def test_create_ipv6_pd_subnet_over_ipam(self, pool_mock):
mocks = self._prepare_mocks_with_pool_mock(pool_mock)
cfg.CONF.set_override('ipv6_pd_enabled', True)
cidr = n_const.PROVISIONAL_IPV6_PD_PREFIX
allocation_pools = [netaddr.IPRange('::2', '::ffff:ffff:ffff:ffff')]
with self.subnet(cidr=None,
ip_version=6,
subnetpool_id=constants.IPV6_PD_POOL_ID,
ipv6_ra_mode=n_const.IPV6_SLAAC,
ipv6_address_mode=n_const.IPV6_SLAAC):
pool_mock.get_instance.assert_called_once_with(None, mock.ANY)
self.assertTrue(mocks['driver'].allocate_subnet.called)
request = mocks['driver'].allocate_subnet.call_args[0][0]
self.assertIsInstance(request, ipam_req.SpecificSubnetRequest)
self.assertEqual(netaddr.IPNetwork(cidr), request.subnet_cidr)
self.assertEqual(allocation_pools, request.allocation_pools)
def resource_setup(cls):
super(PortsRbacTest, cls).resource_setup()
# Create a network and subnet.
cls.network = cls.create_network()
cls.cidr = netaddr.IPNetwork(CONF.network.project_network_cidr)
cls.subnet = cls.create_subnet(cls.network,
cidr=cls.cidr,
mask_bits=24)
cls.ip_range = netaddr.IPRange(
cls.subnet['allocation_pools'][0]['start'],
cls.subnet['allocation_pools'][0]['end'])
cls.port = cls.create_port(cls.network)
ipaddr = cls.port['fixed_ips'][0]['ip_address']
cls.port_ip_address = ipaddr
cls.port_mac_address = cls.port['mac_address']
def test_dhcp_stateful_fixedips_outrange(self):
"""When port gets IP address from fixed IP range it
shall be checked if it's from subnets range.
"""
kwargs = {'ipv6_ra_mode': 'dhcpv6-stateful',
'ipv6_address_mode': 'dhcpv6-stateful'}
subnet = self.create_subnet(self.network, **kwargs)
ip_range = netaddr.IPRange(subnet["allocation_pools"][0]["start"],
subnet["allocation_pools"][0]["end"])
ip = netaddr.IPAddress(random.randrange(
ip_range.last + 1, ip_range.last + 10)).format()
self.assertRaises(lib_exc.BadRequest,
self.create_port,
self.network,
fixed_ips=[{'subnet_id': subnet['id'],
'ip_address': ip}])
def test_create_port_in_allowed_allocation_pools(self):
network = self.create_network()
net_id = network['id']
address = self._get_ipaddress_from_tempest_conf()
allocation_pools = {'allocation_pools': [{'start': str(address + 4),
'end': str(address + 6)}]}
subnet = self.create_subnet(network, **allocation_pools)
self.addCleanup(self.client.delete_subnet, subnet['id'])
body = self.client.create_port(network_id=net_id)
self.addCleanup(self.client.delete_port, body['port']['id'])
port = body['port']
ip_address = port['fixed_ips'][0]['ip_address']
start_ip_address = allocation_pools['allocation_pools'][0]['start']
end_ip_address = allocation_pools['allocation_pools'][0]['end']
ip_range = netaddr.IPRange(start_ip_address, end_ip_address)
self.assertIn(ip_address, ip_range)
def ripelookup(ipaddr):
typefilter = "inetnum"
source = "ripe"
print ("Starting RIPE lookup for IP address: %s" % ipaddr)
if (IPAddress(ipaddr).is_unicast()):
#try:
# payload = { "type-filter" : typefilter, "source" : source, "query-string" : ipaddr }
# url = "http://rest.db.ripe.net/search"
# headers={"Accept" : "application/json"}
# response = requests.get(url, params=payload, headers=headers)
# jsonresult = response.json()
# attributelist = jsonresult['objects']['object'][0]['attributes']['attribute']
# for i in attributelist:
# if i['name'] == "netname":
# netname = i['value']
# if netname == "NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK":
# return []
# elif i['name'] == "country":
# country = i['value']
# elif i['name'] == "descr":
# descr = i['value']
# elif i['name'] == "inetnum":
# netrange = netaddr.IPRange(i['value'].partition(' - ')[0],i['value'].partition(' - ')[2])
#except requests.exceptions.ConnectionError:
# print ("RIPE Connection Error")
payload = { "type-filter" : typefilter, "source" : source, "query-string" : ipaddr }
url = "http://rest.db.ripe.net/search"
headers={"Accept" : "application/json"}
response = requests.get(url, params=payload, headers=headers)
print response
jsonresult = response.json()
print jsonresult
attributelist = jsonresult['objects']['object'][0]['attributes']['attribute']
for i in attributelist:
if i['name'] == "netname":
netname = i['value']
if netname == "NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK":
return []
elif i['name'] == "country":
country = i['value']
elif i['name'] == "descr":
descr = i['value']
elif i['name'] == "inetnum":
netrange = netaddr.IPRange(i['value'].partition(' - ')[0],i['value'].partition(' - ')[2])
return([netrange, country, descr, netname])
def create_stix_ip_observable(namespace: str, indicator: dict) -> List[Observable]:
"""
Create STIX IP observable.
Args:
namespace: The XML namespace .
indicator: The Demisto IP indicator.
Returns:
STIX IP observable.
"""
category = cybox.objects.address_object.Address.CAT_IPV4
type_ = indicator.get('indicator_type', '')
value = indicator.get('value', '')
if type_ in [FeedIndicatorType.IPv6, FeedIndicatorType.IPv6CIDR]:
category = cybox.objects.address_object.Address.CAT_IPV6
indicator_values = [value]
if '-' in value:
# looks like an IP Range, let's try to make it a CIDR
a1, a2 = value.split('-', 1)
if a1 == a2:
# same IP
indicator_values = [a1]
else:
# use netaddr builtin algo to summarize range into CIDR
iprange = netaddr.IPRange(a1, a2)
cidrs = iprange.cidrs()
indicator_values = list(map(str, cidrs))
observables = []
for indicator_value in indicator_values:
id_ = f'{namespace}:observable-{uuid.uuid4()}'
address_object = cybox.objects.address_object.Address(
address_value=indicator_value,
category=category
)
observable = Observable(
title=f'{type_}: {indicator_value}',
id_=id_,
item=address_object
)
observables.append(observable)
return observables
def _encode_indicator(self, indicator, value, expired=False):
type_ = MM_2_WDATP_TYPE.get(value['type'], None)
if type_ is None:
self.statistics['error.unhandled_type'] += 1
raise RuntimeError('{} - Unhandled {}'.format(self.name, type_))
if value['type'] == 'IPv4' and '-' in indicator:
a1, a2 = indicator.split('-', 1)
r = netaddr.IPRange(a1, a2)
indicators = [str(i) for i in r]
else:
indicators = [indicator]
description = '{} indicator from {}'.format(
type_, ', '.join(value['sources']))
title = 'MineMeld - {}'.format(indicator)
creation = datetime.utcnow()
creation = creation.isoformat() + 'Z'
# Set Action to Block and Remediate for Hash types based on fall '21 schema update
if "File" in type_ and self.action == 'Block':
self.action = 'BlockAndRemediate'
#expiration = datetime.utcnow() + timedelta(days=365)
result = []
for i in indicators:
d = dict(indicatorValue=i,
indicatorType=type_,
title=title,
description=description,
creationTimeDateTimeUtc=creation,
action=self.action,
generateAlert=True)
if self.severity is not None:
d['severity'] = self.severity
if expired:
expiration = datetime.utcnow() + timedelta(seconds=300)
expiration = expiration.isoformat(
) + 'Z' # expiration is always in UTC
d['expirationTime'] = expiration
result.append(d)
return result
def update_allocation(module, allocations):
"""Allocate an IP address on a network for a host.
