def connect_line_bridge(line_component, bridge_component, addressing_scheme=None):
""" Connects a ring to a bridge.
:param line_component: ring component that will be connected to the bridge. Needs at least two free interfaces
:param bridge_component: bridge component that will be connected to the ring. Will add new interfaces to the bridge.
"""
link_id = used_resources.get_new_link_id()
line_container = line_component.connection_points.pop()
# create new interface for container in line
line_interface_id = "%s.%03d" % (line_container.container_id, line_container.get_next_interface() )
line_interface = NetworkInterface(line_interface_id, link_id)
if addressing_scheme is not None:
ip = addressing_scheme['bridge_links'].pop()
line_interface.address = "%s/%s" % (ip, addressing_scheme['bridge_prefix'])
# get bridge and interface for bridge
br = bridge_component.connection_points[0]
bridge_interface_id = "%s.%03d" % (br.bridge_id, br.get_next_interface())
bridge_interface = NetworkInterface(bridge_interface_id, link_id)
# summary
if addressing_scheme is not None:
containers = len(line_component.topology['containers'])
print("amount of containers: %s " % containers)
other_container = None
if len(line_component.connection_points) > 0:
other_container = line_component.connection_points[0]
line_component.addresses = sorted(line_component.addresses)
if other_container is not None and netaddr.IPNetwork(line_container.interfaces[0].address) > netaddr.IPNetwork(
other_container.interfaces[0].address):
summary = netaddr.cidr_merge(line_component.addresses[(containers - 1):len(line_component.addresses)])
line_component.addresses = line_component.addresses[0: containers - 2]
print("2: ", )
for address in line_component.addresses:
print(address, )
else:
summary = netaddr.cidr_merge(line_component.addresses[0:containers - 2])
line_component.addresses = line_component.addresses[containers - 1:len(line_component.addresses)]
line_interface.summarizes = summary
print("link %s has %s and %s" % (link_id, line_interface.interface_id, bridge_interface.interface_id))
br.add_interface(bridge_interface)
line_container.add_interface(line_interface)
line_container.gateway = line_interface.interface_id
def update_right_tree(self):
self.right_tree.delete(*self.right_tree.get_children())
image = Image.open('resources/images/milker-X-icon.png')
imwidth = 10
wpersent = (imwidth / float(image.size[0]))
hsize = int(float(image.size[1]) * float(wpersent))
image = ImageTk.PhotoImage(
image.resize((imwidth, hsize), Image.ANTIALIAS))
self.right_tree.image = image
for item in netaddr.cidr_merge(self.right_ip_set):
values = list()
values.append(str(item))
if '32' in str(item).split('/')[1]:
values.append(False)
values.append(1)
else:
values.append(True)
values.append(len(item))
self.right_tree.insert('',
tk.END,
text='',
image=image,
values=values)
def expand_ips(start_ip, end_ip):
list_ip = []
ips = netaddr.cidr_merge(list(netaddr.iter_iprange(start_ip, end_ip)))
for i in ips:
ip = str(i.ip) + '/' + str(i.netmask)
list_ip.append(ip)
return list_ip
def report(domains, asns=None, networks=None, addresses=None, rdns=None):
"""
Prints the sets of given domains, autonomous system numbers, networks, PTRs, and IP addresses if user wants it.
Args:
domains: set of domains gathered.
asns: set of autonomous system numbers gathered.
networks: set of network ranges gathered.
addresses: set of IP addresses gathered.
rdns: set of PTR records
"""
if domains is not None:
print_border("DOMAINS ({})".format(len(domains)))
print("{}".format("\n".join(str(x) for x in domains)))
if asns is not None:
print_border("AUTONOMOUS SYSTEM NUMBERS ({})".format(len(asns)))
print(*asns, sep="\n")
if networks is not None:
networks = netaddr.cidr_merge(list(networks))
print_border("NETWORK RANGES ({})".format(len(networks)))
print(*networks, sep="\n")
if addresses is not None:
print_border("IP ADDRESSES ({})".format(len(addresses)))
print(*addresses, sep="\n")
if rdns is not None:
print_border("RDNS RECORDS ({})".format(len(rdns)))
print(*rdns, sep="\n")
def test_ip_range():
ip_list = list(iter_iprange('192.0.2.1', '192.0.2.14'))
assert len(ip_list) == 14
assert ip_list == [
IPAddress('192.0.2.1'),
IPAddress('192.0.2.2'),
IPAddress('192.0.2.3'),
IPAddress('192.0.2.4'),
IPAddress('192.0.2.5'),
IPAddress('192.0.2.6'),
IPAddress('192.0.2.7'),
IPAddress('192.0.2.8'),
IPAddress('192.0.2.9'),
IPAddress('192.0.2.10'),
IPAddress('192.0.2.11'),
IPAddress('192.0.2.12'),
IPAddress('192.0.2.13'),
IPAddress('192.0.2.14'),
]
assert cidr_merge(ip_list) == [
IPNetwork('192.0.2.1/32'),
IPNetwork('192.0.2.2/31'),
IPNetwork('192.0.2.4/30'),
IPNetwork('192.0.2.8/30'),
IPNetwork('192.0.2.12/31'),
IPNetwork('192.0.2.14/32'),
]
def ip_range_diff(source_ip_range, remove_ip_range):
"""Return source_ip_range after excluding remove_ip_range."""
# Convert IP ranges to CIDR.
source_ip_range = ip_range_to_cidr(source_ip_range)
remove_ip_range = ip_range_to_cidr(remove_ip_range)
logging.debug('source_ip_range = %s' % (source_ip_range))
logging.debug('remove_ip_range = %s' % (remove_ip_range))
# Expand each range.
source_ip_range_expanded = ip_range_expand(source_ip_range)
remove_ip_range_expanded = ip_range_expand(remove_ip_range)
# logging.debug('remove_ip_range_expanded = %s' % (remove_ip_range_expanded))
# Remove each matching source IP address individually.
for i in remove_ip_range_expanded:
try:
source_ip_range_expanded.remove(i)
except ValueError:
# Value not in source_ip_range
continue
# Convert remaining range to CIDR.
# logging.debug('source_ip_range_expanded = %s' % (source_ip_range_expanded))
source_ip_range = netaddr.cidr_merge(source_ip_range_expanded)
logging.debug('source_ip_range = %s' % (source_ip_range))
# Convert each CIDR block to string.
result_cidr = []
for cidr_object in source_ip_range:
result_cidr.append(str(cidr_object))
# Convert entire list to a string.
result_cidr = ','.join(result_cidr)
logging.debug('result_cidr = %s' % (result_cidr))
# Remove '/32' (single IP) and return diff'd range.
return result_cidr.replace('/32', '')
def get_aggregates(api):
"""
A Function for aggregating and listing all subnets seen by DarkTrace
:param api: A valid and active authenticated session with the DarkTrace API
:return: List of CIDR aggregated subnets
"""
subnets = api.get('/subnets')
place_holder = set()
for subnet in subnets:
# Subnet entry
# {
# 'sid': 6000000009896, 'auto': True, 'dhcp': True, 'firstSeen': 1552551497000,
# 'label': '10.117.80.0/24', 'lastSeen': 1552551497000, 'latitude': 52.09,
# 'longitude': 5.12, 'network': '10.117.80.0/24', 'shid': 6000000016884,
# 'uniqueHostnames': False, 'uniqueUsernames': False
# }
if is_valid_ipv4_network(subnet['network']):
place_holder.add(subnet['network'])
subnets_to_merge = sorted(
place_holder, key=lambda item: socket.inet_aton(item.split('/')[0]))
merged_subnets = netaddr.cidr_merge(subnets_to_merge)
final_subnets = []
for merged_subnet in merged_subnets:
final_subnets.append(str(merged_subnet))
return final_subnets
def ip_range_to_cidr(ip_network_string):
"""Convert ip_network_string into CIDR notation."""
