def connect_line_bridge(line_component, bridge_component, addressing_scheme=None): """ Connects a ring to a bridge. :param line_component: ring component that will be connected to the bridge. Needs at least two free interfaces :param bridge_component: bridge component that will be connected to the ring. Will add new interfaces to the bridge. """ link_id = used_resources.get_new_link_id() line_container = line_component.connection_points.pop() # create new interface for container in line line_interface_id = "%s.%03d" % (line_container.container_id, line_container.get_next_interface() ) line_interface = NetworkInterface(line_interface_id, link_id) if addressing_scheme is not None: ip = addressing_scheme['bridge_links'].pop() line_interface.address = "%s/%s" % (ip, addressing_scheme['bridge_prefix']) # get bridge and interface for bridge br = bridge_component.connection_points[0] bridge_interface_id = "%s.%03d" % (br.bridge_id, br.get_next_interface()) bridge_interface = NetworkInterface(bridge_interface_id, link_id) # summary if addressing_scheme is not None: containers = len(line_component.topology['containers']) print("amount of containers: %s " % containers) other_container = None if len(line_component.connection_points) > 0: other_container = line_component.connection_points[0] line_component.addresses = sorted(line_component.addresses) if other_container is not None and netaddr.IPNetwork(line_container.interfaces[0].address) > netaddr.IPNetwork( other_container.interfaces[0].address): summary = netaddr.cidr_merge(line_component.addresses[(containers - 1):len(line_component.addresses)]) line_component.addresses = line_component.addresses[0: containers - 2] print("2: ", ) for address in line_component.addresses: print(address, ) else: summary = netaddr.cidr_merge(line_component.addresses[0:containers - 2]) line_component.addresses = line_component.addresses[containers - 1:len(line_component.addresses)] line_interface.summarizes = summary print("link %s has %s and %s" % (link_id, line_interface.interface_id, bridge_interface.interface_id)) br.add_interface(bridge_interface) line_container.add_interface(line_interface) line_container.gateway = line_interface.interface_id
def update_right_tree(self): self.right_tree.delete(*self.right_tree.get_children()) image = Image.open('resources/images/milker-X-icon.png') imwidth = 10 wpersent = (imwidth / float(image.size[0])) hsize = int(float(image.size[1]) * float(wpersent)) image = ImageTk.PhotoImage( image.resize((imwidth, hsize), Image.ANTIALIAS)) self.right_tree.image = image for item in netaddr.cidr_merge(self.right_ip_set): values = list() values.append(str(item)) if '32' in str(item).split('/')[1]: values.append(False) values.append(1) else: values.append(True) values.append(len(item)) self.right_tree.insert('', tk.END, text='', image=image, values=values)
def expand_ips(start_ip, end_ip): list_ip = [] ips = netaddr.cidr_merge(list(netaddr.iter_iprange(start_ip, end_ip))) for i in ips: ip = str(i.ip) + '/' + str(i.netmask) list_ip.append(ip) return list_ip
def report(domains, asns=None, networks=None, addresses=None, rdns=None): """ Prints the sets of given domains, autonomous system numbers, networks, PTRs, and IP addresses if user wants it. Args: domains: set of domains gathered. asns: set of autonomous system numbers gathered. networks: set of network ranges gathered. addresses: set of IP addresses gathered. rdns: set of PTR records """ if domains is not None: print_border("DOMAINS ({})".format(len(domains))) print("{}".format("\n".join(str(x) for x in domains))) if asns is not None: print_border("AUTONOMOUS SYSTEM NUMBERS ({})".format(len(asns))) print(*asns, sep="\n") if networks is not None: networks = netaddr.cidr_merge(list(networks)) print_border("NETWORK RANGES ({})".format(len(networks))) print(*networks, sep="\n") if addresses is not None: print_border("IP ADDRESSES ({})".format(len(addresses))) print(*addresses, sep="\n") if rdns is not None: print_border("RDNS RECORDS ({})".format(len(rdns))) print(*rdns, sep="\n")
def test_ip_range(): ip_list = list(iter_iprange('192.0.2.1', '192.0.2.14')) assert len(ip_list) == 14 assert ip_list == [ IPAddress('192.0.2.1'), IPAddress('192.0.2.2'), IPAddress('192.0.2.3'), IPAddress('192.0.2.4'), IPAddress('192.0.2.5'), IPAddress('192.0.2.6'), IPAddress('192.0.2.7'), IPAddress('192.0.2.8'), IPAddress('192.0.2.9'), IPAddress('192.0.2.10'), IPAddress('192.0.2.11'), IPAddress('192.0.2.12'), IPAddress('192.0.2.13'), IPAddress('192.0.2.14'), ] assert cidr_merge(ip_list) == [ IPNetwork('192.0.2.1/32'), IPNetwork('192.0.2.2/31'), IPNetwork('192.0.2.4/30'), IPNetwork('192.0.2.8/30'), IPNetwork('192.0.2.12/31'), IPNetwork('192.0.2.14/32'), ]
def ip_range_diff(source_ip_range, remove_ip_range): """Return source_ip_range after excluding remove_ip_range.""" # Convert IP ranges to CIDR. source_ip_range = ip_range_to_cidr(source_ip_range) remove_ip_range = ip_range_to_cidr(remove_ip_range) logging.debug('source_ip_range = %s' % (source_ip_range)) logging.debug('remove_ip_range = %s' % (remove_ip_range)) # Expand each range. source_ip_range_expanded = ip_range_expand(source_ip_range) remove_ip_range_expanded = ip_range_expand(remove_ip_range) # logging.debug('remove_ip_range_expanded = %s' % (remove_ip_range_expanded)) # Remove each matching source IP address individually. for i in remove_ip_range_expanded: try: source_ip_range_expanded.remove(i) except ValueError: # Value not in source_ip_range continue # Convert remaining range to CIDR. # logging.debug('source_ip_range_expanded = %s' % (source_ip_range_expanded)) source_ip_range = netaddr.cidr_merge(source_ip_range_expanded) logging.debug('source_ip_range = %s' % (source_ip_range)) # Convert each CIDR block to string. result_cidr = [] for cidr_object in source_ip_range: result_cidr.append(str(cidr_object)) # Convert entire list to a string. result_cidr = ','.join(result_cidr) logging.debug('result_cidr = %s' % (result_cidr)) # Remove '/32' (single IP) and return diff'd range. return result_cidr.replace('/32', '')
