def generate_ips(subnet, number): """ Generate number of random ips in given subnet args: subnet - cidr notation of subnet to generate ips from number - number of ips to return return: ip_list - list containing generated ips """ network = IPv4Network(unicode(subnet), strict=False) cidr = int(subnet.split('/')[1]) max_ip_num = pow(2, (32 - cidr)) - 2 ip_list = [] for i in range(number): ip = str(network[random.randint(0, max_ip_num)]) if ip not in ip_list: ip_list.append(ip) return ip_list
def __init__(self, cidrBlock: str = None, comment: str = None, ipAddress: str = None, links: list = None): """ For a single whitelist entry. Contains a bit of helper intelligence for ip addresses. :param cidrBlock: :param comment: :param ipAddress: :param links: """ self.links = links self.ipAddress = ipAddress self.comment = comment self.cidrBlock = cidrBlock try: self.cidrBlockObj: IPv4Network = IPv4Network(self.cidrBlock) except Exception: self.cidrBlockObj = None try: self.ipAddressObj: IPv4Address = IPv4Address(self.ipAddress) except Exception: self.ipAddressObj = None
def find_worker_name(key): with open("../monitors/workers.yaml", "r") as yaml_in: yaml_workers = yaml_in.read() workers = yaml.safe_load(yaml_workers) try: IPv4Address(key) # Exception thrown if not an IP address search_worker_key = str(IPv4Network(key+"/24", strict=False)) print(f"found subnet address: {search_worker_key}") except ValueError: search_worker_key = key print(f"subnet address not found, using key: {key}") if search_worker_key in workers: return workers[search_worker_key]["worker-name"] elif DEFAULT_KEY in workers: print(f"looking for default key {DEFAULT_KEY} in workers {workers}") return workers[DEFAULT_KEY]["worker-name"] else: return "quokka-worker"
def scan_parameters_is_correct(self): ''' Проверка корренктности пользовательских данных введённых им в окне программы, в случае некоректных данных будет выведено сообщение ''' network = None try: network = IPv4Network(self.ui.hostsCBox.currentText()) except ValueError: QMessageBox.critical( self, self.tr('Error'), self. tr('Incorrect network\nfor example:\n\n192.168.1.0/27\n10.7.207.0/255.255.255.0' )) return False if not self.ui.communityCBox.currentText(): QMessageBox.critical(self, self.tr('Error'), self.tr('Community is empty')) return False return True
def load_db(): here = Path(__file__).absolute().parent csv_file = here / os.path.join(THIS_FOLDER, "GeoLite2-Country-CSV.zip") with ZipFile(csv_file) as zf: zinfo = find_zinfo(zf, countries_csv) assert zinfo, f"cannot find {countries_csv}" with zf.open(zinfo) as fp: countries = load_countries(TextIOWrapper(fp)) zinfo = find_zinfo(zf, blocks_csv) assert zinfo, f"cannot find {blocks_csv}" blocks = [] with zf.open(zinfo) as fp: for record in csv.DictReader(TextIOWrapper(fp)): geo_id = record["geoname_id"] if not geo_id: continue network = IPv4Network(record["network"]) country = countries[record["geoname_id"]] blocks.append((network, country)) return blocks
def _get_broadcast_addresses(self) -> List[IPInterface]: """ Return a list of broadcast addresses for each discovered interface""" import netifaces broadcastAddrs = [] interfaces = netifaces.interfaces() for iface in interfaces: addr = netifaces.ifaddresses(iface) if netifaces.AF_INET in addr: netmask = addr[netifaces.AF_INET][0].get("netmask") ipaddr = addr[netifaces.AF_INET][0].get("addr") if netmask and addr: net = IPv4Network(f"{ipaddr}/{netmask}", strict=False) if net.broadcast_address: if not net.is_loopback or self._allow_loopback: broadcastAddrs.append( IPInterface(str(ipaddr), str(net.broadcast_address))) return broadcastAddrs
def get_ip_lookup(self, names, bridge="10.22.0.0/16"): """based on a bridge address that can serve other addresses (akin to a router, metaphorically, generate a pre-determined address for each container. Parameters ========== names: a list of names of instances to generate addresses for. bridge: the bridge address to derive them for. """ host_iter = IPv4Network(bridge).hosts() lookup = {} # Don't include the gateway next(host_iter) for name in names: lookup[name] = str(next(host_iter)) return lookup
