def encode(data, unitSize=AbstractType.defaultUnitSize(), endianness=AbstractType.defaultEndianness(), sign=AbstractType.defaultSign()): """Encodes the specified data into an IPAddress object :param data: the data to encode into an IPAddress :type data: str or raw bytes (BBBB) :return: the encoded IPAddress """ if isinstance(data, (str, int)): try: ip = IPAddress(data) if ip is not None and ip.version == 4 and not ip.is_netmask(): return ip except: pass try: structFormat = ">" if endianness == AbstractType.ENDIAN_BIG: structFormat = ">" if not sign == AbstractType.SIGN_SIGNED: structFormat += "bbbb" else: structFormat += "BBBB" quads = map(str, struct.unpack(structFormat, data)) strIP = string.join(quads, '.') ip = IPAddress(strIP) if ip is not None and ip.version == 4 and not ip.is_netmask(): return ip except Exception, e: raise TypeError("Impossible encode {0} into an IPv4 data ({1})".format(data, e))
def validate_ipv4_address(cls, _, value): """ Ensures the :attr:`ip` address is valid. This checks to ensure that the value provided is: * not a hostmask * not link local (:rfc:`3927`) * not used for multicast (:rfc:`1112`) * not a netmask (:rfc:`4632`) * not reserved (:rfc:`6052`) * a private address (:rfc:`1918`) """ if value is None: return value try: address = IPAddress(value) except (AddrFormatError, ValueError) as e: raise ValueError( "%s is not a valid address format: %s" % (value, e)) if ALLOW_AGENT_LOOPBACK: loopback = lambda: False else: loopback = address.is_loopback if any([address.is_hostmask(), address.is_link_local(), loopback(), address.is_multicast(), address.is_netmask(), address.is_reserved()]): raise ValueError("%s is not a valid address type" % value) return value
def _validate_network_information(self): all_errs = [] if self.subnet_mask_size > self.MAX_SUBNET_MASK_SIZE: all_errs.append( "Subnet size too small. Subnet mask should <= {}, current value: {}" .format(self.MAX_SUBNET_MASK_SIZE, self.subnet_mask_size)) cidr_base_validator = re.compile(self.VPC_CIDR_BASE_REGEX) if not cidr_base_validator.match(self.vpc_cidr_base): all_errs.append( "Invalid VPC CIDR base {}. VPC CIDR base should match regex {}" .format(self.vpc_cidr_base, self.VPC_CIDR_BASE_REGEX)) if self.trusted_cidrs: try: for cidr in self.trusted_cidrs: [ip, mask] = cidr.split("/") if ip == "0.0.0.0": if mask != "0": all_errs.append( "Trusting traffic from everywhere should specify \"0.0.0.0/0\" as trusted CIDR." ) else: if not 0 < int(mask) <= 32: all_errs.append( "Subnet mask {} should be greater than 0 but less than 32." .format(mask)) ipaddr = IPAddress(ip) if ipaddr.is_netmask(): all_errs.append( "Trusted CIDR {} should not be a net mask". format(ip)) if ipaddr.is_hostmask(): all_errs.append( "Trusted CIDR {} should not be a host mask". format(ip)) if ipaddr.is_reserved(): all_errs.append( "Trusted CIDR {} should not be in reserved range" .format(ip)) if ipaddr.is_loopback(): all_errs.append( "Trusted CIDR {} should not be a loop back address" .format(ip)) # Currently we don't support private VPC if ipaddr.is_private(): all_errs.append( "Trusted CIDR {} should not be a private address" .format(ip)) except ValueError as ve: all_errs.append( "Cannot parse trusted CIDRs ({}). Err: {}".format( self.trusted_cidrs, ve)) else: all_errs.append( "Please provide trusted CIDRs through --trusted-cidrs flag") return all_errs
def is_valid_netmask(ip_addr): """Valid the format of a netmask""" try: ip_address = IPAddress(ip_addr) return ip_address.is_netmask() except Exception: return False
def validate(url, schemes=None, tlds=None, private=None, local=None, credentials=None): ''' Validate and normalize an URL :param str url: The URL to validate and normalize :return str: The normalized URL :raises ValidationError: when URL does not validate ''' url = url.strip() private = config_for(private, 'URLS_ALLOW_PRIVATE') local = config_for(local, 'URLS_ALLOW_LOCAL') credentials = config_for(credentials, 'URLS_ALLOW_CREDENTIALS') schemes = config_for(schemes, 'URLS_ALLOWED_SCHEMES') tlds = config_for(tlds, 'URLS_ALLOWED_TLDS') match = URL_REGEX.match(url) if not match: error(url) scheme = (match.group('scheme') or '').lower() if scheme and scheme not in schemes: error(url, 'Invalid scheme {0}'.format(scheme)) if not credentials and match.group('credentials'): error(url, 'Credentials in URL are not allowed') tld = match.group('tld') if tld and tld not in tlds and idna(tld) not in tlds: error(url, 'Invalid TLD {0}'.format(tld)) ip = match.group('ipv6') or match.group('ipv4') if ip: try: ip = IPAddress(ip) except AddrFormatError: error(url) if ip.is_multicast(): error(url, '{0} is a multicast IP'.format(ip)) elif not ip.is_loopback() and ip.is_hostmask() or ip.is_netmask(): error(url, '{0} is a mask IP'.format(ip)) if not local: if ip and ip.is_loopback() or match.group('localhost'): error(url, 'is a local URL') if not private and ip and ip.is_private(): error(url, 'is a private URL') return url
def netmask_to_prefix(netmask): """ Takes netmask and turns to prefix :return: prefix as int """ ip = IPAddress(netmask) if ip.is_netmask(): return ip.netmask_bits() error_message = 'Param (%s) is not a valid netmask' % netmask raise ValueError(error_message)
def mask_checker(mask): try: subnet_mask = IPAddress(args.subnet_mask) if subnet_mask.is_netmask() == True: return subnet_mask else: print(f'{args.subnet_mask} is not a valid mask') return False except netaddr.core.AddrFormatError: print(f'failed to detect a valid subnet mask from {mask}') return False
def ipv4_to_cidr(address, netmask=None, prefixlen=None): a = IPAddress(address) n = IPNetwork(a) if netmask: assert prefixlen is None, 'Cannot provide both netmask and prefixlen' m = IPAddress(netmask) assert m.is_netmask(), 'A valid netmask is required' n.prefixlen = m.netmask_bits() else: assert prefixlen, 'Provide either netmask or prefixlen' n.prefixlen = int(prefixlen) return str(n.cidr)
def action_set_netmask(arg): print 'setting ip to "%s"' % arg ip = None try: ip = IPAddress(arg, flags=ZEROFILL) if not ip.is_netmask(): return 13 except: return 12 obj = {"static": {"netmask": str(ip)}} write_role('interfaces', obj)
class IPNetmaskValidator(Validator): def validate(self, value): """Return a boolean if the value is a valid netmask.""" try: self._choice = IPAddress(value) except AddrFormatError: self.error_message = '%s is not a valid IP address.' % value return False if self._choice.is_netmask(): return True else: self.error_message = '%s is not a valid IP netmask.' % value return False
def encode(data, unitSize=AbstractType.defaultUnitSize(), endianness=AbstractType.defaultEndianness(), sign=AbstractType.defaultSign()): """Encodes the specified data into an IPAddress object :param data: the data to encode into an IPAddress :type data: str or raw bytes (BBBB) :return: the encoded IPAddress """ if isinstance(data, (str, int)): try: ip = IPAddress(data) if ip is not None and ip.version == 4 and not ip.is_netmask(): return ip except: pass try: structFormat = ">" if endianness == AbstractType.ENDIAN_BIG: structFormat = ">" if not sign == AbstractType.SIGN_SIGNED: structFormat += "bbbb" else: structFormat += "BBBB" quads = list(map(str, struct.unpack(structFormat, data))) strIP = '.'.join(quads) ip = IPAddress(strIP) if ip is not None and ip.version == 4 and not ip.is_netmask(): return ip except Exception as e: raise TypeError( "Impossible encode {0} into an IPv4 data ({1})".format( data, e))
def _trusted_cidr_validator(input): from netaddr import IPAddress ret = [] for cidr in input.split(" "): cidr = cidr.strip() if not cidr: # skip whitespace continue ip, mask = cidr.split("/") if int(mask) < 0 or int(mask) > 32: raise ValueError( "CIDR {} is not valid as mask {} is not in range [0-32]". format(cidr, mask)) if ip != "0.0.0.0" or mask != '0': ipaddr = IPAddress(ip) if ipaddr.is_netmask(): raise ValueError( "Trusted CIDR {} should not be a net mask".format(ip)) if ipaddr.is_hostmask(): raise ValueError( "Trusted CIDR {} should not be a host mask".format(ip)) if ipaddr.is_reserved(): raise ValueError( "Trusted CIDR {} should not be in reserved range". format(ip)) if ipaddr.is_loopback(): raise ValueError( "Trusted CIDR {} should not be a loop back address". format(ip)) # Currently we don't support private VPC if ipaddr.is_private(): raise ValueError( "Trusted CIDR {} should not be a private address". format(ip)) ret.append(cidr) return ret