def get_aggregates(api): """ A Function for aggregating and listing all subnets seen by DarkTrace :param api: A valid and active authenticated session with the DarkTrace API :return: List of CIDR aggregated subnets """ subnets = api.get('/subnets') place_holder = set() for subnet in subnets: # Subnet entry # { # 'sid': 6000000009896, 'auto': True, 'dhcp': True, 'firstSeen': 1552551497000, # 'label': '10.117.80.0/24', 'lastSeen': 1552551497000, 'latitude': 52.09, # 'longitude': 5.12, 'network': '10.117.80.0/24', 'shid': 6000000016884, # 'uniqueHostnames': False, 'uniqueUsernames': False # } if is_valid_ipv4_network(subnet['network']): place_holder.add(subnet['network']) subnets_to_merge = sorted( place_holder, key=lambda item: socket.inet_aton(item.split('/')[0])) merged_subnets = netaddr.cidr_merge(subnets_to_merge) final_subnets = [] for merged_subnet in merged_subnets: final_subnets.append(str(merged_subnet)) return final_subnets
def ip_range_to_cidr(ip_network_string): """Convert ip_network_string into CIDR notation.""" # Split string into list by ', ' delimiter. ip_network_cidr = [] ip_network_list = ip_network_string.split(',') for ip_object in ip_network_list: # For every ip range ('10.182.71.0-10.182.75.255'), convert to individual slash notation, 10.182.71.0/24, 10.182.72.0/22. if '-' in ip_object: # The object is a range. dash = ip_object.find('-') # First part of ip range. ip_start = ip_object[:dash] # Last part of ip range. ip_end = ip_object[dash + 1:] # Generate lists of IP addresses in range. ip_range = list(netaddr.iter_iprange(ip_start, ip_end)) # Convert start & finish range to CIDR. ip_range = netaddr.cidr_merge(ip_range) # May be one or more objects in list. # Example 1: '10.182.71.0-10.182.75.255' ==> ['10.182.71.0/24, 10.182.72.0/22'] # Example 2: '10.182.90.0-10.182.91.255' ==> ['10.182.90.0/23'] # Add each CIDR to ip_network. for ip_object in ip_range: ip_network_cidr.append(str(ip_object)) else: # The object is not a range, just add it. logging.debug('ip_object = %s' % (ip_object)) ip_network_cidr.append(str(netaddr.IPNetwork(ip_object).cidr)) # Return as a string with delimiter ', ' return ip_network_cidr
def iana_rir_gen_ip_list(user_rir_list): # generates a list of networks that can be blocked by RIR # we use a SortedList so that elements are inserted in order. This allows cidr_merge to work rir_slash_eight_list = SortedList() with open('iana') as iana_file: iana_csv = csv.reader(iana_file) for line in iana_csv: for rir in user_rir_list: # case in which the whois line from our csv contains the RIR if rir in line[3]: network = line[0].lstrip('0') rir_slash_eight_list.add(netaddr.IPNetwork(network)) # if we find a match, there is no reason to see if the other RIRs are on the same line break # run cidr_merge to summarize rir_slash_eight_list = netaddr.cidr_merge(rir_slash_eight_list) return rir_slash_eight_list
def cidr_merge(value, action='merge'): if not hasattr(value, '__iter__'): raise errors.AnsibleFilterError('cidr_merge: expected iterable, got ' + repr(value)) if action == 'merge': try: return [str(ip) for ip in netaddr.cidr_merge(value)] except Exception as e: raise errors.AnsibleFilterError( 'cidr_merge: error in netaddr:\n%s' % e) elif action == 'span': # spanning_cidr needs at least two values if len(value) == 0: return None elif len(value) == 1: try: return str(netaddr.IPNetwork(value[0])) except Exception as e: raise errors.AnsibleFilterError( 'cidr_merge: error in netaddr:\n%s' % e) else: try: return str(netaddr.spanning_cidr(value)) except Exception as e: raise errors.AnsibleFilterError( 'cidr_merge: error in netaddr:\n%s' % e) else: raise errors.AnsibleFilterError("cidr_merge: invalid action '%s'" % action)
def ip_sumarizing(ip_list): import netaddr ip_list = [netaddr.IPNetwork("%s" % subn) for subn in ip_list] ip_list = netaddr.cidr_merge(ip_list) return ip_list
def prefixes_merge(prefixes_list): start_prefixes_dict = {str(n): [] for n in range(32, 0, -1)} final_prefixes_dict = {} final_prefixes_list = [] for ip in prefixes_list: start_prefixes_dict[netaddr.IPNetwork(ip).prefixlen.__str__()].append( netaddr.IPNetwork(ip)) for k, v in start_prefixes_dict.items(): if str(v or '') == '': continue final_prefixes_dict[k] = netaddr.cidr_merge(v) for k, v in final_prefixes_dict.items(): for i in v: final_prefixes_list.append([k, i.__str__()]) flat = [x for row in final_prefixes_list for x in row] print('no ip prefix-list {0}'.format(sys.argv[1])) for idx, i in enumerate(flat[1:], 1): if idx % 2 == 1: if flat.count(i) > 1 and i.endswith(flat[idx - 1]): continue elif i.endswith(flat[idx - 1]): print('ip prefix-list {0} permit {1}'.format(sys.argv[1], i)) else: print('ip prefix-list {0} permit {1} {2}'.format( sys.argv[1], i, 'le ' + flat[idx - 1]))
