def queryIpWithUpdate(self, ip, masklen=24):
if not ip in self.previousSinaIpSet:
self.rnode = self.rtree.search_best(ip)
if not self.rnode: #this ip is not in the prefix table
jsonData = query_local(ip)
if jsonData:
start = jsonData.get("start", "")
if start: #we have the sina data:
end = jsonData["end"]
iprange = IPRange(start, end)
self.previousSinaIpSet = IPSet(iprange.cidrs())
for net_tuple in split_network_from_start_to_end(
start, end):
self.addPrefix(net_tuple[0], net_tuple[1])
for k in ipRadixDB.recordKeys:
if k == "ip":
self.rnode.data[k] = jsonData.get(k, ip)
else:
self.rnode.data[k] = jsonData[k]
else:
self.addPrefix(ip, masklen)
for k in ipRadixDB.recordKeys:
self.rnode.data[k] = jsonData[k]
else:
if self.rnode.prefixlen < 24 or not self.rnode.data.get(
"country",
""): #only the prefix is bigger than x/24 network
jsonData = query_local(
ip
) #maybe the prefix is too large, we need to substrac the prefix
if jsonData:
jsonData["ip"] = ip
self.substractPrefix(self.rnode, jsonData)
def parse_targets(target):
if '-' in target:
ip_range = target.split('-')
try:
hosts = IPRange(ip_range[0], ip_range[1])
except AddrFormatError:
try:
start_ip = IPAddress(ip_range[0])
start_ip_words = list(start_ip.words)
start_ip_words[-1] = ip_range[1]
start_ip_words = [str(v) for v in start_ip_words]
end_ip = IPAddress('.'.join(start_ip_words))
t = IPRange(start_ip, end_ip)
except AddrFormatError:
t = target
else:
try:
t = IPNetwork(target)
except AddrFormatError:
t = target
if type(t) == IPNetwork or type(t) == IPRange:
t = [str(ip) for ip in list(t)]
return t
else:
return [str(t.strip())]
def check_param(getopt_obj):
"""
@type getopt_obj:Getopt_scanner
"""
try:
int(getopt_obj.thread_number)
except:
raise InputError("并发参数错误")
if getopt_obj.scan_mode != "ping" and getopt_obj.scan_mode != "tcp":
raise InputError("检测参数错误")
ip_list = []
ip_str = getopt_obj.ipaddr_str
if ip_str.find("-") != -1:
startip = ip_str.split("-")[0]
endip = ip_str.split("-")[1]
if not (check_ip(startip) and check_ip(endip)):
raise InputError("ip地址参数错误1")
iprange_cidrs = IPRange(startip, endip)
for net_cidr in iprange_cidrs.cidrs():
for ip in net_cidr.iter_hosts():
ip_list.append(str(ip))
elif ip_str.find("/") != -1:
try:
for ip in IPNetwork(ip_str):
ip_list.append(str(ip))
except:
raise InputError("ip地址参数错误2")
else:
if not check_ip(ip_str):
raise InputError("ip地址参数错误3")
ip_list.append(ip_str)
getopt_obj.ipaddr_list = ip_list
def test_firewall_rules_only(self):
required_rules = [
IPNetwork('1.0.0.20/10'),
IPNetwork('0.0.0.0'),
IPRange('2.0.0.0', '2.0.0.10')
]
satisfying_resources = [{
'rules': required_rules
}, {
'rules': [required_rules[0], required_rules[1]]
}]
non_satisfying_resources = [{
'rules': [IPNetwork('0.0.0.1')]
}, {
'rules':
required_rules + [IPRange('2.0.0.0', '2.0.0.20')]
}]
mock = FirewallRulesFilterMock({
'only':
['0.0.0.0-0.0.0.0', '1.0.0.20/10', '2.0.0.0-2.0.0.10', '8.8.8.8']
})
mock.validate()
actual = mock.process(satisfying_resources + non_satisfying_resources)
self.assertEqual(satisfying_resources, actual)
def _in_network(value, p_value, exact_match=False):
"""
"""
# 'any' address is an automatic match if we are exact
if exact_match and 'any' in p_value:
return True
addresses = [
IPRange(a.split('-')[0],
a.split('-')[1]) if '-' in a else IPNetwork(a)
for a in value if is_ipv4(a)
]
fqdns = [a for a in value if not is_ipv4(a)]
p_addresses = [
IPRange(a.split('-')[0],
a.split('-')[1]) if '-' in a else IPNetwork(a)
for a in p_value if is_ipv4(a)
]
p_fqdns = [a for a in p_value if not is_ipv4(a)]
# network containment implies exact match... i think?
for a in addresses:
addr_result = any(a == b or a in b for b in p_addresses)
if not addr_result:
return False
# now match the fqdns
if exact_match:
fqdn_result = set(fqdns) == set(p_fqdns)
else:
fqdn_result = set(p_fqdns).issubset(set(fqdns))
return fqdn_result
def parse_list(raw_list):
'''
INPUT: Takes raw data that was downloaded from the download_list function.
ACTION: Verifies each line is a valid IPv4 or IPv6 address or address range.
OUTPUT: Returns a list of valid IP addresses.
