def encode(data, unitSize=AbstractType.defaultUnitSize(), endianness=AbstractType.defaultEndianness(), sign=AbstractType.defaultSign()):
"""Encodes the specified data into an IPAddress object
:param data: the data to encode into an IPAddress
:type data: str or raw bytes (BBBB)
:return: the encoded IPAddress
"""
if isinstance(data, (str, int)):
try:
ip = IPAddress(data)
if ip is not None and ip.version == 4 and not ip.is_netmask():
return ip
except:
pass
try:
structFormat = ">"
if endianness == AbstractType.ENDIAN_BIG:
structFormat = ">"
if not sign == AbstractType.SIGN_SIGNED:
structFormat += "bbbb"
else:
structFormat += "BBBB"
quads = map(str, struct.unpack(structFormat, data))
strIP = string.join(quads, '.')
ip = IPAddress(strIP)
if ip is not None and ip.version == 4 and not ip.is_netmask():
return ip
except Exception, e:
raise TypeError("Impossible encode {0} into an IPv4 data ({1})".format(data, e))
def validate_ipv4_address(cls, _, value):
"""
Ensures the :attr:`ip` address is valid. This checks to ensure
that the value provided is:
* not a hostmask
* not link local (:rfc:`3927`)
* not used for multicast (:rfc:`1112`)
* not a netmask (:rfc:`4632`)
* not reserved (:rfc:`6052`)
* a private address (:rfc:`1918`)
"""
if value is None:
return value
try:
address = IPAddress(value)
except (AddrFormatError, ValueError) as e:
raise ValueError(
"%s is not a valid address format: %s" % (value, e))
if ALLOW_AGENT_LOOPBACK:
loopback = lambda: False
else:
loopback = address.is_loopback
if any([address.is_hostmask(), address.is_link_local(),
loopback(), address.is_multicast(),
address.is_netmask(), address.is_reserved()]):
raise ValueError("%s is not a valid address type" % value)
return value
def _validate_network_information(self):
all_errs = []
if self.subnet_mask_size > self.MAX_SUBNET_MASK_SIZE:
all_errs.append(
"Subnet size too small. Subnet mask should <= {}, current value: {}"
.format(self.MAX_SUBNET_MASK_SIZE, self.subnet_mask_size))
cidr_base_validator = re.compile(self.VPC_CIDR_BASE_REGEX)
if not cidr_base_validator.match(self.vpc_cidr_base):
all_errs.append(
"Invalid VPC CIDR base {}. VPC CIDR base should match regex {}"
.format(self.vpc_cidr_base, self.VPC_CIDR_BASE_REGEX))
if self.trusted_cidrs:
try:
for cidr in self.trusted_cidrs:
[ip, mask] = cidr.split("/")
if ip == "0.0.0.0":
if mask != "0":
all_errs.append(
"Trusting traffic from everywhere should specify \"0.0.0.0/0\" as trusted CIDR."
)
else:
if not 0 < int(mask) <= 32:
all_errs.append(
"Subnet mask {} should be greater than 0 but less than 32."
.format(mask))
ipaddr = IPAddress(ip)
if ipaddr.is_netmask():
all_errs.append(
"Trusted CIDR {} should not be a net mask".
format(ip))
if ipaddr.is_hostmask():
all_errs.append(
"Trusted CIDR {} should not be a host mask".