:param module: AnsibleModule instance
:param allocations: Existing IP address allocations
"""
net_name = module.params['net_name']
hostname = module.params['hostname']
cidr = module.params['cidr']
allocation_pool_start = module.params['allocation_pool_start']
allocation_pool_end = module.params['allocation_pool_end']
network = netaddr.IPNetwork(cidr)
result = {
'changed': False,
}
object_name = "%s_ips" % net_name
net_allocations = allocations.setdefault(object_name, {})
invalid_allocations = {
hn: ip
for hn, ip in net_allocations.items()
if netaddr.IPAddress(ip) not in network
}
if invalid_allocations:
module.fail_json(
msg="Found invalid existing allocations in network %s: %s" %
(network, ", ".join("%s: %s" % (hn, ip)
for hn, ip in invalid_allocations.items())))
if hostname not in net_allocations:
result['changed'] = True
allocated_ips = netaddr.IPSet(net_allocations.values())
if allocation_pool_start and allocation_pool_end:
allocation_pool = netaddr.IPRange(allocation_pool_start,
allocation_pool_end)
allocation_pool = netaddr.IPSet(allocation_pool)
else:
allocation_pool = netaddr.IPSet([network])
free_ips = allocation_pool - allocated_ips
for free_cidr in free_ips.iter_cidrs():
ip = free_cidr[0]
break
else:
module.fail_json(msg="No unallocated IP addresses for %s in %s" %
(hostname, net_name))
free_ips.remove(ip)
net_allocations[hostname] = str(ip)
result['ip'] = net_allocations[hostname]
return result
def assign_ips(_upper_ref,
_from_key,
lower_refs,
to_key,
ip_start='192.168.0.1',
ip_end='192.168.0.254',
**_kwargs):
"""Assign ips to hosts' configurations."""
if not ip_start or not ip_end:
raise ValueError('ip_start %s or ip_end %s is empty' %
(ip_start, ip_end))
if not re.match(r'^\d+\.\d+\.\d+\.\d+$', ip_start):
raise ValueError('ip_start %s formmat is not correct' % ip_start)
if not re.match(r'^\d+\.\d+\.\d+\.\d+$', ip_end):
raise ValueError('ip_end %s format is not correct' % ip_end)
host_ips = {}
unassigned_hosts = []
try:
ips = netaddr.IPSet(netaddr.IPRange(ip_start, ip_end))
except Exception:
raise ValueError('failed to create ip block [%s, %s]' %
(ip_start, ip_end))
for lower_key, lower_ref in lower_refs.items():
ip_addr = lower_ref.get(to_key, '')
if ip_addr:
host_ips[lower_key] = ip_addr
ips.remove(ip_addr)
else:
unassigned_hosts.append(lower_key)
for ip_addr in ips:
if not unassigned_hosts:
break
host = unassigned_hosts.pop(0)
host_ips[host] = str(ip_addr)
if unassigned_hosts:
raise ValueError('there is no enough ips to assign to %s: [%s-%s]' %
(unassigned_hosts, ip_start, ip_end))
logging.debug('assign %s: %s', to_key, host_ips)
return host_ips
def netblock(addresses):
"""
Find the netblocks that our IP addresses belong to.
Before doing a whois lookup for the netblock see if the IP address is
already in our current netblocks.
"""
for ip in set([a[1] for a in addresses]):
# If the IP is in one of our netblocks then move on.
found = False
for block in records['netblocks']:
if ip in block[0]:
found = True
break
if found is True:
continue
# If the ip is not in one of our netblocks then look up the netblock
# associated with the IP.
network = None
try:
resp = ipwhois.IPWhois(ip).lookup_rdap()
network = resp['network']
except:
continue
if network is None:
continue
# Process the whois response
name = network['name']
if name is None:
name = 'Unknown'