# Split string into list by ', ' delimiter.
ip_network_cidr = []
ip_network_list = ip_network_string.split(',')
for ip_object in ip_network_list:
# For every ip range ('10.182.71.0-10.182.75.255'), convert to individual slash notation, 10.182.71.0/24, 10.182.72.0/22.
if '-' in ip_object:
# The object is a range.
dash = ip_object.find('-')
# First part of ip range.
ip_start = ip_object[:dash]
# Last part of ip range.
ip_end = ip_object[dash + 1:]
# Generate lists of IP addresses in range.
ip_range = list(netaddr.iter_iprange(ip_start, ip_end))
# Convert start & finish range to CIDR.
ip_range = netaddr.cidr_merge(ip_range)
# May be one or more objects in list.
# Example 1: '10.182.71.0-10.182.75.255' ==> ['10.182.71.0/24, 10.182.72.0/22']
# Example 2: '10.182.90.0-10.182.91.255' ==> ['10.182.90.0/23']
# Add each CIDR to ip_network.
for ip_object in ip_range:
ip_network_cidr.append(str(ip_object))
else:
# The object is not a range, just add it.
logging.debug('ip_object = %s' % (ip_object))
ip_network_cidr.append(str(netaddr.IPNetwork(ip_object).cidr))
# Return as a string with delimiter ', '
return ip_network_cidr
def iana_rir_gen_ip_list(user_rir_list):
# generates a list of networks that can be blocked by RIR
# we use a SortedList so that elements are inserted in order. This allows cidr_merge to work
rir_slash_eight_list = SortedList()
with open('iana') as iana_file:
iana_csv = csv.reader(iana_file)
for line in iana_csv:
for rir in user_rir_list:
# case in which the whois line from our csv contains the RIR
if rir in line[3]:
network = line[0].lstrip('0')
rir_slash_eight_list.add(netaddr.IPNetwork(network))
# if we find a match, there is no reason to see if the other RIRs are on the same line
break
# run cidr_merge to summarize
rir_slash_eight_list = netaddr.cidr_merge(rir_slash_eight_list)
return rir_slash_eight_list
def ip_range_diff(source_ip_range, remove_ip_range):
"""Return source_ip_range after excluding remove_ip_range."""
# Convert IP ranges to CIDR.
source_ip_range = ip_range_to_cidr(source_ip_range)
remove_ip_range = ip_range_to_cidr(remove_ip_range)
logging.debug('source_ip_range = %s' % (source_ip_range))
logging.debug('remove_ip_range = %s' % (remove_ip_range))
# Expand each range.
source_ip_range_expanded = ip_range_expand(source_ip_range)
remove_ip_range_expanded = ip_range_expand(remove_ip_range)
# logging.debug('remove_ip_range_expanded = %s' % (remove_ip_range_expanded))
# Remove each matching source IP address individually.
for i in remove_ip_range_expanded:
try:
source_ip_range_expanded.remove(i)
except ValueError:
# Value not in source_ip_range
continue
# Convert remaining range to CIDR.
# logging.debug('source_ip_range_expanded = %s' % (source_ip_range_expanded))
source_ip_range = netaddr.cidr_merge(source_ip_range_expanded)
logging.debug('source_ip_range = %s' % (source_ip_range))
# Convert each CIDR block to string.
result_cidr = []
for cidr_object in source_ip_range:
result_cidr.append(str(cidr_object))
# Convert entire list to a string.
result_cidr = ','.join(result_cidr)
logging.debug('result_cidr = %s' % (result_cidr))
# Remove '/32' (single IP) and return diff'd range.
return result_cidr.replace('/32', '')
def ip_range_to_cidr(ip_network_string):
"""Convert ip_network_string into CIDR notation."""
# Split string into list by ', ' delimiter.
ip_network_cidr = []
ip_network_list = ip_network_string.split(',')
for ip_object in ip_network_list:
# For every ip range ('10.182.71.0-10.182.75.255'), convert to individual slash notation, 10.182.71.0/24, 10.182.72.0/22.
if '-' in ip_object:
# The object is a range.
dash = ip_object.find('-')
# First part of ip range.
ip_start = ip_object[:dash]
# Last part of ip range.
ip_end = ip_object[dash + 1:]
# Generate lists of IP addresses in range.
ip_range = list(netaddr.iter_iprange(ip_start, ip_end))
# Convert start & finish range to CIDR.
ip_range = netaddr.cidr_merge(ip_range)
# May be one or more objects in list.
# Example 1: '10.182.71.0-10.182.75.255' ==> ['10.182.71.0/24, 10.182.72.0/22']
# Example 2: '10.182.90.0-10.182.91.255' ==> ['10.182.90.0/23']
# Add each CIDR to ip_network.
for ip_object in ip_range:
ip_network_cidr.append(str(ip_object))
else:
# The object is not a range, just add it.
logging.debug('ip_object = %s' % (ip_object))
ip_network_cidr.append(str(netaddr.IPNetwork(ip_object).cidr))
# Return as a string with delimiter ', '
return ip_network_cidr
def report(domains, asns=None, networks=None, addresses=None, rdns=None):
"""
Prints the sets of given domains, autonomous system numbers, networks, PTRs, and IP addresses if user wants it.
Args:
domains: set of domains gathered.
asns: set of autonomous system numbers gathered.
networks: set of network ranges gathered.
addresses: set of IP addresses gathered.