'''
ip_list = []
for line in raw_list:
try:
#Ignore commented lines
if line.startswith('#') or line.startswith(';') or len(line) == 0:
pass
else:
#drops extraneous data that is included after IP addresses in some lists (41.138.172.0/23 ; SBL208940)
line = line.split()[0]
#parse generic IP ranges. i.e. - 192.168.1.5-192.168.1.65
if '-' in line:
start_ip = line.split('-')[0]
end_ip = line.split('-')[1]
ip_range = IPRange(start_ip, end_ip)
subnets = ip_range.cidrs()
for subnet in subnets:
ip_list.append(subnet)
else:
#parse anything else. i.e. - 10.0.0.0/8, 1.2.3.4
netblock = IPNetwork(line)
ip_list.append(netblock)
except AddrFormatError as e:
print e
print 'Failed to parse ' + line
return ip_list
def test_ipset_membership():
iprange = IPRange('192.0.1.255', '192.0.2.16')
assert iprange.cidrs() == [
IPNetwork('192.0.1.255/32'),
IPNetwork('192.0.2.0/28'),
IPNetwork('192.0.2.16/32'),
]
ipset = IPSet(['192.0.2.0/28'])
assert [(str(ip), ip in ipset) for ip in iprange] == [
('192.0.1.255', False),
('192.0.2.0', True),
('192.0.2.1', True),
('192.0.2.2', True),
('192.0.2.3', True),
('192.0.2.4', True),
('192.0.2.5', True),
('192.0.2.6', True),
('192.0.2.7', True),
('192.0.2.8', True),
('192.0.2.9', True),
('192.0.2.10', True),
('192.0.2.11', True),
('192.0.2.12', True),
('192.0.2.13', True),
('192.0.2.14', True),
('192.0.2.15', True),
('192.0.2.16', False),
]
def parse_list(raw_list):
'''
INPUT: Takes raw data that was downloaded from the download_list function.
ACTION: Verifies each line is a valid IPv4 or IPv6 address or address range.
OUTPUT: Returns a list of valid IP addresses.
'''
ip_list = []
for line in raw_list:
try:
#Ignore commented lines
if line.startswith('#') or line.startswith(';') or len(line) == 0:
pass
else:
#drops extraneous data that is included after IP addresses in some lists (41.138.172.0/23 ; SBL208940)
line = line.split()[0]
#parse generic IP ranges. i.e. - 192.168.1.5-192.168.1.65
if '-' in line:
start_ip = line.split('-')[0]
end_ip = line.split('-')[1]
ip_range = IPRange(start_ip, end_ip)
subnets = ip_range.cidrs()
for subnet in subnets:
ip_list.append(subnet)
else:
#parse anything else. i.e. - 10.0.0.0/8, 1.2.3.4
netblock = IPNetwork(line)
ip_list.append(netblock)
except AddrFormatError as e:
print e
print 'Failed to parse ' + line
return ip_list
def get_range(self, targets):
if targets is None:
print "[!] IP address/range was not specified, will intercept only gateway requests and not replies."
return None
try:
target_list = []
for target in targets.split(','):
if '/' in target:
self.range = True
target_list.extend(list(IPNetwork(target)))
elif '-' in target:
start_addr = IPAddress(target.split('-')[0])
try:
end_addr = IPAddress(target.split('-')[1])
ip_range = IPRange(start_addr, end_addr)
except AddrFormatError:
end_addr = list(start_addr.words)
end_addr[-1] = target.split('-')[1]
end_addr = IPAddress('.'.join(map(str, end_addr)))
ip_range = IPRange(start_addr, end_addr)
target_list.extend(list(ip_range))
else:
target_list.append(IPAddress(target))
return target_list
except AddrFormatError:
sys.exit("[!] Select a valid IP address/range as target")
def test_ipset_membership():
iprange = IPRange('192.0.1.255', '192.0.2.16')
assert iprange.cidrs() == [
IPNetwork('192.0.1.255/32'),
IPNetwork('192.0.2.0/28'),
IPNetwork('192.0.2.16/32'),
]
ipset = IPSet(['192.0.2.0/28'])
assert [(str(ip), ip in ipset) for ip in iprange] == [
('192.0.1.255', False),
('192.0.2.0', True),
('192.0.2.1', True),
('192.0.2.2', True),
('192.0.2.3', True),
('192.0.2.4', True),
('192.0.2.5', True),
('192.0.2.6', True),
('192.0.2.7', True),
('192.0.2.8', True),
('192.0.2.9', True),
('192.0.2.10', True),
('192.0.2.11', True),
('192.0.2.12', True),
('192.0.2.13', True),
('192.0.2.14', True),
('192.0.2.15', True),
('192.0.2.16', False),
]
def get_range(self, targets):
if targets is None:
return None
if targets is not None:
try:
target_list = []
for target in targets.split(','):
if '/' in target:
target_list.extend(list(IPNetwork(target)))
elif '-' in target:
start_addr = IPAddress(target.split('-')[0])
try:
end_addr = IPAddress(target.split('-')[1])
ip_range = IPRange(start_addr, end_addr)
except AddrFormatError:
end_addr = list(start_addr.words)
end_addr[-1] = target.split('-')[1]
