def _eval_send_exabgp(self, message, source=None, indicator=None, value=None):
indicators = [indicator]
if '-' in indicator:
a1, a2 = indicator.split('-', 1)
indicators = map(str, netaddr.iprange_to_cidrs(a1, a2))
# Already in our format? Just convert it to IPNetwork object
elif '/' in indicator:
indicators = map(str, netaddr.iprange_to_cidrs(indicator, indicator))
# Single host one per line
elif re.match(r"^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$", indicator):
indicators = map(str, netaddr.iprange_to_cidrs(indicator, indicator))
try:
for i in indicators:
value['__indicator'] = i
now = utc_millisec()
age_out = now+self.age_out*1000
try:
feed_community = value['feed_community']
except:
feed_community = self.exabgp_defcomm
value['_age_out'] = age_out
values = { 'command': str(message) + ' route ' + i + ' next-hop self community ' + feed_community }
data = urllib.urlencode(values)
req = urllib2.Request('http://' + self.exabgp_host + ':' + str(self.exabgp_port))
req.add_header('Content-Type', 'application/x-www-form-urlencoded')
# req.add_header('Content-Type', 'application/json')
response = urllib2.urlopen(req, data)
#LOG.info("%s: %s", str(message).upper(), i)
self.statistics['message.sent'] += 1
except:
LOG.error("%s: %s", str(message).upper(), i)
pass
def getCIDRFromRanges(str_ranges):
str_ranges = str_ranges.replace(' ', '')
ranges = []
ips = []
splitted_ranges = str_ranges.split(",")
for i in splitted_ranges:
ranges.append(i.split("-"))
for i in ranges:
if len(ranges[ranges.index(i)]) == 1:
ips.append(netaddr.iprange_to_cidrs(i[0], i[0]))
else:
ips.append(netaddr.iprange_to_cidrs(i[0], i[1]))
return ips
def CheckForScanZoneOverlaps(scconn):
DEBUG = False
if DEBUG:
print "Checking for overlaps in any scan zones"
print "This are not necessarily a problem depending on your environment"
resp = scconn.get(
'zone?fields=name%2Cscanners%2CtotalScanners%2CactiveScanners%2CtotalScanners%2CmodifiedTime%2CcanUse%2CcanManage'
)
if DEBUG:
print resp
print resp.text
scanzoneranges = []
#Iterate through all the scan zones and download the IP ranges
for i in resp.json()['response']:
resp = scconn.get(
'zone/' + str(i['id']) +
'?fields=name%2Cdescription%2CipList%2CcreatedTime%2Cranges%2Cscanners%2Cname%2Cscanners%2CtotalScanners%2CactiveScanners%2CtotalScanners%2CmodifiedTime%2CcanUse%2CcanManage'
)
iplist = resp.json()['response']['ipList'].split(',')
for j in iplist:
if DEBUG:
print "IP Range in scan zone", j
#Check if the IP address is an IP range (instead of a single IP or CIDR)
hyphen = string.find(j, "-")
if (hyphen >= 0):
#If the IP address is a range, convert it to CIDR notation
if DEBUG:
print "CIDRs", netaddr.iprange_to_cidrs(
j[0:hyphen], j[hyphen + 1:])
for k in netaddr.iprange_to_cidrs(j[0:hyphen], j[hyphen + 1:]):
scanzoneranges.append([k, i])
else:
scanzoneranges.append([j, i])
#Examine all the network ranges for overlaps
#Go through all the ranges, comparing each one to all the other ranges,
for i in range(0, len(scanzoneranges)):
n1 = ipaddr.IPNetwork(scanzoneranges[i][0])
for j in range(i + 1, len(scanzoneranges)):
n2 = ipaddr.IPNetwork(scanzoneranges[j][0])
if n1.overlaps(n2):
print n1, "in scan zone \"" + str(
scanzoneranges[i][1]['name']
) + "\" overlaps with", n2, "in scan zone \"" + str(
scanzoneranges[j][1]['name']) + "\""
return (True)
def extractField(name, category, input, sev):
global success
sev = sev.strip()
if category == 'ip':
for line in StringIO(input):
if len(line.strip()) == 0:
continue
elif "#" in line.strip():
continue
elif "/" in line.strip():
tf_output.write(line.strip() + "," + name + "(" + sev + ")\n")
else:
tf_output.write(line.strip() + "/32," + name + "(" + sev + ")\n")
logging("Extract Field Complete: name=" + name + " category=" + category + " sev=" + sev)
elif category == 'range':
for line in StringIO(input):
if len(line.strip()) == 0:
continue
elif "#" in line:
continue
elif ":" in line:
reObj = re.search('(.*):([0-9]+.[0-9]+.[0-9]+.[0-9]+)-([0-9]+.[0-9]+.[0-9]+.[0-9]+).*',line.strip())
iprange_start = reObj.group(2)
iprange_end = reObj.group(3)
ipranges = list(iprange_to_cidrs(iprange_start, iprange_end))
for iprange in ipranges:
tf_output.write(str(iprange) + "," + reObj.group(1).replace(",", "") + "(" + sev + ")\n")
logging("Extract Field Complete: name=" + name + " category=" + category + " sev=" + sev)
elif category == 'col':
for line in StringIO(input):
if len(line.strip()) == 0:
continue
elif "#" in line:
continue
elif "Start" in line:
continue
else:
reObj = re.search('([0-9]+.[0-9]+.[0-9]+.[0-9]+)\s+([0-9]+.[0-9]+.[0-9]+.[0-9]+).*',line.strip())
iprange_st = reObj.group(1)
iprange_ed = reObj.group(2)
ipranges = list(iprange_to_cidrs(iprange_st, iprange_ed))
for iprange in ipranges:
tf_output.write(str(iprange) + "," + name + "(" + sev + ")\n")
logging("Extract Field Complete: name=" + name + " category=" + category + " sev=" + sev)
else:
print 'No category has defined'
logging("Extract Field Failure: No category has defined name=" + name + " category=" + category + " sev=" + sev + " input=" + input)
success = False
def main(pghost, pguser, pgpassword, pgdatabase, in_file):
db = dbHandler()
db.connectDb(pguser, pgpassword, pghost, pgdatabase)
with open(in_file, "r") as inf:
line=inf.readline()
while line:
#r=line.rstrip('\n').replace("'", "").split(',')
stripped_line=line.rstrip('\n').replace("'", "")
r = [ '{}'.format(x) for x in list(csv.reader([stripped_line], delimiter=',', quotechar='"'))[0] ]
ip_list=netaddr.iprange_to_cidrs(r[0], r[1])
addr_type = 4 if '.' in r[0] else 6
for ip in ip_list:
sql = "INSERT INTO geo_ip (family,ip,city,stateprov,country,latitude,longitude,"
sql += "timezone_offset, timezone_name, isp_name) "
sql += "values (%d, '%s', '%s', '%s', '%s', %s, %s," % (addr_type,
ip,
r[5].encode('ascii', 'ignore').decode('ascii'),
r[4].encode('ascii', 'ignore').decode('ascii'),
r[3],
r[6], r[7]);
sql += "0, 'UTC', '') "
sql += "ON CONFLICT (ip) DO UPDATE SET "
sql += "city=excluded.city, stateprov=excluded.stateprov,"
sql += "country=excluded.country, latitude=excluded.latitude, longitude=excluded.longitude;"
#LOG.info(sql)
db.queryNoResults(sql)
line=inf.readline()
db.close()
def ip_pool_range_add(start_ip, end_ip, version, ipip, masquerade):
"""
Add the range of ip addresses as CIDRs to the IP address allocation pool.
