def _get_item_ip_hostname_url(item): """ Get item infos """ ip_addr = hostname = url = None try: validate = URLValidator(schemes=("http", "https", "ftp", "ftps", "rtsp", "rtmp")) validate(item["rawItem"]) item["itemType"] = "URL" url = item["rawItem"] except ValidationError: try: validate_ipv46_address(item["rawItem"]) item["itemType"] = "IP" except ValidationError: item["itemType"] = "FQDN" if item["itemType"] == "URL": hostname = networking.get_url_hostname(item["rawItem"]) ips = networking.get_ips_from_url(item["rawItem"]) if ips: ip_addr = ips[0] elif item["itemType"] == "IP": item["itemType"] = "IP" ip_addr = item["rawItem"] elif item["itemType"] == "FQDN": hostname = item["rawItem"] ips = networking.get_ips_from_fqdn(item["rawItem"]) if ips: ip_addr = ips[0] return ip_addr, hostname, url
def clean(self): if self.identifiertype == 'EMAIL': try: validate_email(self.identifier) except ValidationError as e: raise ValidationError( 'Identifier declared as EMAIL but does not contain a valid email address' ) if self.identifiertype == 'IPADD': try: validate_ipv46_address(self.identifier) except ValidationError as e: raise ValidationError( 'Identifier declared as IP ADDRESS but does not contain a valid ip4/ip6 address' ) if self.identifiertype == 'UNAME' or self.identifiertype == 'SKYPE': try: validate_slug(self.identifier) except ValidationError as e: raise ValidationError( 'Identifier declared as USERNAME/SKYPE but does not contain a username or skype identifier' ) if self.identifiertype == 'TWITTER': try: validate_slug(self.identifier) except ValidationError as e: raise ValidationError( 'Identifier declared as Twitter ID but does not contain a valid twitter id' )
def viewtrack(ct, pk, ip_address): '''IP address and caching are for situations where you want to not count a page refresh from the same location as another view. You can expire it to your specification, 300 (5 minutes) is pretty good though ''' ct = ContentType.objects.get(pk=ct) try: instance = ct.model_class().objects.get(pk=pk) except ct.model_class().DoesNotExist: return # Its gone, deal with it EXPIRE_TIME = getattr(settings, 'POPULARITY_VIEW_DELAY', 300) if EXPIRE_TIME is not False: # They expicitly don't want any delay if "," in ip_address: ip_address = ip_address.split(",")[-1].strip() validate_ipv46_address(ip_address) EXPIRE_KEY = u'popularity-view-%s-%s-%s' % (ct.pk, instance.pk, ip_address) log.info(u"%s / %s / %s/ %s" % (EXPIRE_KEY, ct.pk, instance.pk, ip_address)) if cache.get(EXPIRE_KEY): log.info("Foregoing view, recent key found") return # Don't add a view, they're revisiting too soon cache.set(EXPIRE_KEY, 1, EXPIRE_TIME) # 1 == just needs some value ViewTracker.add_view_for(instance)
def validate_domain_or_ip(self, data): try: validate_hostname(data) return data except ValidationError: validate_ipv46_address(data) return data
def _check_query(self, query, country=False, city=False, city_or_country=False): "Check the query and database availability." # Making sure a string was passed in for the query. if not isinstance(query, str): raise TypeError( "GeoIP query must be a string, not type %s" % type(query).__name__ ) # Extra checks for the existence of country and city databases. if city_or_country and not (self._country or self._city): raise GeoIP2Exception("Invalid GeoIP country and city data files.") elif country and not self._country: raise GeoIP2Exception( "Invalid GeoIP country data file: %s" % self._country_file ) elif city and not self._city: raise GeoIP2Exception("Invalid GeoIP city data file: %s" % self._city_file) # Return the query string back to the caller. GeoIP2 only takes IP addresses. try: validate_ipv46_address(query) except ValidationError: query = socket.gethostbyname(query) return query
def handle(self, *args, **options): group_name = options.get('group_name') ips = options.get('ip') try: ip_group = models.IPGroup.objects.get(name__iexact=group_name, type=models.TYPE_RANGE) except models.IPGroup.DoesNotExist: try: models.IPGroup.objects.get(name__iexact=group_name) except models.IPGroup.DoesNotExist: raise CommandError("IPGroup '%s' doesn't exist." % group_name) else: raise CommandError( "Can add IP address only to a Range based IP Group.") for ip in ips: try: validate_ipv46_address(ip) except ValidationError: raise CommandError("'%s' not a valid IPv4 or IPv6 address." % ip) for ip in ips: models.IPRange.objects.get_or_create(ip_group=ip_group, first_ip=ip)
def _match(self): # Fetch client IP address. client_ip = self._request.META.get('REMOTE_ADDR') if 'HTTP_X_FORWARDED_FOR' in self._request.META: # HTTP_X_FORWARDED_FOR can be a comma-separated list of IPs. # Take just the first valid one (proxies like squid may introduce # invalid values like 'unknown' under certain configurations, so # a validations is always required). for ip in self._request.META['HTTP_X_FORWARDED_FOR'].split(','): ip = ip.strip() try: validate_ipv46_address(ip) client_ip = ip break except ValidationError: pass # Fetch HTTP headers. # See: https://docs.djangoproject.com/en/dev/ref/request-response/#django.http.HttpRequest.META http_headers = {} for name, value in self._request.META.iteritems(): if name in ( 'CONTENT_LENGTH', 'CONTENT_TYPE', ): http_headers[self._normalized_header_name(name)] = value elif name.startswith('HTTP_'): http_headers[self._normalized_header_name(name[5:])] = value # Match. return mobile_detector.match(http_headers)
