def parse_generic_amtrr_data(response_line, cmd):
# example:
# '\# 22 1003047234763403616d7406616b61646e73036e6574
# precedence 128, dbit=0, type 3 (dns name), 'r4v4.amt.akadns.net'
out = response_line
out_sep = out.split(None, 2)
if len(out_sep) != 3:
logger.error('unexpected format of DNS response from %s: "%s"' % (cmd, out))
return None
head, sz_str, content = out_sep
if head == r'\#':
try:
sz = int(sz_str)
except ValueError as e:
logger.error('failed size conversion: %s from %s, in "%s"' % (e, sz_str, out))
return None
try:
bts = bytes.fromhex(content)
except ValueError as e:
logger.error('failed "unknown type" binary parse error: %s, from "%s", in "%s"' % (e, content, out))
return None
if sz != len(bts):
logger.error('converted bytes len %d of "%s" != given len %d parsing "%s" from "%s"' % (len(bts), content, sz, out, cmd))
return
if sz < 3:
logger.error('too few bytes %d parsing "%s" from "%s"' % (len(bts), out, cmd))
return None
precedence = bts[0]
discovery_optional = bool(128&bts[1])
typ = 127&bts[1]
bin_content = bts[2:]
try:
if typ == 1:
val = ipaddress.IPv4Address(bin_content)
elif typ == 2:
val = ipaddress.IPv6Address(bin_content)
elif typ == 3:
idx = 0
name = ''
while idx < len(bin_content):
hoplen=bin_content[idx]
idx += 1
if idx + hoplen > len(bin_content) or hoplen < 0:
logger.error('bad wire-encoded dns name (hoplen=%d at %d with %d left, so far name="%s"):\n%s\n%s' % (hoplen, idx, len(bin_content)-idx, name, content, ' '*idx + '^'))
return None
if hoplen == 0:
break
name += bin_content[idx:idx + hoplen].decode() + '.'
idx += hoplen
val = name
else:
logger.error('unknown type %d parsed from "%s" returned from "%s"' % (typ, out, cmd))
return None
except ValueError as e:
logger.error('error "%s" parsing "%s" returned from "%s"' % (e, out, cmd))
return None
else:
# TBD: get an implementation with the decoded format to try this
# logger.error('expected head to start with \\#: "%s"' % out)
content_sep = content.split(None, 1)
if len(content_sep) != 2:
logger.error('failed to convert formatted content "%s" from "%s"' % (out, cmd))
return None
pr_str, do_str = head, sz_str
typ_str, content_str = content_sep
try:
precedence = int(pr_str)
discovery_optional = bool(int(do_str))
typ = int(typ_str)
if typ == 1:
val = ipaddress.IPv4Address(content_str)
elif typ == 2:
val = ipaddress.IPv6Address(content_str)
elif typ == 3:
val = content_str
else:
logger.error('unknown type %d parsed from "%s" returned from "%s"' % (typ, out, cmd))
return None
except ValueError as e:
logger.error('error "%s" parsing "%s" returned from "%s"' % (e, out, cmd))
return None
return AMTRelayOption(precedence, discovery_optional, typ, val)
def get_rloc_from_short(prefix, rloc16):
prefix = prefix.split('/')[0]
prefix_bytes = ipaddress.IPv6Address(prefix).packed
rloc_bytes = prefix_bytes[0:8] + bytes.fromhex('000000fffe00' + rloc16)
return ipaddress.IPv6Address(rloc_bytes).compressed
def ipv6_check(ip):
try:
ipaddress.IPv6Address(ip)
return True
except ipaddress.AddressValueError:
return False
def unpack_ipv6(data, pointer=0):
'''
Unpacks an IPv6 address.
'''
return pointer + 16, ipaddress.IPv6Address(data[pointer:pointer + 16])
def prefstr(plen, pref):
if pref[:12] == mappedpfx:
return str(ipaddress.IPv4Address(pref[12:])) + "/" + str(plen - 96)
else:
return str(ipaddress.IPv6Address(pref)) + "/" + str(plen)
def check_proxy(proxy, time_out, proto, total):
# If the protocol is auto, we need to determine the correct protocol to use
if proto == "auto":
for protocol in ['http', 'socks4', 'socks5']:
prox = protocol + '://' + proxy
try:
req = requests.get("https://www.google.com/",
proxies={
"http": prox,
"https": prox
})
if not req:
continue
proto = protocol
break
except TimeoutError:
pass
prox = proto + '://' + proxy
ok = "FAILED"
static = "Static"
ip_add = ""
step = -1
errors = 0
response_time = -1
# running 3 requests to determine if the proxy works, and if it has the same IP on every request
for i in range(1, 4):
try:
r = requests.get("https://api.ipify.org/",
proxies={
"http": prox,
"https": prox
},
timeout=int(time_out) * i)
if response_time == -1:
response_time = r.elapsed.total_seconds()
if r.text != ip_add and ip_add != '':
static = "Dynamic"
ip_add = str(r.text)
if step == -1:
step = i
ok = "OK"
except (TimeoutError, requests.exceptions.ProxyError):
errors += 1
if errors < 3:
# Getting the IP_TYPE and converting the IP address into an INT
if ip_kind(ip_add) == 4:
ip_type = "ipv4"
int_address = str(int(ipaddress.IPv4Address(str(ip_add))))
else:
ip_type = "ipv6"
int_address = str(int(ipaddress.IPv6Address(str(ip_add))))
# "solution" is the result to be added to the output
solution = proxy + str(ip_add) + ":" + int_address + ":" + ip_type + ":" + ok + ":" + str(step) + "x:" \
+ str(response_time) + ":" + str(errors) + ":" + static + ":" +\
datetime.datetime.utcnow().strftime("%a/%b/%d/%H;%M;%S/%Y")
obj = IPWhois(ip_add)
results = obj.lookup_rdap()
cidr = results['asn_cidr']
with open(ip_add + ".json", 'w') as y:
y.write(json.dumps(results, sort_keys=True, indent=4))
rr = results["objects"]
tt = rr[list(results["objects"].keys())[0]]
ff = tt["contact"]
gg = ff["address"]
er = gg[0]
okk = er['value']
addr = reversename.from_address("172.217.21.14")
org = results['asn_description']
ptr = resolver.resolve(addr, "PTR")[0]
# mydb = conn(host, username, password, database)
# insert(mydb, ptr, results, cidr, org, address)
else:
# "solution" is the result to be added to the output
solution = proxy + ": : :" + ok + ":" + " :" \
+ " " + ":" + str(errors) + ":" + " " + ":" + \
datetime.datetime.utcnow().strftime("%a/%b/%d/%H;%M;%S/%Y")
# writing results to a txt file
f.write(solution + '\n')
# updating the current progress
global progress
progress += 1
print("{}% Done!".format(progress / total * 100))
def sanitize_address(address):
"""
Sanitize an address, ensuring that it has a format recognizable by the CLI.