end_addr = IPAddress('.'.join(map(str, end_addr)))
ip_range = IPRange(start_addr, end_addr)
target_list.extend(list(ip_range))
else:
target_list.append(IPAddress(target))
return target_list
except Exception as e:
sys.exit("[!] Exception caught: {}").format(e)
def substractPrefix(self, rnode, jsonData):
data = rnode.data
prefixlen = rnode.prefixlen
network = rnode.network
if (jsonData["city"] != data.get("city","") or jsonData["province"] != data.get("province","") or jsonData["isp"] != data.get("isp", "") or jsonData["country"] != data.get("isp", "")):#we got the sina json data
start = jsonData.get("start", "")
if start:
end = jsonData["end"]
iprange = IPRange(start, end)
self.previousSinaIpSet = IPSet(iprange.cidrs())
for net_tuple in split_network_from_start_to_end(start, end):
self.rnode = self.rtree.search_exact(net_tuple[0], net_tuple[1])
if not self.rnode:#//while we donn't have this node
self.addPrefix(net_tuple[0], net_tuple[1])#add this node
if (network == net_tuple[0]):#the node we added start from our previous node start point
data["ip_amount"] -= net_tuple[2] #we substract a subnetwork form the big network, we need to decrease the ip amount
else:
ip_remove_amount = min(ip_integer_from_string(network) + (1 << (32 - prefixlen)) - ip_integer_from_string(net_tuple[0]), 1<<(32-net_tuple[1]))
if ip_remove_amount > 0:
data["ip_amount"] -= ip_remove_amount
for k in ipRadixDB.recordKeys:
self.rnode.data[k] = jsonData[k]
if data["ip_amount"] <= 0:#we have divided the big prefix into small piece
self.delPrefix(network, prefixlen) #delete big prefix
else:#we just have taobao's data, just update the node
for k in ipRadixDB.recordKeys:
self.rnode.data[k] = jsonData[k]
def test_ipset_basic_api():
range1 = IPRange('192.0.2.1', '192.0.2.15')
ip_list = [
IPAddress('192.0.2.1'),
'192.0.2.2/31',
IPNetwork('192.0.2.4/31'),
IPAddress('192.0.2.6'),
IPAddress('192.0.2.7'),
'192.0.2.8',
'192.0.2.9',
IPAddress('192.0.2.10'),
IPAddress('192.0.2.11'),
IPNetwork('192.0.2.12/30'),
]
set1 = IPSet(range1.cidrs())
set2 = IPSet(ip_list)
assert set2 == IPSet([
'192.0.2.1/32',
'192.0.2.2/31',
'192.0.2.4/30',
'192.0.2.8/29',
])
assert set1 == set2
assert set2.pop() in set1
assert set1 != set2
def _verify_port(self, port, subnet4=None, subnet6=None, **kwargs):
has_ipv4_ip = False
has_ipv6_ip = False
for fixed_ip in port['fixed_ips']:
ip_address = fixed_ip['ip_address']
if subnet4 and fixed_ip['subnet_id'] == subnet4['id']:
start_ip_address = subnet4['allocation_pools'][0]['start']
end_ip_address = subnet4['allocation_pools'][0]['end']
ip_range = IPRange(start_ip_address, end_ip_address)
self.assertIn(ip_address, ip_range)
has_ipv4_ip = True
if subnet6 and fixed_ip['subnet_id'] == subnet6['id']:
start_ip_address = subnet6['allocation_pools'][0]['start']
end_ip_address = subnet6['allocation_pools'][0]['end']
ip_range = IPRange(start_ip_address, end_ip_address)
self.assertIn(ip_address, ip_range)
has_ipv6_ip = True
if subnet4:
self.assertTrue(
has_ipv4_ip,
"Must have an IPv4 ip in subnet: %s" % subnet4['id'])
if subnet6:
self.assertTrue(
has_ipv6_ip,
"Must have an IPv6 ip in subnet: %s" % subnet6['id'])
self.assertIsNotNone(port['mac_address'])
# verify all other kwargs as attributes (key,value) pairs
for key, value in iteritems(kwargs):
self.assertThat(port, ContainsDict({key: Equals(value)}))
def queryIpWithUpdate(self, ip, masklen=24):
if not ip in self.previousSinaIpSet:
self.rnode = self.rtree.search_best(ip)
if not self.rnode:#this ip is not in the prefix table
jsonData = query_local(ip)
if jsonData:
start = jsonData.get("start","")
if start:#we have the sina data:
end = jsonData["end"]
iprange = IPRange(start, end)
self.previousSinaIpSet = IPSet(iprange.cidrs())
for net_tuple in split_network_from_start_to_end(start, end):
self.addPrefix(net_tuple[0], net_tuple[1])
for k in ipRadixDB.recordKeys:
if k == "ip":
self.rnode.data[k] = jsonData.get(k,ip)
else:
self.rnode.data[k] = jsonData[k]
else:
self.addPrefix(ip, masklen)
for k in ipRadixDB.recordKeys:
self.rnode.data[k] = jsonData[k]
else:
if self.rnode.prefixlen < 24 or not self.rnode.data.get("country",""):#only the prefix is bigger than x/24 network
jsonData = query_local(ip)#maybe the prefix is too large, we need to substrac the prefix
if jsonData:
jsonData["ip"] = ip
self.substractPrefix(self.rnode, jsonData)
def get_range(self, targets):
if targets is None:
return None
try:
target_list = []
for target in targets.split(','):
if '/' in target:
target_list.extend(list(IPNetwork(target)))
elif '-' in target:
start_addr = IPAddress(target.split('-')[0])
try:
end_addr = IPAddress(target.split('-')[1])
ip_range = IPRange(start_addr, end_addr)
except AddrFormatError:
end_addr = list(start_addr.words)
end_addr[-1] = target.split('-')[1]
end_addr = IPAddress('.'.join(map(str, end_addr)))
ip_range = IPRange(start_addr, end_addr)
target_list.extend(list(ip_range))
else:
target_list.append(IPAddress(target))
return target_list
except AddrFormatError:
sys.exit("Specified an invalid IP address/range/network as target")
def dhcp_rand_ip(self):
pool = self.dhcpcfg['ip_pool']
try:
if '/' in pool:
ips = list(IPNetwork(pool))
return str(random.choice(ips))
elif '-' in pool:
start_addr = IPAddress(pool.split('-')[0])
try:
end_addr = IPAddress(pool.split('-')[1])
ips = list(IPRange(start_addr, end_addr))
except AddrFormatError:
end_addr = list(start_addr.words)
end_addr[-1] = pool.split('-')[1]
end_addr = IPAddress('.'.join(map(str, end_addr)))
ips = list(IPRange(start_addr, end_addr))
return str(random.choice(ips))
log.error(
'Specified invalid CIDR/Network range in DHCP pool option')
except AddrFormatError:
log.error(
'Specified invalid CIDR/Network range in DHCP pool option')
def parse_targets(target):
if '-' in target:
ip_range = target.split('-')
try:
hosts = IPRange(ip_range[0], ip_range[1])
except AddrFormatError:
try:
start_ip = IPAddress(ip_range[0])
start_ip_words = list(start_ip.words)
start_ip_words[-1] = ip_range[1]
start_ip_words = [str(v) for v in start_ip_words]
end_ip = IPAddress('.'.join(start_ip_words))
t = IPRange(start_ip, end_ip)
except AddrFormatError:
t = target
else:
try:
t = IPNetwork(target)
except AddrFormatError:
t = target
if type(t) == IPNetwork or type(t) == IPRange:
return list(t)
else:
return [t.strip()]
def populate_targets(target):
if '-' in target:
ip_range = target.split('-')
try:
hosts = IPRange(ip_range[0], ip_range[1])
except AddrFormatError:
try:
start_ip = IPAddress(ip_range[0])
start_ip_words = list(start_ip.words)
start_ip_words[-1] = ip_range[1]
start_ip_words = [str(v) for v in start_ip_words]
end_ip = IPAddress('.'.join(start_ip_words))
t = IPRange(start_ip, end_ip)
except AddrFormatError:
t = target
else:
try:
t = IPNetwork(target)
except AddrFormatError:
t = target
if type(t) == IPNetwork or type(t) == IPRange:
targets.extend(list(t))
else:
targets.append(t)
def ip_range_within_network(ip_range, network):
"""Check that the whole of a given IP range is within a given network."""
# Make sure that ip_range is an IPRange and not an IPNetwork,
# otherwise this won't work.
if isinstance(ip_range, IPNetwork):
ip_range = IPRange(IPAddress(network.first), IPAddress(network.last))
return all([intersect_iprange(cidr, network) for cidr in ip_range.cidrs()])
def test_ipset_basic_api():
range1 = IPRange('192.0.2.1', '192.0.2.15')
ip_list = [
IPAddress('192.0.2.1'),
'192.0.2.2/31',
IPNetwork('192.0.2.4/31'),
IPAddress('192.0.2.6'),
IPAddress('192.0.2.7'),
'192.0.2.8',
'192.0.2.9',
IPAddress('192.0.2.10'),
IPAddress('192.0.2.11'),
IPNetwork('192.0.2.12/30'),
]
set1 = IPSet(range1.cidrs())
set2 = IPSet(ip_list)
assert set2 == IPSet([
'192.0.2.1/32',
'192.0.2.2/31',
'192.0.2.4/30',
'192.0.2.8/29',
])
assert set1 == set2
assert set2.pop() in set1
assert set1 != set2
def test_len_on_ipset_failure_with_large_ipv6_addresses():
s1 = IPSet(IPRange(IPAddress("::0"), IPAddress(_sys_maxint, 6)))
with pytest.raises(IndexError):
len(s1)
s2 = IPSet(IPRange(IPAddress("::0"), IPAddress(_sys_maxint - 1, 6)))
assert len(s2) == _sys_maxint
def test_iprange_invalid_len_and_alternative():
range1 = IPRange(IPAddress("::0"), IPAddress(_sys_maxint, 6))
with pytest.raises(IndexError):
len(range1)
range2 = IPRange(IPAddress("::0"), IPAddress(_sys_maxint - 1, 6))
assert len(range2) == _sys_maxint
def test_iprange_cidr_interoperability():
assert IPRange('192.0.2.5', '192.0.2.10').cidrs() == [
IPNetwork('192.0.2.5/32'),
IPNetwork('192.0.2.6/31'),
IPNetwork('192.0.2.8/31'),
IPNetwork('192.0.2.10/32'),
]