# If cidr is present then process it. If it is not present then
# build the cidr from the range created by the start and end
# addreses.
if 'cidr' in network:
cidr = network['cidr'].split(', ')
records['netblocks'].extend([(netaddr.IPNetwork(c), name) for c in cidr])
else:
range = netaddr.IPRange(network['start_address'], network['end_address'])
records['netblocks'].append((range.cidrs()[0], name))
def run(self):
results = []
if self.start is None:
raise Exception('The provided start address cannot be empty')
if self.end is None:
raise Exception('The provided end address cannot be empty')
try:
range = netaddr.IPRange(self.start, self.end)
for subnet in range.cidrs():
results.append(str(subnet))
print json.dumps(results)
except netaddr.core.AddrFormatError:
print json.dumps([])
def validate_ips_exclude_self(start_ip, end_ip, ip_id):
result = validate_networks(start_ip, end_ip)
if not result["result"]:
return result
try:
ip_allocation = []
ip_all = IPs.objects.exclude(id=ip_id)
for u in ip_all:
ip_pools = netaddr.IPRange(u.start_ip, u.end_ip)
ip_tem_list = [str(c) for c in ip_pools]
ip_allocation += ip_tem_list
if start_ip in ip_allocation or end_ip in ip_allocation:
return {"result": False, "data": [u"该网段已存在或者该网段有部分IP在其它网段内"]}
return {"result": True}
except Exception, e:
logger.exception(e)
return {"result": False, "data": [u"系统出错,请联系管理员!"]}
def _find_ip_range(pool, gateway_ip):
ret_pools = []
ip_range = netaddr.IPRange(pool['start'], pool['end'])
ip_num = len(ip_range)
for i, ip in enumerate(ip_range):
if gateway_ip == ip:
if i > 0:
ret_pools.append({
'start': ip_range[0].format(),
'end': ip_range[i - 1].format()
})
if i < ip_num - 1:
ret_pools.append({
'start': ip_range[i + 1].format(),
'end': ip_range[ip_num - 1].format()
})
return ret_pools
def resource_setup(cls):
super(BaseMulticastTest, cls).resource_setup()
if CONF.neutron_plugin_options.default_image_is_advanced:
cls.flavor_ref = CONF.compute.flavor_ref
cls.image_ref = CONF.compute.image_ref
cls.username = CONF.validation.image_ssh_user
else:
cls.flavor_ref = (
CONF.neutron_plugin_options.advanced_image_flavor_ref)
cls.image_ref = CONF.neutron_plugin_options.advanced_image_ref
cls.username = CONF.neutron_plugin_options.advanced_image_ssh_user
# setup basic topology for servers we can log into it
cls.network = cls.create_network()
cls.subnet = cls.create_subnet(cls.network)
cls.router = cls.create_router_by_client()
cls.create_router_interface(cls.router['id'], cls.subnet['id'])
cls.keypair = cls.create_keypair()
cls.secgroup = cls.os_primary.network_client.create_security_group(
name='secgroup_mtu')
cls.security_groups.append(cls.secgroup['security_group'])
cls.create_loginable_secgroup_rule(
secgroup_id=cls.secgroup['security_group']['id'])
cls.create_pingable_secgroup_rule(
secgroup_id=cls.secgroup['security_group']['id'])
# Create security group rule for UDP (multicast traffic)
cls.create_secgroup_rules(
rule_list=[
dict(protocol=constants.PROTO_NAME_UDP,
direction=constants.INGRESS_DIRECTION,
remote_ip_prefix=cls.any_addresses,
ethertype=cls.ethertype)
],
secgroup_id=cls.secgroup['security_group']['id'])
# Multicast IP range to be used for multicast group IP asignement
if '-' in cls.multicast_group_range:
multicast_group_range = netaddr.IPRange(