def repository_validator(path): """Validate an SSH repository path.""" if not ('@' in path and ':' in path): raise ValidationError(_('Repository path format incorrect.')) username, hostname, dir_path = split_path(path) hostname = hostname.split('%')[0] # Validate username using Unix username regex if not re.match(r'[a-z0-9_][a-z0-9_-]*$', username): raise ValidationError(_(f'Invalid username: {username}')) # The hostname should either be a valid IP address or hostname # Follows RFC1123 (hostnames can start with digits) instead of RFC952 hostname_re = (r'^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*' r'([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$') try: validate_ipv46_address(hostname) except ValidationError: if not re.match(hostname_re, hostname): raise ValidationError(_(f'Invalid hostname: {hostname}')) # Validate directory path if not re.match(r'[^\0]*', dir_path): raise ValidationError(_(f'Invalid directory path: {dir_path}'))
def clean(self): from django.core.validators import URLValidator, validate_ipv46_address port_re = "(:[0-9]{1,5}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5])" cleaned_data = super(AddEndpointForm, self).clean() if 'endpoint' in cleaned_data and 'product' in cleaned_data: endpoint = cleaned_data['endpoint'] product = cleaned_data['product'] if isinstance(product, Product): self.product = product else: self.product = Product.objects.get(id=int(product)) else: raise forms.ValidationError('Please enter a valid URL or IP address.', code='invalid') endpoints = endpoint.split() count = 0 error = False for endpoint in endpoints: try: url_validator = URLValidator() url_validator(endpoint) protocol, host, path, query, fragment = urlsplit(endpoint) self.endpoints_to_process.append([protocol, host, path, query, fragment]) except forms.ValidationError: try: # do we have a port number? host = endpoint regex = re.compile(port_re) if regex.findall(endpoint): for g in regex.findall(endpoint): host = re.sub(port_re, '', host) validate_ipv46_address(host) protocol, host, path, query, fragment = ("", endpoint, "", "", "") self.endpoints_to_process.append([protocol, host, path, query, fragment]) except forms.ValidationError: try: regex = re.compile( r'^(?:(?:[A-Z0-9](?:[A-Z0-9-]{0,61}[A-Z0-9])?\.)+(?:[A-Z]{2,6}\.?|[A-Z0-9-]{2,}(?<!-)\.?)|' # domain... r'localhost|' # localhost... r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|' # ...or ipv4 r'\[?[A-F0-9]*:[A-F0-9:]+\]?)' # ...or ipv6 r'(?::\d+)?' # optional port r'(?:/?|[/?]\S+)$', re.IGNORECASE) validate_hostname = RegexValidator(regex=regex) validate_hostname(host) protocol, host, path, query, fragment = (None, host, None, None, None) if "/" in host or "?" in host or "#" in host: # add a fake protocol just to join, wont use in update to database host_with_protocol = "http://" + host p, host, path, query, fragment = urlsplit(host_with_protocol) self.endpoints_to_process.append([protocol, host, path, query, fragment]) except forms.ValidationError: raise forms.ValidationError( 'Please check items entered, one or more do not appear to be a valid URL or IP address.', code='invalid') return cleaned_data
def nanolog(log_type, details, note=None, user=None, ip=None, log_object=None, request=None): """ Write into Nanolog the received data. <log_type> - string <details> - string <note> - string <user> - user instance or None <ip> - string <log_object>- string <request> - request object """ if not log_type or not details: return if not user and request: user = request.user values = dict( user=user, log_type=log_type, details=details, note=note, ) print(ip) if not ip and request: ip = get_client_ip(request) print(ip) try: validate_ipv46_address(ip) values['ip'] = ip except (ValidationError, TypeError): values['ip'] = None if log_object and hasattr(log_object, 'pk'): values['content_object'] = log_object Nanolog.objects.create(**values)
def process(request): """Process email webhook callback data.""" events = [] response = json.loads(request.body) for event in response: try: ip = event.get('ip') validate_ipv46_address(ip) ip_address = ip except Exception: ip_address = None try: created_on = datetime.utcfromtimestamp(event['timestamp']).replace(tzinfo=pytz.utc) email_event = EmailEvent( email=event['email'], event=event['event'], category=event.get('category', ''), created_on=created_on, ip_address=ip_address, ) events.append(email_event) except Exception: pass EmailEvent.objects.bulk_create(events) return HttpResponse('Thanks!')