assert IPRange('fe80::', 'fe80::ffff:ffff:ffff:ffff').cidrs() == [IPNetwork('fe80::/64')]
def test_converting_ipsets_to_ipranges():
assert list(IPSet().iter_ipranges()) == []
assert list(IPSet([IPAddress('10.0.0.1')]).iter_ipranges()) == [
IPRange('10.0.0.1', '10.0.0.1')
]
assert list(
IPSet([IPAddress('10.0.0.1'),
IPAddress('10.0.0.2')
]).iter_ipranges()) == [IPRange('10.0.0.1', '10.0.0.2')]
def validateIpRangeSize(start, end):
try:
ipRange = IPRange(start, end)
except Exception as e:
raise serializers.ValidationError({'IP Range': _(str(e))})
if ipRange.__getstate__()[2] == 4:
return True if ipRange.size <= 65536 else False
if ipRange.__getstate__()[2] == 6:
return True if ipRange.size <= 324518553658426726783156020576256 else False
def test_full_subnet(self):
# Fill up the test subnets so dynamic allocation fails
# For ipv6 we cannot fill up the subnet as /64 is too big so we make
# a small allocation pool and fill that up
network = self.create_network()
ipv4_subnet = self.create_subnet(network,
cidr=IPNetwork('10.0.0.0/29'),
mask_bits=29)
pool = {'start': 'cafe:babe::2', 'end': 'cafe:babe::6'}
kwargs = {'allocation_pools': [pool]}
ipv6_subnet = self.create_subnet(network,
ip_version=6,
cidr=IPNetwork('cafe:babe::/64'),
mask_bits=64,
**kwargs)
router = self.create_router()
# l2domain verify
l2domain = self.vsd.get_l2domain(by_subnet=ipv4_subnet)
for ip in IPRange('10.0.0.3', '10.0.0.6'):
vmipreservation = self.vsd.vspk.NUVMIPReservation(
ip_type='IPV4', ipv4_address=str(ip))
l2domain.create_child(vmipreservation)
for ip in IPRange('cafe:babe::3', 'cafe:babe::6'):
vmipreservation = self.vsd.vspk.NUVMIPReservation(
ip_type='IPV6', ipv6_address=str(ip))
l2domain.create_child(vmipreservation)
# Assert error occurs
expected_error_message = 'No more IP addresses available on network'
self._create_verify_illegal_ports(
ipv4_subnet,
ipv6_subnet,
network,
expected_exception=exceptions.Conflict,
expected_error_msg=expected_error_message,
dynamic=True)
self.router_attach(router, ipv4_subnet)
self.router_attach(router, ipv6_subnet)
# After router attach nuage:dhcp ports are freed up
vsd_subnet = self.vsd.get_subnet(by_subnet=ipv4_subnet)
vmipreservation = self.vsd.vspk.NUVMIPReservation(
ip_type='IPV4', ipv4_address='10.0.0.2')
vsd_subnet.create_child(vmipreservation)
vmipreservation = self.vsd.vspk.NUVMIPReservation(
ip_type='IPV6', ipv6_address='cafe:babe::2')
vsd_subnet.create_child(vmipreservation)
# Assert error occurs
self._create_verify_illegal_ports(
ipv4_subnet,
ipv6_subnet,
network,
expected_exception=exceptions.Conflict,
expected_error_msg=expected_error_message,
dynamic=True)
def test_ipset_constructor():
assert IPSet(['192.0.2.0']) == IPSet(['192.0.2.0/32'])
assert IPSet([IPAddress('192.0.2.0')]) == IPSet(['192.0.2.0/32'])
assert IPSet([IPNetwork('192.0.2.0')]) == IPSet(['192.0.2.0/32'])
assert IPSet(IPNetwork('1234::/32')) == IPSet(['1234::/32'])
assert IPSet([IPNetwork('192.0.2.0/24')]) == IPSet(['192.0.2.0/24'])
assert IPSet(IPSet(['192.0.2.0/32'])) == IPSet(['192.0.2.0/32'])
assert IPSet(IPRange("10.0.0.0",
"10.0.1.31")) == IPSet(['10.0.0.0/24', '10.0.1.0/27'])
assert IPSet(IPRange('0.0.0.0', '255.255.255.255')) == IPSet(['0.0.0.0/0'])
def _normalize_rules(self, new_ip_rules):
new_ip_space = []
for rule in new_ip_rules:
if '-' in rule:
parts = rule.split('-')
new_ip_space.append(IPRange(parts[0], parts[1]))
else:
net = IPNetwork(rule)
new_ip_space.append(IPRange(net.first, net.last))
return new_ip_space
def get_illegal_ranges(cidr_list):
all_cidrs = []
first_network_range = IPRange(
"0.0.0.0", get_first_address_in_network_minus_one(cidr_list[0]))
for network in first_network_range.cidrs():
all_cidrs.append(network.cidr.__str__())
# print(f"netmask -c 0.0.0.0:{get_first_address_in_network_minus_one(CIDR_LIST[0])}")
i = 0
how_long = len(cidr_list) + 1
while i < how_long:
# print(i)
if i is len(cidr_list) - 1:
last_network_range = IPRange(
get_last_address_in_network_plus_one(cidr_list[i]),
'255.255.255.255')
for network in last_network_range.cidrs():
all_cidrs.append(network.cidr.__str__())
i += 2
else:
second_network_range = IPRange(
get_last_address_in_network_plus_one(cidr_list[i]),
get_first_address_in_network_minus_one(cidr_list[i + 1]))
for network in second_network_range.cidrs():
