlowRiskTLSUnsafeCiphersAlert.h"

include/flow_checks/BlacklistClientContact.h → include/flow_checks/BlacklistedClientContact.h

@@ -24,22 +24,22 @@
 
 #include "ntop_includes.h"
 
-class BlacklistClientContact : public FlowCheck {
+class BlacklistedClientContact : public FlowCheck {
  private:
  public:
-  BlacklistClientContact()
+  BlacklistedClientContact()
       : FlowCheck(ntopng_edition_community, false /* All interfaces */,
                   false /* Don't exclude for nEdge */,
                   false /* NOT only for nEdge */,
                   true /* has_protocol_detected */,
                   false /* has_periodic_update */, false /* has_flow_end */){};
-  ~BlacklistClientContact(){};
+  ~BlacklistedClientContact(){};
 
   bool loadConfiguration(json_object *config);
   void protocolDetected(Flow *f);
   FlowAlert *buildAlert(Flow *f);
 
-  std::string getName() const { return (std::string("blacklist_client_contact")); }
+  std::string getName() const { return (std::string("blacklisted_client_contact")); }
 };
 
 #endif /* _BLACKLIST_CLIENT_CONTACT_H_ */

include/flow_checks/BlacklistServerContact.h → include/flow_checks/BlacklistedServerContact.h

@@ -24,22 +24,22 @@
 
 #include "ntop_includes.h"
 
-class BlacklistServerContact : public FlowCheck {
+class BlacklistedServerContact : public FlowCheck {
  private:
  public:
-  BlacklistServerContact()
+  BlacklistedServerContact()
       : FlowCheck(ntopng_edition_community, false /* All interfaces */,
                   false /* Don't exclude for nEdge */,
                   false /* NOT only for nEdge */,
                   true /* has_protocol_detected */,
                   false /* has_periodic_update */, false /* has_flow_end */){};
-  ~BlacklistServerContact(){};
+  ~BlacklistedServerContact(){};
 
   bool loadConfiguration(json_object *config);
   void protocolDetected(Flow *f);
   FlowAlert *buildAlert(Flow *f);
 
-  std::string getName() const { return (std::string("blacklist_server_contact")); }
+  std::string getName() const { return (std::string("blacklisted_server_contact")); }
 };
 
 #endif /* _BLACKLIST_SERVER_CONTACT_H_ */

include/flow_checks_includes.h

@@ -84,8 +84,8 @@
 #include "flow_checks/UnexpectedSMTPServer.h"
 #include "flow_checks/WebMining.h"
 #include "flow_checks/VLANBidirectionalTraffic.h"
-#include "flow_checks/BlacklistClientContact.h"
-#include "flow_checks/BlacklistServerContact.h"
+#include "flow_checks/BlacklistedClientContact.h"
+#include "flow_checks/BlacklistedServerContact.h"
 
 #ifdef NTOPNG_PRO
 #include "flow_checks/DataExfiltration.h"

include/ntop_typedefs.h

@@ -449,11 +449,11 @@ typedef enum {
   flow_alert_dns_data_exfiltration = 6,
   flow_alert_dns_invalid_query = 7,
   flow_alert_elephant_flow = 8,
-  flow_alert_blacklist_client_contact = 9,
+  flow_alert_blacklisted_client_contact = 9,
   flow_alert_external = 10,
   flow_alert_longlived = 11,
   flow_alert_low_goodput = 12,
-  flow_alert_blacklist_server_contact = 13,
+  flow_alert_blacklisted_server_contact = 13,
   flow_alert_internals = 14,
   flow_alert_notused_3 = 15,
   flow_alert_remote_to_remote = 16,

scripts/locales/en.lua

@@ -2832,9 +2832,9 @@ local lang = {
   ["flow_checks_config"] = {
     ["blacklisted"] = "Blacklisted Flow",
     ["blacklisted_description"] = "Trigger an alert when a blacklisted host or domain is detected",
-    ["blacklist_client_contact"] = "Blacklist Client Contact",
+    ["blacklist_client_contact"] = "Blacklisted Client Contact",
     ["blacklist_client_contact_description"] = "Trigger an alert when a remote blacklisted host contacts a local host",
-    ["blacklist_server_contact"] = "Blacklist Server Contact",
+    ["blacklist_server_contact"] = "Blacklisted Server Contact",
     ["blacklist_server_contact_description"] = "Trigger an alert when a localhost contacts a remote blacklisted host",
     ["broadcast_non_udp_traffic_description"] = "Trigger an alert when an host contacts a Broadcast address using a non-UDP protocol",
     ["broadcast_non_udp_traffic_title"] = "Broadcast Non-UDP Traffic",

scripts/lua/modules/alert_definitions/flow/alert_blacklist_client_contact.lua → scripts/lua/modules/alert_definitions/flow/alert_blacklisted_client_contact.lua

