def parse_generic_amtrr_data(response_line, cmd): # example: # '\# 22 1003047234763403616d7406616b61646e73036e6574 # precedence 128, dbit=0, type 3 (dns name), 'r4v4.amt.akadns.net' out = response_line out_sep = out.split(None, 2) if len(out_sep) != 3: logger.error('unexpected format of DNS response from %s: "%s"' % (cmd, out)) return None head, sz_str, content = out_sep if head == r'\#': try: sz = int(sz_str) except ValueError as e: logger.error('failed size conversion: %s from %s, in "%s"' % (e, sz_str, out)) return None try: bts = bytes.fromhex(content) except ValueError as e: logger.error('failed "unknown type" binary parse error: %s, from "%s", in "%s"' % (e, content, out)) return None if sz != len(bts): logger.error('converted bytes len %d of "%s" != given len %d parsing "%s" from "%s"' % (len(bts), content, sz, out, cmd)) return if sz < 3: logger.error('too few bytes %d parsing "%s" from "%s"' % (len(bts), out, cmd)) return None precedence = bts[0] discovery_optional = bool(128&bts[1]) typ = 127&bts[1] bin_content = bts[2:] try: if typ == 1: val = ipaddress.IPv4Address(bin_content) elif typ == 2: val = ipaddress.IPv6Address(bin_content) elif typ == 3: idx = 0 name = '' while idx < len(bin_content): hoplen=bin_content[idx] idx += 1 if idx + hoplen > len(bin_content) or hoplen < 0: logger.error('bad wire-encoded dns name (hoplen=%d at %d with %d left, so far name="%s"):\n%s\n%s' % (hoplen, idx, len(bin_content)-idx, name, content, ' '*idx + '^')) return None if hoplen == 0: break name += bin_content[idx:idx + hoplen].decode() + '.' idx += hoplen val = name else: logger.error('unknown type %d parsed from "%s" returned from "%s"' % (typ, out, cmd)) return None except ValueError as e: logger.error('error "%s" parsing "%s" returned from "%s"' % (e, out, cmd)) return None else: # TBD: get an implementation with the decoded format to try this # logger.error('expected head to start with \\#: "%s"' % out) content_sep = content.split(None, 1) if len(content_sep) != 2: logger.error('failed to convert formatted content "%s" from "%s"' % (out, cmd)) return None pr_str, do_str = head, sz_str typ_str, content_str = content_sep try: precedence = int(pr_str) discovery_optional = bool(int(do_str)) typ = int(typ_str) if typ == 1: val = ipaddress.IPv4Address(content_str) elif typ == 2: val = ipaddress.IPv6Address(content_str) elif typ == 3: val = content_str else: logger.error('unknown type %d parsed from "%s" returned from "%s"' % (typ, out, cmd)) return None except ValueError as e: logger.error('error "%s" parsing "%s" returned from "%s"' % (e, out, cmd)) return None return AMTRelayOption(precedence, discovery_optional, typ, val)
def get_rloc_from_short(prefix, rloc16): prefix = prefix.split('/')[0] prefix_bytes = ipaddress.IPv6Address(prefix).packed rloc_bytes = prefix_bytes[0:8] + bytes.fromhex('000000fffe00' + rloc16) return ipaddress.IPv6Address(rloc_bytes).compressed
def ipv6_check(ip): try: ipaddress.IPv6Address(ip) return True except ipaddress.AddressValueError: return False
def unpack_ipv6(data, pointer=0): ''' Unpacks an IPv6 address. ''' return pointer + 16, ipaddress.IPv6Address(data[pointer:pointer + 16])
def prefstr(plen, pref): if pref[:12] == mappedpfx: return str(ipaddress.IPv4Address(pref[12:])) + "/" + str(plen - 96) else: return str(ipaddress.IPv6Address(pref)) + "/" + str(plen)
def check_proxy(proxy, time_out, proto, total): # If the protocol is auto, we need to determine the correct protocol to use if proto == "auto": for protocol in ['http', 'socks4', 'socks5']: prox = protocol + '://' + proxy try: req = requests.get("https://www.google.com/", proxies={ "http": prox, "https": prox }) if not req: continue proto = protocol break except TimeoutError: pass prox = proto + '://' + proxy ok = "FAILED" static = "Static" ip_add = "" step = -1 errors = 0 response_time = -1 # running 3 requests to determine if the proxy works, and if it has the same IP on every request for i in range(1, 4): try: r = requests.get("https://api.ipify.org/", proxies={ "http": prox, "https": prox }, timeout=int(time_out) * i) if response_time == -1: response_time = r.elapsed.total_seconds() if r.text != ip_add and ip_add != '': static = "Dynamic" ip_add = str(r.text) if step == -1: step = i ok = "OK" except (TimeoutError, requests.exceptions.ProxyError): errors += 1 if errors < 3: # Getting the IP_TYPE and converting the IP address into an INT if ip_kind(ip_add) == 4: ip_type = "ipv4" int_address = str(int(ipaddress.IPv4Address(str(ip_add)))) else: ip_type = "ipv6" int_address = str(int(ipaddress.IPv6Address(str(ip_add)))) # "solution" is the result to be added to the output solution = proxy + str(ip_add) + ":" + int_address + ":" + ip_type + ":" + ok + ":" + str(step) + "x:" \ + str(response_time) + ":" + str(errors) + ":" + static + ":" +\ datetime.datetime.utcnow().strftime("%a/%b/%d/%H;%M;%S/%Y") obj = IPWhois(ip_add) results = obj.lookup_rdap() cidr = results['asn_cidr'] with open(ip_add + ".json", 'w') as y: y.write(json.dumps(results, sort_keys=True, indent=4)) rr = results["objects"] tt = rr[list(results["objects"].keys())[0]] ff = tt["contact"] gg = ff["address"] er = gg[0] okk = er['value'] addr = reversename.from_address("172.217.21.14") org = results['asn_description'] ptr = resolver.resolve(addr, "PTR")[0] # mydb = conn(host, username, password, database) # insert(mydb, ptr, results, cidr, org, address) else: # "solution" is the result to be added to the output solution = proxy + ": : :" + ok + ":" + " :" \ + " " + ":" + str(errors) + ":" + " " + ":" + \ datetime.datetime.utcnow().strftime("%a/%b/%d/%H;%M;%S/%Y") # writing results to a txt file f.write(solution + '\n') # updating the current progress global progress progress += 1 print("{}% Done!".format(progress / total * 100))