def set_summaries(configured_host): logging.getLogger(__name__).info("Setting summaries") for interface_id, interface in configured_host['interfaces'].items(): container_id = configured_host['mappings'][interface_id] container = configured_host['containers'][container_id] if interface.address is not None: logging.getLogger(__name__).info(interface_id) for summary, via in configured_host["mappings_summaries"].items(): #print " checking for: %s, via %s" % (summary, via) # via must be in same subnet as address in this interface same_subnet_via = (netaddr.IPNetwork(via) == netaddr.IPNetwork(interface.address)) # check if summary is in same subnet or not existing_summaries = [] for route in container.routing['routes']: existing_summaries.append(netaddr.IPNetwork(route.address)) existing_summaries = netaddr.cidr_merge(existing_summaries) route_exists = False for route in existing_summaries: if route.network == netaddr.IPNetwork(summary).network: route_exists = True if same_subnet_via and not route_exists: network = netaddr.IPNetwork(summary) address = "%s/%s" % (network.network, network.prefixlen) summary_route = emulator.elements.Route(address, interface.veth) summary_route.via = str(netaddr.IPNetwork(via).ip) container.routing["routes"].append(summary_route) logging.getLogger(__name__).info("Adding %s to %s", summary_route.address, container.container_id)
def delete(self, cidr): cidr = netaddr.IPNetwork(cidr) if cidr in self.allocated: self.allocated.remove(cidr) self.unallocated.append(cidr) self.unallocated = netaddr.cidr_merge(self.unallocated) self.update()
def summarizeCidrs(ranges): ipList = [] for network in ranges: cidr = netaddr.IPNetwork(network) cidr.prefixlen = 19 ipList.append(cidr) return netaddr.cidr_merge(ipList)
def main(): print("Downloading Azure IP ranges from %s") % AZURE_IP_RANGES_URL download_ip_ranges(CURRENT_AZURE_IP_LIST_FILE) parse_regions(CURRENT_AZURE_IP_LIST_FILE,REGION_LIST_FILE) # Add validation that the region name is listed in the file file_obj = open(REGION_LIST_FILE,'r') VALID_REGIONS = file_obj.read().splitlines() file_obj.close() if target_region not in VALID_REGIONS: print("Error the specified region, %s, is not a valid region") % target_region print("VALID AZURE REGIONS: %s") % VALID_REGIONS sys.exit(1) root = ET.parse(CURRENT_AZURE_IP_LIST_FILE).getroot() # find the right Azure Region IPs #ranges = getRegionIps(root, 'europewest') ranges = getRegionIps(root, target_region) print ranges summarised = summarizeCidrs(ranges) print("Length before summarisation: ", len(ranges)) print("Length after summarisation: ", len(summarised)) moreSummarised = netaddr.cidr_merge(summarised) print("Length after more summarisation: ", len(moreSummarised))
def main(): parser = argparse.ArgumentParser(description='IP Blacklist Generator') parser.add_argument('-if', type=lambda x: open_file(parser, x), dest='input_file', metavar='INPUT_FILE', required=True, help='Input file with blacklist URLs') parser.add_argument('-of', type=str, dest='output_file', metavar='OUTPUT_FILE', required=True, help='Output file') args = parser.parse_args() output_filename = args.output_file input_file = args.input_file #Create master list that will ultimately get written to file master_list = [] #Read in URLs from file and build list urls = get_urls(input_file) #Download lists, parse, and append to master list for url in urls: raw_list = download_list(url) if raw_list is not None: formatted_list = parse_list(raw_list) for address_block in formatted_list: master_list.append(address_block) #aggregate and remove duplicates master_list = cidr_merge(master_list) #sort the list of IP objects master_list.sort() #Export list to file export_list(master_list, output_filename)
def parse(repo: 'RuleRepo', rule_index: int) -> 'Rule': new_rule = Rule() rule_path = os.path.join(repo.rules_path, repo.rules_list[rule_index]) with open(rule_path, 'r', encoding='utf8') as f: lines = f.readlines() header = lines[0] if header.startswith('#'): header = header[1:] header_list = header.split(',') new_rule.name = Rule.parse_header(header_list[0]) new_rule.friendly_name = Rule.parse_header(header_list[1]) new_rule.proxy_type = Rule.parse_header(header_list[2]) new_rule.proxy_type_2 = Rule.parse_header(header_list[3]) new_rule.unknown_1 = Rule.parse_header(header_list[4]) new_rule.unknown_2 = Rule.parse_header(header_list[5]) new_rule.writeable = Rule.parse_header(header_list[6]) new_rule.dns_type = Rule.parse_header(header_list[7]) new_rule.comment = Rule.parse_header(header_list[8]) network_list = list() for line in lines[1:]: line = line.strip() line.replace('\n', '') line.replace('\r', '') try: network = IPNetwork(line) except: continue network_list.append(network) new_rule.network_list = cidr_merge(network_list) return new_rule
def aws2cidr(type): content = urllib2.urlopen('https://ip-ranges.amazonaws.com/ip-ranges.json').read() data = simplejson.loads(content)['prefixes'] amazon_blocks = {} for key in data: if not key['region'].startswith('cn-'): if not key['service'] in amazon_blocks: amazon_blocks[key['service']] = [] amazon_blocks[key['service']].append(netaddr.IPNetwork(key['ip_prefix'])) # 'AMAZON' block contains other blocks. exclude them temp_amazon = [] for block in amazon_blocks['AMAZON']: for key in amazon_blocks: if key != 'AMAZON': if block not in amazon_blocks[key]: temp_amazon.append(block) amazon_blocks['AMAZON'] = temp_amazon total = [] for key in amazon_blocks: total = total + amazon_blocks[key] cidr_result = "" if type == "all": # all of the merged blocks for network in netaddr.cidr_merge(total): cidr_result = cidr_result + '\n' + str(network) elif type == "split": # blocks that split for key in amazon_blocks: cidr_result = cidr_result + '\n# Amazon ' + key for network in netaddr.cidr_merge(amazon_blocks[key]): cidr_result = cidr_result + '\n' + str(network) else: # blocks of a certain type for network in netaddr.cidr_merge(amazon_blocks[type]): cidr_result = cidr_result + '\n' + str(network) # strip empty lines cidr_result = '\n'.join([line.strip() for line in cidr_result.splitlines() if line.strip()]) return cidr_result