def scan_cluster() -> bool: parameters = get_one("Parameters") protocol = parameters.cluster_scan_protocol for ip_address in IPv4Network(parameters.cluster_scan_subnet): try: instance = rest_get( f"{protocol}://{ip_address}/rest/is_alive", timeout=parameters.cluster_scan_timeout, ).json() if app.config["CLUSTER_ID"] != instance.pop("cluster_id"): continue factory("Instance", **{ **instance, **{ "ip_address": str(ip_address) } }) except ConnectionError: continue db.session.commit() return True
def main(): parser = argparse.ArgumentParser() parser.add_argument('--version', action='version', version=f'{os.path.basename(__file__)} {VERSION}') parser.add_argument('-d', '--debug', action='store_true', help='verbose output') parser.add_argument('--notls', action='store_false', help='disable TLS security') parser.add_argument('-l', '--logfile', nargs="?", help='log to file') parser.add_argument('-w', '--workers', type=int, default=300, help='number of parallel worker tasks') parser.add_argument('host', nargs="*", help='List of targets (addresses or subnets)') parser.add_argument('--hostFile', help='File of targets IPs to scan') args = parser.parse_args() if not args.host and not args.hostFile: parser.print_help() return configure_logging(args.debug, args.logfile) ips = [] if args.hostFile: fopen = open(args.hostFile) ips = list(fopen) fopen.close() else: for ip in args.host: cmd = True ips += [addr.exploded for addr in IPv4Network(ip, strict=False)] th = [] ips = set(ips) log.info(f"Going to scan {len(ips)} hosts, in {args.workers} parallel tasks") # with progressbar.ProgressBar(max_value=len(ips)) as bar: with concurrent.futures.ThreadPoolExecutor(max_workers=args.workers) as executor: for ip in ips: ft_dp = executor.submit(check_host, ip.strip(), 3389, args.notls) th.append(ft_dp) for r in concurrent.futures.as_completed(th): ip, status = r.result() # if STATUS_NORDP in status: # continue mark = '+' if status == STATUS_VULNERABLE else '-' log.info(f"[{mark}] [{ip}] Status: {status}")
def add_source_ips_v2(dis_client, dis_event, attack_id, src_traffic_report): """ Populate a DIS report from a Arbor sightline traffic report Parameters: dis_event: The DIS event to populate with src data src_traffic_report: The Arbor Sightline source traffic report Returns: An array containing the IP addresses that were added to the DIS report """ ip_list=[] for data_elem in src_traffic_report['data']: elem_id = "unknown" try: elem_id = data_elem['id'] logger.debug(f"Attack {attack_id}: Processing network src prefix " + elem_id) bps_elem = data_elem['attributes']['view']['network']['unit']['bps'] elem_name = bps_elem['name'] elem_max_bps = bps_elem['max_value'] logger.debug(f" name: {elem_name}, max bps: {elem_max_bps}") net_addr = IPv4Network(elem_name, strict=True) if net_addr.prefixlen != 32: logger.debug(f"Attack {attack_id}: Network bitmask for {elem_id} is not 32 bits ({elem_name})") else: ip_addr_str = str(net_addr.network_address) dis_client.add_attack_source_to_event(dis_event, ip=ip_addr_str, attribute_list=[ { "enum": "BPS", "name": "Bytes per second", "value": str(elem_max_bps) }]) ip_list.append(ip_addr_str) except Exception as ex: logger.info(f"Error processing '{elem_id}': {ex}") return ip_list