def get_ip(req): """ 取得 IP - 包含驗證與不合法備註的處理 """ ip = "" x_forward = req.META.get('HTTP_X_FORWARDED_FOR', '') if x_forward: ip = x_forward.split(',')[0] else: ip = req.META.get('REMOTE_ADDR', '') if ip: try: validate_ipv46_address(ip) except ValidationError as ve: logger.error('Error Code 008 - Invalid IP Detected. IP: ' + ip) logger.error(str(ve)) ip = "[Invalid IP][IP Save Into Log]" except Exception as e: logger.error('Error Code 008 - Error When Detect IP. IP: ' + ip) logger.error(str(e)) ip = "[Valid IP Exception Occur][IP Save Into Log]" else: ip = "[Empty IP]" return ip
def edit(request, pk): device = get_object_or_404(Device, pk=pk) # If the request is POST, is the submit of th edit if request.method == 'POST': try: new_name = request.POST['name'] validate_ipv46_address(request.POST['ip']) new_ip = request.POST['ip'] token = request.POST['token'] device.name = new_name device.ip = new_ip device.token = token device.save() return redirect(reverse('dashboard:detail', args=(pk, ))) except ValidationError as e: messages.error(request, e.message, extra_tags='danger') except: messages.error(request, 'Please check the values', extra_tags='danger') return render(request, 'dashboard/edit.html', {'device': device})
def handle(self, *args, **options): """ Run script """ valid_environments = ['local', 'postgres_local'] if ENVIRONMENT not in valid_environments: raise RuntimeError( f'DJANGO_APPLICATION_ENVIRONMENT must be in {valid_environments}' ) ip = options['ip'] validate_ipv46_address(ip) self.install_fixture_data() self_configuration = get_self_configuration( exception_class=RuntimeError) SelfConfiguration.objects.filter(pk=self_configuration.id).update( ip_address=ip) rebuild_cache( head_block_hash=self_configuration.root_account_file_hash) self.stdout.write( self.style.SUCCESS('Validator initialization complete'))
def _match(self): # Fetch client IP address. client_ip = self._request.META.get('REMOTE_ADDR') if 'HTTP_X_FORWARDED_FOR' in self._request.META: # HTTP_X_FORWARDED_FOR can be a comma-separated list of IPs. # Take just the first valid one (proxies like squid may introduce # invalid values like 'unknown' under certain configurations, so # a validations is always required). for ip in self._request.META['HTTP_X_FORWARDED_FOR'].split(','): ip = ip.strip() try: validate_ipv46_address(ip) client_ip = ip break except ValidationError: pass # Fetch HTTP headers. # See: https://docs.djangoproject.com/en/dev/ref/request-response/#django.http.HttpRequest.META http_headers = {} for name, value in self._request.META.iteritems(): if name in ('CONTENT_LENGTH', 'CONTENT_TYPE',): http_headers[self._normalized_header_name(name)] = value elif name.startswith('HTTP_'): http_headers[self._normalized_header_name(name[5:])] = value # Match. return mobile_detector.match(http_headers)
def get_ip_report_count(**kwargs): """ Count nb of reports for an ip """ filters = {} if 'filters' in kwargs: try: filters = json.loads(unquote(unquote(kwargs['filters']))) except (ValueError, SyntaxError, TypeError): return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Bad Request'} try: start = datetime.fromtimestamp(filters['start']) end = datetime.fromtimestamp(filters['end']) except (KeyError, TypeError, ValueError): start = datetime.now() - timedelta(weeks=1) end = datetime.now() + timedelta(weeks=1) ip_addr = kwargs['ip'] try: validate_ipv46_address(ip_addr) count = ReportItem.objects.filter( itemType='IP', rawItem=ip_addr, report__receivedDate__gte=start, report__receivedDate__lte=end, ).values_list('report__id').distinct().count() return 200, {'reports': count} except ValidationError: return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Not a valid IPV4'}
def post_mass_contact(body, user): """ Create a worker task for mass contact """ try: ips = list(set(body['ips'])) for ip_address in ips: validate_ipv46_address(ip_address) except (TypeError, ValidationError): return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid value(s) in fields ips'} try: category = Category.objects.get(name=body['category'].title()) except (AttributeError, ObjectDoesNotExist, TypeError): return 400, {'status': 'Bad Request', 'code': 400, 'message': 'Invalid category'} # Generates unified campaignName campaign_name = body['campaignName'] campaign_name = re.sub(r'(\s+){2,}', ' ', campaign_name).replace(' ', '_').lower() campaign_name = re.sub('[^A-Za-z0-9_]+', '', campaign_name) campaign_name = u'mass_contact_' + campaign_name + u'_' + datetime.now().strftime('%D') # Check mustache (required for worker) for key, val in body['email'].iteritems(): if not all([mustache in val for mustache in MASS_CONTACT_REQUIRED]): message = '%s templating elements required in %s' % (str(MASS_CONTACT_REQUIRED), key) return 400, {'status': 'Bad Request', 'code': 400, 'message': message} __create_jobs(campaign_name, ips, category, body, user) return 200, {'status': 'OK', 'code': 200, 'message': 'Campaign successfully created'}
def add_camera(request): if "ip" in request.POST: ip = request.POST["ip"] name = request.POST["name"] if "name" in request.POST else None try: validate_ipv46_address(ip) try: cam = Camera.objects.get(ip=ip) # todo message to user? if name is not None: cam.name = name cam.save() except Camera.DoesNotExist: cam = Camera(ip=ip, name=name) cam.save() if cam: return redirect('pyspy.views.index') except ValidationError: pass # todo message to user return HttpResponseBadRequest(content=b"Bad request!")