def load(self, url): nets = [] r = requests.get(url) t=json.loads(r.content) for i in r.json()['prefixes']: nets.append(IPNetwork(i['ip_prefix'])) for i in cidr_merge(nets): self.networks["{}/{}".format(i.network, i.prefixlen)] = 'Amazon GLOBAL'
def manual_ipv6_infrastructure_allocation(anm): """Applies manual IPv6 allocation""" import netaddr g_ipv6 = anm["ipv6"] log.info("Using specified IPv6 infrastructure allocation") for node in g_ipv6.l3devices(): for interface in node.physical_interfaces: if not interface["input"].is_bound: continue # unbound interface ip_address = netaddr.IPAddress(interface["input"].ipv6_address) prefixlen = interface["input"].ipv6_prefixlen interface.ip_address = ip_address interface.prefixlen = prefixlen cidr_string = "%s/%s" % (ip_address, prefixlen) interface.subnet = netaddr.IPNetwork(cidr_string) broadcast_domains = [d for d in g_ipv6 if d.broadcast_domain] # TODO: allow this to work with specified ip_address/subnet as well as ip_address/prefixlen from netaddr import IPNetwork for coll_dom in broadcast_domains: connected_interfaces = [edge.dst_int for edge in coll_dom.edges()] cd_subnets = [IPNetwork("%s/%s" % (i.subnet.network, i.prefixlen)) for i in connected_interfaces] if len(cd_subnets) == 0: log.warning("Collision domain %s is not connected to any nodes" % coll_dom) continue try: assert len(set(cd_subnets)) == 1 except AssertionError: mismatch_subnets = "; ".join("%s: %s/%s" % (i, i.subnet.network, i.prefixlen) for i in connected_interfaces) log.warning("Non matching subnets from collision domain %s: %s" % (coll_dom, mismatch_subnets)) else: coll_dom.subnet = cd_subnets[0] # take first entry # apply to remote interfaces for edge in coll_dom.edges(): edge.dst_int.subnet = coll_dom.subnet # also need to form aggregated IP blocks (used for e.g. routing prefix # advertisement) # import autonetkit # autonetkit.update_http(anm) infra_blocks = {} for (asn, devices) in g_ipv6.groupby("asn").items(): broadcast_domains = [d for d in devices if d.broadcast_domain] subnets = [cd.subnet for cd in broadcast_domains if cd.subnet is not None] # only if subnet is set infra_blocks[asn] = netaddr.cidr_merge(subnets) g_ipv6.data.infra_blocks = infra_blocks
def read_rirs(country_list, permit, rir_list=RIR_NAMES): # list containing our file objects file_list = [] # we use a SortedList so that elements are inserted in order. This allows cidr_merge to work rir_ips = SortedList() # Open the files we downloaded earlier and store the file object for rir in rir_list: file_list.append(open(rir)) for f in file_list: for line in f: curr_line = line.split('|') try: # we want only the ipv4 lines that are for a specific country # also only want countries that we are going to block if (curr_line[2] == "ipv4" and curr_line[1] != "*") and \ ((permit and curr_line[1] not in country_list) or (not permit and curr_line[1] in country_list)): country_code = curr_line[1] network_id = curr_line[3] wildcard = int(curr_line[4])-1 try: # Add network to list, if the number of IPs was not a # power of 2 (wildcard is not valid). # AddrFormatError is thrown rir_ips.add(netaddr.IPNetwork(network_id + "/" + str(netaddr.IPAddress(wildcard)))) # Handle case in where our mask is invalid by rounding DOWN except netaddr.AddrFormatError: print "rounded network " + network_id + " with " + str(wildcard) + \ " hosts up to nearest power of 2" wildcard = next_power_of_2(wildcard) - 1 print wildcard + 1 rir_ips.add(netaddr.IPNetwork(network_id + "/" + str(netaddr.IPAddress(wildcard)))) # IndexErrors only occur when parsing columns we don't need except IndexError: pass f.close() # cidr_merge takes our list of IPs and summarizes subnets where possible # this greatly decreases the number of ACL entries rir_ips = netaddr.cidr_merge(rir_ips) return rir_ips
def __and__(self, other: 'Rule') -> 'Rule': new_rule = Rule() new_rule.name = '{0} && {1}'.format(self.name, other.name) new_rule.friendly_name = '{0} && {1}'.format(self.friendly_name, other.friendly_name) new_rule.comment = '{0} && {1}'.format(self.comment, other.comment) self.network_list.extend(other.network_list) new_rule.network_list = cidr_merge(self.network_list) return new_rule
def parse_asn(content): soup = BeautifulSoup(content, 'html.parser') results = [] nets = [] for element in soup.find('div', id='ipv4-data').find('table', id="block-table").find_all('tr')[1:]: ip, company, num = [e.text.strip() for e in element.find_all('td')] results.append((ip, company, num)) nets.append(IPNetwork(ip)) return results, '\n'.join([str(net) for net in cidr_merge(nets)])
