def test_create_ipv6_pd_subnet_over_ipam(self, pool_mock): mocks = self._prepare_mocks_with_pool_mock(pool_mock) cfg.CONF.set_override('ipv6_pd_enabled', True) cidr = n_const.PROVISIONAL_IPV6_PD_PREFIX allocation_pools = [netaddr.IPRange('::2', '::ffff:ffff:ffff:ffff')] with self.subnet(cidr=None, ip_version=6, subnetpool_id=constants.IPV6_PD_POOL_ID, ipv6_ra_mode=n_const.IPV6_SLAAC, ipv6_address_mode=n_const.IPV6_SLAAC): pool_mock.get_instance.assert_called_once_with(None, mock.ANY) self.assertTrue(mocks['driver'].allocate_subnet.called) request = mocks['driver'].allocate_subnet.call_args[0][0] self.assertIsInstance(request, ipam_req.SpecificSubnetRequest) self.assertEqual(netaddr.IPNetwork(cidr), request.subnet_cidr) self.assertEqual(allocation_pools, request.allocation_pools)
def resource_setup(cls): super(PortsRbacTest, cls).resource_setup() # Create a network and subnet. cls.network = cls.create_network() cls.cidr = netaddr.IPNetwork(CONF.network.project_network_cidr) cls.subnet = cls.create_subnet(cls.network, cidr=cls.cidr, mask_bits=24) cls.ip_range = netaddr.IPRange( cls.subnet['allocation_pools'][0]['start'], cls.subnet['allocation_pools'][0]['end']) cls.port = cls.create_port(cls.network) ipaddr = cls.port['fixed_ips'][0]['ip_address'] cls.port_ip_address = ipaddr cls.port_mac_address = cls.port['mac_address']
def test_dhcp_stateful_fixedips_outrange(self): """When port gets IP address from fixed IP range it shall be checked if it's from subnets range. """ kwargs = {'ipv6_ra_mode': 'dhcpv6-stateful', 'ipv6_address_mode': 'dhcpv6-stateful'} subnet = self.create_subnet(self.network, **kwargs) ip_range = netaddr.IPRange(subnet["allocation_pools"][0]["start"], subnet["allocation_pools"][0]["end"]) ip = netaddr.IPAddress(random.randrange( ip_range.last + 1, ip_range.last + 10)).format() self.assertRaises(lib_exc.BadRequest, self.create_port, self.network, fixed_ips=[{'subnet_id': subnet['id'], 'ip_address': ip}])
def test_create_port_in_allowed_allocation_pools(self): network = self.create_network() net_id = network['id'] address = self._get_ipaddress_from_tempest_conf() allocation_pools = {'allocation_pools': [{'start': str(address + 4), 'end': str(address + 6)}]} subnet = self.create_subnet(network, **allocation_pools) self.addCleanup(self.client.delete_subnet, subnet['id']) body = self.client.create_port(network_id=net_id) self.addCleanup(self.client.delete_port, body['port']['id']) port = body['port'] ip_address = port['fixed_ips'][0]['ip_address'] start_ip_address = allocation_pools['allocation_pools'][0]['start'] end_ip_address = allocation_pools['allocation_pools'][0]['end'] ip_range = netaddr.IPRange(start_ip_address, end_ip_address) self.assertIn(ip_address, ip_range)
def ripelookup(ipaddr): typefilter = "inetnum" source = "ripe" print ("Starting RIPE lookup for IP address: %s" % ipaddr) if (IPAddress(ipaddr).is_unicast()): #try: # payload = { "type-filter" : typefilter, "source" : source, "query-string" : ipaddr } # url = "http://rest.db.ripe.net/search" # headers={"Accept" : "application/json"} # response = requests.get(url, params=payload, headers=headers) # jsonresult = response.json() # attributelist = jsonresult['objects']['object'][0]['attributes']['attribute'] # for i in attributelist: # if i['name'] == "netname": # netname = i['value'] # if netname == "NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK": # return [] # elif i['name'] == "country": # country = i['value'] # elif i['name'] == "descr": # descr = i['value'] # elif i['name'] == "inetnum": # netrange = netaddr.IPRange(i['value'].partition(' - ')[0],i['value'].partition(' - ')[2]) #except requests.exceptions.ConnectionError: # print ("RIPE Connection Error") payload = { "type-filter" : typefilter, "source" : source, "query-string" : ipaddr } url = "http://rest.db.ripe.net/search" headers={"Accept" : "application/json"} response = requests.get(url, params=payload, headers=headers) print response jsonresult = response.json() print jsonresult attributelist = jsonresult['objects']['object'][0]['attributes']['attribute'] for i in attributelist: if i['name'] == "netname": netname = i['value'] if netname == "NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK": return [] elif i['name'] == "country": country = i['value'] elif i['name'] == "descr": descr = i['value'] elif i['name'] == "inetnum": netrange = netaddr.IPRange(i['value'].partition(' - ')[0],i['value'].partition(' - ')[2]) return([netrange, country, descr, netname])