rdns: set of PTR records
"""
if domains is not None:
print_border("DOMAINS ({})".format(len(domains)))
print("{}".format("\n".join(str(x) for x in domains)))
if asns is not None:
print_border("AUTONOMOUS SYSTEM NUMBERS ({})".format(len(asns)))
print(*asns, sep="\n")
if networks is not None:
networks = netaddr.cidr_merge(list(networks))
print_border("NETWORK RANGES ({})".format(len(networks)))
print(*networks, sep="\n")
if addresses is not None:
print_border("IP ADDRESSES ({})".format(len(addresses)))
print(*addresses, sep="\n")
if rdns is not None:
print_border("RDNS RECORDS ({})".format(len(rdns)))
print(*rdns, sep="\n")
def cidr_merge(value, action='merge'):
if not hasattr(value, '__iter__'):
raise errors.AnsibleFilterError('cidr_merge: expected iterable, got ' +
repr(value))
if action == 'merge':
try:
return [str(ip) for ip in netaddr.cidr_merge(value)]
except Exception as e:
raise errors.AnsibleFilterError(
'cidr_merge: error in netaddr:\n%s' % e)
elif action == 'span':
# spanning_cidr needs at least two values
if len(value) == 0:
return None
elif len(value) == 1:
try:
return str(netaddr.IPNetwork(value[0]))
except Exception as e:
raise errors.AnsibleFilterError(
'cidr_merge: error in netaddr:\n%s' % e)
else:
try:
return str(netaddr.spanning_cidr(value))
except Exception as e:
raise errors.AnsibleFilterError(
'cidr_merge: error in netaddr:\n%s' % e)
else:
raise errors.AnsibleFilterError("cidr_merge: invalid action '%s'" %
action)
def ip_sumarizing(ip_list):
import netaddr
ip_list = [netaddr.IPNetwork("%s" % subn) for subn in ip_list]
ip_list = netaddr.cidr_merge(ip_list)
return ip_list
def prefixes_merge(prefixes_list):
start_prefixes_dict = {str(n): [] for n in range(32, 0, -1)}
final_prefixes_dict = {}
final_prefixes_list = []
for ip in prefixes_list:
start_prefixes_dict[netaddr.IPNetwork(ip).prefixlen.__str__()].append(
netaddr.IPNetwork(ip))
for k, v in start_prefixes_dict.items():
if str(v or '') == '':
continue
final_prefixes_dict[k] = netaddr.cidr_merge(v)
for k, v in final_prefixes_dict.items():
for i in v:
final_prefixes_list.append([k, i.__str__()])
flat = [x for row in final_prefixes_list for x in row]
print('no ip prefix-list {0}'.format(sys.argv[1]))
for idx, i in enumerate(flat[1:], 1):
if idx % 2 == 1:
if flat.count(i) > 1 and i.endswith(flat[idx - 1]):
continue
elif i.endswith(flat[idx - 1]):
print('ip prefix-list {0} permit {1}'.format(sys.argv[1], i))
else:
print('ip prefix-list {0} permit {1} {2}'.format(
sys.argv[1], i, 'le ' + flat[idx - 1]))
def set_summaries(configured_host):
logging.getLogger(__name__).info("Setting summaries")
for interface_id, interface in configured_host['interfaces'].items():
container_id = configured_host['mappings'][interface_id]
container = configured_host['containers'][container_id]
if interface.address is not None:
logging.getLogger(__name__).info(interface_id)
for summary, via in configured_host["mappings_summaries"].items():
#print " checking for: %s, via %s" % (summary, via)
# via must be in same subnet as address in this interface
same_subnet_via = (netaddr.IPNetwork(via) == netaddr.IPNetwork(interface.address))
# check if summary is in same subnet or not
existing_summaries = []
for route in container.routing['routes']:
existing_summaries.append(netaddr.IPNetwork(route.address))
existing_summaries = netaddr.cidr_merge(existing_summaries)
route_exists = False
for route in existing_summaries:
if route.network == netaddr.IPNetwork(summary).network:
route_exists = True
if same_subnet_via and not route_exists:
network = netaddr.IPNetwork(summary)
address = "%s/%s" % (network.network, network.prefixlen)
summary_route = emulator.elements.Route(address, interface.veth)
summary_route.via = str(netaddr.IPNetwork(via).ip)
container.routing["routes"].append(summary_route)
logging.getLogger(__name__).info("Adding %s to %s", summary_route.address, container.container_id)
def delete(self, cidr):
cidr = netaddr.IPNetwork(cidr)
if cidr in self.allocated:
self.allocated.remove(cidr)
self.unallocated.append(cidr)
self.unallocated = netaddr.cidr_merge(self.unallocated)
self.update()
def summarizeCidrs(ranges):
ipList = []
for network in ranges:
cidr = netaddr.IPNetwork(network)
cidr.prefixlen = 19
ipList.append(cidr)
return netaddr.cidr_merge(ipList)
def main():
print("Downloading Azure IP ranges from %s") % AZURE_IP_RANGES_URL
download_ip_ranges(CURRENT_AZURE_IP_LIST_FILE)
parse_regions(CURRENT_AZURE_IP_LIST_FILE,REGION_LIST_FILE)
# Add validation that the region name is listed in the file
file_obj = open(REGION_LIST_FILE,'r')
VALID_REGIONS = file_obj.read().splitlines()
file_obj.close()
if target_region not in VALID_REGIONS:
print("Error the specified region, %s, is not a valid region") % target_region
print("VALID AZURE REGIONS: %s") % VALID_REGIONS
sys.exit(1)
root = ET.parse(CURRENT_AZURE_IP_LIST_FILE).getroot()
# find the right Azure Region IPs
#ranges = getRegionIps(root, 'europewest')
ranges = getRegionIps(root, target_region)
print ranges
summarised = summarizeCidrs(ranges)
print("Length before summarisation: ", len(ranges))
print("Length after summarisation: ", len(summarised))
moreSummarised = netaddr.cidr_merge(summarised)
print("Length after more summarisation: ", len(moreSummarised))
def main():
parser = argparse.ArgumentParser(description='IP Blacklist Generator')
parser.add_argument('-if', type=lambda x: open_file(parser, x), dest='input_file', metavar='INPUT_FILE', required=True, help='Input file with blacklist URLs')
parser.add_argument('-of', type=str, dest='output_file', metavar='OUTPUT_FILE', required=True, help='Output file')
args = parser.parse_args()
output_filename = args.output_file
input_file = args.input_file
#Create master list that will ultimately get written to file
master_list = []
#Read in URLs from file and build list
urls = get_urls(input_file)
#Download lists, parse, and append to master list
for url in urls:
raw_list = download_list(url)
if raw_list is not None:
formatted_list = parse_list(raw_list)
for address_block in formatted_list:
master_list.append(address_block)
#aggregate and remove duplicates
master_list = cidr_merge(master_list)