all_cidrs.append(network.cidr.__str__())
i += 1
return all_cidrs
def _translate_ip_ranges(indicator, value=None):
if value is not None and value['type'] != 'IPv4':
return [indicator]
try:
ip_range = IPRange(*indicator.split('-', 1))
except (AddrFormatError, ValueError, TypeError):
return [indicator]
return [str(x) if x.size != 1 else str(x.network) for x in ip_range.cidrs()]
def _translate_ip_ranges(indicator, value=None):
if value is not None and value['type'] != 'IPv4':
return [indicator]
try:
ip_range = IPRange(*indicator.split('-', 1))
except (AddrFormatError, ValueError, TypeError):
return [indicator]
return [str(x) if x.size != 1 else str(x.network) for x in ip_range.cidrs()]
def test_node_list(self):
node_list = self.serializer.get_common_attrs(self.cluster)['nodes']
# Check right nodes count with right roles
self.assert_roles_flattened(node_list)
# Check common attrs
for node in node_list:
node_db = self.db.query(Node).get(int(node['uid']))
self.assertEquals(node['public_netmask'], '255.255.255.0')
self.assertEquals(node['internal_netmask'], '255.255.255.0')
self.assertEquals(node['storage_netmask'], '255.255.255.0')
self.assertEquals(node['uid'], str(node_db.id))
self.assertEquals(node['name'], 'node-%d' % node_db.id)
self.assertEquals(node['fqdn'],
'node-%d.%s' % (node_db.id, settings.DNS_DOMAIN))
# Check uncommon attrs
node_uids = sorted(set([n['uid'] for n in node_list]))
man_ip = [str(ip) for ip in IPRange('192.168.0.1', '192.168.0.5')]
pub_ip = [str(ip) for ip in IPRange('172.16.0.2', '172.16.0.6')]
sto_ip = [str(ip) for ip in IPRange('192.168.1.1', '192.168.1.5')]
expected_list = [{
'roles': ['controller', 'cinder']
}, {
'roles': ['compute', 'cinder']
}, {
'roles': ['compute']
}, {
'roles': ['mongo']
}, {
'roles': ['cinder']
}]
for i in range(len(expected_list)):
expected_list[i]['attrs'] = {
'uid': node_uids[i],
'internal_address': man_ip[i],
'public_address': pub_ip[i],
'storage_address': sto_ip[i]
}
for expected in expected_list:
attrs = expected['attrs']
for role in expected['roles']:
nodes = self.filter_by_role(node_list, role)
node = self.filter_by_uid(nodes, attrs['uid'])[0]
self.assertEquals(attrs['internal_address'],
node['internal_address'])
self.assertEquals(attrs['public_address'],
node['public_address'])
self.assertEquals(attrs['storage_address'],
node['storage_address'])
def ipv6_addresses(lines):
""" Checks if line contains IPv6 Addresses """
# IPv6 - this doesn't handle %interface formats
ip6_regex = ("(([0-9a-fA-F]{1,4}:){7,7}([0-9a-fA-F]{1,4})|"
"([0-9a-fA-F]{1,4}:){1,7}:|"
"([0-9a-fA-F]{1,4}:){1,6}(:[0-9a-fA-F]{1,4})|"
"([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|"
"([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|"
"([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|"
"([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|"
"([0-9a-fA-F]{1,4}:){1,1}(:[0-9a-fA-F]{1,4}){1,6}|"
":(:[0-9a-fA-F]{1,4}){1,7})|([0-9a-fA-F]{1,4}:){1,4}:"
r"((25[0-5]|(2[0-4]|1?[0-9])?[0-9])\.){3,3}"
"(25[0-5]|(2[0-4]|1?[0-9])?[0-9])")
ip6_cidr = "(12[0-8]|(1[01]|[0-9])?[0-9])"
ip6_match = "^{}(/{})?$".format(ip6_regex, ip6_cidr)
ip6_range = r"^{}\s*-\s*{}$".format(ip6_regex, ip6_regex)
# Compile regexes increases speed
match_ip6_cidr = re.compile(ip6_match)
match_ip6_range = re.compile(ip6_range)
ip_set = IPSet()
remaining = []
for line in lines:
line = line.strip()
try:
if match_ip6_cidr.match(line):
logging.info('IPv6 match: %s', line)
ip_set.add(line)
elif match_ip6_range.match(line):
logging.info('IPv6 range: %s', line)
start, finish = line.split("-")
start = IPAddress(start.strip())
finish = IPAddress(finish.strip())
if start < finish:
ip_set.add(IPRange(start, finish))
else:
logging.warning(
'IPv4 range: %s (beginning of range '
'larger than end of range', line)
ip_set.add(IPRange(finish, start))
else:
logging.info('Unmatched: %s', line)
remaining.append(line)
except (RuntimeError, TypeError, NameError):
logging.debug('Invalid IPv6 addresses: %s', line)
remaining.append(line)
return ip_set, remaining
def target_splitter(target_networks):
scope_list = []
for network in target_networks.split(","):
# check to see if a subdomain/vhost was specified (if it has a letter, its not an IP address)
if re.search('[a-zA-Z]', network):
scope_list.append(network)