def configure_dhcp_server(): kv = unitdata.kv() public_ip = kv.get('public-ip') mn_iface = kv.get('mn.iface') mn_gateway = kv.get('mn.gateway') managed_network = IPv4Network(config()["managed-network"]) dhcp_range = config()["dhcp-range"] templating.render( source='isc-dhcp-server', target='/etc/default/isc-dhcp-server', context={ 'interfaces': mn_iface } ) templating.render( source='dhcpd.conf', target='/etc/dhcp/dhcpd.conf', context={ 'subnet': str(managed_network.network_address), 'netmask': str(managed_network.netmask), 'routers': mn_gateway, # This is either the host itself or the host's gateway 'broadcast_address': str(managed_network.broadcast_address), 'domain_name_servers': ", ".join(get_dns()), # We just copy the host's DNS settings 'dhcp_range': dhcp_range, } ) host.service_stop('isc-dhcp-server') success = host.service_start('isc-dhcp-server') if not success: message = "starting isc-dhcp-server failed. Please Check Charm configuration." if os.path.exists('/var/log/upstart/isc-dhcp-server.log'): with open('/var/log/upstart/isc-dhcp-server.log', 'r') as logfile: message += "Log: {}".format(logfile) hookenv.status_set('blocked', message) remove_state('dhcp-server.started') remove_state('dhcp-server.configured') else: hookenv.status_set('active', 'Ready ({})'.format(public_ip)) set_state('dhcp-server.started') set_state('dhcp-server.configured')
def __init__(self, cidrBlock: str = None, comment: str = None, ipAddress: str = None, links: list = None, last_used: str = None, count: int = None, last_used_address: str = None): """ For a single whitelist entry. Contains a bit of helper intelligence for ip addresses. :param cidrBlock: :param comment: :param ipAddress: :param links: """ self.last_used_address: Optional[IPv4Address] = None try: self.last_used_address = IPv4Address(last_used_address) except Exception: logging.warning('No last used address') self.count: Optional[int] = count self.last_used: Optional[datetime] = None try: self.last_used = parse_datetime(last_used) except Exception: logging.warning('Could not get last used date.') self.links = links self.ipAddress = ipAddress self.comment = comment self.cidrBlock = cidrBlock try: self.cidrBlockObj: IPv4Network = IPv4Network(self.cidrBlock) except Exception: self.cidrBlockObj = None try: self.ipAddressObj: IPv4Address = IPv4Address(self.ipAddress) except Exception: self.ipAddressObj = None
def _process_dhcp_pkt(self, packet, state: DHCPState): mac_addr = create_mac_from_sid(packet[Ether].dst) mac_addr_key = mac_addr.as_redis_key() with self._dhcp_notify: if mac_addr_key in self.dhcp_client_state: ip_offered = packet[BOOTP].yiaddr subnet_mask = self._get_option(packet, "subnet_mask") if subnet_mask is not None: ip_subnet = IPv4Network(ip_offered + "/" + subnet_mask, strict=False) else: ip_subnet = None dhcp_router_opt = self._get_option(packet, "router") if dhcp_router_opt is not None: router_ip_addr = ip_address(dhcp_router_opt) else: router_ip_addr = None lease_time = self._get_option(packet, "lease_time") dhcp_state = DHCPDescriptor(mac_addr, ip_offered, state, str(ip_subnet), packet[IP].src, router_ip_addr, lease_time, packet[BOOTP].xid) LOG.info("Record mac %s IP %s", mac_addr_key, dhcp_state) self.dhcp_client_state[mac_addr_key] = dhcp_state self.dhcp_gw_info.update_ip(router_ip_addr) self._dhcp_notify.notifyAll() if state == DHCPState.OFFER: # let other thread work on fulfilling IP allocation request. threading.Event().wait(self.THREAD_YIELD_TIME) self.send_dhcp_packet(mac_addr, DHCPState.REQUEST, dhcp_state) else: LOG.debug("Unknown MAC: %s " % packet.summary()) return
def handle_timeout(self) -> None: """Called as soon as the rebinding timeout occurs. """ if self.iszombie: return if self._lease_timeout is not None and self._lease_timeout <= time.time( ): self._log.warning( 'Rebinding timeout for %s called too late - ' 'lease has already expired on %d. Disconnecting client.', self, self._lease_timeout, ) self.server.disconnect_client(self.full_username) return target_addr: Optional[IPv4Address] if self._realm_data.subnet_ipv4: target_addr = IPv4Network( self._realm_data.subnet_ipv4).network_address else: target_addr = None try: self._refresh_lease( success_handler_clb=self._handle_lease_refresh_succeeded, failure_handler_clb=self._handle_lease_refresh_failed, client_identifier=self.full_username, device=self._realm_data.dhcp_listening_device, local_ip=self._realm_data.dhcp_listening_ip, server_ips=self._realm_data.dhcp_server_ips, target_addr=target_addr, client_ip=self._leased_ip_address, lease_time=self._realm_data.expected_dhcp_lease_time, ) except Exception: self._log.exception('Adding a new DHCP refresh request failed') self.server.disconnect_client(self.full_username)