@@ -12,12 +12,12 @@ local blacklist_debug = 'ntopng.debug.alerts.blacklisted_flow'
 
 -- ##############################################
 
-local alert_blacklist_client_contact = classes.class(alert)
+local alert_blacklisted_client_contact = classes.class(alert)
 
 -- ##############################################
 
-alert_blacklist_client_contact.meta = {
-    alert_key = flow_alert_keys.flow_alert_blacklist_client_contact,
+alert_blacklisted_client_contact.meta = {
+    alert_key = flow_alert_keys.flow_alert_blacklisted_client_contact,
     i18n_title = "flow_checks_config.blacklist_client_contact",
     icon = "fas fa-fw fa-exclamation",
 
@@ -30,7 +30,7 @@ alert_blacklist_client_contact.meta = {
 -- @brief Prepare an alert table used to generate the alert
 -- @param info A flow info table fetched with `flow.getBlacklistedInfo()`
 -- @return A table with the alert built
-function alert_blacklist_client_contact:init()
+function alert_blacklisted_client_contact:init()
     -- Call the parent constructor
     self.super:init()
 end
@@ -42,7 +42,7 @@ end
 -- @param alert The alert description table, including alert data such as the generating entity, timestamp, granularity, type
 -- @param alert_type_params Table `alert_type_params` as built in the `:init` method
 -- @return A human-readable string
-function alert_blacklist_client_contact.format(ifid, alert, alert_type_params)
+function alert_blacklisted_client_contact.format(ifid, alert, alert_type_params)
     local who = {}
 
     if alert_type_params["cli_blacklisted"] and alert_type_params["cli_blacklisted"] ~= "0" then
@@ -104,4 +104,4 @@ end
 
 -- #######################################################
 
-return alert_blacklist_client_contact
+return alert_blacklisted_client_contact

scripts/lua/modules/alert_definitions/flow/alert_blacklist_server_contact.lua → scripts/lua/modules/alert_definitions/flow/alert_blacklisted_server_contact.lua

@@ -12,12 +12,12 @@ local blacklist_debug = 'ntopng.debug.alerts.blacklisted_flow'
 
 -- ##############################################
 
-local alert_blacklist_server_contact = classes.class(alert)
+local alert_blacklisted_server_contact = classes.class(alert)
 
 -- ##############################################
 
-alert_blacklist_server_contact.meta = {
-    alert_key = flow_alert_keys.flow_alert_blacklist_server_contact,
+alert_blacklisted_server_contact.meta = {
+    alert_key = flow_alert_keys.flow_alert_blacklisted_server_contact,
     i18n_title = "flow_checks_config.blacklist_server_contact",
     icon = "fas fa-fw fa-exclamation",
 
@@ -30,7 +30,7 @@ alert_blacklist_server_contact.meta = {
 -- @brief Prepare an alert table used to generate the alert
 -- @param info A flow info table fetched with `flow.getBlacklistedInfo()`
 -- @return A table with the alert built
-function alert_blacklist_server_contact:init()
+function alert_blacklisted_server_contact:init()
     -- Call the parent constructor
     self.super:init()
 end
@@ -42,7 +42,7 @@ end
 -- @param alert The alert description table, including alert data such as the generating entity, timestamp, granularity, type
 -- @param alert_type_params Table `alert_type_params` as built in the `:init` method
 -- @return A human-readable string
-function alert_blacklist_server_contact.format(ifid, alert, alert_type_params)
+function alert_blacklisted_server_contact.format(ifid, alert, alert_type_params)
     local who = {}
 
     if alert_type_params["cli_blacklisted"] and alert_type_params["cli_blacklisted"] ~= "0" then
@@ -104,4 +104,4 @@ end
 