#sort the list of IP objects
master_list.sort()
#Export list to file
export_list(master_list, output_filename)
def test_ip_range():
ip_list = list(iter_iprange('192.0.2.1', '192.0.2.14'))
assert len(ip_list) == 14
assert ip_list == [
IPAddress('192.0.2.1'),
IPAddress('192.0.2.2'),
IPAddress('192.0.2.3'),
IPAddress('192.0.2.4'),
IPAddress('192.0.2.5'),
IPAddress('192.0.2.6'),
IPAddress('192.0.2.7'),
IPAddress('192.0.2.8'),
IPAddress('192.0.2.9'),
IPAddress('192.0.2.10'),
IPAddress('192.0.2.11'),
IPAddress('192.0.2.12'),
IPAddress('192.0.2.13'),
IPAddress('192.0.2.14'),
]
assert cidr_merge(ip_list) == [
IPNetwork('192.0.2.1/32'),
IPNetwork('192.0.2.2/31'),
IPNetwork('192.0.2.4/30'),
IPNetwork('192.0.2.8/30'),
IPNetwork('192.0.2.12/31'),
IPNetwork('192.0.2.14/32'),
]
def parse(repo: 'RuleRepo', rule_index: int) -> 'Rule':
new_rule = Rule()
rule_path = os.path.join(repo.rules_path, repo.rules_list[rule_index])
with open(rule_path, 'r', encoding='utf8') as f:
lines = f.readlines()
header = lines[0]
if header.startswith('#'):
header = header[1:]
header_list = header.split(',')
new_rule.name = Rule.parse_header(header_list[0])
new_rule.friendly_name = Rule.parse_header(header_list[1])
new_rule.proxy_type = Rule.parse_header(header_list[2])
new_rule.proxy_type_2 = Rule.parse_header(header_list[3])
new_rule.unknown_1 = Rule.parse_header(header_list[4])
new_rule.unknown_2 = Rule.parse_header(header_list[5])
new_rule.writeable = Rule.parse_header(header_list[6])
new_rule.dns_type = Rule.parse_header(header_list[7])
new_rule.comment = Rule.parse_header(header_list[8])
network_list = list()
for line in lines[1:]:
line = line.strip()
line.replace('\n', '')
line.replace('\r', '')
try:
network = IPNetwork(line)
except:
continue
network_list.append(network)
new_rule.network_list = cidr_merge(network_list)
return new_rule
def aws2cidr(type):
content = urllib2.urlopen('https://ip-ranges.amazonaws.com/ip-ranges.json').read()
data = simplejson.loads(content)['prefixes']
amazon_blocks = {}
for key in data:
if not key['region'].startswith('cn-'):
if not key['service'] in amazon_blocks:
amazon_blocks[key['service']] = []
amazon_blocks[key['service']].append(netaddr.IPNetwork(key['ip_prefix']))
# 'AMAZON' block contains other blocks. exclude them
temp_amazon = []
for block in amazon_blocks['AMAZON']:
for key in amazon_blocks:
if key != 'AMAZON':
if block not in amazon_blocks[key]:
temp_amazon.append(block)
amazon_blocks['AMAZON'] = temp_amazon
total = []
for key in amazon_blocks:
total = total + amazon_blocks[key]
cidr_result = ""
if type == "all":
# all of the merged blocks
for network in netaddr.cidr_merge(total):
cidr_result = cidr_result + '\n' + str(network)
elif type == "split":
# blocks that split
for key in amazon_blocks:
cidr_result = cidr_result + '\n# Amazon ' + key
for network in netaddr.cidr_merge(amazon_blocks[key]):
cidr_result = cidr_result + '\n' + str(network)
else:
# blocks of a certain type
for network in netaddr.cidr_merge(amazon_blocks[type]):
cidr_result = cidr_result + '\n' + str(network)
# strip empty lines
cidr_result = '\n'.join([line.strip() for line in cidr_result.splitlines() if line.strip()])
return cidr_result
def load(self, url):
nets = []
r = requests.get(url)
t=json.loads(r.content)
for i in r.json()['prefixes']:
nets.append(IPNetwork(i['ip_prefix']))
for i in cidr_merge(nets):
self.networks["{}/{}".format(i.network, i.prefixlen)] = 'Amazon GLOBAL'
def manual_ipv6_infrastructure_allocation(anm):
"""Applies manual IPv6 allocation"""
import netaddr
g_ipv6 = anm["ipv6"]
log.info("Using specified IPv6 infrastructure allocation")
for node in g_ipv6.l3devices():
for interface in node.physical_interfaces:
if not interface["input"].is_bound:
continue # unbound interface
ip_address = netaddr.IPAddress(interface["input"].ipv6_address)
prefixlen = interface["input"].ipv6_prefixlen
interface.ip_address = ip_address
interface.prefixlen = prefixlen
cidr_string = "%s/%s" % (ip_address, prefixlen)
interface.subnet = netaddr.IPNetwork(cidr_string)
broadcast_domains = [d for d in g_ipv6 if d.broadcast_domain]
# TODO: allow this to work with specified ip_address/subnet as well as ip_address/prefixlen
from netaddr import IPNetwork
for coll_dom in broadcast_domains:
connected_interfaces = [edge.dst_int for edge in coll_dom.edges()]
cd_subnets = [IPNetwork("%s/%s" % (i.subnet.network, i.prefixlen)) for i in connected_interfaces]
if len(cd_subnets) == 0:
log.warning("Collision domain %s is not connected to any nodes" % coll_dom)
continue
try:
assert len(set(cd_subnets)) == 1
except AssertionError:
mismatch_subnets = "; ".join("%s: %s/%s" % (i, i.subnet.network, i.prefixlen) for i in connected_interfaces)
log.warning("Non matching subnets from collision domain %s: %s" % (coll_dom, mismatch_subnets))
else:
coll_dom.subnet = cd_subnets[0] # take first entry
# apply to remote interfaces
for edge in coll_dom.edges():
edge.dst_int.subnet = coll_dom.subnet
# also need to form aggregated IP blocks (used for e.g. routing prefix
# advertisement)
# import autonetkit
# autonetkit.update_http(anm)
infra_blocks = {}
for (asn, devices) in g_ipv6.groupby("asn").items():
broadcast_domains = [d for d in devices if d.broadcast_domain]
subnets = [cd.subnet for cd in broadcast_domains if cd.subnet is not None] # only if subnet is set
infra_blocks[asn] = netaddr.cidr_merge(subnets)
g_ipv6.data.infra_blocks = infra_blocks
def read_rirs(country_list, permit, rir_list=RIR_NAMES):
# list containing our file objects
file_list = []
# we use a SortedList so that elements are inserted in order. This allows cidr_merge to work
rir_ips = SortedList()
# Open the files we downloaded earlier and store the file object
for rir in rir_list:
file_list.append(open(rir))
for f in file_list:
for line in f:
curr_line = line.split('|')
try:
# we want only the ipv4 lines that are for a specific country
# also only want countries that we are going to block
if (curr_line[2] == "ipv4" and curr_line[1] != "*") and \
((permit and curr_line[1] not in country_list) or
(not permit and curr_line[1] in country_list)):
country_code = curr_line[1]
network_id = curr_line[3]
wildcard = int(curr_line[4])-1
try:
# Add network to list, if the number of IPs was not a
# power of 2 (wildcard is not valid).
# AddrFormatError is thrown
rir_ips.add(netaddr.IPNetwork(network_id + "/" + str(netaddr.IPAddress(wildcard))))
# Handle case in where our mask is invalid by rounding DOWN
except netaddr.AddrFormatError:
print "rounded network " + network_id + " with " + str(wildcard) + \
" hosts up to nearest power of 2"
wildcard = next_power_of_2(wildcard) - 1
print wildcard + 1
rir_ips.add(netaddr.IPNetwork(network_id + "/" + str(netaddr.IPAddress(wildcard))))
# IndexErrors only occur when parsing columns we don't need
except IndexError:
pass
f.close()
# cidr_merge takes our list of IPs and summarizes subnets where possible
# this greatly decreases the number of ACL entries
rir_ips = netaddr.cidr_merge(rir_ips)
return rir_ips
def __and__(self, other: 'Rule') -> 'Rule':
new_rule = Rule()
new_rule.name = '{0} && {1}'.format(self.name, other.name)
new_rule.friendly_name = '{0} && {1}'.format(self.friendly_name,
other.friendly_name)
new_rule.comment = '{0} && {1}'.format(self.comment, other.comment)
self.network_list.extend(other.network_list)
new_rule.network_list = cidr_merge(self.network_list)
return new_rule
def parse_asn(content):
soup = BeautifulSoup(content, 'html.parser')
results = []
nets = []
for element in soup.find('div', id='ipv4-data').find('table', id="block-table").find_all('tr')[1:]:
ip, company, num = [e.text.strip() for e in element.find_all('td')]
results.append((ip, company, num))
nets.append(IPNetwork(ip))
return results, '\n'.join([str(net) for net in cidr_merge(nets)])
def _setup_routes(self, if_dev, ver, ip_start, ip_end, gw_ip):
gw_ip_net = netaddr.IPNetwork(gw_ip)
if_dev.addr.add(ver, "%s/%s" % (ip_start, gw_ip_net.prefixlen), gw_ip_net.broadcast)
if_dev.route.add_gateway(str(gw_ip_net.ip))
if ip_start != ip_end:
local_nets = netaddr.cidr_merge(netaddr.iter_iprange(ip_start, ip_end))
max_pfx_len = ver == 4 and 32 or 128
for l in local_nets:
if l.prefixlen < max_pfx_len or str(l.ip) != ip_start:
if_dev.route._as_root("add", "local", str(l), "dev", if_dev.name, options=[ver])
def definesubnet(insubnetlist):
fnsubnet = []
if len(insubnetlist) > 0:
for everysubnet in insubnetlist:
mynet = netaddr.IPNetwork(everysubnet)
fnsubnet.append(mynet)
mergesubnet = netaddr.cidr_merge(list(set(fnsubnet)))
return mergesubnet
else:
return fnsubnet
def get_scanner_targets(self):
"""
Get a list of strings representing the IP addresses and network ranges that
this scanner is configured to scan.
:return: A list of strings representing the IP addresses and network ranges that
this scanner is configured to scan.
"""
all_ips = self.get_all_ips()
merged = cidr_merge(all_ips)
return [str(x) for x in merged]
def manual_ipv4_allocation(anm):
"""Applies manual IPv4 allocation"""
import netaddr
g_in_directed = anm['input_directed']
g_ipv4 = anm['ipv4']
for l3_device in g_ipv4.nodes("is_l3device"):
directed_node = g_in_directed.node(l3_device)
l3_device.loopback = directed_node.ipv4loopback
for edge in l3_device.edges():
# find edge in g_in_directed
directed_edge = g_in_directed.edge(edge)
edge.ip_address = netaddr.IPAddress(directed_edge.ipv4)
# set subnet onto collision domain (can come from either
# direction)
collision_domain = edge.dst
if not collision_domain.subnet:
# TODO: see if direct method in netaddr to deduce network
prefixlen = directed_edge.netPrefixLenV4
cidr_string = "%s/%s" % (edge.ip_address, prefixlen)
intermediate_subnet = netaddr.IPNetwork(cidr_string)
cidr_string = "%s/%s" % (
intermediate_subnet.network, prefixlen)
subnet = netaddr.IPNetwork(cidr_string)
collision_domain.subnet = subnet
# also need to form aggregated IP blocks (used for e.g. routing prefix
# advertisement)
loopback_blocks = {}
infra_blocks = {}
for asn, devices in g_ipv4.groupby("asn").items():
routers = [d for d in devices if d.is_router]
loopbacks = [r.loopback for r in routers]
loopback_blocks[asn] = netaddr.cidr_merge(loopbacks)
collision_domains = [d for d in devices if d.collision_domain]
subnets = [cd.subnet for cd in collision_domains]
infra_blocks[asn] = netaddr.cidr_merge(subnets)
g_ipv4.data.loopback_blocks = loopback_blocks
g_ipv4.data.infra_blocks = infra_blocks
def _merge_cidrs(cls):
"""
We learned about CIDRs from the following functions:
- _load_elasticips()
- _load_vpcs()
- _load_vpces()
- _load_natgateways()
- _load_network_whitelist()
These cidr's are stored in the OBJECT_STORE in a way that is not optimal:
OBJECT_STORE['cidr']['54.0.0.1'] = set(['123456789012'])
OBJECT_STORE['cidr']['54.0.0.0'] = set(['123456789012'])
...
OBJECT_STORE['cidr']['54.0.0.255/32'] = set(['123456789012'])
The above example is attempting to illustrate that account `123456789012`
contains `54.0.0.0/24`, maybe from 256 elastic IPs.
If a resource policy were attempting to ingress this range as a `/24` instead
of as individual IPs, it would not work. We need to use the `cidr_merge`
method from the `netaddr` library. We need to preserve the account identifiers
that are associated with each cidr as well.
# Using:
# https://netaddr.readthedocs.io/en/latest/tutorial_01.html?highlight=summarize#summarizing-list-of-addresses-and-subnets
# import netaddr
# netaddr.cidr_merge(ip_list)
Step 1: Group CIDRs by account:
# ['123456789012'] = ['IP', 'IP']
Step 2:
Merge each account's cidr's separately and repalce the OBJECT_STORE['cidr'] entry.
Return:
`None`. Mutates the cls.OBJECT_STORE['cidr'] datastructure.
"""
if not 'cidr' in cls.OBJECT_STORE:
return
# step 1
merged = defaultdict(set)
for cidr, accounts in cls.OBJECT_STORE['cidr'].items():
for account in accounts:
merged[account].add(cidr)
del cls.OBJECT_STORE['cidr']
# step 2
for account, cidrs in merged.items():
merged_cidrs = netaddr.cidr_merge(cidrs)
for cidr in merged_cidrs:
add(cls.OBJECT_STORE['cidr'], str(cidr), account)
def combine_it(iplist):
try:
fipl = []
for ip in cidr_merge(iplist):
if '/' in str(ip) and str(ip).split('/', 1)[1] == '32':
fipl.append(str(ip).split('/', 1)[0])
else:
fipl.append(str(ip))
return fipl
except (ValueError, TypeError):
print "{}[!]{} Ensure that all IPs are in CIDR notation.".format(colors.red, colors.normal)
def subnet_aggregate(ip_file):
listIP = []
f = open(ip_file, encoding='UTF-8-sig')
for each in f:
if each.isspace():
continue
listIP.append(IPNetwork(each))
f.close()
temp_list = cidr_merge(listIP)
for each in temp_list:
print(each)
def cidr_subtract(supernet_cidr, subnet_cidr):
supernet = netaddr.IPNetwork(supernet_cidr)
subnet = netaddr.IPNetwork(subnet_cidr)
if subnet not in supernet:
return [supernet]
supernet_subnets = list(supernet.subnet(subnet.prefixlen))
supernet_subnets.remove(subnet)
return netaddr.cidr_merge(supernet_subnets)
def _subnet(self, existing_networks, prefixlen=24):
''' Get a unique subnet of a network given an existing networks '''
available_networks = (netaddr.IPSet(self.cidr) - netaddr.IPSet(
netaddr.cidr_merge([Network(net) for net in existing_networks])))
while len(available_networks.iter_cidrs()) > 0:
for net in available_networks.iter_cidrs():
for subnet in net.subnet(prefixlen, count=1):
existing_networks.append(str(subnet))
yield str(subnet)
else:
raise AnsibleError('Run out of subnets')
def main(): if len(sys.argv) < 2: usage() sys.exit() ipFile = open(sys.argv[1]) ipAddresses = [i for i in ipFile.readlines()] ipAddresses = sorted(ipAddresses) cidrs = netaddr.cidr_merge(ipAddresses) for cidr in cidrs: print cidr
def _validate_range_with_network(self):
ip_networks = []
if self.range:
start, end = self.range.split('-')
ip_addresses = list(netapi.iter_iprange(start, end))
ip_networks.extend(netapi.cidr_merge(ip_addresses))
else:
ip_addresses = get_ips_from_cidr(self.cidr)
ip_networks.extend(netapi.cidr_merge(ip_addresses))
address_lst = []
net = netapi.IPNetwork(self.cidr)
for network in ip_networks:
for address in network:
address_lst.append(str(address))
if address not in net:
excep_msg = 'given dhcp range:%s not a subset of network:%s' % (self.range, net)
LOGGER.error(excep_msg)
raise Exception(excep_msg)
self.iplist = address_lst
def _merge_cidrs(cls):
"""
We learned about CIDRs from the following functions:
- _load_elasticips()
- _load_vpcs()
- _load_vpces()
- _load_natgateways()
- _load_network_whitelist()
These cidr's are stored in the OBJECT_STORE in a way that is not optimal:
OBJECT_STORE['cidr']['54.0.0.1'] = set(['123456789012'])
OBJECT_STORE['cidr']['54.0.0.0'] = set(['123456789012'])
...