def vpp_get_interface_ip_addresses(node, interface, ip_version): """Get list of IP addresses from an interface on a VPP node. :param node: VPP node. :param interface: Name of an interface on the VPP node. :param ip_version: IP protocol version (ipv4 or ipv6). :type node: dict :type interface: str :type ip_version: str :returns: List of dictionaries, each containing IP address, subnet prefix length and also the subnet mask for ipv4 addresses. Note: A single interface may have multiple IP addresses assigned. :rtype: list """ sw_if_index = InterfaceUtil.get_interface_index(node, interface) if sw_if_index: is_ipv6 = 1 if ip_version == 'ipv6' else 0 cmd = 'ip_address_dump' args = dict(sw_if_index=sw_if_index, is_ipv6=is_ipv6) err_msg = 'Failed to get L2FIB dump on host {host}'.format( host=node['host']) with PapiExecutor(node) as papi_exec: details = papi_exec.add(cmd, **args).get_details(err_msg) for item in details: item['ip'] = item['prefix'].split('/')[0] item['prefix_length'] = int(item['prefix'].split('/')[1]) item['is_ipv6'] = is_ipv6 item['netmask'] = \ str(IPv6Network(unicode('::/{pl}'.format( pl=item['prefix_length']))).netmask) \ if is_ipv6 \ else str(IPv4Network(unicode('0.0.0.0/{pl}'.format( pl=item['prefix_length']))).netmask) return details
def guess_own_iface(match_ips): if len(match_ips) == 0: return None for iface in ni.interfaces(): ifa = ni.ifaddresses(iface) if ni.AF_LINK not in ifa or len(ifa[ni.AF_LINK]) == 0: logging.debug("{} is has no MAC address, skipped.".format(iface)) continue if ni.AF_INET not in ifa or len(ifa[ni.AF_INET]) == 0: logging.warning("{} has no IPv4 address".format(iface)) continue mac = ifa[ni.AF_LINK][0]['addr'] for addr in ifa[ni.AF_INET]: net = IPv4Network(addr['addr'] + "/" + addr['netmask'], strict=False) if any([IPv4Address(ip) in net for ip in match_ips]): return iface, addr['addr'], addr['netmask'], mac return None
def build_config(self, apply=True, attributes=None, unconfig=False, **kwargs): assert not kwargs, kwargs assert not apply attributes = AttributesHelper(self, attributes) configurations = CliConfigBuilder(unconfig=unconfig) # =================================== # ipv4 # prefix_length # ipv4_secondary # secondary_vrf # =================================== if attributes.value('ipv4') and attributes.value('prefix_length'): # convert prefix_length to netmask ret = IPv4Network('1.1.1.1/{}'.format( attributes.value('prefix_length')), strict=False) mask = ret.with_netmask.split('/')[1] if attributes.value('ipv4_secondary'): configurations.append_line('ip address' ' {ipv4} {prefix_length} secondary' .format(ipv4=attributes.value('ipv4'), prefix_length=mask)) if attributes.value('secondary_vrf'): configurations.append_line('ip address' ' {ipv4} {prefix_length} secondary' ' vrf {secondary_vrf}' .format(ipv4=attributes.value('ipv4'), prefix_length=mask, secondary_vrf=attributes.value('secondary_vrf'))) else: configurations.append_line('ip address' ' {ipv4} {prefix_length}' .format(ipv4=attributes.value('ipv4'), prefix_length=mask)) return str(configurations)
def __init__(self, config, dry_run=False): if self._is_vpc: self.zk_hosts = config["zk_hosts"]["vpc"] else: self.zk_hosts = config["zk_hosts"]["ec2"] self.zk = KazooClient(hosts=",".join(self.zk_hosts), timeout=constants.ZK_TIMEOUT, logger=kazoo_logger) self.aws_access_key_id = config["aws_key"] self.aws_secret_access_key = config["aws_secret_key"] self.overlay_subnet = config["overlay_subnet"] self.network = IPv4Network(unicode(self.overlay_subnet)) self.instance_id = self._get_instance_id() self.public_ip = self._get_public_ip() self.private_ip = self._get_private_ip() try: self.zk.start() self.connected = True self.lost = False except self.zk.handler.timeout_exception: logger.error("Timed out connecting to Zookeeper.")