def ping(self, targets=list(), filename=str(), status=str()): """ Attempt to ping a list of hosts or networks (can be a single host) :param targets: List - Name(s) or IP(s) of the host(s). :param filename: String - name of the file containing hosts to ping :param status: String - if one of ['alive', 'dead', 'noip'] then only return results that have that status. If this is not specified, then all results will be returned. :return: Type and results depends on whether status is specified: if status == '': return dict: {targets: results} if status != '': return list: targets if targets == status """ if targets and filename: raise SyntaxError("You must specify only one of either targets=[] " "or filename=''.") elif not targets and not filename: raise SyntaxError("You must specify either a list of targets or " "filename='', but not both.") elif filename: targets = self.read_file(filename) my_targets = {'hosts': [], 'nets': []} addresses = [] # Check for valid networks and add hosts and nets to my_targets for target in targets: # Targets may include networks in the format "network mask", or, # a file could contain multiple hosts or IP's on a single line. if len(target.split()) > 1: target_items = target.split() for item in target_items: try: ip = IPAddress(item) # If it is an IPv4 address or mask put in in addresses if ip.version == 4: addresses.append(str(ip)) except AddrFormatError: # IP Address not detected, so assume it's a host name my_targets['hosts'].append(item) except ValueError: # CIDR network detected net = IPNetwork(item) # Make sure it is a CIDR address acceptable to fping if net.ip.is_unicast() and net.version == 4 and \ net.netmask.netmask_bits() in range(8, 31): my_targets['nets'].append(target_items[0]) else: msg = str(str(net) + ':Only IPv4 unicast addresses' ' with bit masks\n ' ' from 8 to 30 are supported.') raise AttributeError(msg) # Iterate over the IP strings in addresses while len(addresses) > 1: ip = IPAddress(addresses[0]) mask = IPAddress(addresses[1]) # Test to see if IP is unicast, and mask is an actual mask if ip.is_unicast() and mask.is_netmask(): net = IPNetwork(str(ip) + '/' + str( mask.netmask_bits())) # Convert ip and mask to CIDR and remove from addresses my_targets['nets'].append(str(net.cidr)) addresses.pop(0) addresses.pop(0) elif ip.is_unicast() and not ip.is_netmask(): # mask was not a mask so only remove IP and start over my_targets['hosts'].append(str(ip)) addresses.pop(0) # There could be one more item in addresses, so check it if addresses: ip = IPAddress(addresses[0]) if ip.is_unicast() and not ip.is_netmask(): my_targets['hosts'].append(addresses[0]) addresses.pop() # target has only one item, so check it else: try: ip = IPAddress(target) if ip.version == 4 and ip.is_unicast() and \ not ip.is_netmask(): my_targets['hosts'].append(target) else: msg = str(target + 'Only IPv4 unicast addresses are ' 'supported.') raise AttributeError(msg) except AddrFormatError: # IP Address not detected, so assume it's a host name my_targets['hosts'].append(target) except ValueError: # CIDR network detected net = IPNetwork(target) if net.ip.is_unicast() and net.version == 4 and \ net.netmask.netmask_bits() in range(8, 31): my_targets['nets'].append(target) else: msg = str(str(net) + ':Only IPv4 unicast addresses' ' with bit masks\n ' ' from 8 to 30 are supported.') raise AttributeError(msg) """ Build the list of commands to run. """ commands = [] if len(my_targets['hosts']) != 0: for target in range(len(my_targets['hosts'])): commands.append([self.fping, '-V', my_targets['hosts'][ target]]) if len(my_targets['nets']) != 0: for target in range(len(my_targets['nets'])): commands.append([self.fping, '-gV', my_targets['nets'][ target]]) """ Start pinging each item in my_targets and return the requested results when done. """ try: pool = ThreadPool(len(commands)) raw_results = pool.map(self.get_results, commands) self.results = {host: result for host, result in csv.reader( ''.join(raw_results).splitlines())} if not status: return self.results elif status == 'alive': return self.alive elif status == 'dead': return self.dead elif status == 'noip': return self.noip else: raise SyntaxError("Valid status options are 'alive', 'dead' or " "'noip'") finally: pool.close() pool.join()