break
# Simple check to see if there is a range included.
if "-" in str(network):
#print("range found")
iprange = network.split("-")
# Convert the first part of the range to an IPAddress object
rangestart = (IPAddress(iprange[0]))
# rangeend = (IPAddress(iprange[1]))
# Hold off on converting the second part. We first need to check if
# it is a real IP or just the last octet (i.e., 192.168.0.100-110)
rangeend = iprange[1]
# If there is a period in the second part, we can just cast to IPAddress now
if "." in rangeend:
rangeend = IPAddress(rangeend)
net_range = IPRange(rangestart, rangeend)
# scope_list is a list of all of the IP addresses, networks, and ranges that are in scope
for individual_ip in list(net_range):
scope_list.append(individual_ip)
#print(individual_ip)
else:
try:
# If there is no period, that means we just have the last octet for the second half.
# So this part copies the first three octects from the first half range and prepends
# it to the single octet given for the second part.
startpart = str(rangestart).rsplit('.', 1)[0]
rangeend = IPAddress(startpart+"." + rangeend)
net_range = IPRange(rangestart, rangeend)
# scope_list is a list of all of the IP addresses, networks, and ranges that are in scope
for individual_ip in list(net_range):
scope_list.append(individual_ip)
#print(individual_ip)
except:
# Putting this try/except here because i have a feeling that at some point we will see
# something like 192.168.0.0-192.168.200.255 or something like that. Not handling that
# right now.
print("error")
else:
# If there is no "-" in the line, we can deal with it as a simple network or IPAddress. Luckily
# IPNetwork automatically converts an IP without a CIDR into /32 CIDR, and it works just like
# an IP address
net = IPNetwork(network)
for individual_ip in list(net):
scope_list.append(individual_ip)
#print(individual_ip)
return scope_list
def test_get_targets_omp_7(self):
target_xml = get_root_element(
get_fixture_location(__file__, "target_omp_7.xml"))
target2_xml = get_root_element(
get_fixture_location(__file__, "target2_omp_7.xml"))
target3_xml = get_root_element(
get_fixture_location(__file__, "target3_omp_7.xml"))
with open(
get_fixture_location(__file__, "report_with_target_omp_7.xml"),
'r') as xml:
with patch.object(self.uut,
"_get_target_definition",
return_value=target_xml) as target_def:
target = self.uut.get_targets(xml)
self.assertEqual(target, IPSet(IPNetwork("192.168.1.0/24")))
target_def.assert_called_once_with(
"e39cf6fa-1932-42c5-89d4-b66f469c615b")
with open(
get_fixture_location(__file__, "report_with_target_omp_7.xml"),
'r') as xml:
with patch.object(self.uut,
"_get_target_definition",
return_value=target2_xml) as target_def:
ip_set = IPSet(
IPRange(start="192.168.1.1", end="192.168.1.200"))
target = self.uut.get_targets(xml)
self.assertEqual(target, ip_set)
target_def.assert_called_once_with(
"e39cf6fa-1932-42c5-89d4-b66f469c615b")
with open(
get_fixture_location(__file__, "report_with_target_omp_7.xml"),
'r') as xml:
with patch.object(self.uut,
"_get_target_definition",
return_value=target3_xml) as target_def:
ip_set = IPSet()
ip_set.add(IPAddress("10.31.2.30"))
ip_set.add(IPAddress("10.31.2.23"))
ip_set.add(IPAddress("10.31.2.7"))
ip_set.add(IPAddress("10.31.2.31"))
ip_set.add(IPAddress("10.31.2.11"))
ip_set.add(IPAddress("10.31.2.21"))
ip_set.add(IPRange(start="10.31.2.34", end="10.31.2.35"))
ip_set.add(IPAddress("10.31.2.20"))
ip_set.add(IPAddress("10.31.2.32"))
target = self.uut.get_targets(xml)
self.assertEqual(target, ip_set)
target_def.assert_called_once_with(
"e39cf6fa-1932-42c5-89d4-b66f469c615b")
def test_ipset_member_insertion_and_deletion():
s1 = IPSet()
s1.add('192.0.2.0')
assert s1 == IPSet(['192.0.2.0/32'])
s1.remove('192.0.2.0')
assert s1 == IPSet([])
s1.add(IPRange("10.0.0.0", "10.0.0.255"))
assert s1 == IPSet(['10.0.0.0/24'])
s1.remove(IPRange("10.0.0.128", "10.10.10.10"))
assert s1 == IPSet(['10.0.0.0/25'])
def make_iplist(l):
"""
Expect the input to be well-formatted.