format(ip))
if ipaddr.is_reserved():
all_errs.append(
"Trusted CIDR {} should not be in reserved range"
.format(ip))
if ipaddr.is_loopback():
all_errs.append(
"Trusted CIDR {} should not be a loop back address"
.format(ip))
# Currently we don't support private VPC
if ipaddr.is_private():
all_errs.append(
"Trusted CIDR {} should not be a private address"
.format(ip))
except ValueError as ve:
all_errs.append(
"Cannot parse trusted CIDRs ({}). Err: {}".format(
self.trusted_cidrs, ve))
else:
all_errs.append(
"Please provide trusted CIDRs through --trusted-cidrs flag")
return all_errs
def is_valid_netmask(ip_addr):
"""Valid the format of a netmask"""
try:
ip_address = IPAddress(ip_addr)
return ip_address.is_netmask()
except Exception:
return False
def is_valid_netmask(ip_addr):
"""Valid the format of a netmask"""
try:
ip_address = IPAddress(ip_addr)
return ip_address.is_netmask()
except Exception:
return False
def validate(url,
schemes=None,
tlds=None,
private=None,
local=None,
credentials=None):
'''
Validate and normalize an URL
:param str url: The URL to validate and normalize
:return str: The normalized URL
:raises ValidationError: when URL does not validate
'''
url = url.strip()
private = config_for(private, 'URLS_ALLOW_PRIVATE')
local = config_for(local, 'URLS_ALLOW_LOCAL')
credentials = config_for(credentials, 'URLS_ALLOW_CREDENTIALS')
schemes = config_for(schemes, 'URLS_ALLOWED_SCHEMES')
tlds = config_for(tlds, 'URLS_ALLOWED_TLDS')
match = URL_REGEX.match(url)
if not match:
error(url)
scheme = (match.group('scheme') or '').lower()
if scheme and scheme not in schemes:
error(url, 'Invalid scheme {0}'.format(scheme))
if not credentials and match.group('credentials'):
error(url, 'Credentials in URL are not allowed')
tld = match.group('tld')
if tld and tld not in tlds and idna(tld) not in tlds:
error(url, 'Invalid TLD {0}'.format(tld))
ip = match.group('ipv6') or match.group('ipv4')
if ip:
try:
ip = IPAddress(ip)
except AddrFormatError:
error(url)
if ip.is_multicast():
error(url, '{0} is a multicast IP'.format(ip))
elif not ip.is_loopback() and ip.is_hostmask() or ip.is_netmask():
error(url, '{0} is a mask IP'.format(ip))
if not local:
if ip and ip.is_loopback() or match.group('localhost'):
error(url, 'is a local URL')
if not private and ip and ip.is_private():
error(url, 'is a private URL')
return url
def netmask_to_prefix(netmask):
"""
Takes netmask and turns to prefix
:return: prefix as int
"""
ip = IPAddress(netmask)
if ip.is_netmask():
return ip.netmask_bits()
error_message = 'Param (%s) is not a valid netmask' % netmask
raise ValueError(error_message)
def mask_checker(mask):
try:
subnet_mask = IPAddress(args.subnet_mask)
if subnet_mask.is_netmask() == True:
return subnet_mask
else:
print(f'{args.subnet_mask} is not a valid mask')
return False
except netaddr.core.AddrFormatError:
print(f'failed to detect a valid subnet mask from {mask}')
return False
def ipv4_to_cidr(address, netmask=None, prefixlen=None):
a = IPAddress(address)
n = IPNetwork(a)
if netmask:
assert prefixlen is None, 'Cannot provide both netmask and prefixlen'
m = IPAddress(netmask)
assert m.is_netmask(), 'A valid netmask is required'
n.prefixlen = m.netmask_bits()
else:
assert prefixlen, 'Provide either netmask or prefixlen'
n.prefixlen = int(prefixlen)
return str(n.cidr)
def action_set_netmask(arg):
print 'setting ip to "%s"' % arg
ip = None
try:
ip = IPAddress(arg, flags=ZEROFILL)
if not ip.is_netmask():
return 13
except:
return 12
obj = {"static": {"netmask": str(ip)}}
write_role('interfaces', obj)
class IPNetmaskValidator(Validator):
def validate(self, value):
"""Return a boolean if the value is a valid netmask."""
try:
self._choice = IPAddress(value)
except AddrFormatError:
self.error_message = '%s is not a valid IP address.' % value
return False
if self._choice.is_netmask():
return True
else:
self.error_message = '%s is not a valid IP netmask.' % value
return False
class IPNetmaskValidator(Validator):
def validate(self, value):
"""Return a boolean if the value is a valid netmask."""
try:
self._choice = IPAddress(value)
except AddrFormatError:
self.error_message = '%s is not a valid IP address.' % value
return False
if self._choice.is_netmask():
return True
else:
self.error_message = '%s is not a valid IP netmask.' % value
return False
def encode(data,
unitSize=AbstractType.defaultUnitSize(),
endianness=AbstractType.defaultEndianness(),
sign=AbstractType.defaultSign()):
"""Encodes the specified data into an IPAddress object
:param data: the data to encode into an IPAddress
:type data: str or raw bytes (BBBB)
:return: the encoded IPAddress
"""
if isinstance(data, (str, int)):
try:
ip = IPAddress(data)
if ip is not None and ip.version == 4 and not ip.is_netmask():
return ip
except:
pass
try:
structFormat = ">"
if endianness == AbstractType.ENDIAN_BIG:
structFormat = ">"
if not sign == AbstractType.SIGN_SIGNED:
structFormat += "bbbb"
else:
structFormat += "BBBB"
quads = list(map(str, struct.unpack(structFormat, data)))
strIP = '.'.join(quads)
ip = IPAddress(strIP)
if ip is not None and ip.version == 4 and not ip.is_netmask():
return ip
except Exception as e:
raise TypeError(
"Impossible encode {0} into an IPv4 data ({1})".format(
data, e))
def _trusted_cidr_validator(input):
from netaddr import IPAddress
ret = []
for cidr in input.split(" "):
cidr = cidr.strip()
if not cidr:
# skip whitespace
continue
ip, mask = cidr.split("/")
if int(mask) < 0 or int(mask) > 32:
raise ValueError(
"CIDR {} is not valid as mask {} is not in range [0-32]".