def clean(self): if self.identifier_type is 'EMAIL': try: validate_email(self.identifier) except ValidationError: raise ValidationError( 'Identifier is not a valid email address') if self.identifier_type is 'IPADD': try: validate_ipv46_address(self.identifier) except ValidationError: raise ValidationError( 'Identifier is not a valid IPv4/IPv6 address') if self.identifier_type is 'UNAME' or self.identifier_type is 'NAME': try: validate_slug(self.identifier) except ValidationError: raise ValidationError( 'Identifier is not a valid username or name') if self.identifier_type is 'SKYPE': try: validate_skype(self.identifier) except ValidationError: raise ValidationError( 'Identifier is not a valid Skype user name') if self.identifier_type is 'TWITTER': try: validate_twitter(self.identifier) except ValidationError: raise ValidationError( 'Identifier is not a valid Twitter user name')
def clean(self): if self.identifier_type is 'EMAIL': try: validate_email(self.identifier) except ValidationError: raise ValidationError('Identifier is not a valid email address') if self.identifier_type is 'IPADD': try: validate_ipv46_address(self.identifier) except ValidationError: raise ValidationError('Identifier is not a valid IPv4/IPv6 address') if self.identifier_type is 'UNAME' or self.identifier_type is 'NAME': try: validate_slug(self.identifier) except ValidationError: raise ValidationError('Identifier is not a valid username or name') if self.identifier_type is 'SKYPE': try: validate_skype(self.identifier) except ValidationError: raise ValidationError('Identifier is not a valid Skype user name') if self.identifier_type is 'TWITTER': try: validate_twitter(self.identifier) except ValidationError: raise ValidationError('Identifier is not a valid Twitter user name')
def clean(self): cleaned_data = super(IpSearchForm, self).clean() term = cleaned_data.get('term') ip_valid = True if term == None: term = '1' try: validate_ipv46_address(term) except ValidationError: self.errors['term'] = self.error_class(['Not an IP address']) del cleaned_data['term'] ip_valid = False except AddrFormatError: self.errors['term'] = self.error_class(['Not an IP address']) del cleaned_data['term'] ip_valid = False ranges = Range.objects.all() found = False if ip_valid: for range in ranges: r = IPNetwork(range.cidr) addrs = list(r) if IPAddress(term) in addrs: found = True break if not found and ip_valid: self.errors['term'] = self.error_class(['IP is not within a known range']) del cleaned_data['term'] ip_valid = False return cleaned_data
def validate_ip46_fqdn_address(value): try: validate_fqdn(value) except ValidationError: try: validate_ipv46_address(value) except ValidationError: raise ValidationError('Introdusca un FQDN o Direccion IP valido')
def user_agent_and_ip_address_from_request(request): user_agent = request.META.get('HTTP_USER_AGENT', "") ip_address = request.META.get('HTTP_X_REAL_IP', "") try: validate_ipv46_address(ip_address) except ValidationError: ip_address = request.META.get('REMOTE_ADDR', None) return user_agent, ip_address
def get_reverses_for_item(item, nature="IP", replace_exception=False): """ Try to get reverses infos for given item :param str item: Can be an IP address, a URL or a FQDN :param str nature: The nature of the item :param bool replace_exception: Replace by NXDOMAIN or TIMEOUT :rtype: dict :return: a dict containing reverse infos """ hostname = None reverses = {} if nature == "IP": reverses["ip"] = item try: validate_ipv46_address(item) reverses["ipReverse"] = socket.gethostbyaddr(item)[0] reverses["ipReverseResolved"] = socket.gethostbyname( reverses["ipReverse"]) except ( IndexError, socket.error, socket.gaierror, socket.herror, socket.timeout, TypeError, ValidationError, ): pass elif nature == "URL": reverses["url"] = item parsed = urlparse(item) if parsed.hostname: hostname = parsed.hostname else: reverses["fqdn"] = item hostname = item if hostname: try: reverses["fqdn"] = hostname reverses["fqdnResolved"] = socket.gethostbyname(hostname) reverses["fqdnResolvedReverse"] = socket.gethostbyaddr( reverses["fqdnResolved"])[0] except socket.gaierror as ex: if replace_exception: try: reverses["fqdnResolved"] = DNS_ERROR[str(ex.args[0])] except KeyError: reverses["fqdnResolved"] = "NXDOMAIN" except socket.timeout: if replace_exception: reverses["fqdnResolved"] = "TIMEOUT" except (IndexError, TypeError, socket.error, socket.herror): pass return reverses