"""
# Try and parse the address to make sure it is parseable.
try:
parsed = urllib.parse.urlparse(address)
except Exception as exception:
raise CLIException(
"Unable to parse address: {error}".format(error=str(exception)))
# Since we allow addresses to be specified without an
# explicit scheme, some fields in the parsed address may
# be missing. Patch it up to force an implicit HTTP scheme.
if parsed.scheme == "" and parsed.netloc == "":
address = "http://{addr}".format(addr=address)
elif parsed.scheme == "" and parsed.netloc != "":
address = "http:{addr}".format(addr=address)
# Try and parse the address again to make sure it
# now has all the parts we expect and that they are valid.
try:
parsed = urllib.parse.urlparse(address)
except Exception as exception:
raise CLIException(
"Unable to parse address: {error}".format(error=str(exception)))
# We only support HTTP and HTTPS schemes.
if parsed.scheme != "http" and parsed.scheme != "https":
raise CLIException("Invalid scheme '{scheme}' in address".format(
scheme=parsed.scheme))
# There must be a hostname present.
if parsed.hostname == "":
raise CLIException("Missing hostname in address")
# We do not support IPv6 in the hostname (yet).
try:
ipaddress.IPv6Address(parsed.hostname)
raise CLIException("IPv6 addresses are unsupported")
except Exception as exception:
pass
valid_ip_v4_address = False
# We either accept IPv4 addresses, or DNS names as the hostname. In the
# check below we try and parse the hostname as an IPv4 address, if this
# does not succeed, then we assume the hostname is formatted as a DNS name.
try:
ipaddress.IPv4Address(parsed.hostname)
valid_ip_v4_address = True
except Exception as exception:
pass
# If we have an IPv4 address then we require a port to be specified.
if valid_ip_v4_address and parsed.port is None:
raise CLIException("Addresses formatted as IP must contain a port")
# We allow ports for both IPv4 addresses and DNS
# names, but they must be in a specific range.
if parsed.port and (parsed.port < 0 or parsed.port > 65535):
raise CLIException(
"Port '{port}' is out of range".format(port=parsed.port))
return address
def read_network_interfaces():
intDict = {}
intDict['class'] = "NETINTERFACES"
if not ethtool_present and not netifaces_present:
# ethtool is not available on non-linux platforms (as kfreebsd), skip it
sys.stderr.write(
"Warning: information about network interfaces could not be retrieved on this platform.\n"
)
return intDict
if ethtool_present:
interfaces = list(
set(ethtool.get_devices() + ethtool.get_active_devices()))
else:
interfaces = netifaces.interfaces()
for interface in interfaces:
try:
if ethtool_present:
hwaddr = ethtool.get_hwaddr(interface)
else:
hwaddr = netifaces.ifaddresses(interface)[
netifaces.AF_LINK][0]['addr']
except:
hwaddr = ""
# slave devices can have their hwaddr changed
try:
master = os.readlink('/sys/class/net/%s/master' % interface)
except:
master = None
if master:
master_interface = os.path.basename(master)
hwaddr = get_slave_hwaddr(master_interface, interface)
try:
if ethtool_present:
module = ethtool.get_module(interface)
else:
driver_file = open(
'/sys/class/net/%s/device/uevent' % interface, 'r')
module = driver_file.readline().split('=')[1].strip()
driver_file.close()
except:
if interface == 'lo':
module = "loopback"
else:
module = "Unknown"
try:
if ethtool_present:
ipaddr = ethtool.get_ipaddr(interface)
else:
ipaddr = netifaces.ifaddresses(interface)[
netifaces.AF_INET][0]['addr']
except:
ipaddr = ""
try:
if ethtool_present:
netmask = ethtool.get_netmask(interface)
else:
netmask = netifaces.ifaddresses(interface)[
netifaces.AF_INET][0]['netmask']
except:
netmask = ""
try:
if ethtool_present:
broadcast = ethtool.get_broadcast(interface)
else:
broadcast = netifaces.ifaddresses(interface)[
netifaces.AF_INET][0]['broadcast']
except:
broadcast = ""
ip6_list = []
if ethtool_present:
dev_info = ethtool.get_interfaces_info(interface)
for info in dev_info:
# one interface may have more IPv6 addresses
for ip6 in info.get_ipv6_addresses():
scope = ip6.scope
if scope == 'global':
scope = 'universe'
ip6_list.append({
'scope': scope,
'addr': ip6.address,
'netmask': ip6.netmask
})
else:
try:
for dev_info in netifaces.ifaddresses(interface)[
netifaces.AF_INET6]:
ip6_addr = dev_info['addr'].split('%')[0]
scope_info = ipaddress.IPv6Address(ip6_addr)
if scope_info.is_global:
scope = 'universe'
elif scope_info.is_link_local:
scope = 'link'
elif scope_info.is_loopback:
scope = 'host'
elif scope_info.is_site_local:
scope = 'site'
# count number of '1' bits in netmask returned by netifaces
ip6_netmask = dev_info['netmask']
netmask_bits = 0
for two_octets in ip6_netmask.split(':'):
if not two_octets:
break
elif two_octets.lower() == 'ffff':
netmask_bits += 16
else:
# remove '0b' from begin and find last '1' in the string
netmask_bits += 16 - 1 - bin(int(
two_octets, 16))[2:].rindex('1')
ip6_list.append({
'scope': scope,
'addr': ip6_addr,
'netmask': netmask_bits
})
except KeyError:
pass # no ipv6 for this interface
intDict[interface] = {
'hwaddr': hwaddr,
'ipaddr': ipaddr,
'netmask': netmask,
'broadcast': broadcast,
'module': module,
'ipv6': ip6_list
}
return intDict
def rfc4193(self):
return ipaddress.IPv6Address(
int(RFC4194_FORMAT.format(self.networkId, self.nodeId), 16))
def make_ipv6_address(address_str):
return ipaddress.IPv6Address(address_str)
def testNonStringKey(self):
pyt = pytricia.PyTricia()
# insert as string
pyt['10.1.2.3/24'] = 'abc'
# lookup as string
for i in range(256):
self.assertEqual(pyt['10.1.2.{}'.format(i)], 'abc')
# lookup as bytes (or, ugh, another str in python2)
b = socket.inet_aton('10.1.2.3')
self.assertEqual(pyt[b], 'abc')
# bytes in py3k. python2 stinks.
if sys.version_info.major == 3 and sys.version_info.minor >= 4:
i = b[0] * 2**24 + b[1] * 2**16 + b[2] * 2**8
for j in range(256):
self.assertEqual(pyt[i+j], 'abc')
if sys.version_info.major == 2:
# longs only exist in python2. it stinks.
b = struct.unpack('4b',socket.inet_aton('10.1.2.3'))
i = b[0] * 2**24 + b[1] * 2**16 + b[2] * 2**8
self.assertEqual(pyt[long(i)], 'abc')
# i, = struct.unpack('i', b)
for j in range(256):
self.assertEqual(pyt[i+j], 'abc')
# lookup as str
self.assertEqual(pyt['10.1.2.99'], 'abc')
# lookup as ipaddress objects
if sys.version_info.major == 3 and sys.version_info.minor >= 4:
import ipaddress
ipaddr = ipaddress.IPv4Address("10.1.2.47")
self.assertEqual(pyt[ipaddr], 'abc')
ipnet = ipaddress.IPv4Network("10.1.2.0/24")
self.assertEqual(pyt[ipnet], 'abc')
with self.assertRaises(KeyError) as cm:
ipaddr = ipaddress.IPv6Address("fe01::1")
self.assertIsNone(pyt[ipaddr])
with self.assertRaises(KeyError) as cm:
ipnet = ipaddress.IPv6Network("fe01::1/64", strict=False)
self.assertIsNone(pyt[ipnet])
with self.assertRaises(KeyError) as cm:
pyt["fe01::1/64"]
with self.assertRaises(KeyError) as cm:
pyt["fe01::1"]
with self.assertRaises(ValueError) as cm:
pyt[""]
with self.assertRaises(ValueError) as cm:
pyt["apple"]
with self.assertRaises(KeyError) as cm:
pyt[2**65]
elif (mes_type == "NODEDISCOVERY"):
print("NODE DISCOVERY")
else:
print("Argument error")
elif ((total_args == 3) | (total_args == 5)):
ip_dir = sys.argv[1]
mes_type = str(sys.argv[2])
if (mes_type == "directive"):
TYPE = 2
else: #configuration polling
TYPE = 6
PAYDATA.append(TYPE)
dest_ip = ipaddress.IPv6Address(ip_dir)
private_address = get_private_address_from_ip(dest_ip)
DEST = private_address
if (total_args == 5):
#Add local_id and data for action/directives
#DIRECTIVE
LOCAL_ID = int(str(sys.argv[3]))
DATA = int(str(sys.argv[4]))
PAYDATA.append(LOCAL_ID)
PAYDATA.append(DATA)
else:
print("Argument error")
#####https://wiki.python.org/moin/BitManipulation
def __eq__(self, other):
if isinstance(other, str):
other = ipaddress.IPv6Address(other)
return super().__eq__(other)
def _int_to_ip_v6(self, i: int) -> ipaddress.IPv6Address:
return ipaddress.IPv6Address(i << 8 * 8)
def read_resource(self): # noqa
LOGGING.debug("%s Reading RR", self.pointer)
question = dict()
question["NAME"] = self.read_domain()
question["TYPE"] = self.read_int_16()
rrclass = self.read_int_16()
question["CLASS"] = rrclass & 0x7FFF
question["CACHE-FLUSH"] = (rrclass >> 15) & 0x1
question["TTL"] = self.read_int_32()
if question["TYPE"] == dpkt.dns.DNS_PTR:
question["typestring"] = "PTR"
LOGGING.debug("%s Reading %s", self.pointer,
question["typestring"])
question["RDLENGTH"] = self.read_int_16()
out_of_bounds = self.pointer + question["RDLENGTH"]
question["PTRDNAME"] = self.read_domain()
if self.pointer < out_of_bounds:
LOGGING.debug("%s Unused RDATA", self.pointer)
question["RDATA"] = self.buffer[self.pointer:out_of_bounds]
self.pointer = out_of_bounds
elif question["TYPE"] == dpkt.dns.DNS_SRV:
question["typestring"] = "SRV"
LOGGING.debug("%s Reading %s", self.pointer,
question["typestring"])
question["RDLENGTH"] = self.read_int_16()
out_of_bounds = self.pointer + question["RDLENGTH"]
question["PRIO"] = self.read_int_16()
question["WEIGHT"] = self.read_int_16()
question["PORT"] = self.read_int_16()
question["TARGET"] = self.read_domain()
if self.pointer < out_of_bounds:
LOGGING.debug("%s Unused RDATA", self.pointer)
question["RDATA"] = self.buffer[self.pointer:out_of_bounds]
self.pointer = out_of_bounds
elif question["TYPE"] == dpkt.dns.DNS_AAAA:
question["typestring"] = "AAAA"
LOGGING.debug("%s Reading %s", self.pointer,
question["typestring"])
question["RDLENGTH"] = self.read_int_16()
out_of_bounds = self.pointer + question["RDLENGTH"]
if question["RDLENGTH"] == 16:
question["IPv6"] = ipaddress.IPv6Address(
self.buffer[self.pointer:out_of_bounds])
LOGGING.debug("%s No 16 bytes in ipv6 address", self.pointer)
question["RDATA"] = self.buffer[self.pointer:out_of_bounds]
self.pointer = out_of_bounds
elif question["TYPE"] == dpkt.dns.DNS_TXT:
question["typestring"] = "TXT"
LOGGING.debug("%s Reading %s", self.pointer,
question["typestring"])
# for TXT this is a list of strings, not always ending with empty
# string
question["RDLENGTH"] = self.read_int_16()
LOGGING.debug("%s Length of text %s", self.pointer,
question["RDLENGTH"])
out_of_bounds = self.pointer + question["RDLENGTH"]
strings = list()
while self.pointer < out_of_bounds:
end, s = self.read_short_string()
if end or not s:
break
strings.append(s.decode("utf-8"))
question["TXT-RDATA"] = strings
if self.pointer < out_of_bounds:
LOGGING.debug("%s Unused RDATA", self.pointer)
question["RDATA"] = self.buffer[self.pointer:out_of_bounds]
self.pointer = out_of_bounds
else:
LOGGING.debug("%s Reading unknown RR type", self.pointer)
question["RDATA"] = self.read_long_string()
LOGGING.debug("%s Finished RR", self.pointer)
return question
def pad_bin(unpadded):
return format(int(ipaddress.IPv6Address(unicode(unpadded))),
'0128b')
def get_win_ifaddrs():
"""
A method for retrieving info of the network
interfaces. Returns a nested dictionary of
interfaces in Windows. Supports both IPv4
and IPv6 addresses
"""
import ctypes
import struct
import ipaddress
import ctypes.wintypes
from ctypes.wintypes import DWORD, WCHAR, BYTE, BOOL
from socket import AF_INET, AF_UNSPEC, AF_INET6
# from iptypes.h
MAX_ADAPTER_ADDRESS_LENGTH = 8
MAX_DHCPV6_DUID_LENGTH = 130
GAA_FLAG_INCLUDE_PREFIX = ctypes.c_ulong(0x0010)
class SOCKADDR(ctypes.Structure):
_fields_ = [
('family', ctypes.c_ushort),
('data', ctypes.c_byte*14),
]
LPSOCKADDR = ctypes.POINTER(SOCKADDR)
class IN6_ADDR(ctypes.Structure):
_fields_ = [
('byte', ctypes.c_byte*16),
('word', ctypes.c_byte*16), #this should be changed
]
class SOCKADDR_IN6(ctypes.Structure):
_fields_ = [
('family', ctypes.c_short),
('port', ctypes.c_ushort),
('flowinfo', ctypes.c_ulong),
('addr', IN6_ADDR),
('scope_id', ctypes.c_ulong),
]
LPSOCKADDR_IN6 = ctypes.POINTER(SOCKADDR_IN6)
