def testIpRange(ipTestedStr, ipRangeStr):
ipTested = None
if ipTestedStr.find('/') > 0:
ipTested = ipaddr.ip_network(ipTestedStr)
else:
ipTested = ipaddr.ip_address(ipTestedStr)
ipRange = ipaddr.ip_network(ipRangeStr)
if ipTested in ipRange:
NsmUtil.printStatusHeadLine2('Passed: ' + ipTestedStr + ' is in ' + ipRangeStr)
return True
else:
NsmUtil.printStatusHeadLine2('Failed: ' + ipTestedStr + ' is not in ' + ipRangeStr)
return False
def sibling(net):
p = prefix(net)
ip_list = [ base(net,-1), base(net), base(net,+1) ]
prefix_list = [ net_bits(ip) for ip in ip_list ]
partner_list = [ ip_network("{}/{}".format(str(ip),p)) for ip in ip_list ]
if prefix_list[0] < prefix_list[1]: return partner_list[:-1]
if prefix_list[1] < prefix_list[2]: return partner_list[1:]
raise ValueError("Error while looking merge partner")
def _load_data(self, force=False):
if self._data is not None and not force:
return
coll = self._db[self._coll]
l = coll.find()
self._data = [ip_network(d['ip'], version=d['type']) for d in l]
# if force is true chances are this function
# was called from save or remove. To avoid problems
# we do not try to insert any more data.
if self._default is None or force:
return
for d in self._default:
if d not in self._data:
self.append(d)
self._default = None
l = coll.find()
self._data = [ip_network(d['ip'], version=d['type']) for d in l]
def seed_addresses(f):
with SQLiteControlledExecution(DB_PATH) as c:
for line in f:
line = line.strip().split("#")[-1]
if line:
network = ipaddr.ip_network(line.strip())
hosts = list(network.iterhosts())
log("[I]", "Adding %d hosts from %s" % (len(hosts), network))
rows = [(None, host.exploded, 80) for host in hosts]
c.executemany('INSERT OR IGNORE INTO hosts VALUES (?,?,?)',
rows)
def lookup_csv(lookup, field):
try:
address = ipaddr.ip_address(field)
except ValueError:
return None
for v in lookup:
try:
network = ipaddr.ip_network(v["c_ip"])
if address in network:
return v
except ValueError:
pass
return None
def lookup_csv(lookup, field): try: address = ipaddr.ip_address(field) except ValueError: return None for v in lookup: try: network = ipaddr.ip_network(v['c_ip']) if address in network: return v except ValueError: pass return None
def parse_data(data,options):
try:
acl=int(getOption(options,'acl'))
except:
raise Exception('acl mast be int')
white_list=load_white_list(options)
doc=pq(data)
yield "no access-list %s"%acl
found={}
for x in doc('content'):
el=pq(x)
et=el.attr('blockType')
if et in ('default','ip',None):
if et in ('default',None):
url_found=False
ip_found=False
for x in el('url'):
url_found=True
domain=extract_domain(x.text)
if is_ip(domain):
ip_found=True
if url_found and not ip_found:
continue
for x in el('ip'):
if x.text in white_list:
continue
if x.text in found:
continue
found[x.text]=True
yield "access-list %s deny ip any host %s"%(acl, x.text)
for x in el('ipSubnet'):
if x.text in white_list:
continue
if x.text in found:
continue
ip=ipaddr.ip_network(x.text)
net=str(ip.ip)
wildcard=str(ip.hostmask)
found[x.text]=True
yield "access-list %s deny ip any %s %s"%(acl, net, wildcard)
yield "access-list %s permit ip any any"%acl
def find_nat_pool_for_vip(self, vip):
if '4' in vip.get('ipVersion'):
ip = ipaddr.IPv4Address(vip['address'])