def clean_url(self): url = URLObject(self.cleaned_data["url"]) # URLObject doesn't handle ipv6 very well yet. In the meantime, ... if url.netloc.count(":") > 3: raise forms.ValidationError(_("Enter a valid URL.")) URLValidator()(url.without_auth()) if url.scheme not in ["http", "https"]: raise forms.ValidationError( _("Invalid URL scheme: '%s'. Only HTTP and HTTPS are " "supported.") % url.scheme ) if url.netloc.hostname in ["localhost", "127.0.0.1", "::1"]: raise forms.ValidationError(_("Enter a valid URL.")) try: validate_ipv46_address(url.netloc.hostname) except forms.ValidationError: pass else: raise forms.ValidationError(_("Enter a valid URL.")) existing = self.user.feeds.filter(url=url) if self.instance is not None: existing = existing.exclude(pk=self.instance.pk) if existing.exists(): raise forms.ValidationError(_("It seems you're already subscribed to this feed.")) auth = None if url.auth != (None, None): auth = url.auth # Check this is actually a feed with user_lock("feed_check", self.user.pk, timeout=30): headers = {"User-Agent": USER_AGENT % "checking feed", "Accept": feedparser.ACCEPT_HEADER} try: response = requests.get(six.text_type(url.without_auth()), headers=headers, timeout=10, auth=auth) except Exception: if "SENTRY_DSN" in os.environ: client = Client() client.captureException() raise forms.ValidationError(_("Error fetching the feed.")) if response.status_code != 200: raise forms.ValidationError(_("Invalid response code from URL: " "HTTP %s.") % response.status_code) try: parsed = feedparser.parse(response.content) except Exception: raise forms.ValidationError(_("Error parsing the feed.")) if not is_feed(parsed): raise forms.ValidationError(_("This URL doesn't seem to be a valid feed.")) self.cleaned_data["title"] = parsed.feed.title # Cache this in case update_favicon needs it and it's not in the # scheduler data yet. if hasattr(parsed.feed, "link"): cache.set(u"feed_link:{0}".format(url), parsed.feed.link, 600) return url
def clean(self): cleaned_data = super(FormAddForwardRecord, self).clean() record_type = cleaned_data.get("record_type") record_data = cleaned_data.get("record_data") if record_type in ("A", "AAAA"): try: validators.validate_ipv46_address(record_data) except: raise ValidationError("Invalid IP Address.")
def _validated_ip(self, ip): from django.core.exceptions import ValidationError from django.core.validators import validate_ipv46_address ip = ip.strip() try: validate_ipv46_address(ip) except ValidationError: return None return ip
def validate_ip_address(value): """ Make sure value is a valid IPv4 or IPv6 address. """ try: validate_ipv46_address(value) return value except DjangoValidationError as e: raise ValidationError(str(e))
def clean_entries(self): validate_unicode(self.cleaned_data['key'], max_length=100) validate_unicode(self.cleaned_data['key_id'], max_length=100) validate_unicode(self.cleaned_data['subkey_id'], max_length=100) data = json.loads(self.cleaned_data['entries']) # [{a,b,c}] for ip in data: validate_ipv46_address(ip) return data
def clean_value(self, value, operator_slug, request): if value is None: return value elif operator_slug not in {OPERATORS.CONTAINS, OPERATORS.EXACT, OPERATORS.STARTSWITH, OPERATORS.ENDSWITH}: try: validate_ipv46_address(value) except ValidationError: raise FilterValueError(ugettext('Value must be in format IPv4 or IPv6.')) return value
def get_ip_address(request): for header in headers: if request.META.get(header, None): ip = request.META[header].split(',')[0] try: validate_ipv46_address(ip) return ip except ValidationError: pass
def validate_fqdn_or_ipv46_address(value): try: validate_ipv46_address(value) return True except ValidationError: try: validate_domain_name(value) return True except ValidationError: return False
def is_valid_ip(ip_address): """ Check Validity of an IP address """ if not ip_address: return False ip_address = ip_address.strip() try: validate_ipv46_address(ip_address) return True except ValidationError: return False
def is_ip_allowed(self, ip): if not self.use_ip_auth: return True try: validators.validate_ipv46_address(ip) except ValidationError: return False if ipv6.is_valid_ipv6_address(ip): ip = ipv6.clean_ipv6_address(ip) return self._allowed_cleaned_ip(ip)
def validate(self, attrs): if self.instance: return attrs fixed_ips = attrs.get('fixed_ips') network: models.Network = self.context['view'].get_object() if fixed_ips: for fixed_ip in fixed_ips: if 'ip_address' not in fixed_ip and 'subnet_id' not in fixed_ip: raise serializers.ValidationError( _('Either ip_address or subnet_id field must be specified') ) wrong_fields = set(fixed_ip.keys()) - {'ip_address', 'subnet_id'} if wrong_fields != set(): raise serializers.ValidationError( _( 'Only ip_address and subnet_id fields can be specified. Got: %(fields)s' ) % {'fields': wrong_fields} ) if fixed_ip.get('ip_address') == '': raise serializers.ValidationError( _('ip_address field must not be blank. Got %(fixed_ip)s.') % {'fixed_ip': fixed_ip} ) if fixed_ip.get('subnet_id') == '': raise serializers.ValidationError( _('subnet_id field must not be blank. Got %(fixed_ip)s.') % {'fixed_ip': fixed_ip} ) if 'ip_address' in fixed_ip: validate_ipv46_address(fixed_ip['ip_address']) subnet_backend_id = fixed_ip.get('subnet_id') if subnet_backend_id: if not models.SubNet.objects.filter( backend_id=subnet_backend_id, network=network ).exists(): raise serializers.ValidationError( { 'subnet': _( 'There is no subnet with backend_id [%(backend_id)s] in the network [%(network)s]' ) % {'backend_id': subnet_backend_id, 'network': network,} } ) attrs['service_settings'] = network.service_settings attrs['project'] = network.project attrs['network'] = network attrs['tenant'] = network.tenant return super(PortSerializer, self).validate(attrs)