def _setup_routes(self, if_dev, ver, ip_start, ip_end, gw_ip): gw_ip_net = netaddr.IPNetwork(gw_ip) if_dev.addr.add(ver, "%s/%s" % (ip_start, gw_ip_net.prefixlen), gw_ip_net.broadcast) if_dev.route.add_gateway(str(gw_ip_net.ip)) if ip_start != ip_end: local_nets = netaddr.cidr_merge(netaddr.iter_iprange(ip_start, ip_end)) max_pfx_len = ver == 4 and 32 or 128 for l in local_nets: if l.prefixlen < max_pfx_len or str(l.ip) != ip_start: if_dev.route._as_root("add", "local", str(l), "dev", if_dev.name, options=[ver])
def definesubnet(insubnetlist): fnsubnet = [] if len(insubnetlist) > 0: for everysubnet in insubnetlist: mynet = netaddr.IPNetwork(everysubnet) fnsubnet.append(mynet) mergesubnet = netaddr.cidr_merge(list(set(fnsubnet))) return mergesubnet else: return fnsubnet
def get_scanner_targets(self): """ Get a list of strings representing the IP addresses and network ranges that this scanner is configured to scan. :return: A list of strings representing the IP addresses and network ranges that this scanner is configured to scan. """ all_ips = self.get_all_ips() merged = cidr_merge(all_ips) return [str(x) for x in merged]
def manual_ipv4_allocation(anm): """Applies manual IPv4 allocation""" import netaddr g_in_directed = anm['input_directed'] g_ipv4 = anm['ipv4'] for l3_device in g_ipv4.nodes("is_l3device"): directed_node = g_in_directed.node(l3_device) l3_device.loopback = directed_node.ipv4loopback for edge in l3_device.edges(): # find edge in g_in_directed directed_edge = g_in_directed.edge(edge) edge.ip_address = netaddr.IPAddress(directed_edge.ipv4) # set subnet onto collision domain (can come from either # direction) collision_domain = edge.dst if not collision_domain.subnet: # TODO: see if direct method in netaddr to deduce network prefixlen = directed_edge.netPrefixLenV4 cidr_string = "%s/%s" % (edge.ip_address, prefixlen) intermediate_subnet = netaddr.IPNetwork(cidr_string) cidr_string = "%s/%s" % ( intermediate_subnet.network, prefixlen) subnet = netaddr.IPNetwork(cidr_string) collision_domain.subnet = subnet # also need to form aggregated IP blocks (used for e.g. routing prefix # advertisement) loopback_blocks = {} infra_blocks = {} for asn, devices in g_ipv4.groupby("asn").items(): routers = [d for d in devices if d.is_router] loopbacks = [r.loopback for r in routers] loopback_blocks[asn] = netaddr.cidr_merge(loopbacks) collision_domains = [d for d in devices if d.collision_domain] subnets = [cd.subnet for cd in collision_domains] infra_blocks[asn] = netaddr.cidr_merge(subnets) g_ipv4.data.loopback_blocks = loopback_blocks g_ipv4.data.infra_blocks = infra_blocks
def _merge_cidrs(cls): """ We learned about CIDRs from the following functions: - _load_elasticips() - _load_vpcs() - _load_vpces() - _load_natgateways() - _load_network_whitelist() These cidr's are stored in the OBJECT_STORE in a way that is not optimal: OBJECT_STORE['cidr']['54.0.0.1'] = set(['123456789012']) OBJECT_STORE['cidr']['54.0.0.0'] = set(['123456789012']) ... OBJECT_STORE['cidr']['54.0.0.255/32'] = set(['123456789012']) The above example is attempting to illustrate that account `123456789012` contains `54.0.0.0/24`, maybe from 256 elastic IPs. If a resource policy were attempting to ingress this range as a `/24` instead of as individual IPs, it would not work. We need to use the `cidr_merge` method from the `netaddr` library. We need to preserve the account identifiers that are associated with each cidr as well. # Using: # https://netaddr.readthedocs.io/en/latest/tutorial_01.html?highlight=summarize#summarizing-list-of-addresses-and-subnets # import netaddr # netaddr.cidr_merge(ip_list) Step 1: Group CIDRs by account: # ['123456789012'] = ['IP', 'IP'] Step 2: Merge each account's cidr's separately and repalce the OBJECT_STORE['cidr'] entry. Return: `None`. Mutates the cls.OBJECT_STORE['cidr'] datastructure. """ if not 'cidr' in cls.OBJECT_STORE: return # step 1 merged = defaultdict(set) for cidr, accounts in cls.OBJECT_STORE['cidr'].items(): for account in accounts: merged[account].add(cidr) del cls.OBJECT_STORE['cidr'] # step 2 for account, cidrs in merged.items(): merged_cidrs = netaddr.cidr_merge(cidrs) for cidr in merged_cidrs: add(cls.OBJECT_STORE['cidr'], str(cidr), account)
def combine_it(iplist): try: fipl = [] for ip in cidr_merge(iplist): if '/' in str(ip) and str(ip).split('/', 1)[1] == '32': fipl.append(str(ip).split('/', 1)[0]) else: fipl.append(str(ip)) return fipl except (ValueError, TypeError): print "{}[!]{} Ensure that all IPs are in CIDR notation.".format(colors.red, colors.normal)
def subnet_aggregate(ip_file): listIP = [] f = open(ip_file, encoding='UTF-8-sig') for each in f: if each.isspace(): continue listIP.append(IPNetwork(each)) f.close() temp_list = cidr_merge(listIP) for each in temp_list: print(each)
def cidr_subtract(supernet_cidr, subnet_cidr): supernet = netaddr.IPNetwork(supernet_cidr) subnet = netaddr.IPNetwork(subnet_cidr) if subnet not in supernet: return [supernet] supernet_subnets = list(supernet.subnet(subnet.prefixlen)) supernet_subnets.remove(subnet) return netaddr.cidr_merge(supernet_subnets)
def _subnet(self, existing_networks, prefixlen=24): ''' Get a unique subnet of a network given an existing networks ''' available_networks = (netaddr.IPSet(self.cidr) - netaddr.IPSet( netaddr.cidr_merge([Network(net) for net in existing_networks]))) while len(available_networks.iter_cidrs()) > 0: for net in available_networks.iter_cidrs(): for subnet in net.subnet(prefixlen, count=1): existing_networks.append(str(subnet)) yield str(subnet) else: raise AnsibleError('Run out of subnets')