# NB: It's not true mapping of `sockaddr_storage` structure!
class SOCKADDR_STORAGE(ctypes.Union):
_fields_ = (('v4', LPSOCKADDR), ('v6', LPSOCKADDR_IN6))
class SOCKET_ADDRESS(ctypes.Structure):
_fields_ = [
#('address', LPSOCKADDR),
('address', SOCKADDR_STORAGE),
('length', ctypes.c_int),
]
class _IP_ADAPTER_ADDRESSES_METRIC(ctypes.Structure):
_fields_ = [
('length', ctypes.c_ulong),
('interface_index', DWORD),
]
class _IP_ADAPTER_ADDRESSES_U1(ctypes.Union):
_fields_ = [
('alignment', ctypes.c_ulonglong),
('metric', _IP_ADAPTER_ADDRESSES_METRIC),
]
class IP_ADAPTER_UNICAST_ADDRESS(ctypes.Structure):
pass
PIP_ADAPTER_UNICAST_ADDRESS = ctypes.POINTER(IP_ADAPTER_UNICAST_ADDRESS)
IP_ADAPTER_UNICAST_ADDRESS._fields_ = [
("length", ctypes.c_ulong),
("flags", ctypes.wintypes.DWORD),
("next", PIP_ADAPTER_UNICAST_ADDRESS),
("address", SOCKET_ADDRESS),
("prefix_origin", ctypes.c_int),
("suffix_origin", ctypes.c_int),
("dad_state", ctypes.c_int),
("valid_lifetime", ctypes.c_ulong),
("preferred_lifetime", ctypes.c_ulong),
("lease_lifetime", ctypes.c_ulong),
("on_link_prefix_length", ctypes.c_ubyte)
]
# it crashes when retrieving prefix data :(
class IP_ADAPTER_PREFIX(ctypes.Structure):
pass
PIP_ADAPTER_PREFIX = ctypes.POINTER(IP_ADAPTER_PREFIX)
IP_ADAPTER_PREFIX._fields_ = [
("alignment", ctypes.c_ulonglong),
("next", PIP_ADAPTER_PREFIX),
("address", SOCKET_ADDRESS),
("prefix_length", ctypes.c_ulong)
]
class IP_ADAPTER_ADDRESSES(ctypes.Structure):
pass
LP_IP_ADAPTER_ADDRESSES = ctypes.POINTER(IP_ADAPTER_ADDRESSES)
# for now, just use void * for pointers to unused structures
PIP_ADAPTER_ANYCAST_ADDRESS = ctypes.c_void_p
PIP_ADAPTER_MULTICAST_ADDRESS = ctypes.c_void_p
PIP_ADAPTER_DNS_SERVER_ADDRESS = ctypes.c_void_p
#PIP_ADAPTER_PREFIX = ctypes.c_void_p
PIP_ADAPTER_WINS_SERVER_ADDRESS_LH = ctypes.c_void_p
PIP_ADAPTER_GATEWAY_ADDRESS_LH = ctypes.c_void_p
PIP_ADAPTER_DNS_SUFFIX = ctypes.c_void_p
IF_OPER_STATUS = ctypes.c_uint # this is an enum, consider http://code.activestate.com/recipes/576415/
IF_LUID = ctypes.c_uint64
NET_IF_COMPARTMENT_ID = ctypes.c_uint32
GUID = ctypes.c_byte*16
NET_IF_NETWORK_GUID = GUID
NET_IF_CONNECTION_TYPE = ctypes.c_uint # enum
TUNNEL_TYPE = ctypes.c_uint # enum
IP_ADAPTER_ADDRESSES._fields_ = [
#('u', _IP_ADAPTER_ADDRESSES_U1),
('length', ctypes.c_ulong),
('interface_index', DWORD),
('next', LP_IP_ADAPTER_ADDRESSES),
('adapter_name', ctypes.c_char_p),
('first_unicast_address', PIP_ADAPTER_UNICAST_ADDRESS),
('first_anycast_address', PIP_ADAPTER_ANYCAST_ADDRESS),
('first_multicast_address', PIP_ADAPTER_MULTICAST_ADDRESS),
('first_dns_server_address', PIP_ADAPTER_DNS_SERVER_ADDRESS),
('dns_suffix', ctypes.c_wchar_p),
('description', ctypes.c_wchar_p),
('friendly_name', ctypes.c_wchar_p),
('byte', BYTE*MAX_ADAPTER_ADDRESS_LENGTH),
('physical_address_length', DWORD),
('flags', DWORD),
('mtu', DWORD),
('interface_type', DWORD),
('oper_status', IF_OPER_STATUS),
('ipv6_interface_index', DWORD),
('zone_indices', DWORD),
('first_prefix', PIP_ADAPTER_PREFIX),
('transmit_link_speed', ctypes.c_uint64),
('receive_link_speed', ctypes.c_uint64),
('first_wins_server_address', PIP_ADAPTER_WINS_SERVER_ADDRESS_LH),
('first_gateway_address', PIP_ADAPTER_GATEWAY_ADDRESS_LH),
('ipv4_metric', ctypes.c_ulong),
('ipv6_metric', ctypes.c_ulong),
('luid', IF_LUID),
('dhcpv4_server', SOCKET_ADDRESS),
('compartment_id', NET_IF_COMPARTMENT_ID),
('network_guid', NET_IF_NETWORK_GUID),
('connection_type', NET_IF_CONNECTION_TYPE),
('tunnel_type', TUNNEL_TYPE),
('dhcpv6_server', SOCKET_ADDRESS),
('dhcpv6_client_duid', ctypes.c_byte*MAX_DHCPV6_DUID_LENGTH),
('dhcpv6_client_duid_length', ctypes.c_ulong),
('dhcpv6_iaid', ctypes.c_ulong),
('first_dns_suffix', PIP_ADAPTER_DNS_SUFFIX),
]
def GetAdaptersAddresses():
"""
Returns an iteratable list of adapters
"""
size = ctypes.c_ulong()
GetAdaptersAddresses = ctypes.windll.iphlpapi.GetAdaptersAddresses
GetAdaptersAddresses.argtypes = [
ctypes.c_ulong,
ctypes.c_ulong,
ctypes.c_void_p,
ctypes.POINTER(IP_ADAPTER_ADDRESSES),
ctypes.POINTER(ctypes.c_ulong),
]
GetAdaptersAddresses.restype = ctypes.c_ulong
#res = GetAdaptersAddresses(AF_INET,0,None, None,size)
res = GetAdaptersAddresses(AF_UNSPEC,0,None, None,size)
if res != 0x6f: # BUFFER OVERFLOW
raise RuntimeError("Error getting structure length (%d)" % res)
pointer_type = ctypes.POINTER(IP_ADAPTER_ADDRESSES)
size.value = 15000
buffer = ctypes.create_string_buffer(size.value)
struct_p = ctypes.cast(buffer, pointer_type)
#res = GetAdaptersAddresses(AF_INET,0,None, struct_p, size)
res = GetAdaptersAddresses(AF_UNSPEC,0,None, struct_p, size)
if res != 0x0: # NO_ERROR:
raise RuntimeError("Error retrieving table (%d)" % res)
while struct_p:
yield struct_p.contents
struct_p = struct_p.contents.next
interfaced = {}
for i in GetAdaptersAddresses():
result = NetworkInterface()
result.ifname = i.description
result.ifindex = i.zone_indices #zone_indices in windows
addresses = i.first_unicast_address
result.IPv4 = []
result.IPv6 = []
while addresses:
fu = addresses.contents
ipversion = fu.address.address.v4.contents.family
if ipversion == AF_INET:
ad = fu.address.address.v4.contents
#print("\tfamily: {0}".format(ad.family))
ip_int = struct.unpack('>2xI8x', ad.data)[0]
ip = ipaddress.IPv4Address(ip_int)
#print(ip)
result.IPv4.append(ip)
elif ipversion == AF_INET6:
ad = fu.address.address.v6.contents
ip_int = struct.unpack('!QQ', ad.addr.byte)[0]
ip = ipaddress.IPv6Address(ip_int)
result.IPv6.append(ip)
addresses = addresses.contents.next
interfaced[result.ifname] = result
return interfaced
def _test_otci_srp(self, client: OTCI, server: OTCI):
self.assertEqual('disabled', server.srp_server_get_state())
self.assertEqual('default.service.arpa.',
server.srp_server_get_domain())
server.srp_server_set_domain('example1.com')
self.assertEqual('example1.com.', server.srp_server_get_domain())
server.srp_server_set_domain('example2.com.')
self.assertEqual('example2.com.', server.srp_server_get_domain())
server.srp_server_set_domain('default.service.arpa.')