:param l: list. ip ranges(or single ip) e.g. [('192.0.2.1', '192.0.2.15'), '192.0.3.1']
:return: list. CIRD notation of ips in the range
"""
re = []
for ip in l:
if type(ip) == types.TupleType:
r = IPRange(ip[0], ip[1])
re.extend(r.cidrs())
else: # ip is a str. e.g. '192.0.3.1'
re.append(IPAddress(ip))
return cidr_merge(re)
def test_iprange_info_and_properties():
iprange = IPRange('192.0.2.1', '192.0.2.254')
assert eval(str(iprange.info)) == {
'IPv4': [{
'date': '1993-05',
'designation': 'Administered by ARIN',
'prefix': '192/8',
'status': 'Legacy',
'whois': 'whois.arin.net'}]
}
assert iprange.is_reserved()
assert iprange.version == 4
def test_iprange():
range1 = IPRange('192.0.2.1', '192.0.2.15')
assert range1 == IPRange('192.0.2.1', '192.0.2.15')
assert range1.cidrs() == [
IPNetwork('192.0.2.1/32'),
IPNetwork('192.0.2.2/31'),
IPNetwork('192.0.2.4/30'),
IPNetwork('192.0.2.8/29'),
]
assert IPRange('192.0.2.0', '192.0.2.255') == IPNetwork('192.0.2.0/24')
range2 = IPRange('192.0.2.1', '192.0.2.15')
addrs = list(range2)
assert addrs == [
IPAddress('192.0.2.1'),
IPAddress('192.0.2.2'),
IPAddress('192.0.2.3'),
IPAddress('192.0.2.4'),
IPAddress('192.0.2.5'),
IPAddress('192.0.2.6'),
IPAddress('192.0.2.7'),
IPAddress('192.0.2.8'),
IPAddress('192.0.2.9'),
IPAddress('192.0.2.10'),
IPAddress('192.0.2.11'),
IPAddress('192.0.2.12'),
IPAddress('192.0.2.13'),
IPAddress('192.0.2.14'),
IPAddress('192.0.2.15'),
]
assert range2 != addrs
assert list(range2) == addrs
subnets = range2.cidrs()
assert subnets == [
IPNetwork('192.0.2.1/32'), IPNetwork('192.0.2.2/31'), IPNetwork('192.0.2.4/30'), IPNetwork('192.0.2.8/29')]
assert range2 != subnets
assert range2.cidrs() == subnets
#!/usr/bin/env python
from netaddr import IPRange
from sys import argv
lst=open(argv[1],'r').readlines()
t=[]
for n in lst: t.append(n.strip())
lst=t
del t
for ipr in lst:
ipr=IPRange(ipr[:ipr.find('-')],ipr[ipr.find('-')+1:])
for cidr in ipr.cidrs():
print cidr
def scan_fn_ip():
country_code = {}
for line in open('input/country_code', 'r'):
code, name = line.split(" ")
country_code[code] = name.strip().decode("utf-8")
logger.info(code + ' ' + country_code[code])
rtree = ipRadixDB()
ip_area_list = ["input/delegated-arin-latest", "input/delegated-ripencc-latest", "input/delegated-lacnic-latest", "input/delegated-afrinic-latest", "input/delegated-apnic-latest"]
dft = defaultdict(list)
availableIPs = []
for f in ip_area_list:
seed_file = open(f,'r')
for l in seed_file.readlines():
params = l.split('|')
if len(params) >= 4 and params[2] == "ipv4" and params[3] != "*" and params[1] != "CN":
startIP = params[3]
endIP = ip_integer_to_string(ip_integer_from_string(startIP) + int(params[4]) - 1)
logger.info(startIP + ' ' + endIP + ' ' + params[4])
iprange = IPRange(startIP, endIP)
if params[1] == '':
availableIPs += map(str, iprange.cidrs())
else:
dft[params[1]] += map(str, iprange.cidrs())
for key in dft:
prefix = dft[key][-1]
network,masklen = prefix.split('/')
masklen = int(masklen)
ip = generate_random_ip(network,masklen)
ipset = IPSet(dft[key])
for prefix in ipset.iter_cidrs():
network,masklen = str(prefix).split('/')
masklen = int(masklen)
rtree.addPrefix(network,masklen)
data = rtree.rnode.data
country = country_code[key]
logger.info(str(prefix) + ' ' + country)
data['country'] = country #jsonData.get('country','')
data['ip'] = ip
data['ip_amount'] = prefix.size
data['province'] = ''
data['city'] = ''
data['isp'] = ''
for prefix in availableIPs:
network,masklen = prefix.split("/")
masklen = int(masklen)
ip = generate_random_ip(network,masklen)
jsonData = None;
while jsonData == None:
try:
jsonData = query_ip(ip)
except Exception, e:
logger.error(e)
time.sleep(0.5)
rtree.addPrefix(network,masklen)
data = rtree.rnode.data
data['country'] = jsonData.get('country','')
data['ip'] = ip
data['ip_amount'] = IPNetwork(prefix).size
data['province'] = ''
data['city'] = ''
data['isp'] = ''
logger.info(prefix + ' ' + data['country'])
def split_network_from_start_to_end(start, end):
ip = IPRange(start, end)
return map(lambda net:(str(net.network), net.prefixlen, net.size), ip.cidrs())