def create_stix_ip_observable(namespace: str, indicator: dict) -> List[Observable]: """ Create STIX IP observable. Args: namespace: The XML namespace . indicator: The Demisto IP indicator. Returns: STIX IP observable. """ category = cybox.objects.address_object.Address.CAT_IPV4 type_ = indicator.get('indicator_type', '') value = indicator.get('value', '') if type_ in [FeedIndicatorType.IPv6, FeedIndicatorType.IPv6CIDR]: category = cybox.objects.address_object.Address.CAT_IPV6 indicator_values = [value] if '-' in value: # looks like an IP Range, let's try to make it a CIDR a1, a2 = value.split('-', 1) if a1 == a2: # same IP indicator_values = [a1] else: # use netaddr builtin algo to summarize range into CIDR iprange = netaddr.IPRange(a1, a2) cidrs = iprange.cidrs() indicator_values = list(map(str, cidrs)) observables = [] for indicator_value in indicator_values: id_ = f'{namespace}:observable-{uuid.uuid4()}' address_object = cybox.objects.address_object.Address( address_value=indicator_value, category=category ) observable = Observable( title=f'{type_}: {indicator_value}', id_=id_, item=address_object ) observables.append(observable) return observables
def _encode_indicator(self, indicator, value, expired=False): type_ = MM_2_WDATP_TYPE.get(value['type'], None) if type_ is None: self.statistics['error.unhandled_type'] += 1 raise RuntimeError('{} - Unhandled {}'.format(self.name, type_)) if value['type'] == 'IPv4' and '-' in indicator: a1, a2 = indicator.split('-', 1) r = netaddr.IPRange(a1, a2) indicators = [str(i) for i in r] else: indicators = [indicator] description = '{} indicator from {}'.format( type_, ', '.join(value['sources'])) title = 'MineMeld - {}'.format(indicator) creation = datetime.utcnow() creation = creation.isoformat() + 'Z' # Set Action to Block and Remediate for Hash types based on fall '21 schema update if "File" in type_ and self.action == 'Block': self.action = 'BlockAndRemediate' #expiration = datetime.utcnow() + timedelta(days=365) result = [] for i in indicators: d = dict(indicatorValue=i, indicatorType=type_, title=title, description=description, creationTimeDateTimeUtc=creation, action=self.action, generateAlert=True) if self.severity is not None: d['severity'] = self.severity if expired: expiration = datetime.utcnow() + timedelta(seconds=300) expiration = expiration.isoformat( ) + 'Z' # expiration is always in UTC d['expirationTime'] = expiration result.append(d) return result
def update_allocation(module, allocations): """Allocate an IP address on a network for a host. :param module: AnsibleModule instance :param allocations: Existing IP address allocations """ net_name = module.params['net_name'] hostname = module.params['hostname'] cidr = module.params['cidr'] allocation_pool_start = module.params['allocation_pool_start'] allocation_pool_end = module.params['allocation_pool_end'] network = netaddr.IPNetwork(cidr) result = { 'changed': False, } object_name = "%s_ips" % net_name net_allocations = allocations.setdefault(object_name, {}) invalid_allocations = { hn: ip for hn, ip in net_allocations.items() if netaddr.IPAddress(ip) not in network } if invalid_allocations: module.fail_json( msg="Found invalid existing allocations in network %s: %s" % (network, ", ".join("%s: %s" % (hn, ip) for hn, ip in invalid_allocations.items()))) if hostname not in net_allocations: result['changed'] = True allocated_ips = netaddr.IPSet(net_allocations.values()) if allocation_pool_start and allocation_pool_end: allocation_pool = netaddr.IPRange(allocation_pool_start, allocation_pool_end) allocation_pool = netaddr.IPSet(allocation_pool) else: allocation_pool = netaddr.IPSet([network]) free_ips = allocation_pool - allocated_ips for free_cidr in free_ips.iter_cidrs(): ip = free_cidr[0] break else: module.fail_json(msg="No unallocated IP addresses for %s in %s" % (hostname, net_name)) free_ips.remove(ip) net_allocations[hostname] = str(ip) result['ip'] = net_allocations[hostname] return result
def assign_ips(_upper_ref, _from_key, lower_refs, to_key, ip_start='192.168.0.1', ip_end='192.168.0.254', **_kwargs): """Assign ips to hosts' configurations.""" if not ip_start or not ip_end: raise ValueError('ip_start %s or ip_end %s is empty' % (ip_start, ip_end)) if not re.match(r'^\d+\.\d+\.\d+\.\d+$', ip_start): raise ValueError('ip_start %s formmat is not correct' % ip_start) if not re.match(r'^\d+\.\d+\.\d+\.\d+$', ip_end): raise ValueError('ip_end %s format is not correct' % ip_end) host_ips = {} unassigned_hosts = [] try: ips = netaddr.IPSet(netaddr.IPRange(ip_start, ip_end)) except Exception: raise ValueError('failed to create ip block [%s, %s]' % (ip_start, ip_end)) for lower_key, lower_ref in lower_refs.items(): ip_addr = lower_ref.get(to_key, '') if ip_addr: host_ips[lower_key] = ip_addr ips.remove(ip_addr) else: unassigned_hosts.append(lower_key) for ip_addr in ips: if not unassigned_hosts: break host = unassigned_hosts.pop(0) host_ips[host] = str(ip_addr) if unassigned_hosts: raise ValueError('there is no enough ips to assign to %s: [%s-%s]' % (unassigned_hosts, ip_start, ip_end)) logging.debug('assign %s: %s', to_key, host_ips) return host_ips
def netblock(addresses): """ Find the netblocks that our IP addresses belong to. Before doing a whois lookup for the netblock see if the IP address is already in our current netblocks. """ for ip in set([a[1] for a in addresses]): # If the IP is in one of our netblocks then move on. found = False for block in records['netblocks']: if ip in block[0]: found = True break if found is True: continue # If the ip is not in one of our netblocks then look up the netblock # associated with the IP. network = None try: resp = ipwhois.IPWhois(ip).lookup_rdap() network = resp['network'] except: continue if network is None: continue # Process the whois response name = network['name'] if name is None: name = 'Unknown' # If cidr is present then process it. If it is not present then # build the cidr from the range created by the start and end # addreses. if 'cidr' in network: cidr = network['cidr'].split(', ') records['netblocks'].extend([(netaddr.IPNetwork(c), name) for c in cidr]) else: range = netaddr.IPRange(network['start_address'], network['end_address']) records['netblocks'].append((range.cidrs()[0], name))
def run(self): results = [] if self.start is None: raise Exception('The provided start address cannot be empty') if self.end is None: raise Exception('The provided end address cannot be empty') try: range = netaddr.IPRange(self.start, self.end) for subnet in range.cidrs(): results.append(str(subnet)) print json.dumps(results) except netaddr.core.AddrFormatError: print json.dumps([])
def validate_ips_exclude_self(start_ip, end_ip, ip_id): result = validate_networks(start_ip, end_ip) if not result["result"]: return result try: ip_allocation = [] ip_all = IPs.objects.exclude(id=ip_id) for u in ip_all: ip_pools = netaddr.IPRange(u.start_ip, u.end_ip) ip_tem_list = [str(c) for c in ip_pools] ip_allocation += ip_tem_list if start_ip in ip_allocation or end_ip in ip_allocation: return {"result": False, "data": [u"该网段已存在或者该网段有部分IP在其它网段内"]} return {"result": True} except Exception, e: logger.exception(e) return {"result": False, "data": [u"系统出错,请联系管理员!"]}