:param start_ip: The first ip address the ip range.
:param end_ip: The last ip address in the ip range.
:param version: 4 or 6
:param ipip: Use IP in IP for this pool.
:return: None
"""
if version == 6 and ipip:
print "IP in IP not supported for IPv6 pools"
sys.exit(1)
ip_range = IPRange(start_ip, end_ip)
pools = client.get_ip_pools(version)
for pool in pools:
pool_net = IPNetwork(pool.cidr)
# Reject the new ip range if any of the following are true:
# - The new ip range contains all ips of any existing pool
# - An existing pool overlaps ips with the start of the new ip range
# - An existing pool overlaps ips with the end of the new ip range
if (pool_net in ip_range or
start_ip in pool_net or
end_ip in pool_net):
print "Cannot add range - range conflicts with pool %s" % pool.cidr
sys.exit(1)
cidrs = netaddr.iprange_to_cidrs(start_ip, end_ip)
for ip_net in cidrs:
new_pool = IPPool(ip_net.cidr, ipip=ipip, masquerade=masquerade)
client.add_ip_pool(version, new_pool)
def IPRange(Range, range_temp, language):
"""
IP range string to IPNetwork type
Args:
Range: IP range string
range_temp: range_temp filename
language: language
Returns:
an array of IP range in IPNetwork type
"""
myranges_now = open(range_temp).read().rsplit()
if Range not in myranges_now:
__log_into_file(range_temp, 'a', Range + '\n', language)
if len(Range.rsplit('.')) is 7 and '-' in Range and '/' not in Range:
if len(Range.rsplit('-')) is 2:
start_ip, stop_ip = Range.rsplit('-')
if isIP(start_ip) and isIP(stop_ip):
return iprange_to_cidrs(start_ip, stop_ip)
else:
return []
else:
return []
elif len(Range.rsplit('.')) is 4 and '-' not in Range and '/' in Range:
return IPNetwork(Range)
else:
return []
else:
warn(messages(language, "skip_duplicate_target"))
return []
def parse_property_inetnum(block: str):
# IPv4
match = re.findall(
"^inetnum:[\s]*((?:\d{1,3}\.){3}\d{1,3}[\s]*-[\s]*(?:\d{1,3}\.){3}\d{1,3})",
block,
re.MULTILINE,
)
if match:
ip_start = re.findall(
"^inetnum:[\s]*((?:\d{1,3}\.){3}\d{1,3})[\s]*-[\s]*(?:\d{1,3}\.){3}\d{1,3}",
block,
re.MULTILINE,
)[0]
ip_end = re.findall(
"^inetnum:[\s]*(?:\d{1,3}\.){3}\d{1,3}[\s]*-[\s]*((?:\d{1,3}\.){3}\d{1,3})",
block,
re.MULTILINE,
)[0]
cidrs = iprange_to_cidrs(ip_start, ip_end)
return "{}".format(cidrs[0])
# IPv6
else:
match = re.findall("^inet6num:[\s]*([0-9a-fA-F:\/]{1,43})", block,
re.MULTILINE)
if match:
return match[0]
def get_subnets(host_data: dict):
"""
Get the subnets on which a given host exists.
:param dict host_data: The host data as returned by get_host().
:return: The host data with subnet_cidr and subnet_mask added and all
other IPs and subnets converted to dotted quad from hex.
:rtype: dict
"""
host_data['ip_addr'] = unhexlify_address(host_data['ip_addr'])
# If there is no start and end to the subnet we are usually dealing with
# an external host.
if host_data['subnet_start_ip_addr'] == '0' or \
host_data['subnet_end_ip_addr'] == '0':
host_data['subnet_cidr'] = \
str(netaddr.IPNetwork(host_data['ip_addr'] + '/32'))
host_data['subnet_mask'] = '255.255.255.255'
else:
host_data['subnet_start_ip_addr'] = \
unhexlify_address(host_data['subnet_start_ip_addr'])
host_data['subnet_end_ip_addr'] = \
unhexlify_address(host_data['subnet_end_ip_addr'])
subnet = netaddr.iprange_to_cidrs(host_data['subnet_start_ip_addr'],
host_data['subnet_end_ip_addr'])[0]
host_data['subnet_cidr'] = str(subnet)
host_data['subnet_netmask'] = str(subnet.netmask)
return host_data
def normalize(ip):
if '/' in ip:
return [ip]
ocets = [ocet.replace(' ','') for ocet in ip.split('.')]
if len(ocets) == 4: ocets += ocets
if len(ocets) == 7:
if (re.search('-',ocets[3])):
for i,v in enumerate(ocets[3:]):
if i == 0:
last = ocets[4]
ocets[3],ocets[4] = ocets[3].split('-')
else:
if 4+i < len(ocets):
newVal = last
last = ocets[4+i]
ocets[4+i] = newVal
else:
ocets.append(last)
if len(ocets) != 8:
return 'ERROR WITH: %s not right size %d' % ('.'.join(ocets),len(ocets))
for i,ocet in enumerate(ocets):
#is *
if (re.search('\*',ocet)):
ocets[i] = '0'
ocets[i+4] = '255'
if (re.search('-',ocets[i])):
ocets[i],ocets[i+4] = ocets[i].split('-')[0:2]
newIP = netaddr.iprange_to_cidrs('.'.join(ocets[0:4]) ,'.'.join(ocets[4:]))
return newIP
async def sendtask(self):
sql = f"""select id from {self.dbconfig['sourcetable']} {self.dbconfig['condition']} order by id desc limit 1"""
tmpresult = await self.db.execute(sql, 1)
if not tmpresult:
raise ('empty table')
self.maxid = tmpresult[0][0]
self.totalnum = self.maxid
sqlid = 1
while sqlid <= self.maxid:
if int(await self.redis.llen(self.tasklist)) > 10000:
self.progress = (sqlid - 10000) * 100 // self.maxid
if self.progress <= 0:
self.progress = 6
await asyncio.sleep(2)
continue
sql = f"""select {self.inputcolums['minip']['value']}, {self.inputcolums['maxip']['value']} from {self.dbconfig['sourcetable']} where id between {sqlid} and {sqlid+1000-1} {self.dbconfig['condition'].replace('where','and',1)}"""
result = await self.db.execute(sql, 1)
sqlid = sqlid + 1000
arr = []
for ip1, ip2 in result:
try:
tmp = netaddr.iprange_to_cidrs(
str(ipaddress.ip_address(ip1)),
str(ipaddress.ip_address(ip2)))
arr += [f"0_{i}" for i in tmp]
except Exception as e:
print(e)
if arr:
await self.redis.rpush(self.tasklist, *arr)
await self.settaskendflag()
def parse_ips(jobs: Queue):
session = setup_connection()
counter = 0
start_time = time.time()
while True:
block = jobs.get()
if block is None:
break
ip_start = block.inetnum.split(" - ")[0]
ip_end = block.inetnum.split(" - ")[1]
cidrs = iprange_to_cidrs(ip_start, ip_end)
for c in cidrs:
session.add(Cidr(cidr=str(c), block=block))
counter += 1
if counter % COMMIT_COUNT == 0:
session.commit()
session.close()
session = setup_connection()
logger.debug("committed cidrs ({} seconds)".format(round(time.time() - start_time, 2)))
counter = 0
start_time = time.time()
session.commit()
logger.debug("committed last cidrs")
session.close()
logger.debug("{} finished".format(current_process().name))
def ip_pool_range_add(start_ip, end_ip, version, ipip, masquerade):
"""
Add the range of ip addresses as CIDRs to the IP address allocation pool.