def sanitize_address(address): """ Sanitize an address, ensuring that it has a format recognizable by the CLI. """ # Try and parse the address to make sure it is parseable. try: parsed = urllib.parse.urlparse(address) except Exception as exception: raise CLIException( "Unable to parse address: {error}".format(error=str(exception))) # Since we allow addresses to be specified without an # explicit scheme, some fields in the parsed address may # be missing. Patch it up to force an implicit HTTP scheme. if parsed.scheme == "" and parsed.netloc == "": address = "http://{addr}".format(addr=address) elif parsed.scheme == "" and parsed.netloc != "": address = "http:{addr}".format(addr=address) # Try and parse the address again to make sure it # now has all the parts we expect and that they are valid. try: parsed = urllib.parse.urlparse(address) except Exception as exception: raise CLIException( "Unable to parse address: {error}".format(error=str(exception))) # We only support HTTP and HTTPS schemes. if parsed.scheme != "http" and parsed.scheme != "https": raise CLIException("Invalid scheme '{scheme}' in address".format( scheme=parsed.scheme)) # There must be a hostname present. if parsed.hostname == "": raise CLIException("Missing hostname in address") # We do not support IPv6 in the hostname (yet). try: ipaddress.IPv6Address(parsed.hostname) raise CLIException("IPv6 addresses are unsupported") except Exception as exception: pass valid_ip_v4_address = False # We either accept IPv4 addresses, or DNS names as the hostname. In the # check below we try and parse the hostname as an IPv4 address, if this # does not succeed, then we assume the hostname is formatted as a DNS name. try: ipaddress.IPv4Address(parsed.hostname) valid_ip_v4_address = True except Exception as exception: pass # If we have an IPv4 address then we require a port to be specified. if valid_ip_v4_address and parsed.port is None: raise CLIException("Addresses formatted as IP must contain a port") # We allow ports for both IPv4 addresses and DNS # names, but they must be in a specific range. if parsed.port and (parsed.port < 0 or parsed.port > 65535): raise CLIException( "Port '{port}' is out of range".format(port=parsed.port)) return address
def read_network_interfaces(): intDict = {} intDict['class'] = "NETINTERFACES" if not ethtool_present and not netifaces_present: # ethtool is not available on non-linux platforms (as kfreebsd), skip it sys.stderr.write( "Warning: information about network interfaces could not be retrieved on this platform.\n" ) return intDict if ethtool_present: interfaces = list( set(ethtool.get_devices() + ethtool.get_active_devices())) else: interfaces = netifaces.interfaces() for interface in interfaces: try: if ethtool_present: hwaddr = ethtool.get_hwaddr(interface) else: hwaddr = netifaces.ifaddresses(interface)[ netifaces.AF_LINK][0]['addr'] except: hwaddr = "" # slave devices can have their hwaddr changed try: master = os.readlink('/sys/class/net/%s/master' % interface) except: master = None if master: master_interface = os.path.basename(master) hwaddr = get_slave_hwaddr(master_interface, interface) try: if ethtool_present: module = ethtool.get_module(interface) else: driver_file = open( '/sys/class/net/%s/device/uevent' % interface, 'r') module = driver_file.readline().split('=')[1].strip() driver_file.close() except: if interface == 'lo': module = "loopback" else: module = "Unknown" try: if ethtool_present: ipaddr = ethtool.get_ipaddr(interface) else: ipaddr = netifaces.ifaddresses(interface)[ netifaces.AF_INET][0]['addr'] except: ipaddr = "" try: if ethtool_present: netmask = ethtool.get_netmask(interface) else: netmask = netifaces.ifaddresses(interface)[ netifaces.AF_INET][0]['netmask'] except: netmask = "" try: if ethtool_present: broadcast = ethtool.get_broadcast(interface) else: broadcast = netifaces.ifaddresses(interface)[ netifaces.AF_INET][0]['broadcast'] except: broadcast = "" ip6_list = [] if ethtool_present: dev_info = ethtool.get_interfaces_info(interface) for info in dev_info: # one interface may have more IPv6 addresses for ip6 in info.get_ipv6_addresses(): scope = ip6.scope if scope == 'global': scope = 'universe' ip6_list.append({ 'scope': scope, 'addr': ip6.address, 'netmask': ip6.netmask }) else: try: for dev_info in netifaces.ifaddresses(interface)[ netifaces.AF_INET6]: ip6_addr = dev_info['addr'].split('%')[0] scope_info = ipaddress.IPv6Address(ip6_addr) if scope_info.is_global: scope = 'universe' elif scope_info.is_link_local: scope = 'link' elif scope_info.is_loopback: scope = 'host' elif scope_info.is_site_local: scope = 'site' # count number of '1' bits in netmask returned by netifaces ip6_netmask = dev_info['netmask'] netmask_bits = 0 for two_octets in ip6_netmask.split(':'): if not two_octets: break elif two_octets.lower() == 'ffff': netmask_bits += 16 else: # remove '0b' from begin and find last '1' in the string netmask_bits += 16 - 1 - bin(int( two_octets, 16))[2:].rindex('1') ip6_list.append({ 'scope': scope, 'addr': ip6_addr, 'netmask': netmask_bits }) except KeyError: pass # no ipv6 for this interface intDict[interface] = { 'hwaddr': hwaddr, 'ipaddr': ipaddr, 'netmask': netmask, 'broadcast': broadcast, 'module': module, 'ipv6': ip6_list } return intDict
def rfc4193(self): return ipaddress.IPv6Address( int(RFC4194_FORMAT.format(self.networkId, self.nodeId), 16))
def make_ipv6_address(address_str): return ipaddress.IPv6Address(address_str)
def testNonStringKey(self): pyt = pytricia.PyTricia() # insert as string pyt['10.1.2.3/24'] = 'abc' # lookup as string for i in range(256): self.assertEqual(pyt['10.1.2.{}'.format(i)], 'abc') # lookup as bytes (or, ugh, another str in python2) b = socket.inet_aton('10.1.2.3') self.assertEqual(pyt[b], 'abc') # bytes in py3k. python2 stinks. if sys.version_info.major == 3 and sys.version_info.minor >= 4: i = b[0] * 2**24 + b[1] * 2**16 + b[2] * 2**8 for j in range(256): self.assertEqual(pyt[i+j], 'abc') if sys.version_info.major == 2: # longs only exist in python2. it stinks. b = struct.unpack('4b',socket.inet_aton('10.1.2.3')) i = b[0] * 2**24 + b[1] * 2**16 + b[2] * 2**8 self.assertEqual(pyt[long(i)], 'abc') # i, = struct.unpack('i', b) for j in range(256): self.assertEqual(pyt[i+j], 'abc') # lookup as str self.assertEqual(pyt['10.1.2.99'], 'abc') # lookup as ipaddress objects if sys.version_info.major == 3 and sys.version_info.minor >= 4: import ipaddress ipaddr = ipaddress.IPv4Address("10.1.2.47") self.assertEqual(pyt[ipaddr], 'abc') ipnet = ipaddress.IPv4Network("10.1.2.0/24") self.assertEqual(pyt[ipnet], 'abc') with self.assertRaises(KeyError) as cm: ipaddr = ipaddress.IPv6Address("fe01::1") self.assertIsNone(pyt[ipaddr]) with self.assertRaises(KeyError) as cm: ipnet = ipaddress.IPv6Network("fe01::1/64", strict=False) self.assertIsNone(pyt[ipnet]) with self.assertRaises(KeyError) as cm: pyt["fe01::1/64"] with self.assertRaises(KeyError) as cm: pyt["fe01::1"] with self.assertRaises(ValueError) as cm: pyt[""] with self.assertRaises(ValueError) as cm: pyt["apple"] with self.assertRaises(KeyError) as cm: pyt[2**65]