def _find_ip_range(pool, gateway_ip): ret_pools = [] ip_range = netaddr.IPRange(pool['start'], pool['end']) ip_num = len(ip_range) for i, ip in enumerate(ip_range): if gateway_ip == ip: if i > 0: ret_pools.append({ 'start': ip_range[0].format(), 'end': ip_range[i - 1].format() }) if i < ip_num - 1: ret_pools.append({ 'start': ip_range[i + 1].format(), 'end': ip_range[ip_num - 1].format() }) return ret_pools
def resource_setup(cls): super(BaseMulticastTest, cls).resource_setup() if CONF.neutron_plugin_options.default_image_is_advanced: cls.flavor_ref = CONF.compute.flavor_ref cls.image_ref = CONF.compute.image_ref cls.username = CONF.validation.image_ssh_user else: cls.flavor_ref = ( CONF.neutron_plugin_options.advanced_image_flavor_ref) cls.image_ref = CONF.neutron_plugin_options.advanced_image_ref cls.username = CONF.neutron_plugin_options.advanced_image_ssh_user # setup basic topology for servers we can log into it cls.network = cls.create_network() cls.subnet = cls.create_subnet(cls.network) cls.router = cls.create_router_by_client() cls.create_router_interface(cls.router['id'], cls.subnet['id']) cls.keypair = cls.create_keypair() cls.secgroup = cls.os_primary.network_client.create_security_group( name='secgroup_mtu') cls.security_groups.append(cls.secgroup['security_group']) cls.create_loginable_secgroup_rule( secgroup_id=cls.secgroup['security_group']['id']) cls.create_pingable_secgroup_rule( secgroup_id=cls.secgroup['security_group']['id']) # Create security group rule for UDP (multicast traffic) cls.create_secgroup_rules( rule_list=[ dict(protocol=constants.PROTO_NAME_UDP, direction=constants.INGRESS_DIRECTION, remote_ip_prefix=cls.any_addresses, ethertype=cls.ethertype) ], secgroup_id=cls.secgroup['security_group']['id']) # Multicast IP range to be used for multicast group IP asignement if '-' in cls.multicast_group_range: multicast_group_range = netaddr.IPRange( *cls.multicast_group_range.split('-')) else: multicast_group_range = netaddr.IPNetwork( cls.multicast_group_range) cls.multicast_group_iter = iter(multicast_group_range)
def test_admin_range_update(self, _): data = self.env.neutron_networks_get(self.cluster.id).json_body admin = filter(lambda ng: ng['name'] == 'fuelweb_admin', data['networks'])[0] orig_range = netaddr.IPRange(admin['ip_ranges'][0][0], admin['ip_ranges'][0][1]) admin['ip_ranges'][0] = [str(orig_range[1]), str(orig_range[-2])] new_range = admin['ip_ranges'][0] resp = self.env.neutron_networks_put(self.cluster.id, data) self.assertEqual(resp.status_code, 200) data = self.env.neutron_networks_get(self.cluster.id).json_body admin = filter(lambda ng: ng['name'] == 'fuelweb_admin', data['networks'])[0] self.assertEqual(new_range, admin['ip_ranges'][0])
def get_all_addresses(my_interface): ip = netifaces.ifaddresses(my_interface)[2][0]['addr'] netmask = netifaces.ifaddresses(my_interface)[2][0]['netmask'] netaddr_ip = netaddr.IPAddress(ip) netaddr_netmask = netaddr.IPAddress(netmask) netaddr_network = netaddr_ip & netaddr_netmask netaddr_full_network = netaddr.IPNetwork( str(netaddr_ip) + '/' + str(netaddr_netmask)) netaddr_list = netaddr.IPRange(netaddr_network, netaddr_full_network[-2]) #Create a list sr compatible to avoid to use sr in a loop addr_list = [] for address in netaddr_list: addr_list.append(str(address)) return addr_list
def _generate_ips(self, context, prefer_next=False, num_addresses=1): """Generate a set of IPs from the set of available addresses.""" ip_allocations = netaddr.IPSet() for ipallocation in self.subnet_manager.list_allocations(context): ip_allocations.add(ipallocation.ip_address) for ip_pool in self.subnet_manager.list_pools(context): ip_set = netaddr.IPSet() ip_set.add(netaddr.IPRange(ip_pool.first_ip, ip_pool.last_ip)) av_set = ip_set.difference(ip_allocations) if av_set.size == 0: continue if av_set.size < num_addresses: # Not enough addresses in pool to perform validation # TODO(njohnston): How to handle when there are enough IPs but # not enough in a single