 -- #######################################################
 
-return alert_blacklist_server_contact
+return alert_blacklisted_server_contact

scripts/lua/modules/alert_keys/flow_alert_keys.lua

@@ -15,11 +15,11 @@ local flow_alert_keys = {
    flow_alert_dns_data_exfiltration                = 6,
    flow_alert_dns_invalid_query                    = 7,
    flow_alert_elephant_flow                        = 8,
-   flow_alert_blacklist_client_contact             = 9,
+   flow_alert_blacklisted_client_contact           = 9,
    flow_alert_external                             = 10,
    flow_alert_longlived                            = 11,
    flow_alert_low_goodput                          = 12,
-   flow_alert_blacklist_server_contact             = 13,
+   flow_alert_blacklisted_server_contact           = 13,
    flow_alert_internals                            = 14,
    flow_alert_notused_3                            = 15, -- No longer used, can be recycled
    flow_alert_remote_to_remote                     = 16,

scripts/lua/modules/check_definitions/flow/blacklist_client_contact.lua → scripts/lua/modules/check_definitions/flow/blacklisted_client_contact.lua

@@ -14,7 +14,7 @@ local script = {
    category = checks.check_categories.security, 
    default_enabled = true,
 
-   alert_id = flow_alert_keys.flow_alert_blacklist_client_contact,
+   alert_id = flow_alert_keys.flow_alert_blacklisted_client_contact,
 
    gui = {
       i18n_title = "flow_checks_config.blacklist_client_contact",

scripts/lua/modules/check_definitions/flow/blacklist_server_contact.lua → scripts/lua/modules/check_definitions/flow/blacklisted_server_contact.lua

@@ -14,7 +14,7 @@ local script = {
    category = checks.check_categories.security, 
    default_enabled = true,
 
-   alert_id = flow_alert_keys.flow_alert_blacklist_server_contact,
+   alert_id = flow_alert_keys.flow_alert_blacklisted_server_contact,
 
    gui = {
       i18n_title = "flow_checks_config.blacklist_server_contact",

src/FlowAlertsLoader.cpp

@@ -121,10 +121,10 @@ FlowAlertsLoader::FlowAlertsLoader() {
                 ModbusTooManyExceptionsAlert::getDefaultScore());
   registerAlert(ModbusInvalidTransitionAlert::getClassType(),
                 ModbusInvalidTransitionAlert::getDefaultScore());
-  registerAlert(BlacklistClientContactAlert::getClassType(),
-                BlacklistClientContactAlert::getDefaultScore());
-  registerAlert(BlacklistServerContactAlert::getClassType(),
-                BlacklistServerContactAlert::getDefaultScore());
+  registerAlert(BlacklistedClientContactAlert::getClassType(),
+                BlacklistedClientContactAlert::getDefaultScore());
+  registerAlert(BlacklistedServerContactAlert::getClassType(),
+                BlacklistedServerContactAlert::getDefaultScore());
 }
 
 /* **************************************************** */

src/FlowChecksLoader.cpp

@@ -127,8 +127,8 @@ void FlowChecksLoader::registerChecks() {
   if ((fcb = new UnexpectedSMTPServer())) registerCheck(fcb);
   if ((fcb = new WebMining())) registerCheck(fcb);
   if ((fcb = new VLANBidirectionalTraffic())) registerCheck(fcb);
-  if ((fcb = new BlacklistClientContact())) registerCheck(fcb);
-  if ((fcb = new BlacklistServerContact())) registerCheck(fcb);
+  if ((fcb = new BlacklistedClientContact())) registerCheck(fcb);
+  if ((fcb = new BlacklistedServerContact())) registerCheck(fcb);
 
 
 #ifdef NTOPNG_PRO

src/flow_alerts/BlacklistClientContactAlert.cpp → src/flow_alerts/BlacklistedClientContactAlert.cpp

@@ -21,7 +21,7 @@
 
 #include "flow_checks_includes.h"
 
-ndpi_serializer* BlacklistClientContactAlert::getAlertJSON(ndpi_serializer* serializer) {
+ndpi_serializer* BlacklistedClientContactAlert::getAlertJSON(ndpi_serializer* serializer) {
   Flow* f = getFlow();
 
   if (serializer == NULL) return NULL;

src/flow_alerts/BlacklistServerContactAlert.cpp → src/flow_alerts/BlacklistedServerContactAlert.cpp