self.assertEqual('default.service.arpa.',
server.srp_server_get_domain())
default_leases = server.srp_server_get_lease()
self.assertEqual(default_leases, (1800, 7200, 86400, 1209600))
server.srp_server_set_lease(1801, 7201, 86401, 1209601)
leases = server.srp_server_get_lease()
self.assertEqual(leases, (1801, 7201, 86401, 1209601))
self.assertFalse(client.srp_client_get_state())
self.assertEqual('Removed', client.srp_client_get_host_state())
self.assertEqual(('::', 0), client.srp_client_get_server())
self.assertFalse(client.srp_client_get_service_key())
client.srp_client_enable_service_key()
self.assertTrue(client.srp_client_get_service_key())
client.srp_client_disable_service_key()
self.assertFalse(client.srp_client_get_service_key())
server.srp_server_disable()
client.wait(3)
server.srp_server_enable()
client.wait(10)
self.assertEqual([], server.srp_server_get_hosts())
self.assertEqual('running', server.srp_server_get_state())
self.assertFalse(client.srp_client_get_autostart())
client.srp_client_enable_autostart()
self.assertTrue(client.srp_client_get_autostart())
client.wait(3)
self.assertTrue(client.srp_client_get_state())
self.assertNotEqual(('::', 0), client.srp_client_get_server())
self.assertEqual('', client.srp_client_get_host_name())
client.srp_client_set_host_name('host1')
self.assertEqual('host1', client.srp_client_get_host_name())
self.assertEqual([], client.srp_client_get_host_addresses())
client.srp_client_set_host_addresses('2001::1')
self.assertEqual(['2001::1'], client.srp_client_get_host_addresses())
client.srp_client_set_host_addresses('2001::1', '2001::2')
self.assertEqual(['2001::1', '2001::2'],
client.srp_client_get_host_addresses())
srp_client_host = client.srp_client_get_host()
self.assertEqual('host1', srp_client_host['host'])
self.assertEqual('ToAdd', srp_client_host['state'])
self.assertEqual(
{
ipaddress.IPv6Address('2001::1'),
ipaddress.IPv6Address('2001::2')
}, set(srp_client_host['addresses']))
self.assertEqual([], client.srp_client_get_services())
client.srp_client_add_service('ins1',
'_ipps._tcp',
1000,
1,
1,
txt={
'txt11': 'val11',
'txt12': b'val12',
'txt13': True
})
client.srp_client_add_service('ins2',
'_meshcop._udp',
2000,
2,
2,
txt={
'txt21': 'val21',
'txt22': b'val22',
'txt23': True
})
self.assertEqual(2, len(client.srp_client_get_services()))
self.assertIn(
{
'instance': 'ins1',
'service': '_ipps._tcp',
'state': 'ToAdd',
'port': 1000,
'priority': 1,
'weight': 1,
}, client.srp_client_get_services())
self.assertIn(
{
'instance': 'ins2',
'service': '_meshcop._udp',
'state': 'ToAdd',
'port': 2000,
'priority': 2,
'weight': 2,
}, client.srp_client_get_services())
client.wait(3)
self.assertEqual('Registered', client.srp_client_get_host()['state'])
srp_server_hosts = server.srp_server_get_hosts()
logging.info('srp_server_hosts %r', srp_server_hosts)
self.assertEqual(1, len(srp_server_hosts))
self.assertEqual('host1.default.service.arpa.',
srp_server_hosts[0]['host'])
self.assertEqual(False, srp_server_hosts[0]['deleted'])
self.assertEqual(
{
ipaddress.IPv6Address('2001::1'),
ipaddress.IPv6Address('2001::2')
}, set(srp_server_hosts[0]['addresses']))
srp_server_services = server.srp_server_get_services()
logging.info('srp_server_services %r', srp_server_services)
self.assertEqual(2, len(srp_server_services))
for service in srp_server_services:
if service['instance'] == 'ins1._ipps._tcp.default.service.arpa.':
self.assertEqual(False, service['deleted'])
self.assertEqual(1000, service['port'])
self.assertEqual(1, service['priority'])
self.assertEqual(1, service['weight'])
self.assertEqual('host1.default.service.arpa.',
service['host'])
self.assertEqual(
{
ipaddress.IPv6Address('2001::1'),
ipaddress.IPv6Address('2001::2')
}, set(service['addresses']))
self.assertEqual(
{
'txt11': b'val11',
'txt12': b'val12',
'txt13': True
}, service['txt'])
elif service[
'instance'] == 'ins2._meshcop._udp.default.service.arpa.':
self.assertEqual(False, service['deleted'])
self.assertEqual(2000, service['port'])
self.assertEqual(2, service['priority'])
self.assertEqual(2, service['weight'])
self.assertEqual('host1.default.service.arpa.',
service['host'])
self.assertEqual(
{
ipaddress.IPv6Address('2001::1'),
ipaddress.IPv6Address('2001::2')
}, set(service['addresses']))
self.assertEqual(
{
'txt21': b'val21',
'txt22': b'val22',
'txt23': True
}, service['txt'])
else:
self.fail(service)
import ipaddress
from ryu.lib import mac
from ryu.lib.packet import arp, ethernet, icmp, icmpv6, ipv4, ipv6, stream_parser, packet, vlan
from ryu.ofproto import ether
from ryu.ofproto import inet
try:
from valve_util import btos
except ImportError:
from faucet.valve_util import btos
IPV6_ALL_NODES_MCAST = '33:33:00:00:00:01'
IPV6_ALL_ROUTERS_MCAST = '33:33:00:00:00:02'
IPV6_LINK_LOCAL = ipaddress.IPv6Network(btos('fe80::/10'))
IPV6_ALL_NODES = ipaddress.IPv6Address(btos('ff02::1'))
def mac_addr_is_unicast(mac_addr):
"""Returns True if mac_addr is a unicast Ethernet address.
Args:
mac_addr (str): MAC address.
Returns:
bool: True if a unicast Ethernet address.
"""
msb = mac_addr.split(':')[0]
return msb[-1] in '02468aAcCeE'
def parse_pkt(pkt):
def _control_plane_icmpv6_handler(self, pkt_meta, ipv6_pkt):
ofmsgs = []
if not pkt_meta.packet_complete():
return ofmsgs
src_ip = ipaddress.IPv6Address(btos(ipv6_pkt.src))
dst_ip = ipaddress.IPv6Address(btos(ipv6_pkt.dst))
vlan = pkt_meta.vlan
if vlan.ip_in_vip_subnet(src_ip):
# Must be ICMPv6 and have no extended headers.
if ipv6_pkt.nxt != valve_of.inet.IPPROTO_ICMPV6:
return ofmsgs
if ipv6_pkt.ext_hdrs:
return ofmsgs
# Explicitly ignore messages to all notes.
if dst_ip == valve_packet.IPV6_ALL_NODES:
return ofmsgs
pkt_meta.reparse_ip(payload=32)
icmpv6_pkt = pkt_meta.pkt.get_protocol(icmpv6.icmpv6)
if icmpv6_pkt is None:
return ofmsgs
icmpv6_type = icmpv6_pkt.type_
if (ipv6_pkt.hop_limit != valve_packet.IPV6_MAX_HOP_LIM
and icmpv6_type != icmpv6.ICMPV6_ECHO_REQUEST):
return ofmsgs
port = pkt_meta.port
eth_src = pkt_meta.eth_src
if icmpv6_type == icmpv6.ND_NEIGHBOR_SOLICIT:
solicited_ip = btos(icmpv6_pkt.data.dst)
if vlan.is_faucet_vip(ipaddress.ip_address(solicited_ip)):
ofmsgs.extend(
self._add_host_fib_route(vlan, src_ip,
blackhole=False))
ofmsgs.extend(
self._update_nexthop(vlan, port, eth_src, src_ip))
ofmsgs.append(
vlan.pkt_out_port(valve_packet.nd_advert, port,
vlan.faucet_mac, eth_src,
solicited_ip, src_ip))
self.logger.info(
'Responded to ND solicit for %s to %s (%s) on VLAN %u'
% (solicited_ip, src_ip, eth_src, vlan.vid))
elif icmpv6_type == icmpv6.ND_NEIGHBOR_ADVERT:
target_ip = btos(icmpv6_pkt.data.dst)
if vlan.ip_in_vip_subnet(ipaddress.ip_address(target_ip)):
ofmsgs.extend(
self._update_nexthop(vlan, port, eth_src, target_ip))
self.logger.info('ND advert %s (%s) on VLAN %u' %
(target_ip, eth_src, vlan.vid))
elif icmpv6_type == icmpv6.ND_ROUTER_SOLICIT:
link_local_vips, other_vips = self._link_and_other_vips(vlan)
for vip in link_local_vips:
if src_ip in vip.network:
ofmsgs.extend(
self._add_host_fib_route(vlan,
src_ip,
blackhole=False))
ofmsgs.extend(
self._update_nexthop(vlan, port, eth_src, src_ip))
ofmsgs.append(
vlan.pkt_out_port(valve_packet.router_advert, port,
vlan.faucet_mac, eth_src, vip.ip,
src_ip, other_vips))
self.logger.info(
'Responded to RS solicit from %s (%s) to VIP %s on VLAN %u'
% (src_ip, eth_src, vip, vlan.vid))
break
elif icmpv6_type == icmpv6.ICMPV6_ECHO_REQUEST:
if (vlan.from_connected_to_vip(src_ip, dst_ip)
and pkt_meta.eth_dst == vlan.faucet_mac):
ofmsgs.append(
vlan.pkt_out_port(valve_packet.icmpv6_echo_reply, port,
vlan.faucet_mac, eth_src, dst_ip,
src_ip, ipv6_pkt.hop_limit,
icmpv6_pkt.data.id,
icmpv6_pkt.data.seq,
icmpv6_pkt.data.data))
return ofmsgs
def validate(self, raw_value: Union[None, str, bytes, _MissingType],
raw: bool) -> Union[None, str, bytes, _MissingType]:
if isinstance(raw_value, (str, bytes)):
value = raw_value
elif raw_value is None:
if self.nullable:
return None
raise ValidatorError("value should be type of str")
elif isinstance(raw_value, _MissingType):
if self.default is None:
return raw_value
value = self.default
else:
raise ValidatorError("value should be type of str")
if self.minLength is not None and len(value) < self.minLength:
raise ValidatorError(
f"value length should be more than {self.minLength}")
if self.maxLength is not None and len(value) > self.maxLength:
raise ValidatorError(
f"value length should be less than {self.maxLength}")
if self.enum is not None and value not in self.enum:
raise ValidatorError(f"value should be one of {self.enum}")
if self.format not in (
StringFormat.Default,
StringFormat.Password,
StringFormat.Binary,
):
assert isinstance(value, str)
if self.format == StringFormat.Uuid:
try:
uuid.UUID(value)
except ValueError:
raise ValidatorError("value should be uuid")
elif self.format == StringFormat.Datetime:
if not strict_rfc3339.validate_rfc3339(value):
raise ValidatorError("value should be datetime format")
elif self.format == StringFormat.Date:
if not strict_rfc3339.validate_rfc3339(f"{value}T00:00:00Z"):
raise ValidatorError("value should be date format")
elif self.format == StringFormat.Email:
if not _EMAIL_REGEX.match(value):
raise ValidatorError("value should be valid email")
elif self.format == StringFormat.Byte:
try:
base64.b64decode(value)
except ValueError:
raise ValidatorError(
"value should be base64-encoded string")
elif self.format == StringFormat.IPv4:
try:
ipaddress.IPv4Address(value)
except ValueError:
raise ValidatorError("value should be valid ipv4 address")
elif self.format == StringFormat.IPv6:
try:
ipaddress.IPv6Address(value)
except ValueError:
raise ValidatorError("value should be valid ipv6 address")
elif self.format == StringFormat.Hostname:
if not value:
raise ValidatorError("value should be valid hostname")
hostname = value[:-1] if value[-1] == "." else value
if len(hostname) > 255 or not all(
_HOSTNAME_REGEX.match(x) for x in hostname.split(".")):
raise ValidatorError("value should be valid hostname")
if (self.format != StringFormat.Binary and self.pattern
and not self.pattern.search(value)):
raise ValidatorError(
f"value should match regex pattern '{self.pattern.pattern}'")
return value
def ipaddress(self, version, pos, nbytes):
if version == 4:
return ipaddress.IPv4Address(self.data[pos:pos + nbytes])
elif version == 6:
return ipaddress.IPv6Address(self.data[pos:pos + nbytes])
return None
configs = {}
def config_for(ns, daemon):
templatefile_path = os.path.join(templatedir, '%s.j2' % daemon)
with open(templatefile_path, 'r') as templatefile:
template = jinja2.Template(templatefile.read())
context = {'ns': ns, 'daemon': daemon}
context.update(configs[ns])
return template.render(context)
for idx, ns in enumerate(namespaces):
configs[ns] = {
'loopback_v4':
ipaddress.IPv4Address('100.0.%d.%d' % xy[ns]),
'loopback_v6':
ipaddress.IPv6Address('2001:db8:64::%x:%x' % xy[ns]),
'net':
'49.0001.%04x.%04x.00' % xy[ns],
'links':
sorted([link[1] for link in links if link[0] == ns] +
[link[0] for link in links if link[1] == ns]),
'daemons': ['zebra', 'fabricd'],
'configfiles': {},
}
for daemon in configs[ns]['daemons']:
configs[ns]['configfiles'][daemon] = config_for(ns, daemon)
class MDNSServiceDiscovery(object):
IP4_MULTICAST = ipaddress.IPv4Address(u'224.0.0.251')
IP6_MULTICAST = ipaddress.IPv6Address(u'FF02::FB')
MULTICAST_PORT = 5353
def __init__(self, *args, **kwargs):
self.ip_version = 4
self.ttl = 2
self.timeout = 10
self.devices = {}
self.qtype = kwargs.get('qtype', QTYPE_ALL)
self.interface = self.find_interfaces()
self.query = MDNSQuery()
self.logger = logging.getLogger(__name__)
self.logger.setLevel(logging.getLogger().level)
for qname in args:
self.query.add_question(qname.strip(), self.qtype)
def find_interfaces(self):
""" Find the local interface(s) that we will send via.
Presently I have no way of finding a local IPv6 interface, so just use
IPv4.
An MDNSServiceDiscoveryError will be raised if the local interface can't be found.
:return: The interface to be used.
"""
try:
x = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
x.connect(('1.2.3.4', 56))
interface = x.getsockname()[0]
x.close()
except socket.error as e:
raise MDNSServiceDiscoveryError("Unable to find local interface.")
return interface
def find_devices(self):
now = time.time()
nxt = now
last = now + self.timeout
delay = 1
sock = self.make_socket()
while last > now:
now = time.time()
if now >= nxt:
for data in self.query.packet_data():
sock.sendto(data, 0,
(str(self.IP4_MULTICAST), self.MULTICAST_PORT))
nxt += delay
delay *= 2
r, w, e = select.select([sock], [], [sock], 0.5)
if not r:
continue
data, addr = sock.recvfrom(16384)
self.logger.debug("Received %d bytes from %s:%d", len(data), *addr)
if data:
resp = MDNSResponse(data)
# We only want responses to our queries, not everyone elses!
if not resp.is_valid:
continue
if not resp.is_applicable(self.query):
continue
for a in resp.answers:
if 'PTR' not in a:
continue
self.logger.debug("Answer: %s", a)
self.query.add_answer(a['qname'], a['PTR'], a['qtype'],
a['qclass'], a['ttl'])
if a['PTR'] not in self.devices:
dev = {'PTR': a['PTR']}
for ad in resp.additional:
self.logger.debug("Additional Record: %s", ad)
for poss in ('A', 'AAAA', 'TXT', 'SRV'):
if poss in ad:
dev[poss] = ad[poss]
if 'A' not in dev:
self.logger.info(
"No additional records found, so using origin IP for %s",
a['PTR'])
dev['A'] = addr[0]
self.devices[a['PTR']] = dev
sock.close()
return len(self.devices) > 0
def make_socket(self):
""" Open a socket that can be used for sending and receiving multicast packets.