def add_addrs(self, addrs): message = ''; error = 0; ip_in_route = {}; route_id = self.kwargs['pk'] for ip_addr in addrs: try: validate_ipv46_address(ip_addr) except ValidationError, e: error += 1; message += str(e) continue try: ip = Ip.objects.get(addr=ip_addr, route_id=route_id) error += 1 message += 'Ip address: {0} present in this: {1} route; '.format(ip_addr, ip.route.name) dmt_log.info('Ip address: {0} present in this: {1} route.'.format(ip_addr, ip.route.name)) continue except Ip.DoesNotExist: ip_in_other_route = Ip.objects.filter(addr=ip_addr, route_id__isnull=False) if len(ip_in_other_route) == 0: try: ip = Ip.objects.get(addr=ip_addr, route_id__isnull=True) except Ip.DoesNotExist: ip = Ip(addr=ip_addr, created=datetime.now()) else: if self.request.GET.get('confirm', False) == 'true': ip = Ip(addr=ip_addr, created=datetime.now()) dmt_log.info('Add Ip address: {0} to route: {1} present in route: {2} by user: {3}'.format( ip_addr, route_id, ip_in_other_route[0].route_id, self.request.user.email)) else: ip_in_route.update({ip_in_other_route[0].route_id: {'addr': ip_in_other_route[0].addr, 'route': ip_in_other_route[0].route.name}}) continue ip.route_id = route_id ip.reverse = ip.resolve() ip.last_reverse_check = datetime.now() if not ip.reverse: error += 1 message += 'Reverse resolve absent from ip address: {0}; '.format(ip_addr) dmt_log.info('Reverse resolve absent from ip address: {0};'.format(ip_addr)) continue ip.save() route = Route.objects.get(pk=ip.route_id) dmt_log.info('ip: {0} has been added to route: {1}, route_id: {2} by user: {3}'.format( ip.addr, route.name, route.pk, self.request.user.email))
def get_client_ip(request): x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR') if x_forwarded_for: ip = x_forwarded_for.split(',')[-1].strip() else: ip = request.META.get('REMOTE_ADDR') try: validate_ipv46_address(ip) except ValidationError: ip = None return ip
def isValidIP(ip: str): """ * Validate IP address\n * @param string ip\n * @return boolean """ try: validate_ipv46_address(ip) except ValidationError: return False else: return True
def InvalidIpList(value): """ 验证ip,ip是否合法 """ ips = value.split(",") try: for ip in ips: validate_ipv46_address(ip) except ValidationError: raise ValidationError(u"请输入 iplist 如格式: ip1,ip2,ip3")
def clean_entries(self): validate_unicode(self.cleaned_data['key'], max_length=100) validate_unicode(self.cleaned_data['key_id'], max_length=100) validate_unicode(self.cleaned_data['subkey_id'], max_length=100) data = json.loads(self.cleaned_data['entries'])[0] # [{json=a..}] if validate_impact((data['impact'])): data['impact'] = int(data['impact']) # Unicode str number, decimals, etc validate_ipv46_address(data['ip']) validate_unicode(data['comment'], max_length=255) validate_unicode(data['source'], max_length=45) return data
def validate_hostname(hostname, reject_ip=True, supports_cidr_notation=False, supports_wildcard=False): """Validates that ``hostname`` does not contain illegal characters. In case ``hostname`` is not validated a ``ValidationError`` is raised. PowerDNS expects to find FQDN hostnames, so if the hostname ends with a dot, it is rejected. By default, the valid hostname characters are: A-Za-z0-9._- The pattern above allows the hostname to be an IP address (IPv4). By default, if hostname validates as an IP address, it is rejected. To allow IP addresses as hostnames, set ``reject_ip`` to False when calling this validator. If ``supports_cidr_notation`` is True, then ``/`` is allowed too. If ``supports_wildcard`` is True, then ``*`` is allowed too, unless the ``PDNS_ALLOW_WILDCARD_NAMES`` has been set to False (default is True). """ if not hostname: return if hostname.endswith('.'): raise ValidationError( 'PowerDNS expects to find FQDN hostnames without trailing dot') if reject_ip: # Check if hostname is an IP and reject it if it is. try: validate_ipv46_address(hostname) except ValidationError: pass else: raise ValidationError('IP addresses cannot be used as hostnames') valid_sequence = 'A-Za-z0-9._\-' # dash needs to be escaped if supports_cidr_notation: valid_sequence = '%s/' % valid_sequence if supports_wildcard: if settings.PDNS_ALLOW_WILDCARD_NAMES: valid_sequence = '%s*' % valid_sequence if not re.match('^[%s]+$' % valid_sequence, hostname): raise ValidationError('The hostname contains illegal characters')