elif (mes_type == "NODEDISCOVERY"): print("NODE DISCOVERY") else: print("Argument error") elif ((total_args == 3) | (total_args == 5)): ip_dir = sys.argv[1] mes_type = str(sys.argv[2]) if (mes_type == "directive"): TYPE = 2 else: #configuration polling TYPE = 6 PAYDATA.append(TYPE) dest_ip = ipaddress.IPv6Address(ip_dir) private_address = get_private_address_from_ip(dest_ip) DEST = private_address if (total_args == 5): #Add local_id and data for action/directives #DIRECTIVE LOCAL_ID = int(str(sys.argv[3])) DATA = int(str(sys.argv[4])) PAYDATA.append(LOCAL_ID) PAYDATA.append(DATA) else: print("Argument error") #####https://wiki.python.org/moin/BitManipulation
def __eq__(self, other): if isinstance(other, str): other = ipaddress.IPv6Address(other) return super().__eq__(other)
def _int_to_ip_v6(self, i: int) -> ipaddress.IPv6Address: return ipaddress.IPv6Address(i << 8 * 8)
def read_resource(self): # noqa LOGGING.debug("%s Reading RR", self.pointer) question = dict() question["NAME"] = self.read_domain() question["TYPE"] = self.read_int_16() rrclass = self.read_int_16() question["CLASS"] = rrclass & 0x7FFF question["CACHE-FLUSH"] = (rrclass >> 15) & 0x1 question["TTL"] = self.read_int_32() if question["TYPE"] == dpkt.dns.DNS_PTR: question["typestring"] = "PTR" LOGGING.debug("%s Reading %s", self.pointer, question["typestring"]) question["RDLENGTH"] = self.read_int_16() out_of_bounds = self.pointer + question["RDLENGTH"] question["PTRDNAME"] = self.read_domain() if self.pointer < out_of_bounds: LOGGING.debug("%s Unused RDATA", self.pointer) question["RDATA"] = self.buffer[self.pointer:out_of_bounds] self.pointer = out_of_bounds elif question["TYPE"] == dpkt.dns.DNS_SRV: question["typestring"] = "SRV" LOGGING.debug("%s Reading %s", self.pointer, question["typestring"]) question["RDLENGTH"] = self.read_int_16() out_of_bounds = self.pointer + question["RDLENGTH"] question["PRIO"] = self.read_int_16() question["WEIGHT"] = self.read_int_16() question["PORT"] = self.read_int_16() question["TARGET"] = self.read_domain() if self.pointer < out_of_bounds: LOGGING.debug("%s Unused RDATA", self.pointer) question["RDATA"] = self.buffer[self.pointer:out_of_bounds] self.pointer = out_of_bounds elif question["TYPE"] == dpkt.dns.DNS_AAAA: question["typestring"] = "AAAA" LOGGING.debug("%s Reading %s", self.pointer, question["typestring"]) question["RDLENGTH"] = self.read_int_16() out_of_bounds = self.pointer + question["RDLENGTH"] if question["RDLENGTH"] == 16: question["IPv6"] = ipaddress.IPv6Address( self.buffer[self.pointer:out_of_bounds]) LOGGING.debug("%s No 16 bytes in ipv6 address", self.pointer) question["RDATA"] = self.buffer[self.pointer:out_of_bounds] self.pointer = out_of_bounds elif question["TYPE"] == dpkt.dns.DNS_TXT: question["typestring"] = "TXT" LOGGING.debug("%s Reading %s", self.pointer, question["typestring"]) # for TXT this is a list of strings, not always ending with empty # string question["RDLENGTH"] = self.read_int_16() LOGGING.debug("%s Length of text %s", self.pointer, question["RDLENGTH"]) out_of_bounds = self.pointer + question["RDLENGTH"] strings = list() while self.pointer < out_of_bounds: end, s = self.read_short_string() if end or not s: break strings.append(s.decode("utf-8")) question["TXT-RDATA"] = strings if self.pointer < out_of_bounds: LOGGING.debug("%s Unused RDATA", self.pointer) question["RDATA"] = self.buffer[self.pointer:out_of_bounds] self.pointer = out_of_bounds else: LOGGING.debug("%s Reading unknown RR type", self.pointer) question["RDATA"] = self.read_long_string() LOGGING.debug("%s Finished RR", self.pointer) return question
def pad_bin(unpadded): return format(int(ipaddress.IPv6Address(unicode(unpadded))), '0128b')
def get_win_ifaddrs(): """ A method for retrieving info of the network interfaces. Returns a nested dictionary of interfaces in Windows. Supports both IPv4 and IPv6 addresses """ import ctypes import struct import ipaddress import ctypes.wintypes from ctypes.wintypes import DWORD, WCHAR, BYTE, BOOL from socket import AF_INET, AF_UNSPEC, AF_INET6 # from iptypes.h MAX_ADAPTER_ADDRESS_LENGTH = 8 MAX_DHCPV6_DUID_LENGTH = 130 GAA_FLAG_INCLUDE_PREFIX = ctypes.c_ulong(0x0010) class SOCKADDR(ctypes.Structure): _fields_ = [ ('family', ctypes.c_ushort), ('data', ctypes.c_byte*14), ] LPSOCKADDR = ctypes.POINTER(SOCKADDR) class IN6_ADDR(ctypes.Structure): _fields_ = [ ('byte', ctypes.c_byte*16), ('word', ctypes.c_byte*16), #this should be changed ] class SOCKADDR_IN6(ctypes.Structure): _fields_ = [ ('family', ctypes.c_short), ('port', ctypes.c_ushort), ('flowinfo', ctypes.c_ulong), ('addr', IN6_ADDR), ('scope_id', ctypes.c_ulong), ] LPSOCKADDR_IN6 = ctypes.POINTER(SOCKADDR_IN6) # NB: It's not true mapping of `sockaddr_storage` structure! class SOCKADDR_STORAGE(ctypes.Union): _fields_ = (('v4', LPSOCKADDR), ('v6', LPSOCKADDR_IN6)) class SOCKET_ADDRESS(ctypes.Structure): _fields_ = [ #('address', LPSOCKADDR), ('address', SOCKADDR_STORAGE), ('length', ctypes.c_int), ] class _IP_ADAPTER_ADDRESSES_METRIC(ctypes.Structure): _fields_ = [ ('length', ctypes.c_ulong), ('interface_index', DWORD), ] class _IP_ADAPTER_ADDRESSES_U1(ctypes.Union): _fields_ = [ ('alignment', ctypes.c_ulonglong), ('metric', _IP_ADAPTER_ADDRESSES_METRIC), ] class IP_ADAPTER_UNICAST_ADDRESS(ctypes.Structure): pass PIP_ADAPTER_UNICAST_ADDRESS = ctypes.POINTER(IP_ADAPTER_UNICAST_ADDRESS) IP_ADAPTER_UNICAST_ADDRESS._fields_ = [ ("length", ctypes.c_ulong), ("flags", ctypes.wintypes.DWORD), ("next", PIP_ADAPTER_UNICAST_ADDRESS), ("address", SOCKET_ADDRESS), ("prefix_origin", ctypes.c_int), ("suffix_origin", ctypes.c_int), ("dad_state", ctypes.c_int), ("valid_lifetime", ctypes.c_ulong), ("preferred_lifetime", ctypes.c_ulong), ("lease_lifetime", ctypes.c_ulong), ("on_link_prefix_length", ctypes.c_ubyte) ] # it crashes when retrieving prefix data :( class IP_ADAPTER_PREFIX(ctypes.Structure): pass PIP_ADAPTER_PREFIX = ctypes.POINTER(IP_ADAPTER_PREFIX) IP_ADAPTER_PREFIX._fields_ = [ ("alignment", ctypes.c_ulonglong), ("next", PIP_ADAPTER_PREFIX), ("address", SOCKET_ADDRESS), ("prefix_length", ctypes.c_ulong) ] class IP_ADAPTER_ADDRESSES(ctypes.Structure): pass LP_IP_ADAPTER_ADDRESSES = ctypes.POINTER(IP_ADAPTER_ADDRESSES) # for now, just use void * for pointers to unused structures PIP_ADAPTER_ANYCAST_ADDRESS = ctypes.c_void_p PIP_ADAPTER_MULTICAST_ADDRESS = ctypes.c_void_p PIP_ADAPTER_DNS_SERVER_ADDRESS = ctypes.c_void_p #PIP_ADAPTER_PREFIX = ctypes.c_void_p PIP_ADAPTER_WINS_SERVER_ADDRESS_LH = ctypes.c_void_p PIP_ADAPTER_GATEWAY_ADDRESS_LH = ctypes.c_void_p PIP_ADAPTER_DNS_SUFFIX = ctypes.c_void_p IF_OPER_STATUS = ctypes.c_uint # this is an enum, consider http://code.activestate.com/recipes/576415/ IF_LUID = ctypes.c_uint64 NET_IF_COMPARTMENT_ID = ctypes.c_uint32 GUID = ctypes.c_byte*16 NET_IF_NETWORK_GUID = GUID NET_IF_CONNECTION_TYPE = ctypes.c_uint # enum TUNNEL_TYPE = ctypes.c_uint # enum IP_ADAPTER_ADDRESSES._fields_ = [ #('u', _IP_ADAPTER_ADDRESSES_U1), ('length', ctypes.c_ulong), ('interface_index', DWORD), ('next', LP_IP_ADAPTER_ADDRESSES), ('adapter_name', ctypes.c_char_p), ('first_unicast_address', PIP_ADAPTER_UNICAST_ADDRESS), ('first_anycast_address', PIP_ADAPTER_ANYCAST_ADDRESS), ('first_multicast_address', PIP_ADAPTER_MULTICAST_ADDRESS), ('first_dns_server_address', PIP_ADAPTER_DNS_SERVER_ADDRESS), ('dns_suffix', ctypes.c_wchar_p), ('description', ctypes.c_wchar_p), ('friendly_name', ctypes.c_wchar_p), ('byte', BYTE*MAX_ADAPTER_ADDRESS_LENGTH), ('physical_address_length', DWORD), ('flags', DWORD), ('mtu', DWORD), ('interface_type', DWORD), ('oper_status', IF_OPER_STATUS), ('ipv6_interface_index', DWORD), ('zone_indices', DWORD), ('first_prefix', PIP_ADAPTER_PREFIX), ('transmit_link_speed', ctypes.c_uint64), ('receive_link_speed', ctypes.c_uint64), ('first_wins_server_address', PIP_ADAPTER_WINS_SERVER_ADDRESS_LH), ('first_gateway_address', PIP_ADAPTER_GATEWAY_ADDRESS_LH), ('ipv4_metric', ctypes.c_ulong), ('ipv6_metric', ctypes.c_ulong), ('luid', IF_LUID), ('dhcpv4_server', SOCKET_ADDRESS), ('compartment_id', NET_IF_COMPARTMENT_ID), ('network_guid', NET_IF_NETWORK_GUID), ('connection_type', NET_IF_CONNECTION_TYPE), ('tunnel_type', TUNNEL_TYPE), ('dhcpv6_server', SOCKET_ADDRESS), ('dhcpv6_client_duid', ctypes.c_byte*MAX_DHCPV6_DUID_LENGTH), ('dhcpv6_client_duid_length', ctypes.c_ulong), ('dhcpv6_iaid', ctypes.c_ulong), ('first_dns_suffix', PIP_ADAPTER_DNS_SUFFIX), ] def GetAdaptersAddresses(): """ Returns an iteratable list of adapters """ size = ctypes.c_ulong() GetAdaptersAddresses = ctypes.windll.iphlpapi.GetAdaptersAddresses GetAdaptersAddresses.argtypes = [ ctypes.c_ulong, ctypes.c_ulong, ctypes.c_void_p, ctypes.POINTER(IP_ADAPTER_ADDRESSES), ctypes.POINTER(ctypes.c_ulong), ] GetAdaptersAddresses.restype = ctypes.c_ulong #res = GetAdaptersAddresses(AF_INET,0,None, None,size) res = GetAdaptersAddresses(AF_UNSPEC,0,None, None,size) if res != 0x6f: # BUFFER OVERFLOW raise RuntimeError("Error getting structure length (%d)" % res) pointer_type = ctypes.POINTER(IP_ADAPTER_ADDRESSES) size.value = 15000 buffer = ctypes.create_string_buffer(size.value) struct_p = ctypes.cast(buffer, pointer_type) #res = GetAdaptersAddresses(AF_INET,0,None, struct_p, size) res = GetAdaptersAddresses(AF_UNSPEC,0,None, struct_p, size) if res != 0x0: # NO_ERROR: raise RuntimeError("Error retrieving table (%d)" % res) while struct_p: yield struct_p.contents struct_p = struct_p.contents.next interfaced = {} for i in GetAdaptersAddresses(): result = NetworkInterface() result.ifname = i.description result.ifindex = i.zone_indices #zone_indices in windows addresses = i.first_unicast_address result.IPv4 = [] result.IPv6 = [] while addresses: fu = addresses.contents ipversion = fu.address.address.v4.contents.family if ipversion == AF_INET: ad = fu.address.address.v4.contents #print("\tfamily: {0}".format(ad.family)) ip_int = struct.unpack('>2xI8x', ad.data)[0] ip = ipaddress.IPv4Address(ip_int) #print(ip) result.IPv4.append(ip) elif ipversion == AF_INET6: ad = fu.address.address.v6.contents ip_int = struct.unpack('!QQ', ad.addr.byte)[0] ip = ipaddress.IPv6Address(ip_int) result.IPv6.append(ip) addresses = addresses.contents.next interfaced[result.ifname] = result return interfaced
def _test_otci_srp(self, client: OTCI, server: OTCI): self.assertEqual('disabled', server.srp_server_get_state()) self.assertEqual('default.service.arpa.', server.srp_server_get_domain()) server.srp_server_set_domain('example1.com') self.assertEqual('example1.com.', server.srp_server_get_domain()) server.srp_server_set_domain('example2.com.') self.assertEqual('example2.com.', server.srp_server_get_domain()) server.srp_server_set_domain('default.service.arpa.') self.assertEqual('default.service.arpa.', server.srp_server_get_domain()) default_leases = server.srp_server_get_lease() self.assertEqual(default_leases, (1800, 7200, 86400, 1209600)) server.srp_server_set_lease(1801, 7201, 86401, 1209601) leases = server.srp_server_get_lease() self.assertEqual(leases, (1801, 7201, 86401, 1209601)) self.assertFalse(client.srp_client_get_state()) self.assertEqual('Removed', client.srp_client_get_host_state()) self.assertEqual(('::', 0), client.srp_client_get_server()) self.assertFalse(client.srp_client_get_service_key()) client.srp_client_enable_service_key() self.assertTrue(client.srp_client_get_service_key()) client.srp_client_disable_service_key() self.assertFalse(client.srp_client_get_service_key()) server.srp_server_disable() client.wait(3) server.srp_server_enable() client.wait(10) self.assertEqual([], server.srp_server_get_hosts()) self.assertEqual('running', server.srp_server_get_state()) self.assertFalse(client.srp_client_get_autostart()) client.srp_client_enable_autostart() self.assertTrue(client.srp_client_get_autostart()) client.wait(3) self.assertTrue(client.srp_client_get_state()) self.assertNotEqual(('::', 0), client.srp_client_get_server()) self.assertEqual('', client.srp_client_get_host_name()) client.srp_client_set_host_name('host1') self.assertEqual('host1', client.srp_client_get_host_name()) self.assertEqual([], client.srp_client_get_host_addresses()) client.srp_client_set_host_addresses('2001::1') self.assertEqual(['2001::1'], client.srp_client_get_host_addresses()) client.srp_client_set_host_addresses('2001::1', '2001::2') self.assertEqual(['2001::1', '2001::2'], client.srp_client_get_host_addresses()) srp_client_host = client.srp_client_get_host() self.assertEqual('host1', srp_client_host['host']) self.assertEqual('ToAdd', srp_client_host['state']) self.assertEqual( { ipaddress.IPv6Address('2001::1'), ipaddress.IPv6Address('2001::2') }, set(srp_client_host['addresses'])) self.assertEqual([], client.srp_client_get_services()) client.srp_client_add_service('ins1', '_ipps._tcp', 