OBJECT_STORE['cidr']['54.0.0.255/32'] = set(['123456789012'])
The above example is attempting to illustrate that account `123456789012`
contains `54.0.0.0/24`, maybe from 256 elastic IPs.
If a resource policy were attempting to ingress this range as a `/24` instead
of as individual IPs, it would not work. We need to use the `cidr_merge`
method from the `netaddr` library. We need to preserve the account identifiers
that are associated with each cidr as well.
# Using:
# https://netaddr.readthedocs.io/en/latest/tutorial_01.html?highlight=summarize#summarizing-list-of-addresses-and-subnets
# import netaddr
# netaddr.cidr_merge(ip_list)
Step 1: Group CIDRs by account:
# ['123456789012'] = ['IP', 'IP']
Step 2:
Merge each account's cidr's separately and repalce the OBJECT_STORE['cidr'] entry.
Return:
`None`. Mutates the cls.OBJECT_STORE['cidr'] datastructure.
"""
if not 'cidr' in cls.OBJECT_STORE:
return
# step 1
merged = defaultdict(set)
for cidr, accounts in list(cls.OBJECT_STORE['cidr'].items()):
for account in accounts:
merged[account].add(cidr)
del cls.OBJECT_STORE['cidr']
# step 2
for account, cidrs in list(merged.items()):
merged_cidrs = netaddr.cidr_merge(cidrs)
for cidr in merged_cidrs:
add(cls.OBJECT_STORE['cidr'], str(cidr), account)
def get_utilization(self):
"""
Determine the utilization rate of the aggregate prefix and return it as a percentage.
"""
child_prefixes = Prefix.objects.filter(prefix__net_contained_or_equal=str(self.prefix))
# Remove overlapping prefixes from list of children
networks = cidr_merge([c.prefix for c in child_prefixes])
children_size = float(0)
for p in networks:
children_size += p.size
return int(children_size / self.prefix.size * 100)
def get_utilization(self):
"""
Determine the utilization rate of the aggregate prefix and return it as a percentage.
"""
child_prefixes = Prefix.objects.filter(prefix__net_contained_or_equal=str(self.prefix))
# Remove overlapping prefixes from list of children
networks = cidr_merge([c.prefix for c in child_prefixes])
children_size = float(0)
for p in networks:
children_size += p.size
return int(children_size / self.prefix.size * 100)
def main():
if len(sys.argv) < 2:
usage()
sys.exit()
ipFile = open(sys.argv[1])
ipAddresses = [i for i in ipFile.readlines()]
ipAddresses = sorted(ipAddresses)
cidrs = netaddr.cidr_merge(ipAddresses)
for cidr in cidrs:
print cidr
def subtract_subnets_from_range(cidr_range, subnets):
full_range = netaddr.IPNetwork(cidr_range)
# Assume subtracting equal sized subnets for now
subnet_mask_bits = netaddr.IPNetwork(subnets[0]).prefixlen
remaining_subnets = [
str(subnet) for subnet in full_range.subnet(subnet_mask_bits)
if str(subnet) not in subnets
]
# Just return the largest single range
return str(netaddr.cidr_merge(remaining_subnets)[0])
def aggregate(list_of_cidrs):
"""
Given a list of CIDR's aggregate the list to a summarised subnet
"""
# Create new list with IPNetwork objects
networks = []
for network in list_of_cidrs:
networks.append(IPNetwork(network))
# Merge new list and return summarised networks
networks = cidr_merge(networks)
return networks
def combine_it(iplist):
try:
fipl = []
for ip in cidr_merge(iplist):
if '/' in str(ip) and str(ip).split('/', 1)[1] == '32':
fipl.append(str(ip).split('/', 1)[0])
else:
fipl.append(str(ip))
return fipl
except (ValueError, TypeError):
print "{}[!]{} Ensure that all IPs are in CIDR notation.".format(
colors.red, colors.normal)
def merge(self):
"""
Merge a list of subnets combining adjacent subnets.
:param subnets: A list of subnets
:return: A list of merged subnets
>>> s = Subnets([IPNetwork('192.136.55.0/24'), IPNetwork('103.214.228.0/24'), IPNetwork('192.136.54.0/24')])
>>> s.merge()
[IPNetwork('103.214.228.0/24'), IPNetwork('192.136.54.0/23')]
"""
return netaddr.cidr_merge(self.subnets)
def _setup_routes(self, if_dev, ver, ip_start, ip_end, gw_ip):
gw_ip_net = netaddr.IPNetwork(gw_ip)
if_dev.addr.add("%s/%s" % (ip_start, gw_ip_net.prefixlen))
if_dev.route.add_gateway(str(gw_ip_net.ip))
if ip_start != ip_end:
local_nets = netaddr.cidr_merge(netaddr.iter_iprange(ip_start,
ip_end))
max_pfx_len = (ver == 4 and 32 or 128)
for l in local_nets:
if l.prefixlen < max_pfx_len or str(l.ip) != ip_start:
if_dev.route._as_root('add', 'local', str(l),
'dev', if_dev.name, options=[ver])
def test_cidr_merge_v4():
assert cidr_merge(['192.0.128.0/24', '192.0.129.0/24']) == [IPNetwork('192.0.128.0/23')]
assert cidr_merge(['192.0.129.0/24', '192.0.130.0/24']) == [IPNetwork('192.0.129.0/24'), IPNetwork('192.0.130.0/24')]
assert cidr_merge(['192.0.2.112/30', '192.0.2.116/31', '192.0.2.118/31']) == [IPNetwork('192.0.2.112/29')]
assert cidr_merge(['192.0.2.112/30', '192.0.2.116/32', '192.0.2.118/31']) == [IPNetwork('192.0.2.112/30'), IPNetwork('192.0.2.116/32'), IPNetwork('192.0.2.118/31')]
assert cidr_merge(['192.0.2.112/31', '192.0.2.116/31', '192.0.2.118/31']) == [IPNetwork('192.0.2.112/31'), IPNetwork('192.0.2.116/30')]
assert cidr_merge([
'192.0.1.254/31',
'192.0.2.0/28',
'192.0.2.16/28',
'192.0.2.32/28',
'192.0.2.48/28',
'192.0.2.64/28',
'192.0.2.80/28',
'192.0.2.96/28',
'192.0.2.112/28',
'192.0.2.128/28',
'192.0.2.144/28',
'192.0.2.160/28',
'192.0.2.176/28',
'192.0.2.192/28',
'192.0.2.208/28',
'192.0.2.224/28',
'192.0.2.240/28',
'192.0.3.0/28']) == [
IPNetwork('192.0.1.254/31'),
IPNetwork('192.0.2.0/24'),
IPNetwork('192.0.3.0/28'),
]
def make_iplist(l):
"""
Expect the input to be well-formatted.