If a socket cannot be created or setup then an MDNSServiceDiscoveryError is raised.
:return: The created socket.
"""
host = socket.inet_aton(self.interface)
try:
sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM,
socket.IPPROTO_UDP)
sock.setblocking(0)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1)
sock.bind((str(self.IP4_MULTICAST), self.MULTICAST_PORT))
sock.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_TTL,
struct.pack('B', self.ttl))
sock.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_IF, host)
sock.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_LOOP, 0)
except:
print(sys.exc_info())
raise MDNSServiceDiscoveryError(
"Unable to create a suitable socket for MDNS")
return sock
def _winrm_connect(self):
'''
Establish a WinRM connection over HTTP/HTTPS.
'''
display.vvv(
"ESTABLISH WINRM CONNECTION FOR USER: %s on PORT %s TO %s" %
(self._winrm_user, self._winrm_port, self._winrm_host),
host=self._winrm_host)
winrm_host = self._winrm_host
if HAS_IPADDRESS:
display.vvvv("checking if winrm_host %s is an IPv6 address" %
winrm_host)
try:
ipaddress.IPv6Address(winrm_host)
except ipaddress.AddressValueError:
pass
else:
winrm_host = "[%s]" % winrm_host
netloc = '%s:%d' % (winrm_host, self._winrm_port)
endpoint = urlunsplit(
(self._winrm_scheme, netloc, self._winrm_path, '', ''))
errors = []
for transport in self._winrm_transport:
if transport == 'kerberos':
if not HAVE_KERBEROS:
errors.append(
'kerberos: the python kerberos library is not installed'
)
continue
if self._kerb_managed:
self._kerb_auth(self._winrm_user, self._winrm_pass)
display.vvvvv('WINRM CONNECT: transport=%s endpoint=%s' %
(transport, endpoint),
host=self._winrm_host)
try:
winrm_kwargs = self._winrm_kwargs.copy()
if self._winrm_connection_timeout:
winrm_kwargs[
'operation_timeout_sec'] = self._winrm_connection_timeout
winrm_kwargs[
'read_timeout_sec'] = self._winrm_connection_timeout + 1
protocol = Protocol(endpoint,
transport=transport,
**winrm_kwargs)
# open the shell from connect so we know we're able to talk to the server
if not self.shell_id:
self.shell_id = protocol.open_shell(
codepage=65001) # UTF-8
display.vvvvv('WINRM OPEN SHELL: %s' % self.shell_id,
host=self._winrm_host)
return protocol
except Exception as e:
err_msg = to_text(e).strip()
if re.search(to_text(r'Operation\s+?timed\s+?out'), err_msg,
re.I):
raise AnsibleError('the connection attempt timed out')
m = re.search(to_text(r'Code\s+?(\d{3})'), err_msg)
if m:
code = int(m.groups()[0])
if code == 401:
err_msg = 'the specified credentials were rejected by the server'
elif code == 411:
return protocol
errors.append(u'%s: %s' % (transport, err_msg))
display.vvvvv(u'WINRM CONNECTION ERROR: %s\n%s' %
(err_msg, to_text(traceback.format_exc())),
host=self._winrm_host)
if errors:
raise AnsibleConnectionFailure(', '.join(map(to_native, errors)))
else:
raise AnsibleError('No transport found for WinRM connection')
def handle(self):
logging.info('Accepting connection from %s:%s' %
self.client_address[:2])
# greeting header
# read and unpack 2 bytes from a client
header = self.connection.recv(2)
version, nmethods = struct.unpack("!BB", header)
# socks 5
assert version == SOCKS_VERSION
# get available methods
methods = self.get_available_methods(nmethods)
# send welcome message
self.connection.sendall(struct.pack("!BB", SOCKS_VERSION, 0))
# request
version, cmd, _, atype = struct.unpack("!BBBB",
self.connection.recv(4))
assert version == SOCKS_VERSION
address_type = AddressType(atype)
if address_type == AddressType.V4: # IPv4
address = str(ip.IPv4Address(self.connection.recv(4)))
elif address_type == AddressType.V6: # IPv6
address = str(ip.IPv6Address(self.connection.recv(16)))
elif address_type == AddressType.DOMAIN: # Domain name
domain_length = self.connection.recv(1)[0]
address = self.connection.recv(domain_length)
port = struct.unpack('!H', self.connection.recv(2))[0]
# reply
try:
if cmd == 1: # CONNECT
remote = socket.create_connection(
(address, port), source_address=self.source_address)
bind_address = remote.getsockname()
logging.info('Connected to %s %s' % (address, port))
else:
self.server.close_request(self.request)
addr = ip.ip_address(bind_address[0])
port = bind_address[1]
if isinstance(addr, ip.IPv4Address):
reply = struct.pack("!BBBB4sH", SOCKS_VERSION, 0, 0,
AddressType.V4.value, addr.packed, port)
elif isinstance(addr, ip.IPv6Address):
reply = struct.pack("!BBBB16sH", SOCKS_VERSION, 0, 0,
AddressType.V6.value, addr.packed, port)
except Exception as err:
logging.error(err)
# return connection refused error
reply = self.generate_failed_reply(address_type, 5)
self.connection.sendall(reply)
# establish data exchange
if reply[1] == 0 and cmd == 1:
self.exchange_loop(self.connection, remote)
self.server.close_request(self.request)
def _ipv6(in6_addr):
return ipaddress.IPv6Address(struct.pack("IIII",
*in6_addr.in6_u.u6_addr32))
try:
ipv4 = requests.get(api[0], timeout=timeout).json()[api[1]]
if ipaddress.IPv4Address(ipv4): break
except:
next
api6 = [("http://ip6.seeip.org/json", "ip"),
("http://api64.ipify.org?format=json", "ip"),
("http://ip-api.com/json/", "query"),
("http://api-ipv6.ip.sb/jsonip", "ip")]
ipv6 = False
for api in api6:
try:
ipv6 = requests.get(api[0], timeout=timeout).json()[api[1]]
if (ipv6 != ipv4) and (ipaddress.IPv6Address(ipv6)): break
except:
next
out['ipv4']['ip'] = ipv4
out['ipv6']['ip'] = ipv6
if arg == 'vpnapi': vpnapi()
elif arg == 'proxycheck': proxycheck()
elif arg == 'ip2proxy': ip2proxy()
elif arg == 'ip2loc': ip2loc()
elif arg == 'onionoo': onionoo()
elif arg == 'ipqs': ipqs()
elif arg == 'all':
if ivpnapi == '1': vpnapi()
if iproxycheck == '1': proxycheck()
def convertusingipaddress(ipv4address):
print(ipaddress.IPv6Address('2002::' + ipv4address).compressed)
def CheckIPs(options, ASNs):
"""
Check if the given filename containing IP addresses has any
that belong to the generated list of netblocks.