*cls.multicast_group_range.split('-'))
else:
multicast_group_range = netaddr.IPNetwork(
cls.multicast_group_range)
cls.multicast_group_iter = iter(multicast_group_range)
def test_admin_range_update(self, _):
data = self.env.neutron_networks_get(self.cluster.id).json_body
admin = filter(lambda ng: ng['name'] == 'fuelweb_admin',
data['networks'])[0]
orig_range = netaddr.IPRange(admin['ip_ranges'][0][0],
admin['ip_ranges'][0][1])
admin['ip_ranges'][0] = [str(orig_range[1]), str(orig_range[-2])]
new_range = admin['ip_ranges'][0]
resp = self.env.neutron_networks_put(self.cluster.id, data)
self.assertEqual(resp.status_code, 200)
data = self.env.neutron_networks_get(self.cluster.id).json_body
admin = filter(lambda ng: ng['name'] == 'fuelweb_admin',
data['networks'])[0]
self.assertEqual(new_range, admin['ip_ranges'][0])
def get_all_addresses(my_interface):
ip = netifaces.ifaddresses(my_interface)[2][0]['addr']
netmask = netifaces.ifaddresses(my_interface)[2][0]['netmask']
netaddr_ip = netaddr.IPAddress(ip)
netaddr_netmask = netaddr.IPAddress(netmask)
netaddr_network = netaddr_ip & netaddr_netmask
netaddr_full_network = netaddr.IPNetwork(
str(netaddr_ip) + '/' + str(netaddr_netmask))
netaddr_list = netaddr.IPRange(netaddr_network, netaddr_full_network[-2])
#Create a list sr compatible to avoid to use sr in a loop
addr_list = []
for address in netaddr_list:
addr_list.append(str(address))
return addr_list
def _generate_ips(self, context, prefer_next=False, num_addresses=1):
"""Generate a set of IPs from the set of available addresses."""
ip_allocations = netaddr.IPSet()
for ipallocation in self.subnet_manager.list_allocations(context):
ip_allocations.add(ipallocation.ip_address)
for ip_pool in self.subnet_manager.list_pools(context):
ip_set = netaddr.IPSet()
ip_set.add(netaddr.IPRange(ip_pool.first_ip, ip_pool.last_ip))
av_set = ip_set.difference(ip_allocations)
if av_set.size == 0:
continue
if av_set.size < num_addresses:
# Not enough addresses in pool to perform validation
# TODO(njohnston): How to handle when there are enough IPs but
# not enough in a single pool to satisfy the request?
continue
if prefer_next:
allocated_ip_pool = list(
itertools.islice(av_set, num_addresses))
return [
str(allocated_ip) for allocated_ip in allocated_ip_pool
]
window = min(av_set.size, MAX_WIN)
# NOTE(gryf): If there is more than one address, make the window
# bigger, so that are chances to fulfill demanded amount of IPs.
if num_addresses > 1:
window = min(av_set.size, num_addresses * MULTIPLIER,
MAX_WIN_MULTI)
if window < num_addresses:
continue
else:
# Maximize randomness by using the random module's built in
# sampling function
av_ips = list(itertools.islice(av_set, 0, window))
allocated_ip_pool = random.sample(av_ips, num_addresses)
return [str(allocated_ip) for allocated_ip in allocated_ip_pool]
raise ipam_exc.IpAddressGenerationFailure(
subnet_id=self.subnet_manager.neutron_id)
def test_update_allocation_pools(self):
cidr = "192.168.1.0/24"
ip_network = netaddr.IPNetwork(cidr)
network = dict(name="public", tenant_id="fake", network_plugin="BASE")
network = {"network": network}
subnet = dict(id=1,
ip_version=4,
next_auto_assign_ip=2,
cidr=cidr,
first_ip=ip_network.first,
last_ip=ip_network.last,
ip_policy=None,
tenant_id="fake")
subnet = {"subnet": subnet}