def main(): if len(sys.argv) < 2: usage() sys.exit() ipFile = open(sys.argv[1]) ipAddresses = [i for i in ipFile.readlines()] ipAddresses = sorted(ipAddresses) cidrs = netaddr.cidr_merge(ipAddresses) for cidr in cidrs: print cidr
def _validate_range_with_network(self): ip_networks = [] if self.range: start, end = self.range.split('-') ip_addresses = list(netapi.iter_iprange(start, end)) ip_networks.extend(netapi.cidr_merge(ip_addresses)) else: ip_addresses = get_ips_from_cidr(self.cidr) ip_networks.extend(netapi.cidr_merge(ip_addresses)) address_lst = [] net = netapi.IPNetwork(self.cidr) for network in ip_networks: for address in network: address_lst.append(str(address)) if address not in net: excep_msg = 'given dhcp range:%s not a subset of network:%s' % (self.range, net) LOGGER.error(excep_msg) raise Exception(excep_msg) self.iplist = address_lst
def _merge_cidrs(cls): """ We learned about CIDRs from the following functions: - _load_elasticips() - _load_vpcs() - _load_vpces() - _load_natgateways() - _load_network_whitelist() These cidr's are stored in the OBJECT_STORE in a way that is not optimal: OBJECT_STORE['cidr']['54.0.0.1'] = set(['123456789012']) OBJECT_STORE['cidr']['54.0.0.0'] = set(['123456789012']) ... OBJECT_STORE['cidr']['54.0.0.255/32'] = set(['123456789012']) The above example is attempting to illustrate that account `123456789012` contains `54.0.0.0/24`, maybe from 256 elastic IPs. If a resource policy were attempting to ingress this range as a `/24` instead of as individual IPs, it would not work. We need to use the `cidr_merge` method from the `netaddr` library. We need to preserve the account identifiers that are associated with each cidr as well. # Using: # https://netaddr.readthedocs.io/en/latest/tutorial_01.html?highlight=summarize#summarizing-list-of-addresses-and-subnets # import netaddr # netaddr.cidr_merge(ip_list) Step 1: Group CIDRs by account: # ['123456789012'] = ['IP', 'IP'] Step 2: Merge each account's cidr's separately and repalce the OBJECT_STORE['cidr'] entry. Return: `None`. Mutates the cls.OBJECT_STORE['cidr'] datastructure. """ if not 'cidr' in cls.OBJECT_STORE: return # step 1 merged = defaultdict(set) for cidr, accounts in list(cls.OBJECT_STORE['cidr'].items()): for account in accounts: merged[account].add(cidr) del cls.OBJECT_STORE['cidr'] # step 2 for account, cidrs in list(merged.items()): merged_cidrs = netaddr.cidr_merge(cidrs) for cidr in merged_cidrs: add(cls.OBJECT_STORE['cidr'], str(cidr), account)
def get_utilization(self): """ Determine the utilization rate of the aggregate prefix and return it as a percentage. """ child_prefixes = Prefix.objects.filter(prefix__net_contained_or_equal=str(self.prefix)) # Remove overlapping prefixes from list of children networks = cidr_merge([c.prefix for c in child_prefixes]) children_size = float(0) for p in networks: children_size += p.size return int(children_size / self.prefix.size * 100)
def subtract_subnets_from_range(cidr_range, subnets): full_range = netaddr.IPNetwork(cidr_range) # Assume subtracting equal sized subnets for now subnet_mask_bits = netaddr.IPNetwork(subnets[0]).prefixlen remaining_subnets = [ str(subnet) for subnet in full_range.subnet(subnet_mask_bits) if str(subnet) not in subnets ] # Just return the largest single range return str(netaddr.cidr_merge(remaining_subnets)[0])
def aggregate(list_of_cidrs): """ Given a list of CIDR's aggregate the list to a summarised subnet """ # Create new list with IPNetwork objects networks = [] for network in list_of_cidrs: networks.append(IPNetwork(network)) # Merge new list and return summarised networks networks = cidr_merge(networks) return networks
def combine_it(iplist): try: fipl = [] for ip in cidr_merge(iplist): if '/' in str(ip) and str(ip).split('/', 1)[1] == '32': fipl.append(str(ip).split('/', 1)[0]) else: fipl.append(str(ip)) return fipl except (ValueError, TypeError): print "{}[!]{} Ensure that all IPs are in CIDR notation.".format( colors.red, colors.normal)
def merge(self): """ Merge a list of subnets combining adjacent subnets. :param subnets: A list of subnets :return: A list of merged subnets >>> s = Subnets([IPNetwork('192.136.55.0/24'), IPNetwork('103.214.228.0/24'), IPNetwork('192.136.54.0/24')]) >>> s.merge() [IPNetwork('103.214.228.0/24'), IPNetwork('192.136.54.0/23')] """ return netaddr.cidr_merge(self.subnets)
def _setup_routes(self, if_dev, ver, ip_start, ip_end, gw_ip): gw_ip_net = netaddr.IPNetwork(gw_ip) if_dev.addr.add("%s/%s" % (ip_start, gw_ip_net.prefixlen)) if_dev.route.add_gateway(str(gw_ip_net.ip)) if ip_start != ip_end: local_nets = netaddr.cidr_merge(netaddr.iter_iprange(ip_start, ip_end)) max_pfx_len = (ver == 4 and 32 or 128) for l in local_nets: if l.prefixlen < max_pfx_len or str(l.ip) != ip_start: if_dev.route._as_root('add', 'local', str(l), 'dev', if_dev.name, options=[ver])
def test_cidr_merge_v4(): assert cidr_merge(['192.0.128.0/24', '192.0.129.0/24']) == [IPNetwork('192.0.128.0/23')] assert cidr_merge(['192.0.129.0/24', '192.0.130.0/24']) == [IPNetwork('192.0.129.0/24'), IPNetwork('192.0.130.0/24')] assert cidr_merge(['192.0.2.112/30', '192.0.2.116/31', '192.0.2.118/31']) == [IPNetwork('192.0.2.112/29')] assert cidr_merge(['192.0.2.112/30', '192.0.2.116/32', '192.0.2.118/31']) == [IPNetwork('192.0.2.112/30'), IPNetwork('192.0.2.116/32'), IPNetwork('192.0.2.118/31')] assert cidr_merge(['192.0.2.112/31', '192.0.2.116/31', '192.0.2.118/31']) == [IPNetwork('192.0.2.112/31'), IPNetwork('192.0.2.116/30')] assert cidr_merge([ '192.0.1.254/31', '192.0.2.0/28', '192.0.2.16/28', '192.0.2.32/28', '192.0.2.48/28', '192.0.2.64/28', '192.0.2.80/28', '192.0.2.96/28', '192.0.2.112/28', '192.0.2.128/28', '192.0.2.144/28', '192.0.2.160/28', '192.0.2.176/28', '192.0.2.192/28', '192.0.2.208/28', '192.0.2.224/28', '192.0.2.240/28', '192.0.3.0/28']) == [ IPNetwork('192.0.1.254/31'), IPNetwork('192.0.2.0/24'), IPNetwork('192.0.3.0/28'), ]