def networkmethod(): # ip address' ip_address = IPv4Address("220.24.9.37") print("Integer of IPv4 address: {ip}".format(ip=int(ip_address))) print("packed form of IPv4 address: {ip}".format(ip=ip_address.packed)) print("IPv4 address: {ip}".format(ip=ip_address)) print("") addrs = ( IPv4Address("220.14.9.37"), IPv4Address("8.240.12.2"), IPv4Address("100.201.0.4"), ) for a in sorted(addrs): print("IPv4 address: {addrs}".format(addrs=a)) print("") # networks net = IPv4Network("192.4.2.0/24") print("Number of address: {net}".format(net=net.num_addresses)) print("prefix length: {net}".format(net=net.prefixlen)) print("Network mask: {net}".format(net=net.netmask))
def cidr_to_netmask(subnet): """ This function converts the /cidr to proper netmask. Reference: https://gist.github.com/nboubakr/4344773 Manual method: mask = [0, 0, 0, 0] net_id, cidr = subnet.split("/") for i in range(int(cidr)): mask[i//8] = mask[i//8] + (1 << (7 - i % 8)) netmask = [str(i) for i in mask] return net_id, ".".join(netmask) This manual method is good for cidr to netmask but there is no checks if the net_id within the network bound by cidr. By using ipaddress module is the easiest and recommended, because ipaddress.IPv4Network checks if the network id is a valid id within the range of its cidr. :param subnet: must be a subnet/cidr eg. 192.168.1.0/26 :return: tuple of network id and netmask """ _subnet = IPv4Network(subnet) return str(_subnet.network_address), str(_subnet.netmask)
def __init__(self, conf): dhcp4 = conf['Dhcp4'] self.options = [ Option(DHO_DHCP_LEASE_TIME).setUint32( dhcp4.get('valid-lifetime', 7200)), Option(DHO_DHCP_RENEWAL_TIME).setUint32( dhcp4.get('renew-timer', 1800)), Option(DHO_DHCP_REBINDING_TIME).setUint32( dhcp4.get('rebind-timer', 3600)) ] self.subnet = IPv4Network('10.0.0.0/20') self.options.append( Option(DHO_SUBNET_MASK).setBytes(self.subnet.netmask.packed)) # hard code nameservers servers = [IPv4Address('192.168.3.1'), IPv4Address('192.168.3.2')] packed_servers = b''.join([addr.packed for addr in servers]) self.options.append( Option(DHO_DOMAIN_NAME_SERVERS).setBytes(packed_servers)) # hard code routers and domainname self.options.append( Option(DHO_ROUTERS).setBytes(self.subnet[1].packed)) self.options.append(Option(DHO_DOMAIN_NAME).setString('facebook.com'))
def _manage(self, addr=None, mask='255.255.255.0', ident=None, interval=10.0): """ Start discovery on network """ host = IPv4Address(addr) net = IPv4Network(addr + '/' + mask, False) #self.__log.debug('addr = {addr!r}'.format(addr=addr)) #print('Mask:', MASK) #print('Subnet:', ipaddress.IPv4Address(int(host) & int(net.netmask))) #print('Host:', ipaddress.IPv4Address(int(host) & int(net.hostmask))) self.__log.debug('broadcast_address = {broadcast_address!r}'.format( broadcast_address=net.broadcast_address)) # network = str(net.broadcast_address) # Start update self._loop.create_task( self._discovery_network_start(network=network, interval=interval))
def test_get_all_prefixes(self): test_cases = [ [IPv4Network("64.57.31.248/32"), IPv4Network("64.57.31.246/31")], [ IPv4Network("10.1.0.0/16"), ], [ IPv4Network("10.0.0.252/30"), IPv4Network("10.0.1.0/24"), ], [IPv4Network("0.0.1.0/24"), IPv4Network("0.0.2.0/23")], ] for prefixes in test_cases: ec = EquivalenceClass() for prefix in prefixes: ec.add_prefix(prefix) self.assertCountEqual(prefixes, ec.get_all_prefixes())