network = ipaddr.IPv4Network(vip['address'] + "/" + vip['mask'])
else:
ip = ipaddr.IPv6Address(vip['address'])
network = ipaddr.IPv6Network(vip['address'] + "/" + vip['mask'])
nat_pools = self.get_nat_pools()
for nat_pool in nat_pools:
if (nat_pool['ip1'] in network.iterhosts() and
nat_pool['ip2'] in network.iterhosst()):
ip = nat_pool['ip1']
network_nat = ipaddr.ip_network(ip + "/" + nat_pool['netmask'])
if ip in network_nat:
return nat_pool
return None
#!/usr/bin/python3
# -*- coding: utf-8 -*-
from ipaddr import ip_address
from ipaddr import ip_network
base = lambda net, i=0: ip_address( ip_network(net)[0] + i*ip_network(net).numhosts )
bits = lambda ip: 32 if ip.version == 4 else 128
prefix = lambda net: int( str(net).split("/")[1] )
network = lambda ip,p: ip_network("{}/{}".format(str(ip),p))
parent = lambda net: merge(sibling(net))
def net_bits(ip):
n = int(ip)
if n == 0: return bits(ip)
for p in range(bits(ip),0,-1):
if n & 1 == 1 : return p
n = n >> 1
# ein Netz kann entweder mit seinem (gleichgrossen) Vorgänger oder Nachfolger (sibling) zu einem doppelt so grossen
# (prefix_neu = prefix-1) Netz "gemerged" werden
# mit dem Vorgänger wird gemerged wenn dieser weniger net_bits hat als das aktuelle Netz
# mit dem Nachfolger wird gemerged wenn das aktuelle Netz weniger net_bits hat als dieser
def sibling(net):
p = prefix(net)
ip_list = [ base(net,-1), base(net), base(net,+1) ]
prefix_list = [ net_bits(ip) for ip in ip_list ]
partner_list = [ ip_network("{}/{}".format(str(ip),p)) for ip in ip_list ]
if prefix_list[0] < prefix_list[1]: return partner_list[:-1]
if prefix_list[1] < prefix_list[2]: return partner_list[1:]
# v6 fwd
if subnet6 != None and host6 != None:
row = "%s\tIN\tAAAA\t%s" % (hostname,hostin6net(subnet6,host6))
fwdentries[zone].append(row)
# dhcp fwd and rev entries
print "Querying DHCP scopes"
qscopes = gdata.spreadsheet.service.ListQuery()
qscopes.orderby = 'column:subnet'
feedscopes = spr_client.GetListFeed(spreadsheet_key, worksheet_dhcp, query=qscopes)
for row_entry in feedscopes.entry:
record = gdata.spreadsheet.text_db.Record(row_entry=row_entry)
version = record.content['version']
if version == "4":
net4 = ipaddr.ip_network(record.content['subnet'])
scopestart = record.content['start']
scopefinish = record.content['finish']
scopename = record.content['name']
scopefwdzone = record.content['fwdzone']
paststart = False
pastfinish = False
for x in net4.iterhosts():
ip = str(x)
if ip == scopestart:
paststart = True
if paststart == True and pastfinish == False:
iparr = ip.split('.')
hostname = "%s-%s-%s" % (scopename,iparr[2],iparr[3])
fwdrow = "%s\tIN\tA\t%s" % (hostname,ip)
fwdentries[scopefwdzone].append(fwdrow)
def __init__(self, db, collection, default=None):
self._db = db
self._coll = collection
if default is not None:
self._default = [ip_network(n) for n in default]
import ipaddr
import sys
import os
sys.path.append('/root/iso/tests')
from host import Host
tor0 = [1, 2, 3, 4, 5]
tor1 = [6, 7, 8, 10, 13]
net0 = ipaddr.ip_network('192.168.1.16/28')
net1 = ipaddr.ip_network('192.168.1.32/28')
DEV = {
1: 'eth1',
2: 'eth1',
3: 'eth1',
4: 'eth1',
5: 'eth1',
6: 'eth1',
7: 'eth1',
8: 'eth1',
10: 'eth1',
13: 'eth1'
}
def ip(num):
return '10.0.1.%d' % num
#hosts = [Host(ip(i)) for i in tor0 + tor1]