with self._stubs(network, subnet) as (net, sub1):
subnet = subnet_api.get_subnet(self.context, 1)
start_pools = subnet['allocation_pools']
new_pools = [
[dict(start='192.168.1.10', end='192.168.1.50')],
[dict(start='192.168.1.5', end='192.168.1.25')],
[dict(start='192.168.1.50', end='192.168.1.51')],
[
dict(start='192.168.1.50', end='192.168.1.51'),
dict(start='192.168.1.100', end='192.168.1.250')
],
[dict(start='192.168.1.50', end='192.168.1.51')],
start_pools,
]
prev_pool = start_pools
for pool in new_pools:
subnet_update = {"subnet": dict(allocation_pools=pool)}
subnet = subnet_api.update_subnet(self.context, 1,
subnet_update)
self.assertNotEqual(prev_pool, subnet['allocation_pools'])
self.assertEqual(pool, subnet['allocation_pools'])
policies = policy_api.get_ip_policies(self.context)
self.assertEqual(1, len(policies))
policy = policies[0]
ip_set = netaddr.IPSet()
for ip in policy['exclude']:
ip_set.add(netaddr.IPNetwork(ip))
for extent in pool:
for ip in netaddr.IPRange(extent['start'], extent['end']):
self.assertFalse(ip in ip_set)
prev_pool = pool
def get_create_subnet_body(project_id, t_subnet, b_net_id, gateway_ip):
"""Get request body to create bottom subnet
:param project_id: project id
:param t_subnet: top subnet dict
:param b_net_id: bottom network id
:param gateway_ip: bottom gateway ip
:return: request body to create bottom subnet
"""
pools = t_subnet['allocation_pools']
new_pools = []
g_ip = netaddr.IPAddress(gateway_ip)
ip_found = False
for pool in pools:
if ip_found:
new_pools.append({'start': pool['start'], 'end': pool['end']})
continue
ip_range = netaddr.IPRange(pool['start'], pool['end'])
ip_num = len(ip_range)
for i, ip in enumerate(ip_range):
if g_ip == ip:
ip_found = True
if i > 0:
new_pools.append({
'start': ip_range[0].format(),
'end': ip_range[i - 1].format()
})
if i < ip_num - 1:
new_pools.append({
'start': ip_range[i + 1].format(),
'end': ip_range[ip_num - 1].format()
})
body = {
'subnet': {
'network_id': b_net_id,
'name': t_subnet['id'],
'ip_version': t_subnet['ip_version'],
'cidr': t_subnet['cidr'],
'gateway_ip': gateway_ip,
'allocation_pools': new_pools,
'enable_dhcp': False,
'tenant_id': project_id
}
}
return body
def left_call(self, line):
if not line:
return
if '-' in line:
self.left_ip_set.update([
ip for ip in netaddr.IPRange(
line.split('-')[0].strip(),
line.split('-')[1].strip())
])
elif '/' in line:
self.left_ip_set.update(
[ip for ip in netaddr.IPNetwork(line.strip())])
else:
try:
return netaddr.IPNetwork(line)
except netaddr.core.AddrFormatError as e:
lg.error(f'Improper formatting of input: {e}')
return None
def _find_available_ips(self, network, subnet, num):
ports = self.safe_client.list_ports(network_id=network['id'])
used_ips = netaddr.IPSet([
netaddr.IPAddress(ip['ip_address']) for port in ports
for ip in port['fixed_ips']
])
used_ips.add(netaddr.IPAddress(subnet['gateway_ip']))
# Note(lajoskatona): Suppose that we have 1 allocation pool for the
# subnet, that should be quite good assumption for testing.
valid_ip_pool = subnet['allocation_pools'][0]
valid_ips = netaddr.IPSet(
netaddr.IPRange(valid_ip_pool['start'], valid_ip_pool['end']))
valid_ips = valid_ips.difference(used_ips)
if valid_ips.size < num:
self.fail("Cannot find enough free IP addresses.")