1000, 1, 1, txt={ 'txt11': 'val11', 'txt12': b'val12', 'txt13': True }) client.srp_client_add_service('ins2', '_meshcop._udp', 2000, 2, 2, txt={ 'txt21': 'val21', 'txt22': b'val22', 'txt23': True }) self.assertEqual(2, len(client.srp_client_get_services())) self.assertIn( { 'instance': 'ins1', 'service': '_ipps._tcp', 'state': 'ToAdd', 'port': 1000, 'priority': 1, 'weight': 1, }, client.srp_client_get_services()) self.assertIn( { 'instance': 'ins2', 'service': '_meshcop._udp', 'state': 'ToAdd', 'port': 2000, 'priority': 2, 'weight': 2, }, client.srp_client_get_services()) client.wait(3) self.assertEqual('Registered', client.srp_client_get_host()['state']) srp_server_hosts = server.srp_server_get_hosts() logging.info('srp_server_hosts %r', srp_server_hosts) self.assertEqual(1, len(srp_server_hosts)) self.assertEqual('host1.default.service.arpa.', srp_server_hosts[0]['host']) self.assertEqual(False, srp_server_hosts[0]['deleted']) self.assertEqual( { ipaddress.IPv6Address('2001::1'), ipaddress.IPv6Address('2001::2') }, set(srp_server_hosts[0]['addresses'])) srp_server_services = server.srp_server_get_services() logging.info('srp_server_services %r', srp_server_services) self.assertEqual(2, len(srp_server_services)) for service in srp_server_services: if service['instance'] == 'ins1._ipps._tcp.default.service.arpa.': self.assertEqual(False, service['deleted']) self.assertEqual(1000, service['port']) self.assertEqual(1, service['priority']) self.assertEqual(1, service['weight']) self.assertEqual('host1.default.service.arpa.', service['host']) self.assertEqual( { ipaddress.IPv6Address('2001::1'), ipaddress.IPv6Address('2001::2') }, set(service['addresses'])) self.assertEqual( { 'txt11': b'val11', 'txt12': b'val12', 'txt13': True }, service['txt']) elif service[ 'instance'] == 'ins2._meshcop._udp.default.service.arpa.': self.assertEqual(False, service['deleted']) self.assertEqual(2000, service['port']) self.assertEqual(2, service['priority']) self.assertEqual(2, service['weight']) self.assertEqual('host1.default.service.arpa.', service['host']) self.assertEqual( { ipaddress.IPv6Address('2001::1'), ipaddress.IPv6Address('2001::2') }, set(service['addresses'])) self.assertEqual( { 'txt21': b'val21', 'txt22': b'val22', 'txt23': True }, service['txt']) else: self.fail(service)
import ipaddress from ryu.lib import mac from ryu.lib.packet import arp, ethernet, icmp, icmpv6, ipv4, ipv6, stream_parser, packet, vlan from ryu.ofproto import ether from ryu.ofproto import inet try: from valve_util import btos except ImportError: from faucet.valve_util import btos IPV6_ALL_NODES_MCAST = '33:33:00:00:00:01' IPV6_ALL_ROUTERS_MCAST = '33:33:00:00:00:02' IPV6_LINK_LOCAL = ipaddress.IPv6Network(btos('fe80::/10')) IPV6_ALL_NODES = ipaddress.IPv6Address(btos('ff02::1')) def mac_addr_is_unicast(mac_addr): """Returns True if mac_addr is a unicast Ethernet address. Args: mac_addr (str): MAC address. Returns: bool: True if a unicast Ethernet address. """ msb = mac_addr.split(':')[0] return msb[-1] in '02468aAcCeE' def parse_pkt(pkt):
def _control_plane_icmpv6_handler(self, pkt_meta, ipv6_pkt): ofmsgs = [] if not pkt_meta.packet_complete(): return ofmsgs src_ip = ipaddress.IPv6Address(btos(ipv6_pkt.src)) dst_ip = ipaddress.IPv6Address(btos(ipv6_pkt.dst)) vlan = pkt_meta.vlan if vlan.ip_in_vip_subnet(src_ip): # Must be ICMPv6 and have no extended headers. if ipv6_pkt.nxt != valve_of.inet.IPPROTO_ICMPV6: return ofmsgs if ipv6_pkt.ext_hdrs: return ofmsgs # Explicitly ignore messages to all notes. if dst_ip == valve_packet.IPV6_ALL_NODES: return ofmsgs pkt_meta.reparse_ip(payload=32) icmpv6_pkt = pkt_meta.pkt.get_protocol(icmpv6.icmpv6) if icmpv6_pkt is None: return ofmsgs icmpv6_type = icmpv6_pkt.type_ if (ipv6_pkt.hop_limit != valve_packet.IPV6_MAX_HOP_LIM and icmpv6_type != icmpv6.ICMPV6_ECHO_REQUEST): return ofmsgs port = pkt_meta.port eth_src = pkt_meta.eth_src if icmpv6_type == icmpv6.ND_NEIGHBOR_SOLICIT: solicited_ip = btos(icmpv6_pkt.data.dst) if vlan.is_faucet_vip(ipaddress.ip_address(solicited_ip)): ofmsgs.extend( self._add_host_fib_route(vlan, src_ip, blackhole=False)) ofmsgs.extend( self._update_nexthop(vlan, port, eth_src, src_ip)) ofmsgs.append( vlan.pkt_out_port(valve_packet.nd_advert, port, vlan.faucet_mac, eth_src, solicited_ip, src_ip)) self.logger.info( 'Responded to ND solicit for %s to %s (%s) on VLAN %u' % (solicited_ip, src_ip, eth_src, vlan.vid)) elif icmpv6_type == icmpv6.ND_NEIGHBOR_ADVERT: target_ip = btos(icmpv6_pkt.data.dst) if vlan.ip_in_vip_subnet(ipaddress.ip_address(target_ip)): ofmsgs.extend( self._update_nexthop(vlan, port, eth_src, target_ip)) self.logger.info('ND advert %s (%s) on VLAN %u' % (target_ip, eth_src, vlan.vid)) elif icmpv6_type == icmpv6.ND_ROUTER_SOLICIT: link_local_vips, other_vips = self._link_and_other_vips(vlan) for vip in link_local_vips: if src_ip in vip.network: ofmsgs.extend( self._add_host_fib_route(vlan, src_ip, blackhole=False)) ofmsgs.extend( self._update_nexthop(vlan, port, eth_src, src_ip)) ofmsgs.append( vlan.pkt_out_port(valve_packet.router_advert, port, vlan.faucet_mac, eth_src, vip.ip, src_ip, other_vips)) self.logger.info( 'Responded to RS solicit from %s (%s) to VIP %s on VLAN %u' % (src_ip, eth_src, vip, vlan.vid)) break elif icmpv6_type == icmpv6.ICMPV6_ECHO_REQUEST: if (vlan.from_connected_to_vip(src_ip, dst_ip) and pkt_meta.eth_dst == vlan.faucet_mac): ofmsgs.append( vlan.pkt_out_port(valve_packet.icmpv6_echo_reply, port, vlan.faucet_mac, eth_src, dst_ip, src_ip, ipv6_pkt.hop_limit, icmpv6_pkt.data.id, icmpv6_pkt.data.seq, icmpv6_pkt.data.data)) return ofmsgs