def make_iplist(l): """ Expect the input to be well-formatted. :param l: list. ip ranges(or single ip) e.g. [('192.0.2.1', '192.0.2.15'), '192.0.3.1'] :return: list. CIRD notation of ips in the range """ re = [] for ip in l: if type(ip) == types.TupleType: r = IPRange(ip[0], ip[1]) re.extend(r.cidrs()) else: # ip is a str. e.g. '192.0.3.1' re.append(IPAddress(ip)) return cidr_merge(re)
def detect(self, url): cdn_list = {'ips_cdn_cloudflare':['199.27.128.0/21','173.245.48.0/20','103.21.244.0/22','103.22.200.0/22','103.31.4.0/22','141.101.64.0/18','108.162.192.0/18','190.93.240.0/20','188.114.96.0/20','197.234.240.0/22','198.41.128.0/17','162.158.0.0/15','104.16.0.0/12'], 'ips_cdn_360': ['183.136.133.0-183.136.133.255','220.181.55.0-220.181.55.255','101.226.4.0-101.226.4.255','180.153.235.0-180.153.235.255','122.143.15.0-122.143.15.255','27.221.20.0-27.221.20.255','202.102.85.0-202.102.85.255','61.160.224.0-61.160.224.255','112.25.60.0-112.25.60.255','182.140.227.0-182.140.227.255','221.204.14.0-221.204.14.255','222.73.144.0-222.73.144.255','61.240.144.0-61.240.144.255','113.17.174.0-113.17.174.255','125.88.189.0-125.88.189.255','125.88.190.0-125.88.190.255','120.52.18.1-120.52.18.255'], 'ips_cdn_jiasule':['119.188.35.0-119.188.35.255','61.155.222.0-61.155.222.255','218.65.212.0-218.65.212.255','116.211.121.0-116.211.121.255','103.15.194.0-103.15.194.255','61.240.149.0-61.240.149.255','222.240.184.0-222.240.184.255','112.25.16.0-112.25.16.255','59.52.28.0-59.52.28.255','211.162.64.0-211.162.64.255','180.96.20.0-180.96.20.255','103.1.65.0-103.1.65.255'], 'ips_cdn_anquanbao' :['220.181.135.1-220.181.135.255','115.231.110.1-115.231.110.255','124.202.164.1-124.202.164.255','58.30.212.1-58.30.212.255','117.25.156.1-117.25.156.255','36.250.5.1-36.250.5.255','183.60.136.1-183.60.136.255','183.61.185.1-183.61.185.255','14.17.69.1-14.17.69.255','120.197.85.1-120.197.85.255','183.232.29.1-183.232.29.255','61.182.141.1-61.182.141.255','182.118.12.1-182.118.12.255','182.118.38.1-182.118.38.255','61.158.240.1-61.158.240.255','42.51.25.1-42.51.25.255','119.97.151.1-119.97.151.255','58.49.105.1-58.49.105.255','61.147.92.1-61.147.92.255','69.28.58.1-69.28.58.255','176.34.28.1-176.34.28.255','54.178.75.1-54.178.75.255','112.253.3.1-112.253.3.255','119.167.147.1-119.167.147.255','123.129.220.1-123.129.220.255','223.99.255.1-223.99.255.255','117.34.72.1-117.34.72.255','117.34.91.1-117.34.91.255','123.150.187.1-123.150.187.255','221.238.22.1-221.238.22.255','125.39.32.1-125.39.32.255','125.39.191.1-125.39.191.255','125.39.18.1-125.39.18.255','14.136.130.1-14.136.130.255','210.209.122.1-210.209.122.255','111.161.66.1-111.161.66.255'], 'ips_cdn_incapsula':['199.83.128.0/21','198.143.32.0/19','149.126.72.0/21','103.28.248.0/22','45.64.64.0/22','185.11.124.0/22 ','192.230.64.0/18'], 'ips_cdn_yunjiasu':['222.216.190.0-222.216.190.255','61.155.149.0-61.155.149.255','119.188.14.0-119.188.14.255','61.182.137.0-61.182.137.255','117.34.28.0-117.34.28.255','119.188.132.0-119.188.132.255','42.236.7.0-42.236.7.255','183.60.235.0-183.60.235.255','117.27.149.0-117.27.149.255','216.15.172.0/24']} cc = [] try: ips = socket.gethostbyname_ex(url.split('/')[2]) except socket.gaierror: ips=[] for ip_addr in ips[2]: for cdn in cdn_list: for cidr in cdn_list[cdn]: if '-' in cidr: l = cidr.split('-') ip_range = netaddr.iter_iprange(l[0],l[1]) ip_range = netaddr.cidr_merge(ip_range) for i in ip_range: if ip_addr in i: cc.append(cdn) else: pass else: if ip_addr in cidr: cc.append(cdn) print '------------cidr--------------' print cc resp = self.s.get(url, allow_redirects=False, verify=False) if resp.history: headers = resp.history[0].headers cookies = resp.history[0].cookies else: headers = resp.headers cookies = resp.cookies result = [] for prop in dir(self): if prop.startswith('finger_'): func = getattr(self, prop) r = func(headers, cookies) if r: result.append(r) print '------------header------------' print result return result
def test_extended_cidr_merge(): orig_cidr_ipv4 = IPNetwork('192.0.2.0/23') orig_cidr_ipv6 = IPNetwork('::192.0.2.0/120') cidr_subnets = [str(c) for c in orig_cidr_ipv4.subnet(28)] + \ list(orig_cidr_ipv4.subnet(28)) + \ [str(c) for c in orig_cidr_ipv6.subnet(124)] + \ list(orig_cidr_ipv6.subnet(124)) + \ ['192.0.2.1/32', '192.0.2.128/25', '::192.0.2.92/128'] random.shuffle(cidr_subnets) merged_cidrs = cidr_merge(cidr_subnets) assert merged_cidrs == [IPNetwork('192.0.2.0/23'), IPNetwork('::192.0.2.0/120')] assert merged_cidrs == [orig_cidr_ipv4, orig_cidr_ipv6]