pool to satisfy the request? continue if prefer_next: allocated_ip_pool = list( itertools.islice(av_set, num_addresses)) return [ str(allocated_ip) for allocated_ip in allocated_ip_pool ] window = min(av_set.size, MAX_WIN) # NOTE(gryf): If there is more than one address, make the window # bigger, so that are chances to fulfill demanded amount of IPs. if num_addresses > 1: window = min(av_set.size, num_addresses * MULTIPLIER, MAX_WIN_MULTI) if window < num_addresses: continue else: # Maximize randomness by using the random module's built in # sampling function av_ips = list(itertools.islice(av_set, 0, window)) allocated_ip_pool = random.sample(av_ips, num_addresses) return [str(allocated_ip) for allocated_ip in allocated_ip_pool] raise ipam_exc.IpAddressGenerationFailure( subnet_id=self.subnet_manager.neutron_id)
def test_update_allocation_pools(self): cidr = "192.168.1.0/24" ip_network = netaddr.IPNetwork(cidr) network = dict(name="public", tenant_id="fake", network_plugin="BASE") network = {"network": network} subnet = dict(id=1, ip_version=4, next_auto_assign_ip=2, cidr=cidr, first_ip=ip_network.first, last_ip=ip_network.last, ip_policy=None, tenant_id="fake") subnet = {"subnet": subnet} with self._stubs(network, subnet) as (net, sub1): subnet = subnet_api.get_subnet(self.context, 1) start_pools = subnet['allocation_pools'] new_pools = [ [dict(start='192.168.1.10', end='192.168.1.50')], [dict(start='192.168.1.5', end='192.168.1.25')], [dict(start='192.168.1.50', end='192.168.1.51')], [ dict(start='192.168.1.50', end='192.168.1.51'), dict(start='192.168.1.100', end='192.168.1.250') ], [dict(start='192.168.1.50', end='192.168.1.51')], start_pools, ] prev_pool = start_pools for pool in new_pools: subnet_update = {"subnet": dict(allocation_pools=pool)} subnet = subnet_api.update_subnet(self.context, 1, subnet_update) self.assertNotEqual(prev_pool, subnet['allocation_pools']) self.assertEqual(pool, subnet['allocation_pools']) policies = policy_api.get_ip_policies(self.context) self.assertEqual(1, len(policies)) policy = policies[0] ip_set = netaddr.IPSet() for ip in policy['exclude']: ip_set.add(netaddr.IPNetwork(ip)) for extent in pool: for ip in netaddr.IPRange(extent['start'], extent['end']): self.assertFalse(ip in ip_set) prev_pool = pool
def get_create_subnet_body(project_id, t_subnet, b_net_id, gateway_ip): """Get request body to create bottom subnet :param project_id: project id :param t_subnet: top subnet dict :param b_net_id: bottom network id :param gateway_ip: bottom gateway ip :return: request body to create bottom subnet """ pools = t_subnet['allocation_pools'] new_pools = [] g_ip = netaddr.IPAddress(gateway_ip) ip_found = False for pool in pools: if ip_found: new_pools.append({'start': pool['start'], 'end': pool['end']}) continue ip_range = netaddr.IPRange(pool['start'], pool['end']) ip_num = len(ip_range) for i, ip in enumerate(ip_range): if g_ip == ip: ip_found = True if i > 0: new_pools.append({ 'start': ip_range[0].format(), 'end': ip_range[i - 1].format() }) if i < ip_num - 1: new_pools.append({ 'start': ip_range[i + 1].format(), 'end': ip_range[ip_num - 1].format() }) body = { 'subnet': { 'network_id': b_net_id, 'name': t_subnet['id'], 'ip_version': t_subnet['ip_version'], 'cidr': t_subnet['cidr'], 'gateway_ip': gateway_ip, 'allocation_pools': new_pools, 'enable_dhcp': False, 'tenant_id': project_id } } return body
def left_call(self, line): if not line: return if '-' in line: self.left_ip_set.update([ ip for ip in netaddr.IPRange( line.split('-')[0].strip(), line.split('-')[1].strip()) ]) elif '/' in line: self.left_ip_set.update( [ip for ip in netaddr.IPNetwork(line.strip())]) else: try: return netaddr.IPNetwork(line) except netaddr.core.AddrFormatError as e: lg.error(f'Improper formatting of input: {e}') return None