def github_security_groups(name, vpc, protocol): """Create a dict of security group authorizing access to github services. As the number of rules per security group is limited to 50, we create blocks of 50 rules. :param vpc: vpc in which to create the group :type vpc: VPC :param protocol: protocol to allow (https, ssh) :type protocol: str :return: a dict of security groups indexed by name :rtype: dict(str, SecurityGroup) """ ip_ranges = requests.get("https://api.github.com/meta").json()["git"] # Authorize ssh on the resulting list of ip ranges sgs = {} i = 0 limit = 50 sg_name = name + str(i) sg = SecurityGroup(sg_name, vpc, description="Allow access to github") sgs[sg_name] = sg for ip_range in ip_ranges: try: IPv4Network(ip_range) except AddressValueError: IPv6Network(ip_range) logging.info( f"Skipping IPv6 range {ip_range} for github access SG") continue if len(sg.egress + sg.ingress) == limit: i += 1 sg_name = name + str(i) sg = SecurityGroup( sg_name, vpc, description=f"Allow access to GitHub {protocol}") sgs[sg_name] = sg sg.add_rule(Ipv4EgressRule(protocol, ip_range)) return sgs
def sync(self, networks): '''Scan some networks and sync them to NetBox. :param networks: a list of valid networks, like ['10.0.0.0/8'] :return: synching statistics ''' for s in self.stats: self.stats[s] = 0 parsing = self.parser(networks) if parsing: self.logger('mistyped', badnets=parsing) return False for net in networks: hosts = self.scan(net) self.logger('scanned', net=net, hosts=len(hosts)) for host in hosts: self.sync_host(host) for ipv4 in IPv4Network(net): # cleanup address = str(ipv4) if not any(h[0] == address for h in hosts): try: nbhost = self.netbox.ipam.ip_addresses.get( address=address) if self.tag in nbhost.tags: nbhost.delete() self.logger('deleted', address=nbhost.address, description=nbhost.description) else: self.logger('undiscovered', address=nbhost.address, description=nbhost.description) except (AttributeError, ValueError): pass return True
def setup(self, supernet='172.18.0.0/16', subnet=None, gateway=None): """Sets up the network.""" def find_subnet(): docker_subnets = [] for network in self._docker_client.networks.list(): network_info = self._docker_api_client.inspect_network( network.name) if len(network_info['IPAM']['Config']) > 0: docker_subnets.append( str(network_info['IPAM']['Config'][0]['Subnet'])) for subnet in IPv4Network( unicode(supernet)).subnets(new_prefix=24): if str(subnet) not in docker_subnets: return str(subnet) raise UnknownNetworkError( "Cannot find available subnet from supernet {}".format( supernet)) if subnet is None: subnet = find_subnet() self._hosts = iter( [str(host) for host in IPv4Network(unicode(subnet)).hosts()]) if gateway is None: gateway = str(next(self._hosts)) ipam_pool = docker.types.IPAMPool(subnet=subnet, gateway=gateway) ipam_config = docker.types.IPAMConfig(pool_configs=[ipam_pool]) logger.info("Creating network") labels = { 'atomix-test': 'true', 'atomix-process': self.process_id or '', 'atomix-cluster': self.name } self._docker_client.networks.create(self.name, driver='bridge', ipam=ipam_config, labels=labels)