:param start_ip: The first ip address the ip range.
:param end_ip: The last ip address in the ip range.
:param version: 4 or 6
:param ipip: Use IP in IP for this pool.
:return: None
"""
if version == 6 and ipip:
print "IP in IP not supported for IPv6 pools"
sys.exit(1)
ip_range = IPRange(start_ip, end_ip)
pools = client.get_ip_pools(version)
for pool in pools:
pool_net = IPNetwork(pool.cidr)
# Reject the new ip range if any of the following are true:
# - The new ip range contains all ips of any existing pool
# - An existing pool overlaps ips with the start of the new ip range
# - An existing pool overlaps ips with the end of the new ip range
if (pool_net in ip_range or
start_ip in pool_net or
end_ip in pool_net):
print "Cannot add range - range conflicts with pool %s" % pool.cidr
sys.exit(1)
cidrs = netaddr.iprange_to_cidrs(start_ip, end_ip)
for ip_net in cidrs:
new_pool = IPPool(ip_net.cidr, ipip=ipip, masquerade=masquerade)
client.add_ip_pool(version, new_pool)
def whois_rangeban(self,whois_results,reason,botid='',unban=False):
import netaddr # pip install netaddr
import re
for cdirs in re.findall('([\d]+\.[\d]+\.[\d]+\.[\d]+\s*-\s*[\d]+\.[\d]+\.[\d]+\.[\d]+)',whois_results):
splits = cdirs.split('-')
for cdir in netaddr.iprange_to_cidrs(splits[0].strip() , splits[1].strip()):
self.mass_rangeban([str(cdir)],reason,botid,unban)
def process_cidr(self, line):
display("Processing %s" % line)
if "/" in line:
created, cidr = self.ScopeCIDR.find_or_create(cidr=line.strip())
if created:
display_new("Adding %s to scoped CIDRs in database" %
line.strip())
cidr.in_scope = True
cidr.update()
elif "-" in line:
start_ip, end_ip = line.strip().replace(" ", "").split("-")
if "." not in end_ip:
end_ip = ".".join(start_ip.split(".")[:3] + [end_ip])
cidrs = iprange_to_cidrs(start_ip, end_ip)
for c in cidrs:
created, cidr = self.ScopeCIDR.find_or_create(cidr=str(c))
if created:
display_new("Adding %s to scoped CIDRs in database" %
line.strip())
cidr.in_scope = True
cidr.update()
def parse_property_inetnum(block: str):
# IPv4
match = re.findall(
'^inetnum:[\s]*((?:\d{1,3}\.){3}\d{1,3}[\s]*-[\s]*(?:\d{1,3}\.){3}\d{1,3})',
block, re.MULTILINE)
if match:
ip_start = re.findall(
'^inetnum:[\s]*((?:\d{1,3}\.){3}\d{1,3})[\s]*-[\s]*(?:\d{1,3}\.){3}\d{1,3}',
block, re.MULTILINE)[0]
ip_end = re.findall(
'^inetnum:[\s]*(?:\d{1,3}\.){3}\d{1,3}[\s]*-[\s]*((?:\d{1,3}\.){3}\d{1,3})',
block, re.MULTILINE)[0]
cidrs = iprange_to_cidrs(ip_start, ip_end)
return '{}'.format(cidrs[0])
# IPv6
else:
match = re.findall('^inet6num:[\s]*([0-9a-fA-F:\/]{1,43})', block,
re.MULTILINE)
if match:
return match[0]
# LACNIC translation for IPv4
else:
match = re.findall(
'^inet4num:[\s]*((?:\d{1,3}\.){3}\d{1,3}/\d{1,2})', block,
re.MULTILINE)
if match:
return match[0]
else:
return None
def main():
print "%s - Building GeoIP Access list file" % datetime.datetime.now()
with open(input_file,"rb") as f:
data = csv.reader(f)
for line in data:
start_ip = line[0]
end_ip = line[1]
longtitude = line[2]
latitude = line[3]
country_code = line[4]
country = line[5]
cidr = netaddr.iprange_to_cidrs(start_ip,end_ip)
geo_ips.setdefault(country_code,[]).append(cidr)
for k,v in geo_ips.iteritems():
nets = []
for item in v:
ip = str(item[0])
nets.append(ip)
acl_file.write("acl \"%s\" { %s ; } ; \n" % (k,'; '.join(nets)))
acl_file.close()
print "%s - GeoIP Access file created" % datetime.datetime.now()
try:
subprocess.call("/etc/init.d/named reload", shell=True)
except:
print "%s - Error reloading BIND configuraion" % datetime.datetime.now()
def main():
print "%s - Building GeoIP Access list file" % datetime.datetime.now()
with open(input_file, "rb") as f:
data = csv.reader(f)
for line in data:
start_ip = line[0]
end_ip = line[1]
longtitude = line[2]
latitude = line[3]
country_code = line[4]
country = line[5]
cidr = netaddr.iprange_to_cidrs(start_ip, end_ip)
geo_ips.setdefault(country_code, []).append(cidr)
for k, v in geo_ips.iteritems():
nets = []
for item in v:
ip = str(item[0])
nets.append(ip)
acl_file.write("acl \"%s\" { %s ; } ; \n" % (k, '; '.join(nets)))
acl_file.close()
print "%s - GeoIP Access file created" % datetime.datetime.now()
try:
subprocess.call("/etc/init.d/named reload", shell=True)
except:
print "%s - Error reloading BIND configuraion" % datetime.datetime.now(
)
def find_free_space(start, end):
free_space = []
range_to_cidrs = netaddr.iprange_to_cidrs(start, end)
def compare_networks(range_to_cidrs_data):
for inet in range_to_cidrs_data:
if IPNetwork(inet) == IPNetwork(start) or IPNetwork(
inet) == IPNetwork(end):
continue
elif IPNetwork(start) in IPNetwork(inet) and IPNetwork(
end) in IPNetwork(inet):
temp_ip_list = netaddr.cidr_exclude(
IPNetwork(inet),
IPNetwork(start))
if IPNetwork(end) in temp_ip_list and len(
temp_ip_list) > 1:
temp_ip_list.remove(IPNetwork(end))
free_space.extend(temp_ip_list)
continue
elif IPNetwork(start) in IPNetwork(inet):
free_space.extend(
netaddr.cidr_exclude(IPNetwork(inet),
IPNetwork(
start)))
continue
elif IPNetwork(end) in IPNetwork(inet):
free_space.extend(
netaddr.cidr_exclude(IPNetwork(inet),
IPNetwork(end)))
continue
else:
free_space.append(IPNetwork(inet))
return free_space
return compare_networks(range_to_cidrs)
def search_cc(days):
try:
url = "https://www.nirsoft.net/countryip/{0}.csv".format(
args.countrycode)
req = urlRequest.Request(url)
x = urlRequest.urlopen(req)
ip_blocks = x.read().decode('utf-8')
cr = csv.reader(ip_blocks.splitlines())
for row in cr:
if row:
startip = row[0]
endip = row[1]
block = netaddr.iprange_to_cidrs(startip, endip)[0]
subnets = make_subnet_24(block)
for ip_range_24 in subnets:
if str(ip_range_24) not in open('checked.txt').read():
check_block(ip_range_24, days)
print(ip_range_24, file=open('checked.txt', 'a'))
else:
#print("Already checked {0}".format(ip_range_24))
pass
except urllib.URLError as e:
if '404' in str(e):
print("{0} not a valid url".format(url))
print(
"List of countries codes can be found at https://www.nirsoft.net/countryip/")
else:
print("Error: {0}".format(e.reason))
exit()
def parse_ranges(range_file):
ranges = []
ctr = 0
with open(range_file, 'r') as fp:
for line in fp:
line = line.split('\n', 1)[0]
start, end = line.split(',')
#print(start, end)
cidr = netaddr.iprange_to_cidrs(start, end)
if len(cidr) > 1:
for i in range(0, len(cidr)):
ranges.append(cidr[i])
range_size = netaddr.IPNetwork(cidr[i])
else:
ip_range = ''.join(str(c) for c in cidr)
ranges.append(ip_range)
range_size = netaddr.IPNetwork(ip_range)
ctr += range_size.size # Anzahl an IP Adressen aller Ranges
f = open('ranges.txt', 'w+')
for ip_range in ranges:
f.write(str(ip_range) + '\n')
f.close()
def normalize(ip):
if '/' in ip:
return [ip]
ocets = [ocet.replace(' ', '') for ocet in ip.split('.')]