def _find_available_ips(self, network, subnet, num): ports = self.safe_client.list_ports(network_id=network['id']) used_ips = netaddr.IPSet([ netaddr.IPAddress(ip['ip_address']) for port in ports for ip in port['fixed_ips'] ]) used_ips.add(netaddr.IPAddress(subnet['gateway_ip'])) # Note(lajoskatona): Suppose that we have 1 allocation pool for the # subnet, that should be quite good assumption for testing. valid_ip_pool = subnet['allocation_pools'][0] valid_ips = netaddr.IPSet( netaddr.IPRange(valid_ip_pool['start'], valid_ip_pool['end'])) valid_ips = valid_ips.difference(used_ips) if valid_ips.size < num: self.fail("Cannot find enough free IP addresses.") initial = random.randint(0, min(valid_ips.size - num, 1000)) available_ips = itertools.islice(valid_ips, initial, initial + num) return [str(available_ip) for available_ip in available_ips]
def test_create_ipv6_pd_subnet_over_ipam(self, pool_mock): mocks = self._prepare_mocks_with_pool_mock(pool_mock) # TODO(kevinbenton): remove after bug/1666493 is resolved sub = pool_mock.get_instance.return_value.get_subnet.return_value sub.subnet_manager.neutron_id = mock.ANY cfg.CONF.set_override('ipv6_pd_enabled', True) cidr = n_const.PROVISIONAL_IPV6_PD_PREFIX allocation_pools = [netaddr.IPRange('::2', '::ffff:ffff:ffff:ffff')] with self.subnet(cidr=None, ip_version=6, subnetpool_id=constants.IPV6_PD_POOL_ID, ipv6_ra_mode=constants.IPV6_SLAAC, ipv6_address_mode=constants.IPV6_SLAAC): self.assertEqual(2, pool_mock.get_instance.call_count) self.assertTrue(mocks['driver'].allocate_subnet.called) request = mocks['driver'].allocate_subnet.call_args[0][0] self.assertIsInstance(request, ipam_req.SpecificSubnetRequest) self.assertEqual(netaddr.IPNetwork(cidr), request.subnet_cidr) self.assertEqual(allocation_pools, request.allocation_pools)
def get_details(self): """Return subnet data as a SpecificSubnetRequest""" # get the pool from the backend pool_details = self._vcns.get_ipam_ip_pool(self._nsx_pool_id)[1] gateway_ip = pool_details['gateway'] # rebuild the cidr from the range & prefix cidr = self._get_pool_cidr(pool_details) pools = [] for ip_range in pool_details['ipRanges']: pools.append( netaddr.IPRange(ip_range['startAddress'], ip_range['endAddress'])) return ipam_req.SpecificSubnetRequest(self._tenant_id, self._subnet_id, cidr, gateway_ip=gateway_ip, allocation_pools=pools)
def main(ips, threads=10): if '-' in ips: start, end = ips.split('-') startlong = ip2int(start) endlong = ip2int(end) ips = netaddr.IPRange(start, end) for ip in list(ips): q.put(str(ip)) elif '/' in ips: ips = netaddr.IPNetwork(ips) for ip in ips: q.put(str(ip)) ths = [] for i in xrange(threads): th = Thread(target=http_banner, name='thread' + str(i)) th.start() ths.append(th)
def parseHosts(rawhosts): hosts = [] for host in rawhosts: if '-' in host: raw = host.split('-') startaddr = raw[0] temp = startaddr.split('.') endaddr = temp[0] + '.' + temp[1] + '.' + temp[2] + '.' + raw[1] for addr in list(netaddr.IPRange(startaddr, endaddr)): hosts.append(str(addr)) continue if '/' in host: for addr in list(netaddr.IPNetwork(host)): hosts.append(str(addr)) continue else: hosts.append(str(netaddr.IPAddress(host))) return list(set(hosts))
def check_allocation_pools_pairing(filedata, pools): if not isinstance(filedata, collections.Mapping): return ["The `filedata` argument must be a dictionary."] if not isinstance(pools, collections.Mapping): return ["The `pools` argument must be a dictionary."] errors = [] for poolitem, pooldata in six.iteritems(pools): pool_objs = [] if not isinstance(pooldata, collections.Iterable): errors.append('The IP ranges in {} must form a list.' .format(poolitem)) continue for dict_range in pooldata: try: pool_objs.append(netaddr.IPRange( netaddr.IPAddress(dict_range['start']), netaddr.IPAddress(dict_range['end']))) except Exception: errors.append("Invalid format of the IP range in {}: {}" .format(poolitem, dict_range)) continue subnet_item = poolitem.split('AllocationPools')[0] + 'NetCidr' try: network = filedata[subnet_item] subnet_obj = netaddr.IPNetwork(network) except KeyError: errors.append('The {} CIDR is not specified for {}.' .format(subnet_item, poolitem)) continue except Exception: errors.append('Invalid IP network: {}'.format(network)) continue for ranges in pool_objs: for range in ranges: if range not in subnet_obj: errors.append('Allocation pool {} {} outside of subnet' ' {}: {}'.format(poolitem, pooldata, subnet_item, subnet_obj)) break return errors