initial = random.randint(0, min(valid_ips.size - num, 1000))
available_ips = itertools.islice(valid_ips, initial, initial + num)
return [str(available_ip) for available_ip in available_ips]
def test_create_ipv6_pd_subnet_over_ipam(self, pool_mock):
mocks = self._prepare_mocks_with_pool_mock(pool_mock)
# TODO(kevinbenton): remove after bug/1666493 is resolved
sub = pool_mock.get_instance.return_value.get_subnet.return_value
sub.subnet_manager.neutron_id = mock.ANY
cfg.CONF.set_override('ipv6_pd_enabled', True)
cidr = n_const.PROVISIONAL_IPV6_PD_PREFIX
allocation_pools = [netaddr.IPRange('::2', '::ffff:ffff:ffff:ffff')]
with self.subnet(cidr=None, ip_version=6,
subnetpool_id=constants.IPV6_PD_POOL_ID,
ipv6_ra_mode=constants.IPV6_SLAAC,
ipv6_address_mode=constants.IPV6_SLAAC):
self.assertEqual(2, pool_mock.get_instance.call_count)
self.assertTrue(mocks['driver'].allocate_subnet.called)
request = mocks['driver'].allocate_subnet.call_args[0][0]
self.assertIsInstance(request, ipam_req.SpecificSubnetRequest)
self.assertEqual(netaddr.IPNetwork(cidr), request.subnet_cidr)
self.assertEqual(allocation_pools, request.allocation_pools)
def get_details(self):
"""Return subnet data as a SpecificSubnetRequest"""
# get the pool from the backend
pool_details = self._vcns.get_ipam_ip_pool(self._nsx_pool_id)[1]
gateway_ip = pool_details['gateway']
# rebuild the cidr from the range & prefix
cidr = self._get_pool_cidr(pool_details)
pools = []
for ip_range in pool_details['ipRanges']:
pools.append(
netaddr.IPRange(ip_range['startAddress'],
ip_range['endAddress']))
return ipam_req.SpecificSubnetRequest(self._tenant_id,
self._subnet_id,
cidr,
gateway_ip=gateway_ip,
allocation_pools=pools)
def main(ips, threads=10):
if '-' in ips:
start, end = ips.split('-')
startlong = ip2int(start)
endlong = ip2int(end)
ips = netaddr.IPRange(start, end)
for ip in list(ips):
q.put(str(ip))
elif '/' in ips:
ips = netaddr.IPNetwork(ips)
for ip in ips:
q.put(str(ip))
ths = []
for i in xrange(threads):
th = Thread(target=http_banner, name='thread' + str(i))
th.start()
ths.append(th)
def parseHosts(rawhosts):
hosts = []
for host in rawhosts:
if '-' in host:
raw = host.split('-')
startaddr = raw[0]
temp = startaddr.split('.')
endaddr = temp[0] + '.' + temp[1] + '.' + temp[2] + '.' + raw[1]
for addr in list(netaddr.IPRange(startaddr, endaddr)):
hosts.append(str(addr))
continue
if '/' in host:
for addr in list(netaddr.IPNetwork(host)):
hosts.append(str(addr))
continue
else:
hosts.append(str(netaddr.IPAddress(host)))
return list(set(hosts))
def check_allocation_pools_pairing(filedata, pools):
if not isinstance(filedata, collections.Mapping):
return ["The `filedata` argument must be a dictionary."]
if not isinstance(pools, collections.Mapping):
return ["The `pools` argument must be a dictionary."]
errors = []
for poolitem, pooldata in six.iteritems(pools):
pool_objs = []
if not isinstance(pooldata, collections.Iterable):
errors.append('The IP ranges in {} must form a list.'
.format(poolitem))
continue
for dict_range in pooldata:
try:
pool_objs.append(netaddr.IPRange(
netaddr.IPAddress(dict_range['start']),
netaddr.IPAddress(dict_range['end'])))
except Exception:
errors.append("Invalid format of the IP range in {}: {}"
.format(poolitem, dict_range))
continue
subnet_item = poolitem.split('AllocationPools')[0] + 'NetCidr'
try:
network = filedata[subnet_item]
subnet_obj = netaddr.IPNetwork(network)
except KeyError:
errors.append('The {} CIDR is not specified for {}.'