if len(ocets) == 4: ocets += ocets
if len(ocets) == 7:
if (re.search('-', ocets[3])):
for i, v in enumerate(ocets[3:]):
if i == 0:
last = ocets[4]
ocets[3], ocets[4] = ocets[3].split('-')
else:
if 4 + i < len(ocets):
newVal = last
last = ocets[4 + i]
ocets[4 + i] = newVal
else:
ocets.append(last)
if len(ocets) != 8:
return 'ERROR WITH: %s not right size %d' % ('.'.join(ocets),
len(ocets))
for i, ocet in enumerate(ocets):
#is *
if (re.search('\*', ocet)):
ocets[i] = '0'
ocets[i + 4] = '255'
if (re.search('-', ocets[i])):
ocets[i], ocets[i + 4] = ocets[i].split('-')[0:2]
newIP = netaddr.iprange_to_cidrs('.'.join(ocets[0:4]), '.'.join(ocets[4:]))
return newIP
def search_cc(days):
logs = []
try:
url = f"https://www.nirsoft.net/countryip/{args.countrycode}.csv"
req = urlRequest.Request(url)
x = urlRequest.urlopen(req)
ip_blocks = x.read().decode('utf-8')
cr = csv.reader(ip_blocks.splitlines())
for row in cr:
if row:
startip = row[0]
endip = row[1]
block = netaddr.iprange_to_cidrs(startip, endip)[0]
subnets = make_subnet(block)
for ip_range_24 in subnets:
logs.append(check_block(ip_range_24, days))
return logs
except urllib.URLError as e:
if '404' in str(e):
print(f"{url} not a valid url")
print(
"List of countries codes can be found at https://www.nirsoft.net/countryip/")
else:
print(f"Error: {e.reason}")
exit()
def create_dch_dict():
"""Download datacenter CSV and create dictionary of cidr ranges"""
sys.stderr.write(
"\nDownloading DCH (data center hosting) data from "
"https://raw.githubusercontent.com/client9/ipcat/master/datacenters.csv\n"
)
dch_response = urllib2.urlopen(
'https://raw.githubusercontent.com/client9/ipcat/master/'
'datacenters.csv')
dch_file = dch_response.read()
dch_dict = {}
dch_list = dch_file.split("\n")
# Read downloaded DCH CSV and parse into dch_list
sys.stderr.write("Creating DCH Database.\n")
for line in dch_list:
if line:
line_list = line.split(",")
first_ip = line_list[0].strip()
last_ip = line_list[1].strip()
dch_company = line_list[2]
for cidr_range in iprange_to_cidrs(first_ip, last_ip):
dch_dict[cidr_range] = dch_company
sys.stderr.write("Completed DCH Database. Parsing log now.\n\n")
return dch_dict
def process_cidr(self, line, label=None):
display("Processing %s" % line)
if "/" in line:
# pdb.set_trace()
cidr, created = CIDR.objects.get_or_create(
name=line.strip(),
defaults={
"org_name": label,
"active_scope": True,
"passive_scope": True,
},
)
if created:
display_new("Adding %s to Active CIDRs in database" %
line.strip())
elif "-" in line:
start_ip, end_ip = line.strip().replace(" ", "").split("-")
if "." not in end_ip:
end_ip = ".".join(start_ip.split(".")[:3] + [end_ip])
cidrs = iprange_to_cidrs(start_ip, end_ip)
for c in cidrs:
cidr, created = CIDR.objects.get_or_create(name=str(c),
defaults={
"active_scope":
True,
"passive_scope":
True
})
if created:
display_new("Adding %s to Active CIDRs in database" %
line.strip())
def process_row(row, fields):
res = []
netblocks = netaddr.iprange_to_cidrs(netaddr.IPAddress(row['start_ip_int']), netaddr.IPAddress(row['end_ip_int']))
for netblock in netblocks:
row['netblock'] = netblock
res.append([row[field] for field in fields])
return res
def get_cidr_from_range(netrange):
ips = netrange.split(' - ')
ip1 = ips[0]
ip2 = ips[1]
a = str(netaddr.iprange_to_cidrs(ip1, ip2))
cidr_proc = a.lstrip("""[IPNetwork('""")
cidr_proc2 = cidr_proc.rstrip("""')]""")
return cidr_proc2
def get_cidr_from_range(netrange):
ips = netrange.split(' - ')
ip1 = ips[0]
ip2 = ips[1]
a = str(netaddr.iprange_to_cidrs(ip1, ip2))
cidr_proc = a.lstrip("""[IPNetwork('""")
cidr_proc2 = cidr_proc.rstrip("""')]""")
return cidr_proc2
def get_cidrs(file_location):
list_of_cidrs = []
with open(file_location, 'rt') as csvfile:
ip_start_and_end = csv.reader(csvfile, delimiter=',')
for row in ip_start_and_end:
list_of_cidrs.append(iprange_to_cidrs(row[0], row[1]))
return list_of_cidrs
def _load(self):
"""Load the data into the cache. This may take some time."""