def get_service_cpe_routers(services): """ Return a dict of CPE routers """ cpe_routers = {} for vpn_type, vpn_data in services.items(): if vpn_type == 'l3vpn': for service_type, service_vrfs in vpn_data.items(): for vrf in service_vrfs: for site in vrf['sites']: for cpe_name, cpe_data in site['nodes'].items(): interfaces = {} if cpe_name in cpe_routers.keys(): cpe_data = cpe_routers[cpe_name] interfaces = cpe_routers[cpe_name].get( 'interfaces') if service_type == 'wan': cpe_data['asn'] = vrf['remote_asn'] cpe_data['customer'] = vrf['customer'] elif service_type == 'internet': cpe_data['asn'] = site['asn'] cpe_data['customer'] = site['customer'] for link in site['links']: if link['a_end'] == cpe_name: intf_name = link['a_end_intf'] host_ip = str( IPv4Network(link['wan_ip_pfx'])[1]) interfaces[intf_name] = dict( ip=host_ip, cost=5, service_type=service_type, remote_node=link['b_end'], remote_intf=link['b_end_intf'], remote_vrf=vrf['vrf_name']) cpe_data['interfaces'] = interfaces cpe_routers[cpe_name] = cpe_data return cpe_routers
def in_subnet(cursor: str, bind_vars: Json, fn: FunctionTerm, model: QueryModel) -> str: """ Assumptions and requirements: - this fn only works for IPv4 addresses - ip addresses are stored as 4 octet with digit string in the reported section - one argument is given which defines the ip/mask :param cursor: the cursor to read from :param bind_vars: the bind_vars to send to arango :param fn: the function definition :param model: the related query model. :return: the AQL filter statement """ if len(fn.args) != 1: raise AttributeError( "Function in_subnet expects exactly one argument. Example: 1.2.3.4/24" ) network = IPv4Network(fn.args[0], strict=False) mask = int(network.netmask) expected = int(network.network_address) & mask length = str(len(bind_vars)) bind_vars[length] = expected return f"BIT_AND(IPV4_TO_NUMBER({cursor}.{fn.property_path}), {mask}) == @{length}"
def prehandle_roa(asn_table: dict, args): roa = route_to_roa(asn_table) max_prefixlen = IPv4Network(0).max_prefixlen roa4 = filter(lambda item: isinstance(item["prefix"], IPv4Network), roa) roa6 = filter(lambda item: isinstance(item["prefix"], IPv6Network), roa) if args.ipv4: roa6 = [] elif args.ipv6: roa4 = [] roa4 = [ r for r in roa4 if r["prefix"].prefixlen <= args.max or r["prefix"].prefixlen == max_prefixlen ] roa6 = [r for r in roa6 if r["prefix"].prefixlen <= args.max6] for r in roa4: r["maxLength"] = args.max if r["prefix"].prefixlen == max_prefixlen: r["maxLength"] = max_prefixlen for r in roa6: r["maxLength"] = args.max6 for r in (*roa4, *roa6): r["prefix"] = r["prefix"].with_prefixlen return roa4, roa6
class CloudFlareNetwork: path = os.path.dirname(str(os.path.realpath(__file__))) IPV4_NETWORKS = [ IPv4Network(network) for network in open(path + '/lists/ips-v4').read().splitlines() ] IPV6_NETWORKS = [ IPv6Network(network) for network in open(path + '/lists/ips-v6').read().splitlines() ] def in_range(self, ip): address = ip_address(ip) if not address: return False if address.version == 4: return in_network(address, self.IPV4_NETWORKS) else: return in_network(address, self.IPV6_NETWORKS)