.format(subnet_item, poolitem))
continue
except Exception:
errors.append('Invalid IP network: {}'.format(network))
continue
for ranges in pool_objs:
for range in ranges:
if range not in subnet_obj:
errors.append('Allocation pool {} {} outside of subnet'
' {}: {}'.format(poolitem,
pooldata,
subnet_item,
subnet_obj))
break
return errors
def addExternalNetwork(self, name, subnet, gateway, startip, endip, gid,
vlan, accountId, pingips, **kwargs):
"""
Adds a public network range to be used for cloudspaces
param:subnet the subnet to add in CIDR notation (x.x.x.x/y)
"""
gateway = gateway.strip()
try:
net = netaddr.IPNetwork(subnet)
if netaddr.IPAddress(startip) not in net:
raise exceptions.BadRequest(
"Start IP Addresses %s is not in subnet %s" %
(startip, subnet))
if netaddr.IPAddress(endip) not in net:
raise exceptions.BadRequest(
"End IP Addresses %s is not in subnet %s" %
(endip, subnet))
if not checkIPS(net, [gateway]):
raise exceptions.BadRequest(
"Gateway Address %s is not in subnet %s" %
(gateway, subnet))
if self.models.externalnetwork.count({"vlan": vlan}) > 0:
raise exceptions.Conflict(
"VLAN {} is already in use by another external network")
except netaddr.AddrFormatError as e:
raise exceptions.BadRequest(e.message)
if pingips is None:
pingips = "8.8.8.8"
pingips = self._checkPingIps(pingips)
pool = self.models.externalnetwork.new()
pool.gid = int(gid)
pool.gateway = gateway
pool.name = name
pool.pingips = pingips
pool.vlan = vlan or 0
pool.subnetmask = str(net.netmask)
pool.network = str(net.network)
pool.accountId = accountId or 0
pool.ips = [str(ip) for ip in netaddr.IPRange(startip, endip)]
pool.id, _, _ = self.models.externalnetwork.set(pool)
return pool.id
def get_ip_subnets(ip):
"""Get a list of subnets contained in the specified subnet.
:type ip: str
:param ip: The IP that subnets will be returned for.
:list[netaddr.IPNetwork]
"""
ip = ip.strip().replace(" ", "")
if "/" in ip:
return [netaddr.IPNetwork(ip)]
elif "-" in ip:
start_ip, end_ip = ip.split("-")
ip_set_object = netaddr.IPSet(netaddr.IPRange(start_ip, end_ip))
return [address for address in ip_set_object.iter_cidrs()]
else:
if is_ipv4_string(ip):
return [netaddr.IPNetwork(ip)]
else:
raise ValueError("Invalid IP string '{}'.".format(ip))
def check(parameters):
retval = []
try:
config = load_configuration(parameters['configuration_path'])
except ValueError as exc:
return [['error', 'Could not load configuration: %r.' % exc]]
for ruleset in config:
condition = ruleset[0].copy()
if 'source.network' in condition:
try:
ip_network(condition['source.network'])
except ValueError as exc:
retval += [[
'warning',
'%r is not a valid IP network: %r.' %
(condition['source.network'], exc)
]]
del condition['source.network']
if 'source.iprange' in condition:
try:
netaddr.IPRange(*condition['source.iprange'])
except ValueError as exc:
retval += [[
'warning',
'%r is not a valid IP range: %r.' %
(condition['source.iprange'], exc)
]]
del condition['source.iprange']
try:
Event(condition)
except Exception as exc:
retval += [[
'warning',
'Failed to parse conditions as Event: %r.' % (exc)
]]
try:
int(ruleset[1]['ttl'])
except ValueError as exc:
retval += [[
'error',
'%r is not a valid TTL: %r.' % (ruleset[1]['ttl'], exc)
]]
return retval
def _prepare_mocks(self):
mocks = {
'driver':
mock.Mock(),
'subnet':
mock.Mock(),
'subnet_request':
ipam_req.SpecificSubnetRequest(
self.tenant_id, self.subnet_id, '10.0.0.0/24', '10.0.0.1',
[netaddr.IPRange('10.0.0.2', '10.0.0.254')]),
}
mocks['driver'].get_subnet.return_value = mocks['subnet']
mocks['driver'].allocate_subnet.return_value = mocks['subnet']
mocks['driver'].get_subnet_request_factory = (
ipam_req.SubnetRequestFactory)
mocks['driver'].get_address_request_factory = (
ipam_req.AddressRequestFactory)
mocks['subnet'].get_details.return_value = mocks['subnet_request']
return mocks