def manual_ipv4_infrastructure_allocation(anm): """Applies manual IPv4 allocation""" import netaddr g_ipv4 = anm['ipv4'] for node in g_ipv4.nodes("is_l3device"): for interface in node.physical_interfaces: if not interface['input'].is_bound: continue # unbound interface ip_address = netaddr.IPAddress(interface['input'].ipv4_address) prefixlen = interface['input'].ipv4_prefixlen interface.ip_address = ip_address interface.prefixlen = prefixlen cidr_string = "%s/%s" % (ip_address, prefixlen) interface.subnet = netaddr.IPNetwork(cidr_string) collision_domains = [d for d in g_ipv4 if d.collision_domain] #TODO: allow this to work with specified ip_address/subnet as well as ip_address/prefixlen from netaddr import IPNetwork for cd in collision_domains: connected_interfaces = [edge.dst_int for edge in cd.edges()] cd_subnets = [IPNetwork("%s/%s" % (i.subnet.network, i.prefixlen)) for i in connected_interfaces] try: assert(len(set(cd_subnets)) == 1) except AssertionError: log.warning("Non matching subnets from collision domain %s" % cd) else: cd.subnet = cd_subnets[0] # take first entry # apply to remote interfaces for edge in cd.edges(): remote_interface = edge.dst_int edge.dst_int.subnet = cd.subnet # also need to form aggregated IP blocks (used for e.g. routing prefix # advertisement) autonetkit.update_http(anm) infra_blocks = {} for asn, devices in g_ipv4.groupby("asn").items(): collision_domains = [d for d in devices if d.collision_domain] subnets = [cd.subnet for cd in collision_domains] infra_blocks[asn] = netaddr.cidr_merge(subnets) g_ipv4.data.infra_blocks = infra_blocks
def manual_ipv4_loopback_allocation(anm): """Applies manual IPv4 allocation""" import netaddr g_ipv4 = anm['ipv4'] for l3_device in g_ipv4.nodes("is_l3device"): l3_device.loopback = l3_device['input'].loopback_v4 # also need to form aggregated IP blocks (used for e.g. routing prefix # advertisement) loopback_blocks = {} for asn, devices in g_ipv4.groupby("asn").items(): routers = [d for d in devices if d.is_router] loopbacks = [r.loopback for r in routers] loopback_blocks[asn] = netaddr.cidr_merge(loopbacks) g_ipv4.data.loopback_blocks = loopback_blocks
def manual_ipv6_loopback_allocation(anm): """Applies manual IPv6 allocation""" import netaddr g_ipv6 = anm['ipv6'] for l3_device in g_ipv6.l3devices(): l3_device.loopback = l3_device['input'].loopback_v6 # also need to form aggregated IP blocks (used for e.g. routing prefix # advertisement) loopback_blocks = {} for (asn, devices) in g_ipv6.groupby('asn').items(): routers = [d for d in devices if d.is_router()] loopbacks = [r.loopback for r in routers] loopback_blocks[asn] = netaddr.cidr_merge(loopbacks) g_ipv6.data.loopback_blocks = loopback_blocks
def fetch_ip_data_netaddr(): #fetch data from apnic print "Fetching data from apnic.net, it might take a few minutes, please wait..." url=r'http://ftp.apnic.net/apnic/stats/apnic/delegated-apnic-latest' data=urllib2.urlopen(url).read() cnregex=re.compile(r'apnic\|cn\|ipv4\|[0-9\.]+\|[0-9]+\|[0-9]+\|a.*',re.IGNORECASE) cndata=cnregex.findall(data) results=[] for item in cndata: unit_items=item.split('|') starting_ip=unit_items[3] num_ip=int(unit_items[4]) results.append('%s/%d' % (starting_ip, 32-int(math.log(num_ip,2)))) merged_results = netaddr.cidr_merge(results) return [(str(a.ip), str(a.netmask), a.prefixlen) for a in merged_results]
def manual_ipv4_infrastructure_allocation(anm): """Applies manual IPv4 allocation""" import netaddr g_in_directed = anm["input_directed"] g_ipv4 = anm["ipv4"] # TODO: tidy this up to work with interfaces directly for l3_device in g_ipv4.nodes("is_l3device"): for edge in l3_device.edges(): # find edge in g_in_directed directed_edge = g_in_directed.edge(edge) edge.ip_address = netaddr.IPAddress(directed_edge.ipv4) # set subnet onto collision domain (can come from either # direction) collision_domain = edge.dst if not collision_domain.subnet: # TODO: see if direct method in netaddr to deduce network prefixlen = directed_edge.netPrefixLenV4 cidr_string = "%s/%s" % (edge.ip_address, prefixlen) intermediate_subnet = netaddr.IPNetwork(cidr_string) cidr_string = "%s/%s" % (intermediate_subnet.network, prefixlen) subnet = netaddr.IPNetwork(cidr_string) collision_domain.subnet = subnet # TODO: assign directly to interfaces # also need to form aggregated IP blocks (used for e.g. routing prefix # advertisement) infra_blocks = {} for asn, devices in g_ipv4.groupby("asn").items(): collision_domains = [d for d in devices if d.collision_domain] subnets = [cd.subnet for cd in collision_domains] infra_blocks[asn] = netaddr.cidr_merge(subnets) g_ipv4.data.infra_blocks = infra_blocks
# also need to form aggregated IP blocks (used for e.g. routing prefix # advertisement) # import autonetkit # autonetkit.update_vis(anm) if len(mismatched_interfaces): log.warning("IPv4 Infrastructure IPs %s are not in global " "loopback allocation block %s" % (sorted(mismatched_interfaces), global_infra_block)) infra_blocks = {} for (asn, devices) in g_ipv4.groupby('asn').items(): broadcast_domains = [d for d in devices if d.broadcast_domain] subnets = [cd.subnet for cd in broadcast_domains if cd.subnet is not None] # only if subnet is set infra_blocks[asn] = netaddr.cidr_merge(subnets) # formatted = {key: [str(v) for v in val] for key, val in infra_blocks.items()} # log.info("Found infrastructure IP blocks %s", formatted) g_ipv4.data.infra_blocks = infra_blocks #@call_log def manual_ipv4_loopback_allocation(anm): """Applies manual IPv4 allocation""" import netaddr g_ipv4 = anm['ipv4'] g_in = anm['input'] for l3_device in g_ipv4.l3devices():
#! /usr/bin/env python # i have used python-netaddr library to implement the solution import netaddr as na test=input() for t in xrange(test): print "Case #%d:" % (t+1) n=input() ls=[] for _ in xrange(n): ls.append(na.IPNetwork(raw_input())) for addr in na.cidr_merge(ls): print addr.cidr
def getSubnets(self): return netaddr.cidr_merge(self._ip_networks)