with gzip.open(os.path.expanduser(self.library)) as fp:
for line in fp:
tmp = line.decode().strip().split("\t")
cidrs = netaddr.iprange_to_cidrs(tmp[0], tmp[1])
for cidr in cidrs:
ip2asn.cache[str(cidr)] = tmp[2:]
def _extract_cidrs(indicator):
try:
parsed = iprange_to_cidrs(*indicator.split('-', 1)) if '-' in indicator else [IPNetwork(indicator)]
except (AddrFormatError, ValueError, TypeError):
raise Exception('Invalid IP Address in summarization: {!r}'.format(indicator))
return parsed
def convert_ip_range_to_cidr(ip_range):
ip_block = []
for ip in ip_range:
ip_start, ip_end = ip.replace(' ', '').split('-')
cidr = netaddr.iprange_to_cidrs(ip_start, ip_end)
for i in cidr:
ip_block.append(i)
return ip_block
def getNetworks(value):
try:
if not isinstance(value, IPNetwork):
s = value.strip().split('-')
cidrs = None
if (len(s) == 2):
cidrs = netaddr.iprange_to_cidrs(s[0], s[1])
else:
cidrs = netaddr.iprange_to_cidrs(s[0], s[0])
for cidr in cidrs:
yield cidr
else:
yield value
except GeneratorExit:
pass
except:
print("Bad value: " + value)
raise
def range2cidr(netrange):
"""
NetRange: 23.192.0.0 - 23.223.255.255
CIDR: 23.192.0.0/11
"""
startip, endip = netrange.split('-')
cidr = netaddr.iprange_to_cidrs(startip, endip)[0]
# cidr is object netaddr.IPNetwork('23.192.0.0/11')
return str(cidr)
def _get_ip_range(rangestr):
"""
clean-up range and return a IPRange object
"""
start, stop = rangestr.split('-', 2)
start = start.strip()
stop = stop.strip()
iprange = iprange_to_cidrs(start, stop)[0]
return iprange
def _parse_ip_indicators(self, indicators):
ipRange = indicators.split('-')
if ipRange[0] == ipRange[1]:
procIndicators = [netaddr.IPAddress(ipRange[0])]
intelType = 'IPv4'
else:
procIndicators = netaddr.iprange_to_cidrs(ipRange[0], ipRange[1])
intelType = 'CIDR'
return procIndicators, intelType
def find_fitting_subnet(parent_network, other_subnets, subnet_prefixlen):
"""
Get the smallest subnet that is bigger or equals to subnet described by subnet_prefixlen,
the subnet must be in the parent_network and cannot overlap with any of the other_subnets
:param parent_network (str): the parent network
:param other_subnets (list of str): list of other subnets that are already in the parent_network
:param subnet_prefixlen (int): the subnet_size prefix, e.g. 24 for 255.255.255.0
:return (str): the result IP subnet or ""
"""
# Parse incoming strings to IPNetwork objects. Sort other subnet list.
try:
parent = IPNetwork(parent_network)
others = sorted([IPNetwork(n) for n in other_subnets])
except Exception:
logger.exception("parent_network: %s, subnet_prefixlen: %s",
parent_network, subnet_prefixlen)
return ""
# Check whether any subnet that is not in parent's range.
for n in others:
if n.first < parent.first or n.last > parent.last:
logger.error("Subnets not in parent range %s %s", parent,
other_subnets)
return ""
boundaries = [parent.first]
for n in others:
if n.first < boundaries[-1]:
logger.error("Overlapping subnets others %s, offending %s", others,
n)
return ""
boundaries += [n.first - 1, n.last + 1]
boundaries += [parent.last]
candidate_prefixlen = 0
candidate_subnet = None
for i in range(0, len(boundaries), 2):
start = boundaries[i]
end = boundaries[i + 1]
if start <= end:
# have to work around a bug
# netaddr.iprange_to_cidrs('192.169.0.1', '192.168.255.255')
splitted = iprange_to_cidrs(IPAddress(start), IPAddress(end))
logger.debug("splitted %s", splitted)
for n in splitted:
# find the smallest network that fits
if n.prefixlen <= subnet_prefixlen and \
(candidate_subnet is None or n.prefixlen > candidate_prefixlen):
logger.debug("candidate_subnet %s", n)
candidate_prefixlen = n.prefixlen
candidate_subnet = n
return str(
list(candidate_subnet.subnet(
subnet_prefixlen,
count=1))[0].cidr) if candidate_subnet is not None else ""
def main():
parser = ArgumentParser(description="Convert an IP range to CIDR notation")
parser.add_argument("start", help="Starting address")
parser.add_argument("end", help="Ending address")
args = parser.parse_args()
s = args.start
e = args.end
print(", ".join([str(i) for i in list(iprange_to_cidrs(s, e))]))
def ip_range_to_cidr(ip_str_lists):
ip_cidr_network = []
ip_cidr_lists = []
for ip_str in ip_str_lists:
begin, end = ip_utils.split_ip(ip_str)
cidrs = netaddr.iprange_to_cidrs(begin, end)
for ip in cidrs:
ip_cidr_network.append(ip)
for ip_cidr in ip_cidr_network:
ip_cidr_lists.append(str(ip_cidr))
return ip_cidr_lists
def make_cidr(outer_cidr, offset, length):
LOG.debug("make_cidr({}, {}, {})".format(outer_cidr, offset, length))
if int(offset) < 0:
t = netaddr.IPNetwork(outer_cidr)
my_set = netaddr.IPSet(netaddr.IPRange(t[offset], t[-1]))
net = my_set.pop()
LOG.critical("Rackconnect ### {}".format(str(net)))
return str(net)
network = netaddr.IPNetwork(outer_cidr)
first_ip = netaddr.IPAddress(int(network.first) + offset)
last_ip = netaddr.IPAddress(int(first_ip) + (length - 1))
cidr = netaddr.iprange_to_cidrs(first_ip, last_ip)
LOG.debug("Not Rackconnect --- {}".format(str(cidr[0])))
return str(cidr[0])
def findMappedCidrForRange(startIp, endIp, cidrAsnMap):
response = {}
cidrs = netaddr.iprange_to_cidrs(startIp, endIp)
if len(cidrs) < 1:
print "error when convert ip range to cidrs for start ip {0} and {1}".format(startIp, endIp)
print cidrs
response["code"] = -1
return response
asnList=[]
for cidr in cidrs:
cidrLen = cidr.prefixlen
maxLen = 32
if ":" in str(cidr.cidr):
maxLen = 128
findFromUpper = False
while cidr.prefixlen > 0:
cidrStr = str(cidr.cidr)
if cidrAsnMap.has_key(cidrStr):
tempAsn = cidrAsnMap[cidrStr]
findFromUpper = True
if tempAsn not in asnList:
asnList.append(tempAsn)
break
else:
cidr.prefixlen -= 1
continue
if cidrLen >= maxLen:
continue
cidr.prefixlen = cidrLen + 1
if findFromUpper:
continue
while cidr.prefixlen <= maxLen:
cidrStr = str(cidr.cidr)
if cidrAsnMap.has_key(cidrStr):
tempAsn = cidrAsnMap[cidrStr]
if tempAsn not in asnList:
asnList.append(tempAsn)
break
else:
if cidr.prefixlen == maxLen:
break
cidr.prefixlen += 1
continue
if len(asnList) > 0:
response['code'] = 0
response['body'] = asnList
else:
response['code'] = -1
return response
def make_cidr(outer_cidr, offset, length):
#if offset < 0 and length + offset == 4:
#print("Noob")
network = netaddr.IPNetwork(outer_cidr)
first_ip = netaddr.IPAddress(int(network.first) + offset)
last_ip = netaddr.IPAddress(int(first_ip) + (length - 1))
cidr = netaddr.iprange_to_cidrs(first_ip, last_ip)
#if len(cidr) > 1:
#print("Network: {}".format(network))
#print("Offset: {}".format(offset))
#print("Length: {}".format(length))
#print cidr
# TODO: confirm that offset/lengths like -8192/8196 desire default policies
# return None
#raise Exception
return str(cidr[0])
def get_inet_num(search_term):
"""
Get intetnums for a domain
:param search_term: keywork without dots, no domains are allowed. domain.com -> invalid |---| domain -> valid
:type search_term: str
:return: iterable with IP/CIDR notation or None
:rtype: list(str) | None
"""
# Disable request logging
requests_log = logging.getLogger("requests")
requests_log.addHandler(logging.NullHandler())
requests_log.propagate = False
# Search the RIPE database
# There is an issue with RIPE. When making a request and including
# the type-filter inetnum, the JSON response also includes other types.
request = requests.get('http://rest.db.ripe.net/search.json', params={
'query-string': search_term,
'type-filter': 'inetnum'
})
json_results = json.loads(request.text)
try:
# Filter any object that doesn't have the type 'inetnum'
ranges = [x['primary-key']['attribute'][0]['value']
for x in json_results['objects']['object']
if x['type'] == 'inetnum']
except KeyError:
return None
# Turn the IP range string into CIDR
cidrs = []
for _range in ranges:
_range = _range.split(' - ');
cidrs.append(netaddr.iprange_to_cidrs(_range[0], _range[1]))
results = set()
# Print the CIDR's
for cidr in cidrs:
results.add(str(cidr[0]))
return results
def ip_pool_range_add(start_ip, end_ip, version, ipip, masquerade):
"""
Add the range of ip addresses as CIDRs to the IP address allocation pool.