@@ -21,7 +21,7 @@
 
 #include "flow_checks_includes.h"
 
-ndpi_serializer* BlacklistServerContactAlert::getAlertJSON(ndpi_serializer* serializer) {
+ndpi_serializer* BlacklistedServerContactAlert::getAlertJSON(ndpi_serializer* serializer) {
   Flow* f = getFlow();
 
   if (serializer == NULL) return NULL;

src/flow_checks/BlacklistClientContact.cpp → src/flow_checks/BlacklistedClientContact.cpp

@@ -24,13 +24,13 @@
 
 /* ***************************************************** */
 
-void BlacklistClientContact::protocolDetected(Flow *f) {
+void BlacklistedClientContact::protocolDetected(Flow *f) {
   Host* cli = f->get_cli_host();
   Host* srv = f->get_srv_host();
 
   if (cli && srv) {
     if ((f->isBlacklistedClient()) && !(cli->isLocalHost()) && (srv->isLocalHost())) {
-      FlowAlertType alert_type = BlacklistClientContactAlert::getClassType();
+      FlowAlertType alert_type = BlacklistedClientContactAlert::getClassType();
       u_int8_t c_score, s_score;
       risk_percentage cli_score_pctg = CLIENT_FAIR_RISK_PERCENTAGE;
 
@@ -43,10 +43,10 @@ void BlacklistClientContact::protocolDetected(Flow *f) {
 
 /* ***************************************************** */
 
-FlowAlert *BlacklistClientContact::buildAlert(Flow *f) {
+FlowAlert *BlacklistedClientContact::buildAlert(Flow *f) {
   bool is_server_bl = f->isBlacklistedServer();
   bool is_client_bl = f->isBlacklistedClient();
-  BlacklistClientContactAlert *alert = new (std::nothrow) BlacklistClientContactAlert(this, f);
+  BlacklistedClientContactAlert *alert = new (std::nothrow) BlacklistedClientContactAlert(this, f);
 
   if (alert) {
     /*
@@ -81,7 +81,7 @@ FlowAlert *BlacklistClientContact::buildAlert(Flow *f) {
   }
 */
 
-bool BlacklistClientContact::loadConfiguration(json_object *config) {
+bool BlacklistedClientContact::loadConfiguration(json_object *config) {
   FlowCheck::loadConfiguration(config); /* Parse parameters in common */
 
   /* Parse additional parameters */

src/flow_checks/BlacklistServerContact.cpp → src/flow_checks/BlacklistedServerContact.cpp

@@ -24,13 +24,13 @@
 
 /* ***************************************************** */
 
-void BlacklistServerContact::protocolDetected(Flow *f) {
+void BlacklistedServerContact::protocolDetected(Flow *f) {
   Host* cli = f->get_cli_host();
   Host* srv = f->get_srv_host();
 
   if (cli && srv) {
     if ((f->isBlacklistedServer()) && (cli->isLocalHost()) && !(srv->isLocalHost())) {
-      FlowAlertType alert_type = BlacklistServerContactAlert::getClassType();
+      FlowAlertType alert_type = BlacklistedServerContactAlert::getClassType();
       u_int8_t c_score, s_score;
       risk_percentage cli_score_pctg = CLIENT_HIGH_RISK_PERCENTAGE;
 
@@ -43,10 +43,10 @@ void BlacklistServerContact::protocolDetected(Flow *f) {
 
 /* ***************************************************** */
 
-FlowAlert *BlacklistServerContact::buildAlert(Flow *f) {
+FlowAlert *BlacklistedServerContact::buildAlert(Flow *f) {
   bool is_server_bl = f->isBlacklistedServer();
   bool is_client_bl = f->isBlacklistedClient();
-  BlacklistServerContactAlert *alert = new (std::nothrow) BlacklistServerContactAlert(this, f);
+  BlacklistedServerContactAlert *alert = new (std::nothrow) BlacklistedServerContactAlert(this, f);
 
   if (alert) {
     /*
@@ -81,7 +81,7 @@ FlowAlert *BlacklistServerContact::buildAlert(Flow *f) {
   }
 */
 
-bool BlacklistServerContact::loadConfiguration(json_object *config) {
+bool BlacklistedServerContact::loadConfiguration(json_object *config) {
   FlowCheck::loadConfiguration(config); /* Parse parameters in common */
 
   /* Parse additional parameters */