"""
try:
addresslist = set()
ipv4_address = re.compile(r'(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})')
ipv6_address = re.compile(r'(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]'
r'{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-'
r'9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4'
r'}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA'
r'-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1'
r',4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-f'
r'A-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){'
r'1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a'
r'-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:('
r'(:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-'
r'fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-'
r'F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(fff'
r'f(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0'
r'-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}('
r'25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-'
r'9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-'
r'5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.'
r'){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){'
r'0,1}[0-9]))')
ipv4_cidr = re.compile(r"(?<!\d\.)(?<!\d)(?:\d{1,3}\.){3}\d{1,3"
r"}/\d{1,2}(?!\d|(?:\.\d))")
ipv6_cidr = re.compile(r's*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{'
r'1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A'
r'-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]'
r'?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})'
r'|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-F'
r'a-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd'
r'|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d'
r')){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:['
r'0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1'
r',4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.('
r'25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|'
r'(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{'
r'1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:('
r'(25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]'
r'|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A'
r'-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1'
r',5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5'
r']|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]'
r'd|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{'
r'1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|(('
r':[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4'
r']d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|['
r'1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4'
r'}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25'
r'[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2['
r'0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*\/'
r'([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])?$')
with open(options.filename) as ipfp:
for line in ipfp.readlines():
result1 = ipv4_address.finditer(line)
result2 = ipv6_address.finditer(line)
result3 = ipv4_cidr.finditer(line)
result4 = ipv6_cidr.finditer(line)
for ip in [line.group(0) for line in result1]:
addresslist.add(ip)
for ip in [line.group(0) for line in result2]:
addresslist.add(ip)
for cidr in [line.group(0) for line in result3]:
ip, mask = cidr.split('/')
if mask != '32':
addresslist.add(ip + '/' + mask)
else:
addresslist.add(ip)
for cidr in [line.group(0) for line in result4]:
ip, mask = cidr.split('/')
if mask != '128':
addresslist.add(ip + '/' + mask)
else:
addresslist.add(ip)
if options.verbose:
print("I) Found " + str(len(addresslist)) +
" IP addresses in file: " + options.filename)
except IOError:
print("E) Error opening " + options.filename + "!")
sys.exit(1)
except KeyboardInterrupt:
print("E) CTRL-C pressed, stopping!")
sys.exit(1)
try:
ASN = '|'.join(ASNs)
if ASN == '':
if options.verbose:
print("I) Reading GeoLite ASN cache: " + NetblockCache + "...")
with open(NetblockCache, 'rb') as f:
net4_records, net4_ranges, net6_records, net6_ranges = \
pickle.load(f)
else:
if options.verbose:
print("I) Reading GeoLite ASN caches: " + ASnameCache +
" and " + ASnumCache + "...")
with open(ASnameCache, 'rb') as f:
ASnameCacheFile = pickle.load(f)
with open(ASnumCache, 'rb') as f:
ASnumCacheFile = pickle.load(f)
except FileNotFoundError:
print("E) Not all GeoLite ASN caches were found; perhaps you need " +
"to update (-u) first?")
sys.exit(1)
except KeyboardInterrupt:
print("E) CTRL-C pressed, stopping!")
sys.exit(1)
except IOError:
print("E) An error occurred reading the cache from disk!")
sys.exit(1)
if options.verbose:
print("I) Loaded GeoLite ASN caches!")
print("I) Checking the list of IPs")
else:
print("\"IP\",\"Network\",\"ASname\"")
if options.verbose:
ipcount = 0
hits = 0
matchset = set()
if ASN == '':
ASN = 'all ASNs'
if options.verbose:
print("I) Search string: " + ASN)
if ASN == 'all ASNs':
# Go through the list of all netblocks and find out what the
# corresponding AS numbers/names are
ASblocks = dict()
for address in addresslist:
if options.verbose:
sys.stdout.write('.')
sys.stdout.flush()
ipcount += 1
if '/' in address:
ip = ipaddress.ip_address(address.split('/')[0])
else:
ip = ipaddress.ip_address(address)
if ip.version == 4:
ip = ipaddress.IPv4Address(ip)
net_idx = bisect.bisect(net4_ranges, ip.packed)
try:
net_record = net4_records[net_idx // 2]
except IndexError:
sys.stdout.write('x')
net = ipaddress.IPv4Network(net_record['network'])
ASname = net_record['autonomous_system_organization']
ASnum = net_record['autonomous_system_number']
if ip in net:
matchset.add(address)
if ASname in ASblocks:
ASblocks[ASname].append(address)
else:
ASblocks[ASname] = list()
ASblocks[ASname].append(address)
if options.verbose:
hits += 1
else:
print("\"" + str(ip) + "\",\"" + str(net) + "\",\"" +
ASname + "\",\"AS" + ASnum + "\"")
elif ip.version == 6:
ip = ipaddress.IPv6Address(address)
net_idx = bisect.bisect(net6_ranges, ip.packed)
try:
net_record = net4_records[net_idx // 2]
except IndexError:
sys.stdout.write('x')
net = ipaddress.IPv6Network(net_record['network'])
ASname = net_record['autonomous_system_organization']
ASnum = net_record['autonomous_system_number']
if ip in net:
matchset.add(address)
if ASname in ASblocks:
ASblocks[ASname].append(address)
else:
ASblocks[ASname] = list()
ASblocks[ASname].append(address)
if options.verbose:
hits += 1
else:
print("\"" + str(ip) + "\",\"" + str(net) + "\",\"" +
ASname + "\",\"AS" + ASnum + "\"")
if options.verbose:
sys.stdout.write('\n')
sys.stdout.flush()
else:
# First, build a list of the requested ASNs and their netblocks
netblocks = dict()
ASblocks = dict()
for AS in ASNs:
if AS[:2].lower() == 'as' and AS[2:] in ASnumCacheFile.keys():
netblocks[AS] = ASnumCacheFile[AS[2:]]
else:
if AS in ASnumCacheFile.keys():
netblocks[AS] = ASnumCacheFile[AS]
else:
filtered_list = (s for s in ASnameCacheFile.keys()
if AS.lower() in s.lower())
for ASnamematch in filtered_list:
netblocks[ASnamematch] = ASnameCacheFile[ASnamematch]
# Now check every IP to see if it appears in one of the search ASNs.
for address in addresslist:
if options.verbose:
ipcount += 1
for ASname in netblocks.keys():
for netblock in netblocks[ASname]:
if ipaddress.ip_network(address)._version ==\
ipaddress.ip_network(netblock)._version:
if subnet_of(ipaddress.ip_network(address),
(ipaddress.ip_network(netblock))):
matchset.add((ASname, address, netblock))
if ASname in ASblocks:
ASblocks[ASname].append(address)
else:
ASblocks[ASname] = list()
ASblocks[ASname].append(address)
if options.verbose:
hits += 1
else:
print("\"" + address + "\",\"" + netblock +
"\",\"" + ASname + "\"")
if options.verbose:
print("I) All done, " + str(ipcount) + " IPs checked, found " +
str(hits) + " matches:")
for ASname in ASblocks.keys():
sys.stdout.write(ASname + ": ")
for address in ASblocks[ASname]:
sys.stdout.write(address + ' ')
sys.stdout.write('\n')
sys.stdout.flush()
if options.verbose:
if len(matchset) < len(addresslist):
print("I) Found " + str(len(matchset)) +
" IPs in the specified ASN search string: \"" + ASN +
"\" out of " + str(len(addresslist)) +
" total IP addresses.")
if options.notfound:
print("I) These " + str(len(addresslist) - len(matchset)) +
" addresses were not matched: ")
for ip in addresslist.difference(matchset):
sys.stdout.write(ip + ' ')
sys.stdout.write('\n')
sys.stdout.flush()
else:
print("I) Found all " + str(len(matchset)) +
" IPs in the specified ASNs: " + ASN)