:param start_ip: The first ip address the ip range.
:param end_ip: The last ip address in the ip range.
:param version: 4 or 6
:param ipip: Use IP in IP for the pool(s).
:param masquerade: Enable masquerade (outgoing NAT) for the pool(s).
:return: None
"""
if version == 6 and ipip:
print "IP in IP not supported for IPv6 pools"
sys.exit(1)
ip_range = IPRange(start_ip, end_ip)
pools = client.get_ip_pools(version)
for pool in pools:
pool_net = IPNetwork(pool.cidr)
# Reject the new ip range if any of the following are true:
# - The new ip range contains all ips of any existing pool
# - An existing pool overlaps ips with the start of the new ip range
# - An existing pool overlaps ips with the end of the new ip range
if (pool_net in ip_range or
start_ip in pool_net or
end_ip in pool_net):
print "Cannot add range - range conflicts with pool %s" % pool.cidr
sys.exit(1)
cidrs = netaddr.iprange_to_cidrs(start_ip, end_ip)
new_pools = []
for ip_net in cidrs:
try:
new_pools.append(IPPool(ip_net.cidr, ipip=ipip, masquerade=masquerade))
except CidrTooSmallError:
pool_strings = [str(net) for net in cidrs]
print "IPv%s ranges are split into pools, with the smallest pool " \
"size allowed having a prefix length of /%s. One or more " \
"of the generated pools is too small (prefix length is too " \
"high).\nRange given: %s - %s\nPools: %s\nNo pools added." % \
(version, BLOCK_PREFIXLEN[version], start_ip, end_ip,
pool_strings)
sys.exit(1)
for new_pool in new_pools:
client.add_ip_pool(version, new_pool)
def build_db():
asndb = urllib.urlopen(dburl)
file = StringIO()
file.write(asndb.read())
zip = zipfile.ZipFile(file)
for itm in zip.namelist():
uncompressed = zip.read(itm)
lines = uncompressed.split('\n')
for line in lines[:-1]:
match = asnmatch.match(line).groupdict()
print(match)
start_ip = iptools.ipv4.long2ip(int(match['startip']))
end_ip = iptools.ipv4.long2ip(int(match['endip']))
cidr = netaddr.iprange_to_cidrs(start_ip, end_ip)[0]
asns[match['asn']]['ipranges'].append((cidr, start_ip, end_ip))
asns[match['asn']]['company'] = match['company'].decode('utf-8', 'ignore').rstrip().lstrip()
asns[match['asn']]['asn'] = match['asn']
bulk_ranges = []
print('Building Docs.')
for itm in asns.itervalues():
iprangedoc = IpAsnRangeDoc(_id=itm['asn'])
iprangedoc.owner = itm['company']
iprangedoc.ranges = []
iprangedoc.total_ips = 0
iprangedoc.total_ranges = len(itm['ipranges'])
for cidr, start_ip, end_ip in itm['ipranges']:
ipcount = len(cidr)
iprangedoc.ranges.append({'cidr': str(cidr), 'ip_count': ipcount})
iprangedoc.total_ips += ipcount
print('%s, range total %s, ip total %s' % (iprangedoc.owner, iprangedoc.total_ranges, iprangedoc.total_ips))
bulk_ranges.append(iprangedoc)
print('Bulk indexing %s docs.' % len(asns))
bulk(es, (d.to_dict(include_meta=True) for d in bulk_ranges))
def findMappedCidrForRange(startIp, endIp, cidrAsnMap):
response = {}
cidrs = netaddr.iprange_to_cidrs(startIp, endIp)
if len(cidrs) > 1 or len(cidrs) < 1:
print "error when convert ip range to cidrs for start ip {0} and {1}".format(startIp, endIp)
print cidrs
response["code"] = -1
return response
cidr = cidrs[0]
cidrLen = cidr.prefixlen
while cidr.prefixlen > 0:
cidrStr = str(cidr.cidr)
if cidrAsnMap.has_key(cidrStr):
response['code'] = 0
response['key'] = cidrStr
return response
else:
cidr.prefixlen -= 1
continue
response['code'] = -1
return response
def googleip_to_cidr():
ip_lists = []
ip_range = open("googleip.txt")
for line in ip_range.readlines():
line = line.strip("\n")
if len(line) == 0 or line[0] == "#":
continue
begin, end = ip_utils.split_ip(line)
cidrs = netaddr.iprange_to_cidrs(begin, end)
for k, v in enumerate(cidrs):
ip = v
ip_lists.append(ip)
fd = open("googleip.ip.txt", "w")
for ip_cidr in ip_lists:
# print ip_cidr
fd.write(str(ip_cidr) + "\n")
fd.close()
print ("\n convert finished!\n")
def ip_range_to_cidrs():
ip_lists = []
ip_lists_2 = []
ip_range = open('googleip.txt')
for x in ip_range:
sline = x.strip().split('-')
ip_lists.append(sline)
for ip_line in ip_lists:
cidrs = netaddr.iprange_to_cidrs(ip_line[0], ip_line[1])
for k, v in enumerate(cidrs):
iplist = v
ip_lists_2.append(iplist)
#print ip_lists_2
fd = open('googleip.ip.txt', 'w')
for ip_cidr in ip_lists_2:
#print ip_cidr
fd.write(str(ip_cidr) + "\n")
fd.close()
def iprange_to_cidrs(iprange):
ip_start, ip_end = iprange.split("-")
try:
cidrs = netaddr.iprange_to_cidrs(ip_start, ip_end)
except Exception, ex:
return WIC_RES_FAILED, None
def test_ip_behaviour_osx():
assert iprange_to_cidrs('::1', '::255.255.255.254') == [
IPNetwork('::1/128'),
IPNetwork('::0.0.0.2/127'),
IPNetwork('::0.0.0.4/126'),
IPNetwork('::0.0.0.8/125'),
IPNetwork('::0.0.0.16/124'),
IPNetwork('::0.0.0.32/123'),
IPNetwork('::0.0.0.64/122'),
IPNetwork('::0.0.0.128/121'),
IPNetwork('::0.0.1.0/120'),
IPNetwork('::0.0.2.0/119'),
IPNetwork('::0.0.4.0/118'),
IPNetwork('::0.0.8.0/117'),
IPNetwork('::0.0.16.0/116'),
IPNetwork('::0.0.32.0/115'),
IPNetwork('::0.0.64.0/114'),
IPNetwork('::0.0.128.0/113'),
IPNetwork('::0.1.0.0/112'),
IPNetwork('::0.2.0.0/111'),
IPNetwork('::0.4.0.0/110'),
IPNetwork('::0.8.0.0/109'),
IPNetwork('::0.16.0.0/108'),
IPNetwork('::0.32.0.0/107'),
IPNetwork('::0.64.0.0/106'),
IPNetwork('::0.128.0.0/105'),
IPNetwork('::1.0.0.0/104'),
IPNetwork('::2.0.0.0/103'),
IPNetwork('::4.0.0.0/102'),
IPNetwork('::8.0.0.0/101'),
IPNetwork('::16.0.0.0/100'),