def addExternalNetwork(self, name, subnet, gateway, startip, endip, gid, vlan, accountId, pingips, **kwargs): """ Adds a public network range to be used for cloudspaces param:subnet the subnet to add in CIDR notation (x.x.x.x/y) """ gateway = gateway.strip() try: net = netaddr.IPNetwork(subnet) if netaddr.IPAddress(startip) not in net: raise exceptions.BadRequest( "Start IP Addresses %s is not in subnet %s" % (startip, subnet)) if netaddr.IPAddress(endip) not in net: raise exceptions.BadRequest( "End IP Addresses %s is not in subnet %s" % (endip, subnet)) if not checkIPS(net, [gateway]): raise exceptions.BadRequest( "Gateway Address %s is not in subnet %s" % (gateway, subnet)) if self.models.externalnetwork.count({"vlan": vlan}) > 0: raise exceptions.Conflict( "VLAN {} is already in use by another external network") except netaddr.AddrFormatError as e: raise exceptions.BadRequest(e.message) if pingips is None: pingips = "8.8.8.8" pingips = self._checkPingIps(pingips) pool = self.models.externalnetwork.new() pool.gid = int(gid) pool.gateway = gateway pool.name = name pool.pingips = pingips pool.vlan = vlan or 0 pool.subnetmask = str(net.netmask) pool.network = str(net.network) pool.accountId = accountId or 0 pool.ips = [str(ip) for ip in netaddr.IPRange(startip, endip)] pool.id, _, _ = self.models.externalnetwork.set(pool) return pool.id
def get_ip_subnets(ip): """Get a list of subnets contained in the specified subnet. :type ip: str :param ip: The IP that subnets will be returned for. :list[netaddr.IPNetwork] """ ip = ip.strip().replace(" ", "") if "/" in ip: return [netaddr.IPNetwork(ip)] elif "-" in ip: start_ip, end_ip = ip.split("-") ip_set_object = netaddr.IPSet(netaddr.IPRange(start_ip, end_ip)) return [address for address in ip_set_object.iter_cidrs()] else: if is_ipv4_string(ip): return [netaddr.IPNetwork(ip)] else: raise ValueError("Invalid IP string '{}'.".format(ip))
def check(parameters): retval = [] try: config = load_configuration(parameters['configuration_path']) except ValueError as exc: return [['error', 'Could not load configuration: %r.' % exc]] for ruleset in config: condition = ruleset[0].copy() if 'source.network' in condition: try: ip_network(condition['source.network']) except ValueError as exc: retval += [[ 'warning', '%r is not a valid IP network: %r.' % (condition['source.network'], exc) ]] del condition['source.network'] if 'source.iprange' in condition: try: netaddr.IPRange(*condition['source.iprange']) except ValueError as exc: retval += [[ 'warning', '%r is not a valid IP range: %r.' % (condition['source.iprange'], exc) ]] del condition['source.iprange'] try: Event(condition) except Exception as exc: retval += [[ 'warning', 'Failed to parse conditions as Event: %r.' % (exc) ]] try: int(ruleset[1]['ttl']) except ValueError as exc: retval += [[ 'error', '%r is not a valid TTL: %r.' % (ruleset[1]['ttl'], exc) ]] return retval
def _prepare_mocks(self): mocks = { 'driver': mock.Mock(), 'subnet': mock.Mock(), 'subnet_request': ipam_req.SpecificSubnetRequest( self.tenant_id, self.subnet_id, '10.0.0.0/24', '10.0.0.1', [netaddr.IPRange('10.0.0.2', '10.0.0.254')]), } mocks['driver'].get_subnet.return_value = mocks['subnet'] mocks['driver'].allocate_subnet.return_value = mocks['subnet'] mocks['driver'].get_subnet_request_factory = ( ipam_req.SubnetRequestFactory) mocks['driver'].get_address_request_factory = ( ipam_req.AddressRequestFactory) mocks['subnet'].get_details.return_value = mocks['subnet_request'] return mocks