def validate(self, raw_value: Union[None, str, bytes, _MissingType], raw: bool) -> Union[None, str, bytes, _MissingType]: if isinstance(raw_value, (str, bytes)): value = raw_value elif raw_value is None: if self.nullable: return None raise ValidatorError("value should be type of str") elif isinstance(raw_value, _MissingType): if self.default is None: return raw_value value = self.default else: raise ValidatorError("value should be type of str") if self.minLength is not None and len(value) < self.minLength: raise ValidatorError( f"value length should be more than {self.minLength}") if self.maxLength is not None and len(value) > self.maxLength: raise ValidatorError( f"value length should be less than {self.maxLength}") if self.enum is not None and value not in self.enum: raise ValidatorError(f"value should be one of {self.enum}") if self.format not in ( StringFormat.Default, StringFormat.Password, StringFormat.Binary, ): assert isinstance(value, str) if self.format == StringFormat.Uuid: try: uuid.UUID(value) except ValueError: raise ValidatorError("value should be uuid") elif self.format == StringFormat.Datetime: if not strict_rfc3339.validate_rfc3339(value): raise ValidatorError("value should be datetime format") elif self.format == StringFormat.Date: if not strict_rfc3339.validate_rfc3339(f"{value}T00:00:00Z"): raise ValidatorError("value should be date format") elif self.format == StringFormat.Email: if not _EMAIL_REGEX.match(value): raise ValidatorError("value should be valid email") elif self.format == StringFormat.Byte: try: base64.b64decode(value) except ValueError: raise ValidatorError( "value should be base64-encoded string") elif self.format == StringFormat.IPv4: try: ipaddress.IPv4Address(value) except ValueError: raise ValidatorError("value should be valid ipv4 address") elif self.format == StringFormat.IPv6: try: ipaddress.IPv6Address(value) except ValueError: raise ValidatorError("value should be valid ipv6 address") elif self.format == StringFormat.Hostname: if not value: raise ValidatorError("value should be valid hostname") hostname = value[:-1] if value[-1] == "." else value if len(hostname) > 255 or not all( _HOSTNAME_REGEX.match(x) for x in hostname.split(".")): raise ValidatorError("value should be valid hostname") if (self.format != StringFormat.Binary and self.pattern and not self.pattern.search(value)): raise ValidatorError( f"value should match regex pattern '{self.pattern.pattern}'") return value
def ipaddress(self, version, pos, nbytes): if version == 4: return ipaddress.IPv4Address(self.data[pos:pos + nbytes]) elif version == 6: return ipaddress.IPv6Address(self.data[pos:pos + nbytes]) return None
configs = {} def config_for(ns, daemon): templatefile_path = os.path.join(templatedir, '%s.j2' % daemon) with open(templatefile_path, 'r') as templatefile: template = jinja2.Template(templatefile.read()) context = {'ns': ns, 'daemon': daemon} context.update(configs[ns]) return template.render(context) for idx, ns in enumerate(namespaces): configs[ns] = { 'loopback_v4': ipaddress.IPv4Address('100.0.%d.%d' % xy[ns]), 'loopback_v6': ipaddress.IPv6Address('2001:db8:64::%x:%x' % xy[ns]), 'net': '49.0001.%04x.%04x.00' % xy[ns], 'links': sorted([link[1] for link in links if link[0] == ns] + [link[0] for link in links if link[1] == ns]), 'daemons': ['zebra', 'fabricd'], 'configfiles': {}, } for daemon in configs[ns]['daemons']: configs[ns]['configfiles'][daemon] = config_for(ns, daemon)
class MDNSServiceDiscovery(object): IP4_MULTICAST = ipaddress.IPv4Address(u'224.0.0.251') IP6_MULTICAST = ipaddress.IPv6Address(u'FF02::FB') MULTICAST_PORT = 5353 def __init__(self, *args, **kwargs): self.ip_version = 4 self.ttl = 2 self.timeout = 10 self.devices = {} self.qtype = kwargs.get('qtype', QTYPE_ALL) self.interface = self.find_interfaces() self.query = MDNSQuery() self.logger = logging.getLogger(__name__) self.logger.setLevel(logging.getLogger().level) for qname in args: self.query.add_question(qname.strip(), self.qtype) def find_interfaces(self): """ Find the local interface(s) that we will send via. Presently I have no way of finding a local IPv6 interface, so just use IPv4. An MDNSServiceDiscoveryError will be raised if the local interface can't be found. :return: The interface to be used. """ try: x = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) x.connect(('1.2.3.4', 56)) interface = x.getsockname()[0] x.close() except socket.error as e: raise MDNSServiceDiscoveryError("Unable to find local interface.") return interface def find_devices(self): now = time.time() nxt = now last = now + self.timeout delay = 1 sock = self.make_socket() while last > now: now = time.time() if now >= nxt: for data in self.query.packet_data(): sock.sendto(data, 0, (str(self.IP4_MULTICAST), self.MULTICAST_PORT)) nxt += delay delay *= 2 r, w, e = select.select([sock], [], [sock], 0.5) if not r: continue data, addr = sock.recvfrom(16384) self.logger.debug("Received %d bytes from %s:%d", len(data), *addr) if data: resp = MDNSResponse(data) # We only want responses to our queries, not everyone elses! if not resp.is_valid: continue if not resp.is_applicable(self.query): continue for a in resp.answers: if 'PTR' not in a: continue self.logger.debug("Answer: %s", a) self.query.add_answer(a['qname'], a['PTR'], a['qtype'], a['qclass'], a['ttl']) if a['PTR'] not in self.devices: dev = {'PTR': a['PTR']} for ad in resp.additional: self.logger.debug("Additional Record: %s", ad) for poss in ('A', 'AAAA', 'TXT', 'SRV'): if poss in ad: dev[poss] = ad[poss] if 'A' not in dev: self.logger.info( "No additional records found, so using origin IP for %s", a['PTR']) dev['A'] = addr[0] self.devices[a['PTR']] = dev sock.close() return len(self.devices) > 0 def make_socket(self): """ Open a socket that can be used for sending and receiving multicast packets. If a socket cannot be created or setup then an MDNSServiceDiscoveryError is raised. :return: The created socket. """ host = socket.inet_aton(self.interface) try: sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, socket.IPPROTO_UDP) sock.setblocking(0) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEPORT, 1) sock.bind((str(self.IP4_MULTICAST), self.MULTICAST_PORT)) sock.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_TTL, struct.pack('B', self.ttl)) sock.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_IF, host) sock.setsockopt(socket.SOL_IP, socket.IP_MULTICAST_LOOP, 0) except: print(sys.exc_info()) raise MDNSServiceDiscoveryError( "Unable to create a suitable socket for MDNS") return sock