IPNetwork('::32.0.0.0/99'),
IPNetwork('::64.0.0.0/98'),
IPNetwork('::128.0.0.0/98'),
IPNetwork('::192.0.0.0/99'),
IPNetwork('::224.0.0.0/100'),
IPNetwork('::240.0.0.0/101'),
IPNetwork('::248.0.0.0/102'),
IPNetwork('::252.0.0.0/103'),
IPNetwork('::254.0.0.0/104'),
IPNetwork('::255.0.0.0/105'),
IPNetwork('::255.128.0.0/106'),
IPNetwork('::255.192.0.0/107'),
IPNetwork('::255.224.0.0/108'),
IPNetwork('::255.240.0.0/109'),
IPNetwork('::255.248.0.0/110'),
IPNetwork('::255.252.0.0/111'),
IPNetwork('::255.254.0.0/112'),
IPNetwork('::255.255.0.0/113'),
IPNetwork('::255.255.128.0/114'),
IPNetwork('::255.255.192.0/115'),
IPNetwork('::255.255.224.0/116'),
IPNetwork('::255.255.240.0/117'),
IPNetwork('::255.255.248.0/118'),
IPNetwork('::255.255.252.0/119'),
IPNetwork('::255.255.254.0/120'),
IPNetwork('::255.255.255.0/121'),
IPNetwork('::255.255.255.128/122'),
IPNetwork('::255.255.255.192/123'),
IPNetwork('::255.255.255.224/124'),
IPNetwork('::255.255.255.240/125'),
IPNetwork('::255.255.255.248/126'),
IPNetwork('::255.255.255.252/127'),
IPNetwork('::255.255.255.254/128'),
]
# inet_pton has to be different on Mac OSX *sigh*
assert IPAddress('010.000.000.001', flags=INET_PTON) == IPAddress('10.0.0.1')
assert int_to_str(0xffff) == '::0.0.255.255'
def test_ip_behaviour_non_osx():
assert iprange_to_cidrs('::1', '::255.255.255.254') == [
IPNetwork('::1/128'),
IPNetwork('::2/127'),
IPNetwork('::4/126'),
IPNetwork('::8/125'),
IPNetwork('::10/124'),
IPNetwork('::20/123'),
IPNetwork('::40/122'),
IPNetwork('::80/121'),
IPNetwork('::100/120'),
IPNetwork('::200/119'),
IPNetwork('::400/118'),
IPNetwork('::800/117'),
IPNetwork('::1000/116'),
IPNetwork('::2000/115'),
IPNetwork('::4000/114'),
IPNetwork('::8000/113'),
IPNetwork('::0.1.0.0/112'),
IPNetwork('::0.2.0.0/111'),
IPNetwork('::0.4.0.0/110'),
IPNetwork('::0.8.0.0/109'),
IPNetwork('::0.16.0.0/108'),
IPNetwork('::0.32.0.0/107'),
IPNetwork('::0.64.0.0/106'),
IPNetwork('::0.128.0.0/105'),
IPNetwork('::1.0.0.0/104'),
IPNetwork('::2.0.0.0/103'),
IPNetwork('::4.0.0.0/102'),
IPNetwork('::8.0.0.0/101'),
IPNetwork('::16.0.0.0/100'),
IPNetwork('::32.0.0.0/99'),
IPNetwork('::64.0.0.0/98'),
IPNetwork('::128.0.0.0/98'),
IPNetwork('::192.0.0.0/99'),
IPNetwork('::224.0.0.0/100'),
IPNetwork('::240.0.0.0/101'),
IPNetwork('::248.0.0.0/102'),
IPNetwork('::252.0.0.0/103'),
IPNetwork('::254.0.0.0/104'),
IPNetwork('::255.0.0.0/105'),
IPNetwork('::255.128.0.0/106'),
IPNetwork('::255.192.0.0/107'),
IPNetwork('::255.224.0.0/108'),
IPNetwork('::255.240.0.0/109'),
IPNetwork('::255.248.0.0/110'),
IPNetwork('::255.252.0.0/111'),
IPNetwork('::255.254.0.0/112'),
IPNetwork('::255.255.0.0/113'),
IPNetwork('::255.255.128.0/114'),
IPNetwork('::255.255.192.0/115'),
IPNetwork('::255.255.224.0/116'),
IPNetwork('::255.255.240.0/117'),
IPNetwork('::255.255.248.0/118'),
IPNetwork('::255.255.252.0/119'),
IPNetwork('::255.255.254.0/120'),
IPNetwork('::255.255.255.0/121'),
IPNetwork('::255.255.255.128/122'),
IPNetwork('::255.255.255.192/123'),
IPNetwork('::255.255.255.224/124'),
IPNetwork('::255.255.255.240/125'),
IPNetwork('::255.255.255.248/126'),
IPNetwork('::255.255.255.252/127'),
IPNetwork('::255.255.255.254/128'),
]
# Sadly, inet_pton cannot help us here ...
with pytest.raises(AddrFormatError):
IPAddress('010.000.000.001', flags=INET_PTON)
assert int_to_str(0xffff) == '::ffff'
def test_iprange_to_cidrs_worst_case_v4():
networks = iprange_to_cidrs('0.0.0.1', '255.255.255.254')
assert networks == [
IPNetwork('0.0.0.1/32'),
IPNetwork('0.0.0.2/31'),
IPNetwork('0.0.0.4/30'),
IPNetwork('0.0.0.8/29'),
IPNetwork('0.0.0.16/28'),
IPNetwork('0.0.0.32/27'),
IPNetwork('0.0.0.64/26'),
IPNetwork('0.0.0.128/25'),
IPNetwork('0.0.1.0/24'),
IPNetwork('0.0.2.0/23'),
IPNetwork('0.0.4.0/22'),
IPNetwork('0.0.8.0/21'),
IPNetwork('0.0.16.0/20'),
IPNetwork('0.0.32.0/19'),
IPNetwork('0.0.64.0/18'),
IPNetwork('0.0.128.0/17'),
IPNetwork('0.1.0.0/16'),
IPNetwork('0.2.0.0/15'),
IPNetwork('0.4.0.0/14'),
IPNetwork('0.8.0.0/13'),
IPNetwork('0.16.0.0/12'),
IPNetwork('0.32.0.0/11'),
IPNetwork('0.64.0.0/10'),
IPNetwork('0.128.0.0/9'),
IPNetwork('1.0.0.0/8'),
IPNetwork('2.0.0.0/7'),
IPNetwork('4.0.0.0/6'),
IPNetwork('8.0.0.0/5'),
IPNetwork('16.0.0.0/4'),
IPNetwork('32.0.0.0/3'),
IPNetwork('64.0.0.0/2'),
IPNetwork('128.0.0.0/2'),
IPNetwork('192.0.0.0/3'),
IPNetwork('224.0.0.0/4'),
IPNetwork('240.0.0.0/5'),
IPNetwork('248.0.0.0/6'),
IPNetwork('252.0.0.0/7'),
IPNetwork('254.0.0.0/8'),
IPNetwork('255.0.0.0/9'),
IPNetwork('255.128.0.0/10'),
IPNetwork('255.192.0.0/11'),
IPNetwork('255.224.0.0/12'),
IPNetwork('255.240.0.0/13'),
IPNetwork('255.248.0.0/14'),
IPNetwork('255.252.0.0/15'),
IPNetwork('255.254.0.0/16'),
IPNetwork('255.255.0.0/17'),
IPNetwork('255.255.128.0/18'),
IPNetwork('255.255.192.0/19'),
IPNetwork('255.255.224.0/20'),
IPNetwork('255.255.240.0/21'),
IPNetwork('255.255.248.0/22'),
IPNetwork('255.255.252.0/23'),
IPNetwork('255.255.254.0/24'),
IPNetwork('255.255.255.0/25'),
IPNetwork('255.255.255.128/26'),
IPNetwork('255.255.255.192/27'),
IPNetwork('255.255.255.224/28'),
IPNetwork('255.255.255.240/29'),
IPNetwork('255.255.255.248/30'),
IPNetwork('255.255.255.252/31'),
IPNetwork('255.255.255.254/32'),
]
import requests
parser = argparse.ArgumentParser(description='Search RIPE database')
parser.add_argument('search_term', help='Search term used to search the RIPE database. Eg: facebook')
args = parser.parse_args()