format(cidr, mask))
if ip != "0.0.0.0" or mask != '0':
ipaddr = IPAddress(ip)
if ipaddr.is_netmask():
raise ValueError(
"Trusted CIDR {} should not be a net mask".format(ip))
if ipaddr.is_hostmask():
raise ValueError(
"Trusted CIDR {} should not be a host mask".format(ip))
if ipaddr.is_reserved():
raise ValueError(
"Trusted CIDR {} should not be in reserved range".
format(ip))
if ipaddr.is_loopback():
raise ValueError(
"Trusted CIDR {} should not be a loop back address".
format(ip))
# Currently we don't support private VPC
if ipaddr.is_private():
raise ValueError(
"Trusted CIDR {} should not be a private address".
format(ip))
ret.append(cidr)
return ret
def ping(self, targets=list(), filename=str(), status=str()):
"""
Attempt to ping a list of hosts or networks (can be a single host)
:param targets: List - Name(s) or IP(s) of the host(s).
:param filename: String - name of the file containing hosts to ping
:param status: String - if one of ['alive', 'dead', 'noip'] then only
return results that have that status. If this is not specified,
then all results will be returned.
:return: Type and results depends on whether status is specified:
if status == '': return dict: {targets: results}
if status != '': return list: targets if targets == status
"""
if targets and filename:
raise SyntaxError("You must specify only one of either targets=[] "
"or filename=''.")
elif not targets and not filename:
raise SyntaxError("You must specify either a list of targets or "
"filename='', but not both.")
elif filename:
targets = self.read_file(filename)
my_targets = {'hosts': [], 'nets': []}
addresses = []
# Check for valid networks and add hosts and nets to my_targets
for target in targets:
# Targets may include networks in the format "network mask", or,
# a file could contain multiple hosts or IP's on a single line.
if len(target.split()) > 1:
target_items = target.split()
for item in target_items:
try:
ip = IPAddress(item)
# If it is an IPv4 address or mask put in in addresses
if ip.version == 4:
addresses.append(str(ip))
except AddrFormatError:
# IP Address not detected, so assume it's a host name
my_targets['hosts'].append(item)
except ValueError:
# CIDR network detected
net = IPNetwork(item)
# Make sure it is a CIDR address acceptable to fping
if net.ip.is_unicast() and net.version == 4 and \
net.netmask.netmask_bits() in range(8, 31):
my_targets['nets'].append(target_items[0])
else:
msg = str(str(net) + ':Only IPv4 unicast addresses'
' with bit masks\n '
' from 8 to 30 are supported.')
raise AttributeError(msg)
# Iterate over the IP strings in addresses
while len(addresses) > 1:
ip = IPAddress(addresses[0])
mask = IPAddress(addresses[1])
# Test to see if IP is unicast, and mask is an actual mask
if ip.is_unicast() and mask.is_netmask():
net = IPNetwork(str(ip) + '/' + str(
mask.netmask_bits()))
# Convert ip and mask to CIDR and remove from addresses
my_targets['nets'].append(str(net.cidr))
addresses.pop(0)
addresses.pop(0)
elif ip.is_unicast() and not ip.is_netmask():
# mask was not a mask so only remove IP and start over
my_targets['hosts'].append(str(ip))
addresses.pop(0)
# There could be one more item in addresses, so check it
if addresses:
ip = IPAddress(addresses[0])
if ip.is_unicast() and not ip.is_netmask():
my_targets['hosts'].append(addresses[0])
addresses.pop()
# target has only one item, so check it
else:
try:
ip = IPAddress(target)
if ip.version == 4 and ip.is_unicast() and \
not ip.is_netmask():
my_targets['hosts'].append(target)
else:
msg = str(target + 'Only IPv4 unicast addresses are '
'supported.')
raise AttributeError(msg)
except AddrFormatError:
# IP Address not detected, so assume it's a host name
my_targets['hosts'].append(target)
except ValueError:
# CIDR network detected
net = IPNetwork(target)
if net.ip.is_unicast() and net.version == 4 and \
net.netmask.netmask_bits() in range(8, 31):
my_targets['nets'].append(target)
else:
msg = str(str(net) + ':Only IPv4 unicast addresses'
' with bit masks\n '
' from 8 to 30 are supported.')
raise AttributeError(msg)
"""
Build the list of commands to run.