def mass_contact(ip_address=None, category=None, campaign_name=None, email_subject=None, email_body=None, user_id=None): """ Try to identify customer based on `ip_address`, creates Cerberus ticket then send email to customer and finally close ticket. The use case is: a trusted provider sent you a list of vulnerable DNS servers (DrDOS amp) for example. To prevent abuse on your network, you notify customer of this vulnerability. :param str ip_address: The IP address :param str category: The category of the abuse :param str campaign_name: The name if the "mass-conctact" campaign :param str email_subject: The subject of the email to send to defendant :param str email_body: The body of the email to send to defendant :param int user_id: The id of the Cerberus `abuse.models.User` who created the campaign """ # Check params _, _, _, values = inspect.getargvalues(inspect.currentframe()) if not all(values.values()): Logger.error(unicode('invalid parameters submitted %s' % str(values))) return try: validate_ipv46_address(ip_address) except (TypeError, ValidationError): Logger.error(unicode('invalid ip addresses submitted')) return # Get Django model objects try: category = Category.objects.get(name=category) user = User.objects.get(id=user_id) except (AttributeError, ObjectDoesNotExist, TypeError): Logger.error(unicode('invalid user or category')) return # Identify service for ip_address try: services = ImplementationFactory.instance.get_singleton_of('CustomerDaoBase').get_services_from_items(ips=[ip_address]) schema.valid_adapter_response('CustomerDaoBase', 'get_services_from_items', services) except CustomerDaoException as ex: Logger.error(unicode('Exception while identifying defendants for ip %s -> %s ' % (ip_address, str(ex)))) raise CustomerDaoException(ex) # Create report/ticket if services: Logger.debug(unicode('creating report/ticket for ip address %s' % (ip_address))) with pglocks.advisory_lock('cerberus_lock'): __create_contact_tickets(services, campaign_name, ip_address, category, email_subject, email_body, user) return True else: Logger.debug(unicode('no service found for ip address %s' % (ip_address))) return False
def viewtrack(request, instance): if viewtrack_task is None: raise Exception("You must install celery to use this templatetag") ''' Like above, except it fires off a task which upticks the views (for those that need it super-fast). Also takes into consideration IP address to eliminate refresh-duplications ''' ct = ContentType.objects.get_for_model(instance) ip = request.META.get('HTTP_X_FORWARDED_FOR') or request.META.get('REMOTE_ADDR') if len(ip.split(",")) > 1: ip = ip.split(",")[-1].strip() validate_ipv46_address(ip) viewtrack_task.apply_async(args=[ct.pk, instance.pk, ip])
def lookup_country_code_from_ip(cls, ip): try: # Early check to avoid initializing GeoIP2 on invalid addresses if not ip: raise forms.ValidationError('No IP') validate_ipv46_address(ip) geoip = GeoIP2() value = geoip.country_code(ip) # Annoyingly, we have to catch both django's GeoIP2Exception (setup # issue) and geoip2's GeoIP2Error (lookup issue) except (forms.ValidationError, GeoIP2Exception, GeoIP2Error): value = '' return value
def is_valid_ipaddr(ip_addr): """ Check if the `ip_addr` is a valid ipv4 :param str ip_str: The IP address :rtype: bool :returns: If the ip_addr is valid """ try: validate_ipv46_address(ip_addr) return True except ValidationError: return False
def validate_hostname(hostname, reject_ip=True, supports_cidr_notation=False, supports_wildcard=False): """Validates that ``hostname`` does not contain illegal characters. In case ``hostname`` is not validated a ``ValidationError`` is raised. PowerDNS expects to find FQDN hostnames, so if the hostname ends with a dot, it is rejected. By default, the valid hostname characters are: A-Za-z0-9._- The pattern above allows the hostname to be an IP address (IPv4). By default, if hostname validates as an IP address, it is rejected. To allow IP addresses as hostnames, set ``reject_ip`` to False when calling this validator. If ``supports_cidr_notation`` is True, then ``/`` is allowed too. If ``supports_wildcard`` is True, then ``*`` is allowed too, unless the ``PDNS_ALLOW_WILDCARD_NAMES`` has been set to False (default is True). """ if not hostname: return if hostname.endswith('.'): raise ValidationError('PowerDNS expects to find FQDN hostnames without trailing dot') if reject_ip: # Check if hostname is an IP and reject it if it is. try: validate_ipv46_address(hostname) except ValidationError: pass else: raise ValidationError('IP addresses cannot be used as hostnames') valid_sequence = 'A-Za-z0-9._\-' # dash needs to be escaped if supports_cidr_notation: valid_sequence = '%s/' % valid_sequence if supports_wildcard: if settings.PDNS_ALLOW_WILDCARD_NAMES: valid_sequence = '%s*' % valid_sequence if not re.match('^[%s]+$' % valid_sequence, hostname): raise ValidationError('The hostname contains illegal characters')
def get_reverses_for_item(item, nature='IP', replace_exception=False): """ Try to get reverses infos for given item :param str item: Can be an IP address, a URL or a FQDN :param str nature: The nature of the item :param bool replace_exception: Replace socket error by NXDOMAIN or TIMEOUT :rtype: dict :returns: a dict containing reverse infos """ hostname = None reverses = {} if nature == 'IP': reverses['ip'] = item try: validate_ipv46_address(item) reverses['ipReverse'] = socket.gethostbyaddr(item)[0] reverses['ipReverseResolved'] = socket.gethostbyname(reverses['ipReverse']) except (IndexError, socket.error, socket.gaierror, socket.herror, socket.timeout, TypeError, ValidationError): pass elif nature == 'URL': reverses['url'] = item parsed = urlparse(item) if parsed.hostname: hostname = parsed.hostname else: reverses['fqdn'] = item hostname = item if hostname: try: reverses['fqdn'] = hostname reverses['fqdnResolved'] = socket.gethostbyname(hostname) reverses['fqdnResolvedReverse'] = socket.gethostbyaddr(reverses['fqdnResolved'])[0] except socket.gaierror as ex: if replace_exception: try: reverses['fqdnResolved'] = DNS_ERROR[str(ex.args[0])] except KeyError: reverses['fqdnResolved'] = 'NXDOMAIN' except (socket.error, socket.timeout, socket.herror): if replace_exception: reverses['fqdnResolved'] = 'TIMEOUT' except (IndexError, TypeError): pass return reverses