def _winrm_connect(self): ''' Establish a WinRM connection over HTTP/HTTPS. ''' display.vvv( "ESTABLISH WINRM CONNECTION FOR USER: %s on PORT %s TO %s" % (self._winrm_user, self._winrm_port, self._winrm_host), host=self._winrm_host) winrm_host = self._winrm_host if HAS_IPADDRESS: display.vvvv("checking if winrm_host %s is an IPv6 address" % winrm_host) try: ipaddress.IPv6Address(winrm_host) except ipaddress.AddressValueError: pass else: winrm_host = "[%s]" % winrm_host netloc = '%s:%d' % (winrm_host, self._winrm_port) endpoint = urlunsplit( (self._winrm_scheme, netloc, self._winrm_path, '', '')) errors = [] for transport in self._winrm_transport: if transport == 'kerberos': if not HAVE_KERBEROS: errors.append( 'kerberos: the python kerberos library is not installed' ) continue if self._kerb_managed: self._kerb_auth(self._winrm_user, self._winrm_pass) display.vvvvv('WINRM CONNECT: transport=%s endpoint=%s' % (transport, endpoint), host=self._winrm_host) try: winrm_kwargs = self._winrm_kwargs.copy() if self._winrm_connection_timeout: winrm_kwargs[ 'operation_timeout_sec'] = self._winrm_connection_timeout winrm_kwargs[ 'read_timeout_sec'] = self._winrm_connection_timeout + 1 protocol = Protocol(endpoint, transport=transport, **winrm_kwargs) # open the shell from connect so we know we're able to talk to the server if not self.shell_id: self.shell_id = protocol.open_shell( codepage=65001) # UTF-8 display.vvvvv('WINRM OPEN SHELL: %s' % self.shell_id, host=self._winrm_host) return protocol except Exception as e: err_msg = to_text(e).strip() if re.search(to_text(r'Operation\s+?timed\s+?out'), err_msg, re.I): raise AnsibleError('the connection attempt timed out') m = re.search(to_text(r'Code\s+?(\d{3})'), err_msg) if m: code = int(m.groups()[0]) if code == 401: err_msg = 'the specified credentials were rejected by the server' elif code == 411: return protocol errors.append(u'%s: %s' % (transport, err_msg)) display.vvvvv(u'WINRM CONNECTION ERROR: %s\n%s' % (err_msg, to_text(traceback.format_exc())), host=self._winrm_host) if errors: raise AnsibleConnectionFailure(', '.join(map(to_native, errors))) else: raise AnsibleError('No transport found for WinRM connection')
def handle(self): logging.info('Accepting connection from %s:%s' % self.client_address[:2]) # greeting header # read and unpack 2 bytes from a client header = self.connection.recv(2) version, nmethods = struct.unpack("!BB", header) # socks 5 assert version == SOCKS_VERSION # get available methods methods = self.get_available_methods(nmethods) # send welcome message self.connection.sendall(struct.pack("!BB", SOCKS_VERSION, 0)) # request version, cmd, _, atype = struct.unpack("!BBBB", self.connection.recv(4)) assert version == SOCKS_VERSION address_type = AddressType(atype) if address_type == AddressType.V4: # IPv4 address = str(ip.IPv4Address(self.connection.recv(4))) elif address_type == AddressType.V6: # IPv6 address = str(ip.IPv6Address(self.connection.recv(16))) elif address_type == AddressType.DOMAIN: # Domain name domain_length = self.connection.recv(1)[0] address = self.connection.recv(domain_length) port = struct.unpack('!H', self.connection.recv(2))[0] # reply try: if cmd == 1: # CONNECT remote = socket.create_connection( (address, port), source_address=self.source_address) bind_address = remote.getsockname() logging.info('Connected to %s %s' % (address, port)) else: self.server.close_request(self.request) addr = ip.ip_address(bind_address[0]) port = bind_address[1] if isinstance(addr, ip.IPv4Address): reply = struct.pack("!BBBB4sH", SOCKS_VERSION, 0, 0, AddressType.V4.value, addr.packed, port) elif isinstance(addr, ip.IPv6Address): reply = struct.pack("!BBBB16sH", SOCKS_VERSION, 0, 0, AddressType.V6.value, addr.packed, port) except Exception as err: logging.error(err) # return connection refused error reply = self.generate_failed_reply(address_type, 5) self.connection.sendall(reply) # establish data exchange if reply[1] == 0 and cmd == 1: self.exchange_loop(self.connection, remote) self.server.close_request(self.request)
def _ipv6(in6_addr): return ipaddress.IPv6Address(struct.pack("IIII", *in6_addr.in6_u.u6_addr32))
try: ipv4 = requests.get(api[0], timeout=timeout).json()[api[1]] if ipaddress.IPv4Address(ipv4): break except: next api6 = [("http://ip6.seeip.org/json", "ip"), ("http://api64.ipify.org?format=json", "ip"), ("http://ip-api.com/json/", "query"), ("http://api-ipv6.ip.sb/jsonip", "ip")] ipv6 = False for api in api6: try: ipv6 = requests.get(api[0], timeout=timeout).json()[api[1]] if (ipv6 != ipv4) and (ipaddress.IPv6Address(ipv6)): break except: next out['ipv4']['ip'] = ipv4 out['ipv6']['ip'] = ipv6 if arg == 'vpnapi': vpnapi() elif arg == 'proxycheck': proxycheck() elif arg == 'ip2proxy': ip2proxy() elif arg == 'ip2loc': ip2loc() elif arg == 'onionoo': onionoo() elif arg == 'ipqs': ipqs() elif arg == 'all': if ivpnapi == '1': vpnapi() if iproxycheck == '1': proxycheck()
def convertusingipaddress(ipv4address): print(ipaddress.IPv6Address('2002::' + ipv4address).compressed)
def CheckIPs(options, ASNs): """ Check if the given filename containing IP addresses has any that belong to the generated list of netblocks. """ try: addresslist = set() ipv4_address = re.compile(r'(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})') ipv6_address = re.compile(r'(([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]' r'{1,4}|([0-9a-fA-F]{1,4}:){1,7}:|([0-' r'9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4' r'}|([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA' r'-F]{1,4}){1,2}|([0-9a-fA-F]{1,4}:){1' r',4}(:[0-9a-fA-F]{1,4}){1,3}|([0-9a-f' r'A-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){' r'1,4}|([0-9a-fA-F]{1,4}:){1,2}(:[0-9a' r'-fA-F]{1,4}){1,5}|[0-9a-fA-F]{1,4}:(' r'(:[0-9a-fA-F]{1,4}){1,6})|:((:[0-9a-' r'fA-F]{1,4}){1,7}|:)|fe80:(:[0-9a-fA-' r'F]{0,4}){0,4}%[0-9a-zA-Z]{1,}|::(fff' r'f(:0{1,4}){0,1}:){0,1}((25[0-5]|(2[0' r'-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(' r'25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-' r'9])|([0-9a-fA-F]{1,4}:){1,4}:((25[0-' r'5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.' r'){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){' r'0,1}[0-9]))') ipv4_cidr = re.compile(r"(?<!\d\.)(?<!\d)(?:\d{1,3}\.){3}\d{1,3" r"}/\d{1,2}(?!\d|(?:\.\d))") ipv6_cidr = re.compile(r's*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{' r'1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A' r'-Fa-f]{1,4}|((25[0-5]|2[0-4]d|1dd|[1-9]' r'?