"""
commands = []
if len(my_targets['hosts']) != 0:
for target in range(len(my_targets['hosts'])):
commands.append([self.fping, '-V', my_targets['hosts'][
target]])
if len(my_targets['nets']) != 0:
for target in range(len(my_targets['nets'])):
commands.append([self.fping, '-gV', my_targets['nets'][
target]])
"""
Start pinging each item in my_targets and return the requested results
when done.
"""
try:
pool = ThreadPool(len(commands))
raw_results = pool.map(self.get_results, commands)
self.results = {host: result for host, result in csv.reader(
''.join(raw_results).splitlines())}
if not status:
return self.results
elif status == 'alive':
return self.alive
elif status == 'dead':
return self.dead
elif status == 'noip':
return self.noip
else:
raise SyntaxError("Valid status options are 'alive', 'dead' or "
"'noip'")
finally:
pool.close()
pool.join()
def ping(self, targets=list(), filename=str(), status=str(), notDNS=False,
elapsed=False
):
"""
Attempt to ping a list of hosts or networks (can be a single host)
:param targets: List - Name(s) or IP(s) of the host(s).
:param filename: String - name of the file containing hosts to ping
:param status: String - if one of ['alive', 'dead', 'noip'] then only
return results that have that status. If this is not specified,
then all results will be returned.
:param notDNS: Bolean - If True turn on use of -A option for fping for
not use dns resolve names. Default is False.
:param elapsed: Bolean - If True turn on use of -e option for fping for
show elapsed time on return packets. Default is False.
:return: Type and results depends on whether status is specified:
if status == '': return dict: {targets: results}
if status != '': return list: targets if targets == status
"""
if targets and filename:
raise SyntaxError("You must specify only one of either targets=[] "
"or filename=''.")
elif not targets and not filename:
raise SyntaxError("You must specify either a list of targets or "
"filename='', but not both.")
elif filename:
targets = self.read_file(filename)
my_targets = {'hosts': [], 'nets': []}
addresses = []
# Check for valid networks and add hosts and nets to my_targets
for target in targets:
# Targets may include networks in the format "network mask", or,
# a file could contain multiple hosts or IP's on a single line.
if len(target.split()) > 1:
target_items = target.split()
for item in target_items:
try:
ip = IPAddress(item)
# If it is an IPv4 address or mask put in in addresses
if ip.version == 4:
addresses.append(str(ip))
except AddrFormatError:
# IP Address not detected, so assume it's a host name
my_targets['hosts'].append(item)
except ValueError:
# CIDR network detected
net = IPNetwork(item)
# Make sure it is a CIDR address acceptable to fping
if net.ip.is_unicast() and net.version == 4 and \
net.netmask.netmask_bits() in range(8, 31):
my_targets['nets'].append(target_items[0])
else:
msg = str(str(net) + ':Only IPv4 unicast addresses'
' with bit masks\n '
' from 8 to 30 are supported.')
raise AttributeError(msg)
# Iterate over the IP strings in addresses
while len(addresses) > 1:
ip = IPAddress(addresses[0])
mask = IPAddress(addresses[1])
# Test to see if IP is unicast, and mask is an actual mask
if ip.is_unicast() and mask.is_netmask():
net = IPNetwork(str(ip) + '/' + str(
mask.netmask_bits()))
# Convert ip and mask to CIDR and remove from addresses
my_targets['nets'].append(str(net.cidr))
addresses.pop(0)
addresses.pop(0)
elif ip.is_unicast() and not ip.is_netmask():
# mask was not a mask so only remove IP and start over
my_targets['hosts'].append(str(ip))
addresses.pop(0)
# There could be one more item in addresses, so check it
if addresses:
ip = IPAddress(addresses[0])
if ip.is_unicast() and not ip.is_netmask():
my_targets['hosts'].append(addresses[0])
addresses.pop()
# target has only one item, so check it
else:
try:
ip = IPAddress(target)
if ip.version == 4 and ip.is_unicast() and \
not ip.is_netmask():
my_targets['hosts'].append(target)
else:
msg = str(target + 'Only IPv4 unicast addresses are '
'supported.')
