dca_interface  6.3.4
IP Reputation

Introduction

The IP Reputation Classification Package.

Java

On some linux platforms (e.g. RedHat 6 and RedHat 7) we have a java compatible JNI interface available which offers nearly the same functionality as the C++ interface described below. Information on how to use the JNI interface is shown in one of the IPR classification samples.

Global / Generic

The IPR (IP Reputation Classification) package analyzes IP addresses (given as IPv4 or IPv6), and returns matching categories and corresponding category values. The classification result helps to define whether a given IP address has a good or bad reputation.

The results can be used to block unwanted connections to or from IP addresses with a bad reputation.

The IPR classification returns a set of matched categories and corresponding values. The following categories are currently supported:

In future versions the following categories may also be supported:

The interpretation of the value for a category depends on the category type. If the category has associated enumeration items, the category value will be an enumeration value, otherwise the category value will be an integer.

An enumeration value refers to a unique enumerable object. Each enumerable object has a localized name and id. Enumeration objects are currently only supported for the Geo Location category. Examples of enumerable objects would be specific Geo Locations, eg "Greenland", "Western Sahara".

If the category has no associated enumeration items (for example, Spam), the category value will be an integer. The value will lie in the range 0 - 100, and denotes a percentage value reputation for the particular catgegory.

An instance of the package must first be created using dca_ipr::IprClassification::create().

IP addresses can be classified using the dca_ipr::IprClassifier class.

A dca_ipr::Ip object must first be created with a given IP address.

The IprClassifer analyzes the provided data and returns a classification as a dca_ipr::IprClassificationResults object.

The IPR classification requires a connection to a IPR signature database.

For enumeration purposes a dca_ipr::IprCategoriesInfo class can be used. It can be obtained from the IprClassification class.

See also
dca::DbConnection, dca_ipr::IprClassification

Classes

class  dca_ipr::IprCategories
 Definition of a container class for IprCategory objects. More...
 
class  dca_ipr::IprCategoriesInfo
 Container class for all IPR enumeration objects. More...
 
class  dca_ipr::IprCategory
 The IprCategory class contains information for a single category. An IP address can be assigned to one or more categories. More...
 
struct  dca_ipr::IprClassifierOptions
 Sets up options for the IPR classification. More...
 
class  dca_ipr::IprClassification
 Definition of the IprClassification class. More...
 
struct  dca_ipr::IprClassificationResult
 The result item of a IPR classification. More...
 
class  dca_ipr::IprClassificationResults
 Definition of the IprClassificationResults class. More...
 
class  dca_ipr::IprClassifier
 Defintion of the IprClassifier class. More...
 
class  dca_ipr::IprEnum
 The IprEnum class describes a single enumerable item, for example the Geo Location "Greenland". More...
 
class  dca_ipr::IprEnums
 Definition of a container class for IprEnum objects. More...
 
class  dca_ipr::Ip
 Definition of the Ip class. More...
 
class  dca_ipr::Ipv4
 Definition of the Ipv4 class. More...
 
class  dca_ipr::Ipv6
 Definition of the Ipv6 class. More...
 
class  dca_ipr::IprLocale
 Encapsulation of a locale class, which allows access to the language id and the display name of locale definitions. More...
 
class  dca_ipr::IprLocales
 Definition of a container class for IprLocale objects. More...
 

Files

file  dca_ipr_classification.h
 Package header file for the IPR (IP Reputation) Classification Package.
 
file  ipr_base.h
 Contains type definitions used in the IPR package.
 
file  ipr_categories.h
 Container class for IprCategory objects.
 
file  ipr_categoriesinfo.h
 Container class for all IPR enumeration objects.
 
file  ipr_category.h
 Definition of the IprCategory class.
 
file  ipr_classification.h
 Defintion of the IprClassification class.
 
file  ipr_classification_result.h
 Definition of a IprClassificationResult.
 
file  ipr_classification_results.h
 Definition of the IprClassificationResults class.
 
file  ipr_classifier.h
 Defintion of the IprClassifier class.
 
file  ipr_enum.h
 Definition of the IprEnum class.
 
file  ipr_enums.h
 Container class for IprEnum objects.
 
file  ipr_ipdata.h
 Definition of the Ip class.
 
file  ipr_locale.h
 Encapsulates a single Locale as defined in the IPR categories XML schema.
 
file  ipr_locales.h
 Container class for IPR locale objects.
 

Typedefs

typedef int dca_ipr::DCA_ENUM_ID_TYPE
 Id type for IprEnum class.
 

Functions

bool dca_ipr::operator== (const IprClassificationResult &aIprClassificationResult, const IprClassificationResult &bIprClassificationResult)
 Definition of the comparision operator as an external function. More...
 
bool dca_ipr::operator!= (const IprClassificationResult &aIprClassificationResult, const IprClassificationResult &bIprClassificationResult)
 Definition of the inequality operator as an external function. More...
 

Variables

const DbType dca_ipr::DBT_Ipr
 Used to specify an IP Classification database when creating a dca::DbConnection instance.
 
IprCategory dca_ipr::NullIprCategory
 Defines a constant unassigned IprCategory you can use for checks. if( myIprCategory == NullIprCategory ) --> myIprCategory is not assigned yet!
 
IprEnum dca_ipr::NullIprEnum
 Defines a constant unassigned IprEnum you can use for checks. if( myIprEnum == NullIprEnum ) --> myIprEnum is not assigned yet!
 

Function Documentation

◆ operator==()

bool dca_ipr::operator== ( const IprClassificationResult aIprClassificationResult,
const IprClassificationResult bIprClassificationResult 
)

Definition of the comparision operator as an external function.

Parameters
[in]aIprClassificationResultFirst value to compare.
[in]bIprClassificationResultSecond value to compare
Returns
true if categoryId and value of the two parameters are identical

◆ operator!=()

bool dca_ipr::operator!= ( const IprClassificationResult aIprClassificationResult,
const IprClassificationResult bIprClassificationResult 
)

Definition of the inequality operator as an external function.

Parameters
[in]aIprClassificationResultFirst value to compare.
[in]bIprClassificationResultSecond value to compare
Returns
true if categoryId and value of the two parameters are not identical