# Search the RIPE database
# There is an issue with RIPE. When making a request and including
# the type-filter inetnum, the JSON response also includes other types.
request = requests.get('http://rest.db.ripe.net/search.json', params={
'query-string': args.search_term,
'type-filter': 'inetnum'
})
json = json.loads(request.text)
# Filter any object that doesn't have the type 'inetnum'
ranges = [x['primary-key']['attribute'][0]['value'] for x in json['objects']['object'] \
if x['type'] == 'inetnum']
# Turn the IP range string into CIDR
cidrs = [];
for _range in ranges:
_range = _range.split(' - ');
cidrs.append(netaddr.iprange_to_cidrs(_range[0], _range[1]))
# Print the CIDR's
for cidr in cidrs:
print str(cidr[0])
def test_iprange_to_cidrs_worst_case_v6():
networks = iprange_to_cidrs('::ffff:1', '::ffff:255.255.255.254')
assert networks == [
IPNetwork('::255.255.0.1/128'),
IPNetwork('::255.255.0.2/127'),
IPNetwork('::255.255.0.4/126'),
IPNetwork('::255.255.0.8/125'),
IPNetwork('::255.255.0.16/124'),
IPNetwork('::255.255.0.32/123'),
IPNetwork('::255.255.0.64/122'),
IPNetwork('::255.255.0.128/121'),
IPNetwork('::255.255.1.0/120'),
IPNetwork('::255.255.2.0/119'),
IPNetwork('::255.255.4.0/118'),
IPNetwork('::255.255.8.0/117'),
IPNetwork('::255.255.16.0/116'),
IPNetwork('::255.255.32.0/115'),
IPNetwork('::255.255.64.0/114'),
IPNetwork('::255.255.128.0/113'),
IPNetwork('::1:0:0/96'),
IPNetwork('::2:0:0/95'),
IPNetwork('::4:0:0/94'),
IPNetwork('::8:0:0/93'),
IPNetwork('::10:0:0/92'),
IPNetwork('::20:0:0/91'),
IPNetwork('::40:0:0/90'),
IPNetwork('::80:0:0/89'),
IPNetwork('::100:0:0/88'),
IPNetwork('::200:0:0/87'),
IPNetwork('::400:0:0/86'),
IPNetwork('::800:0:0/85'),
IPNetwork('::1000:0:0/84'),
IPNetwork('::2000:0:0/83'),
IPNetwork('::4000:0:0/82'),
IPNetwork('::8000:0:0/82'),
IPNetwork('::c000:0:0/83'),
IPNetwork('::e000:0:0/84'),
IPNetwork('::f000:0:0/85'),
IPNetwork('::f800:0:0/86'),
IPNetwork('::fc00:0:0/87'),
IPNetwork('::fe00:0:0/88'),
IPNetwork('::ff00:0:0/89'),
IPNetwork('::ff80:0:0/90'),
IPNetwork('::ffc0:0:0/91'),
IPNetwork('::ffe0:0:0/92'),
IPNetwork('::fff0:0:0/93'),
IPNetwork('::fff8:0:0/94'),
IPNetwork('::fffc:0:0/95'),
IPNetwork('::fffe:0:0/96'),
IPNetwork('::ffff:0.0.0.0/97'),
IPNetwork('::ffff:128.0.0.0/98'),
IPNetwork('::ffff:192.0.0.0/99'),
IPNetwork('::ffff:224.0.0.0/100'),
IPNetwork('::ffff:240.0.0.0/101'),
IPNetwork('::ffff:248.0.0.0/102'),
IPNetwork('::ffff:252.0.0.0/103'),
IPNetwork('::ffff:254.0.0.0/104'),
IPNetwork('::ffff:255.0.0.0/105'),
IPNetwork('::ffff:255.128.0.0/106'),
IPNetwork('::ffff:255.192.0.0/107'),
IPNetwork('::ffff:255.224.0.0/108'),
IPNetwork('::ffff:255.240.0.0/109'),
IPNetwork('::ffff:255.248.0.0/110'),
IPNetwork('::ffff:255.252.0.0/111'),
IPNetwork('::ffff:255.254.0.0/112'),
IPNetwork('::ffff:255.255.0.0/113'),
IPNetwork('::ffff:255.255.128.0/114'),
IPNetwork('::ffff:255.255.192.0/115'),
IPNetwork('::ffff:255.255.224.0/116'),
IPNetwork('::ffff:255.255.240.0/117'),
IPNetwork('::ffff:255.255.248.0/118'),
IPNetwork('::ffff:255.255.252.0/119'),
IPNetwork('::ffff:255.255.254.0/120'),
IPNetwork('::ffff:255.255.255.0/121'),
IPNetwork('::ffff:255.255.255.128/122'),
IPNetwork('::ffff:255.255.255.192/123'),
IPNetwork('::ffff:255.255.255.224/124'),
IPNetwork('::ffff:255.255.255.240/125'),
IPNetwork('::ffff:255.255.255.248/126'),
IPNetwork('::ffff:255.255.255.252/127'),
IPNetwork('::ffff:255.255.255.254/128'),
]
(u'209.185.108.128', u'209.185.108.255'),
(u'209.85.128.0', u'209.85.255.255'),
(u'216.109.75.80', u'216.109.75.95'),
(u'216.239.32.0', u'216.239.63.255'),
(u'216.33.229.144', u'216.33.229.151'),
(u'216.33.229.160', u'216.33.229.167'),
(u'216.58.192.0', u'216.58.223.255'),
(u'4.3.2.0', u'4.3.2.255'),
(u'63.158.137.224', u'63.158.137.231'),
(u'63.237.119.112', u'63.237.119.119'),
(u'64.233.160.0', u'64.233.191.255'),
(u'64.41.221.192', u'64.41.221.207'),
(u'64.68.64.64', u'64.68.64.127'),
(u'64.68.80.0', u'64.68.87.255'),
(u'64.68.88.0', u'64.68.95.255'),
(u'66.102.0.0', u'66.102.15.255'),
(u'66.249.64.0', u'66.249.95.255'),
(u'67.148.177.136', u'67.148.177.143'),
(u'70.32.128.0', u'70.32.159.255'),
(u'72.14.192.0', u'72.14.255.255'),
(u'74.125.0.0', u'74.125.255.255'),
(u'8.8.4.0', u'8.8.4.255'),
(u'8.8.8.0', u'8.8.8.255')]
if __name__ == "__main__":
for start_ip,end_ip in CIDR:
print "[+]", start_ip, end_ip
print " [-]", netaddr.iprange_to_cidrs(start_ip,end_ip)[0]