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d)){3})' r'|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-F' r'a-f]{1,4}){1,2})|:((25[0-5]|2[0-4]d|1dd' r'|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[1-9]?d' r')){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[' r'0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1' r',4})?:((25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(' r'25[0-5]|2[0-4]d|1dd|[1-9]?d)){3}))|:))|' r'(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{' r'1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:(' r'(25[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]' r'|2[0-4]d|1dd|[1-9]?d)){3}))|:))|(([0-9A' r'-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1' r',5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5' r']|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]' r'd|1dd|[1-9]?d)){3}))|:))|(([0-9A-Fa-f]{' r'1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((' r':[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4' r']d|1dd|[1-9]?d)(.(25[0-5]|2[0-4]d|1dd|[' r'1-9]?d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4' r'}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25' r'[0-5]|2[0-4]d|1dd|[1-9]?d)(.(25[0-5]|2[' r'0-4]d|1dd|[1-9]?d)){3}))|:)))(%.+)?s*\/' r'([0-9]|[1-9][0-9]|1[0-1][0-9]|12[0-8])?$') with open(options.filename) as ipfp: for line in ipfp.readlines(): result1 = ipv4_address.finditer(line) result2 = ipv6_address.finditer(line) result3 = ipv4_cidr.finditer(line) result4 = ipv6_cidr.finditer(line) for ip in [line.group(0) for line in result1]: addresslist.add(ip) for ip in [line.group(0) for line in result2]: addresslist.add(ip) for cidr in [line.group(0) for line in result3]: ip, mask = cidr.split('/') if mask != '32': addresslist.add(ip + '/' + mask) else: addresslist.add(ip) for cidr in [line.group(0) for line in result4]: ip, mask = cidr.split('/') if mask != '128': addresslist.add(ip + '/' + mask) else: addresslist.add(ip) if options.verbose: print("I) Found " + str(len(addresslist)) + " IP addresses in file: " + options.filename) except IOError: print("E) Error opening " + options.filename + "!") sys.exit(1) except KeyboardInterrupt: print("E) CTRL-C pressed, stopping!") sys.exit(1) try: ASN = '|'.join(ASNs) if ASN == '': if options.verbose: print("I) Reading GeoLite ASN cache: " + NetblockCache + "...") with open(NetblockCache, 'rb') as f: net4_records, net4_ranges, net6_records, net6_ranges = \ pickle.load(f) else: if options.verbose: print("I) Reading GeoLite ASN caches: " + ASnameCache + " and " + ASnumCache + "...") with open(ASnameCache, 'rb') as f: ASnameCacheFile = pickle.load(f) with open(ASnumCache, 'rb') as f: ASnumCacheFile = pickle.load(f) except FileNotFoundError: print("E) Not all GeoLite ASN caches were found; perhaps you need " + "to update (-u) first?") sys.exit(1) except KeyboardInterrupt: print("E) CTRL-C pressed, stopping!") sys.exit(1) except IOError: print("E) An error occurred reading the cache from disk!") sys.exit(1) if options.verbose: print("I) Loaded GeoLite ASN caches!") print("I) Checking the list of IPs") else: print("\"IP\",\"Network\",\"ASname\"") if options.verbose: ipcount = 0 hits = 0 matchset = set() if ASN == '': ASN = 'all ASNs' if options.verbose: print("I) Search string: " + ASN) if ASN == 'all ASNs': # Go through the list of all netblocks and find out what the # corresponding AS numbers/names are ASblocks = dict() for address in addresslist: if options.verbose: sys.stdout.write('.') sys.stdout.flush() ipcount += 1 if '/' in address: ip = ipaddress.ip_address(address.split('/')[0]) else: ip = ipaddress.ip_address(address) if ip.version == 4: ip = ipaddress.IPv4Address(ip) net_idx = bisect.bisect(net4_ranges, ip.packed) try: net_record = net4_records[net_idx // 2] except IndexError: sys.stdout.write('x') net = ipaddress.IPv4Network(net_record['network']) ASname = net_record['autonomous_system_organization'] ASnum = net_record['autonomous_system_number'] if ip in net: matchset.add(address) if ASname in ASblocks: ASblocks[ASname].append(address) else: ASblocks[ASname] = list() ASblocks[ASname].append(address) if options.verbose: hits += 1 else: print("\"" + str(ip) + "\",\"" + str(net) + "\",\"" + ASname + "\",\"AS" + ASnum + "\"") elif ip.version == 6: ip = ipaddress.IPv6Address(address) net_idx = bisect.bisect(net6_ranges, ip.packed) try: net_record = net4_records[net_idx // 2] except IndexError: sys.stdout.write('x') net = ipaddress.IPv6Network(net_record['network']) ASname = net_record['autonomous_system_organization'] ASnum = net_record['autonomous_system_number'] if ip in net: matchset.add(address) if ASname in ASblocks: ASblocks[ASname].append(address) else: ASblocks[ASname] = list() ASblocks[ASname].append(address) if options.verbose: hits += 1 else: print("\"" + str(ip) + "\",\"" + str(net) + "\",\"" + ASname + "\",\"AS" + ASnum + "\"") if options.verbose: sys.stdout.write('\n') sys.stdout.flush() else: # First, build a list of the requested ASNs and their netblocks netblocks = dict() ASblocks = dict() for AS in ASNs: if AS[:2].lower() == 'as' and AS[2:] in ASnumCacheFile.keys(): netblocks[AS] = ASnumCacheFile[AS[2:]] else: if AS in ASnumCacheFile.keys(): netblocks[AS] = ASnumCacheFile[AS] else: filtered_list = (s for s in ASnameCacheFile.keys() if AS.lower() in s.lower()) for ASnamematch in filtered_list: netblocks[ASnamematch] = ASnameCacheFile[ASnamematch] # Now check every IP to see if it appears in one of the search ASNs. for address in addresslist: if options.verbose: ipcount += 1 for ASname in netblocks.keys(): for netblock in netblocks[ASname]: if ipaddress.ip_network(address)._version ==\ ipaddress.ip_network(netblock)._version: if subnet_of(ipaddress.ip_network(address), (ipaddress.ip_network(netblock))): matchset.add((ASname, address, netblock)) if ASname in ASblocks: ASblocks[ASname].append(address) else: ASblocks[ASname] = list() ASblocks[ASname].append(address) if options.verbose: hits += 1 else: print("\"" + address + "\",\"" + netblock + "\",\"" + ASname + "\"") if options.verbose: print("I) All done, " + str(ipcount) + " IPs checked, found " + str(hits) + " matches:") for ASname in ASblocks.keys(): sys.stdout.write(ASname + ": ") for address in ASblocks[ASname]: sys.stdout.write(address + ' ') sys.stdout.write('\n') sys.stdout.flush() if options.verbose: if len(matchset) < len(addresslist): print("I) Found " + str(len(matchset)) + " IPs in the specified ASN search string: \"" + ASN + "\" out of " + str(len(addresslist)) + " total IP addresses.") if options.notfound: print("I) These " + str(len(addresslist) - len(matchset)) + " addresses were not matched: ") for ip in addresslist.difference(matchset): sys.stdout.write(ip + ' ') sys.stdout.write('\n') sys.stdout.flush() else: print("I) Found all " + str(len(matchset)) + " IPs in the specified ASNs: " + ASN)