def get_ip_from_request(request): headers = ( 'HTTP_X_REAL_IP', 'REMOTE_ADDR', ) for header in headers: ip = request.META.get(header) if ip: try: validate_ipv46_address(ip) return ip except ValidationError: pass return None
def clean_ip_address(self): ip_address = self.cleaned_data.get('ip_address', '') network_or_ip = self.cleaned_data.get('network_or_ip', '') address_type = self.cleaned_data.get('address_type', '') current_addresses = list(self.instance.ip_addresses) # If this is a dynamic address type, then bypass if address_type and address_type.pk not in self.address_types_with_ranges_or_default: return ip_address elif ip_address in current_addresses: return ip_address if network_or_ip and network_or_ip == '1': if not ip_address: raise ValidationError('This field is required.') elif ip_address: # Make sure this is valid. validate_ipv46_address(ip_address) user_pools = get_objects_for_user( self.user, ['network.add_records_to_pool', 'network.change_pool'], any_perm=True ) user_nets = get_objects_for_user( self.user, ['network.add_records_to_network', 'network.is_owner_network', 'network.change_network'], any_perm=True ) # Check address that are assigned and free to use addresses = [str(address) for address in Address.objects.filter( Q(pool__in=user_pools) | Q(pool__isnull=True) | Q(network__in=user_nets), Q(leases__isnull=True) | Q(leases__abandoned=True) | Q(leases__ends__lte=timezone.now()) | Q(leases__host=self.instance), Q(host__isnull=True) | Q(host=self.instance), address=ip_address, reserved=False )] if ip_address not in addresses: raise ValidationError("The IP Address '%s' is reserved, in use, or not allowed." % ip_address) else: # Clear values ip_address = '' return ip_address
def is_valid_ip(ip_address): """Returns whether IP address is both valid AND, per RFC 1918, not reserved as private""" try: validate_ipv46_address(ip_address) except ValidationError: return False PRIVATE_IPS_PREFIX = ( '10.', '172.16.', '172.17.', '172.18.', '172.19.', '172.20.', '172.21.', '172.22.', '172.23.', '172.24.', '172.25.', '172.26.', '172.27.', '172.28.', '172.29.', '172.30.', '172.31.', '192.168.', '127.', ) return not ip_address.startswith(PRIVATE_IPS_PREFIX)
def validateForm(self, user_id, pwd, ip, destination): ''' This will validate the submitted form for a initial check before calling web service, so initially if any error found, it will stop the process. @param user_id: User Id of the user it may be email/ mobile number. @param pwd: Password entered by the user. @param ip: IP address of the user. @param destination: Destination URL, which might be wrong while calling ''' # step 1- URL validator key, msg, sug = '','',''; try: url_validate = URLValidator(); url_validate(destination); except ValidationError: log.error('Destination URL %s , user trying to access is not valid', destination); msg += 'You have modified original End point URL.\n'; sug += 'We are working fine, Thanks for your Time to test.\n' # Step 2- Validate password if not pwd: log.info('User Entered Password is not correct'); key += 'pwd, '; msg += 'Password is not valid. \n'; sug += 'Please Enter a valid password. \n' # Step 3- Validate User_id if not self.isValideUserId(user_id): log.info('User Entered User Id is not correct'); key += 'user_id, '; msg += 'User Id is not valid. \n'; sug += 'Please Enter a valid User Id. \n' # Step 4- Validate IP try: validate_ipv46_address(ip); except ValidationError: log.error('IP Address %s of the user is not valid', ip); msg += 'OOps Something went wrong. \n'; sug += 'Currently we are not able to determine your system details, please try after some time. \n' key = key.rstrip(', ') if key else None msg = key.rstrip('\n') if msg else None sug = key.rstrip('\n') if sug else None return LoginHelper().buildValidationDic(key, msg, sug);
def test_filling_IPAddressField(self): try: from test.generic.models import DummyGenericIPAddressFieldModel as IPModel except ImportError: from test.generic.models import DummyIPAddressFieldModel as IPModel obj = mommy.make(IPModel) field = IPModel._meta.get_field('ipv4_field') self.assertIsInstance(field, GenericIPAddressField) self.assertIsInstance(obj.ipv4_field, string_types) validate_ipv4_address(obj.ipv4_field) if hasattr(obj, 'ipv6_field'): self.assertIsInstance(obj.ipv6_field, string_types) self.assertIsInstance(obj.ipv46_field, string_types) validate_ipv6_address(obj.ipv6_field) validate_ipv46_address(obj.ipv46_field)