:param l: list. ip ranges(or single ip) e.g. [('192.0.2.1', '192.0.2.15'), '192.0.3.1']
:return: list. CIRD notation of ips in the range
"""
re = []
for ip in l:
if type(ip) == types.TupleType:
r = IPRange(ip[0], ip[1])
re.extend(r.cidrs())
else: # ip is a str. e.g. '192.0.3.1'
re.append(IPAddress(ip))
return cidr_merge(re)
def detect(self, url):
cdn_list = {'ips_cdn_cloudflare':['199.27.128.0/21','173.245.48.0/20','103.21.244.0/22','103.22.200.0/22','103.31.4.0/22','141.101.64.0/18','108.162.192.0/18','190.93.240.0/20','188.114.96.0/20','197.234.240.0/22','198.41.128.0/17','162.158.0.0/15','104.16.0.0/12'],
'ips_cdn_360': ['183.136.133.0-183.136.133.255','220.181.55.0-220.181.55.255','101.226.4.0-101.226.4.255','180.153.235.0-180.153.235.255','122.143.15.0-122.143.15.255','27.221.20.0-27.221.20.255','202.102.85.0-202.102.85.255','61.160.224.0-61.160.224.255','112.25.60.0-112.25.60.255','182.140.227.0-182.140.227.255','221.204.14.0-221.204.14.255','222.73.144.0-222.73.144.255','61.240.144.0-61.240.144.255','113.17.174.0-113.17.174.255','125.88.189.0-125.88.189.255','125.88.190.0-125.88.190.255','120.52.18.1-120.52.18.255'],
'ips_cdn_jiasule':['119.188.35.0-119.188.35.255','61.155.222.0-61.155.222.255','218.65.212.0-218.65.212.255','116.211.121.0-116.211.121.255','103.15.194.0-103.15.194.255','61.240.149.0-61.240.149.255','222.240.184.0-222.240.184.255','112.25.16.0-112.25.16.255','59.52.28.0-59.52.28.255','211.162.64.0-211.162.64.255','180.96.20.0-180.96.20.255','103.1.65.0-103.1.65.255'],
'ips_cdn_anquanbao' :['220.181.135.1-220.181.135.255','115.231.110.1-115.231.110.255','124.202.164.1-124.202.164.255','58.30.212.1-58.30.212.255','117.25.156.1-117.25.156.255','36.250.5.1-36.250.5.255','183.60.136.1-183.60.136.255','183.61.185.1-183.61.185.255','14.17.69.1-14.17.69.255','120.197.85.1-120.197.85.255','183.232.29.1-183.232.29.255','61.182.141.1-61.182.141.255','182.118.12.1-182.118.12.255','182.118.38.1-182.118.38.255','61.158.240.1-61.158.240.255','42.51.25.1-42.51.25.255','119.97.151.1-119.97.151.255','58.49.105.1-58.49.105.255','61.147.92.1-61.147.92.255','69.28.58.1-69.28.58.255','176.34.28.1-176.34.28.255','54.178.75.1-54.178.75.255','112.253.3.1-112.253.3.255','119.167.147.1-119.167.147.255','123.129.220.1-123.129.220.255','223.99.255.1-223.99.255.255','117.34.72.1-117.34.72.255','117.34.91.1-117.34.91.255','123.150.187.1-123.150.187.255','221.238.22.1-221.238.22.255','125.39.32.1-125.39.32.255','125.39.191.1-125.39.191.255','125.39.18.1-125.39.18.255','14.136.130.1-14.136.130.255','210.209.122.1-210.209.122.255','111.161.66.1-111.161.66.255'],
'ips_cdn_incapsula':['199.83.128.0/21','198.143.32.0/19','149.126.72.0/21','103.28.248.0/22','45.64.64.0/22','185.11.124.0/22 ','192.230.64.0/18'],
'ips_cdn_yunjiasu':['222.216.190.0-222.216.190.255','61.155.149.0-61.155.149.255','119.188.14.0-119.188.14.255','61.182.137.0-61.182.137.255','117.34.28.0-117.34.28.255','119.188.132.0-119.188.132.255','42.236.7.0-42.236.7.255','183.60.235.0-183.60.235.255','117.27.149.0-117.27.149.255','216.15.172.0/24']}
cc = []
try:
ips = socket.gethostbyname_ex(url.split('/')[2])
except socket.gaierror:
ips=[]
for ip_addr in ips[2]:
for cdn in cdn_list:
for cidr in cdn_list[cdn]:
if '-' in cidr:
l = cidr.split('-')
ip_range = netaddr.iter_iprange(l[0],l[1])
ip_range = netaddr.cidr_merge(ip_range)
for i in ip_range:
if ip_addr in i:
cc.append(cdn)
else:
pass
else:
if ip_addr in cidr:
cc.append(cdn)
print '------------cidr--------------'
print cc
resp = self.s.get(url, allow_redirects=False, verify=False)
if resp.history:
headers = resp.history[0].headers
cookies = resp.history[0].cookies
else:
headers = resp.headers
cookies = resp.cookies
result = []
for prop in dir(self):
if prop.startswith('finger_'):
func = getattr(self, prop)
r = func(headers, cookies)
if r:
result.append(r)
print '------------header------------'
print result
return result
def test_extended_cidr_merge():
orig_cidr_ipv4 = IPNetwork('192.0.2.0/23')
orig_cidr_ipv6 = IPNetwork('::192.0.2.0/120')
cidr_subnets = [str(c) for c in orig_cidr_ipv4.subnet(28)] + \
list(orig_cidr_ipv4.subnet(28)) + \
[str(c) for c in orig_cidr_ipv6.subnet(124)] + \
list(orig_cidr_ipv6.subnet(124)) + \
['192.0.2.1/32', '192.0.2.128/25', '::192.0.2.92/128']
random.shuffle(cidr_subnets)
merged_cidrs = cidr_merge(cidr_subnets)
assert merged_cidrs == [IPNetwork('192.0.2.0/23'), IPNetwork('::192.0.2.0/120')]
assert merged_cidrs == [orig_cidr_ipv4, orig_cidr_ipv6]
def manual_ipv4_infrastructure_allocation(anm):
"""Applies manual IPv4 allocation"""
import netaddr
g_ipv4 = anm['ipv4']
for node in g_ipv4.nodes("is_l3device"):
for interface in node.physical_interfaces:
if not interface['input'].is_bound:
continue # unbound interface
ip_address = netaddr.IPAddress(interface['input'].ipv4_address)
prefixlen = interface['input'].ipv4_prefixlen
interface.ip_address = ip_address
interface.prefixlen = prefixlen
cidr_string = "%s/%s" % (ip_address, prefixlen)
interface.subnet = netaddr.IPNetwork(cidr_string)
collision_domains = [d for d in g_ipv4 if d.collision_domain]
#TODO: allow this to work with specified ip_address/subnet as well as ip_address/prefixlen
from netaddr import IPNetwork
for cd in collision_domains:
connected_interfaces = [edge.dst_int for edge in cd.edges()]
cd_subnets = [IPNetwork("%s/%s" % (i.subnet.network, i.prefixlen))
for i in connected_interfaces]
try:
assert(len(set(cd_subnets)) == 1)
except AssertionError:
log.warning("Non matching subnets from collision domain %s" % cd)
else:
cd.subnet = cd_subnets[0] # take first entry
# apply to remote interfaces
for edge in cd.edges():
remote_interface = edge.dst_int
edge.dst_int.subnet = cd.subnet
# also need to form aggregated IP blocks (used for e.g. routing prefix
# advertisement)
autonetkit.update_http(anm)
infra_blocks = {}
for asn, devices in g_ipv4.groupby("asn").items():
collision_domains = [d for d in devices if d.collision_domain]
subnets = [cd.subnet for cd in collision_domains]
infra_blocks[asn] = netaddr.cidr_merge(subnets)
g_ipv4.data.infra_blocks = infra_blocks
def manual_ipv4_loopback_allocation(anm):
"""Applies manual IPv4 allocation"""
import netaddr
g_ipv4 = anm['ipv4']
for l3_device in g_ipv4.nodes("is_l3device"):
l3_device.loopback = l3_device['input'].loopback_v4
# also need to form aggregated IP blocks (used for e.g. routing prefix
# advertisement)
loopback_blocks = {}
for asn, devices in g_ipv4.groupby("asn").items():
routers = [d for d in devices if d.is_router]
loopbacks = [r.loopback for r in routers]
loopback_blocks[asn] = netaddr.cidr_merge(loopbacks)
g_ipv4.data.loopback_blocks = loopback_blocks
def manual_ipv6_loopback_allocation(anm):
"""Applies manual IPv6 allocation"""
import netaddr
g_ipv6 = anm['ipv6']
for l3_device in g_ipv6.l3devices():
l3_device.loopback = l3_device['input'].loopback_v6
# also need to form aggregated IP blocks (used for e.g. routing prefix
# advertisement)
loopback_blocks = {}
for (asn, devices) in g_ipv6.groupby('asn').items():
routers = [d for d in devices if d.is_router()]
loopbacks = [r.loopback for r in routers]
loopback_blocks[asn] = netaddr.cidr_merge(loopbacks)
g_ipv6.data.loopback_blocks = loopback_blocks
def fetch_ip_data_netaddr():
#fetch data from apnic
print "Fetching data from apnic.net, it might take a few minutes, please wait..."
url=r'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest'
data=urllib2.urlopen(url).read()
cnregex=re.compile(r'apnic\|cn\|ipv4\|[0-9\.]+\|[0-9]+\|[0-9]+\|a.*',re.IGNORECASE)
cndata=cnregex.findall(data)
results=[]
for item in cndata:
unit_items=item.split('|')
starting_ip=unit_items[3]
num_ip=int(unit_items[4])
results.append('%s/%d' % (starting_ip, 32-int(math.log(num_ip,2))))
merged_results = netaddr.cidr_merge(results)
return [(str(a.ip), str(a.netmask), a.prefixlen) for a in merged_results]
def manual_ipv4_infrastructure_allocation(anm):
"""Applies manual IPv4 allocation"""
import netaddr
g_in_directed = anm["input_directed"]
g_ipv4 = anm["ipv4"]
# TODO: tidy this up to work with interfaces directly
for l3_device in g_ipv4.nodes("is_l3device"):
for edge in l3_device.edges():
# find edge in g_in_directed
directed_edge = g_in_directed.edge(edge)
edge.ip_address = netaddr.IPAddress(directed_edge.ipv4)
# set subnet onto collision domain (can come from either
# direction)
collision_domain = edge.dst
if not collision_domain.subnet:
# TODO: see if direct method in netaddr to deduce network
prefixlen = directed_edge.netPrefixLenV4
cidr_string = "%s/%s" % (edge.ip_address, prefixlen)
intermediate_subnet = netaddr.IPNetwork(cidr_string)
cidr_string = "%s/%s" % (intermediate_subnet.network, prefixlen)
subnet = netaddr.IPNetwork(cidr_string)
collision_domain.subnet = subnet
# TODO: assign directly to interfaces
# also need to form aggregated IP blocks (used for e.g. routing prefix
# advertisement)
infra_blocks = {}
for asn, devices in g_ipv4.groupby("asn").items():
collision_domains = [d for d in devices if d.collision_domain]
subnets = [cd.subnet for cd in collision_domains]
infra_blocks[asn] = netaddr.cidr_merge(subnets)
g_ipv4.data.infra_blocks = infra_blocks
# also need to form aggregated IP blocks (used for e.g. routing prefix
# advertisement)
# import autonetkit
# autonetkit.update_vis(anm)
if len(mismatched_interfaces):
log.warning("IPv4 Infrastructure IPs %s are not in global "
"loopback allocation block %s"
% (sorted(mismatched_interfaces), global_infra_block))
infra_blocks = {}
for (asn, devices) in g_ipv4.groupby('asn').items():
broadcast_domains = [d for d in devices if d.broadcast_domain]
subnets = [cd.subnet for cd in broadcast_domains
if cd.subnet is not None] # only if subnet is set
infra_blocks[asn] = netaddr.cidr_merge(subnets)
# formatted = {key: [str(v) for v in val] for key, val in infra_blocks.items()}
# log.info("Found infrastructure IP blocks %s", formatted)
g_ipv4.data.infra_blocks = infra_blocks
#@call_log
def manual_ipv4_loopback_allocation(anm):
"""Applies manual IPv4 allocation"""
import netaddr
g_ipv4 = anm['ipv4']
g_in = anm['input']
for l3_device in g_ipv4.l3devices():
#! /usr/bin/env python # i have used python-netaddr library to implement the solution import netaddr as na test=input() for t in xrange(test): print "Case #%d:" % (t+1) n=input() ls=[] for _ in xrange(n): ls.append(na.IPNetwork(raw_input())) for addr in na.cidr_merge(ls): print addr.cidr
def getSubnets(self):
return netaddr.cidr_merge(self._ip_networks)