raise AttributeError(msg)
except AddrFormatError:
# IP Address not detected, so assume it's a host name
my_targets['hosts'].append(target)
except ValueError:
# CIDR network detected
net = IPNetwork(target)
if net.ip.is_unicast() and net.version == 4 and \
net.netmask.netmask_bits() in range(8, 31):
my_targets['nets'].append(target)
else:
msg = str(str(net) + ':Only IPv4 unicast addresses'
' with bit masks\n '
' from 8 to 30 are supported.')
raise AttributeError(msg)
"""
Build the list of common options for commands to run.
"""
options = '-V' # This is for default
if notDNS:
options += 'A' # show targets by ip
else:
options += 'n' # show target by name
if elapsed:
options += 'e' # show elapsed time on return packets
"""
Build the list of commands to run.
"""
commands = []
if len(my_targets['hosts']) != 0:
for target in range(len(my_targets['hosts'])):
commands.append([self.fping, options, my_targets['hosts'][
target]])
if len(my_targets['nets']) != 0:
for target in range(len(my_targets['nets'])):
netops = options + 'g' # generate target list for net target
commands.append([self.fping, netops, my_targets['nets'][
target]])
"""
Start pinging each item in my_targets and return the requested results
when done.
"""
pool = ThreadPool(self.num_pools)
raw_results = pool.map(self.get_results, commands)
pool.close()
pool.join()
self.results = {line[0]: line[2:] for line in csv.reader(
''.join(raw_results).splitlines())}
if not status:
return self.results
elif status == 'alive':
return self.alive
elif status == 'dead':
return self.dead
elif status == 'noip':
return self.noip
else:
raise SyntaxError("Valid status options are 'alive', 'dead' or "
"'noip'")
def reserved_ip_check(ip_string):
"""determine if IP address in RFC1918 or reserved"""
# IP details for invalid IP addresses
invalid_ip_details = {
"country": "INVALID",
"location": RESERVED_IP_COORDINATES,
"subdivisions": "INVALID",
"dch_company": "",
"asn_number": "",
"asn_name": ""
}
# IP details for MULTICAST IP addresses
multicast_ip_details = {
"country": "MULTICAST",
"location": RESERVED_IP_COORDINATES,
"subdivisions": "MULTICAST",
"dch_company": "",
"asn_number": "",
"asn_name": ""
}
# IP details for PRIVATE IP addresses
private_ip_details = {
"country": "PRIVATE",
"location": RESERVED_IP_COORDINATES,
"subdivisions": "PRIVATE",
"dch_company": "",
"asn_number": "",
"asn_name": ""
}
# IP details for RESERVED IP addresses
reserved_ip_details = {
"country": "RESERVED",
"location": RESERVED_IP_COORDINATES,
"subdivisions": "RESERVED",
"dch_company": "",
"asn_number": "",
"asn_name": ""
}
# IP details for NETMASK IP addresses
netmask_ip_details = {
"country": "NETMASK",
"location": RESERVED_IP_COORDINATES,
"subdivisions": "NETMASK",
"dch_company": "",
"asn_number": "",
"asn_name": ""
}
# IP details for HOSTMASK IP addresses
hostmask_ip_details = {
"country": "HOSTMASK",
"location": RESERVED_IP_COORDINATES,
"subdivisions": "HOSTMASK",
"dch_company": "",
"asn_number": "",
"asn_name": ""
}
# IP details for LOOPBACK IP addresses
loopback_ip_details = {
"country": "LOOPBACK",
"location": RESERVED_IP_COORDINATES,
"subdivisions": "LOOPBACK",
"dch_company": "",
"asn_number": "",
"asn_name": ""
}
# Check to see if IP matches a reserved category
try:
ip_address = IPAddress(ip_string)
except AddrFormatError:
return invalid_ip_details
if ip_address.is_multicast():
return multicast_ip_details
elif ip_address.is_private():
return private_ip_details
elif ip_address.is_reserved():
return reserved_ip_details
elif ip_address.is_netmask():
return netmask_ip_details
elif ip_address.is_hostmask():
return hostmask_ip_details
elif ip_address.is_loopback():
return loopback_ip_details
elif ip_address.is_unicast() and not ip_address.is_private():
# Boolean to be returned if IP is Public
ip_reserved = False
return ip_reserved
else:
return invalid_ip_details