def ping(self, targets=list(), filename=str(), status=str(), notDNS=False, elapsed=False ): """ Attempt to ping a list of hosts or networks (can be a single host) :param targets: List - Name(s) or IP(s) of the host(s). :param filename: String - name of the file containing hosts to ping :param status: String - if one of ['alive', 'dead', 'noip'] then only return results that have that status. If this is not specified, then all results will be returned. :param notDNS: Bolean - If True turn on use of -A option for fping for not use dns resolve names. Default is False. :param elapsed: Bolean - If True turn on use of -e option for fping for show elapsed time on return packets. Default is False. :return: Type and results depends on whether status is specified: if status == '': return dict: {targets: results} if status != '': return list: targets if targets == status """ if targets and filename: raise SyntaxError("You must specify only one of either targets=[] " "or filename=''.") elif not targets and not filename: raise SyntaxError("You must specify either a list of targets or " "filename='', but not both.") elif filename: targets = self.read_file(filename) my_targets = {'hosts': [], 'nets': []} addresses = [] # Check for valid networks and add hosts and nets to my_targets for target in targets: # Targets may include networks in the format "network mask", or, # a file could contain multiple hosts or IP's on a single line. if len(target.split()) > 1: target_items = target.split() for item in target_items: try: ip = IPAddress(item) # If it is an IPv4 address or mask put in in addresses if ip.version == 4: addresses.append(str(ip)) except AddrFormatError: # IP Address not detected, so assume it's a host name my_targets['hosts'].append(item) except ValueError: # CIDR network detected net = IPNetwork(item) # Make sure it is a CIDR address acceptable to fping if net.ip.is_unicast() and net.version == 4 and \ net.netmask.netmask_bits() in range(8, 31): my_targets['nets'].append(target_items[0]) else: msg = str(str(net) + ':Only IPv4 unicast addresses' ' with bit masks\n ' ' from 8 to 30 are supported.') raise AttributeError(msg) # Iterate over the IP strings in addresses while len(addresses) > 1: ip = IPAddress(addresses[0]) mask = IPAddress(addresses[1]) # Test to see if IP is unicast, and mask is an actual mask if ip.is_unicast() and mask.is_netmask(): net = IPNetwork(str(ip) + '/' + str( mask.netmask_bits())) # Convert ip and mask to CIDR and remove from addresses my_targets['nets'].append(str(net.cidr)) addresses.pop(0) addresses.pop(0) elif ip.is_unicast() and not ip.is_netmask(): # mask was not a mask so only remove IP and start over my_targets['hosts'].append(str(ip)) addresses.pop(0) # There could be one more item in addresses, so check it if addresses: ip = IPAddress(addresses[0]) if ip.is_unicast() and not ip.is_netmask(): my_targets['hosts'].append(addresses[0]) addresses.pop() # target has only one item, so check it else: try: ip = IPAddress(target) if ip.version == 4 and ip.is_unicast() and \ not ip.is_netmask(): my_targets['hosts'].append(target) else: msg = str(target + 'Only IPv4 unicast addresses are ' 'supported.') raise AttributeError(msg) except AddrFormatError: # IP Address not detected, so assume it's a host name my_targets['hosts'].append(target) except ValueError: # CIDR network detected net = IPNetwork(target) if net.ip.is_unicast() and net.version == 4 and \ net.netmask.netmask_bits() in range(8, 31): my_targets['nets'].append(target) else: msg = str(str(net) + ':Only IPv4 unicast addresses' ' with bit masks\n ' ' from 8 to 30 are supported.') raise AttributeError(msg) """ Build the list of common options for commands to run. """ options = '-V' # This is for default if notDNS: options += 'A' # show targets by ip else: options += 'n' # show target by name if elapsed: options += 'e' # show elapsed time on return packets """ Build the list of commands to run. """ commands = [] if len(my_targets['hosts']) != 0: for target in range(len(my_targets['hosts'])): commands.append([self.fping, options, my_targets['hosts'][ target]]) if len(my_targets['nets']) != 0: for target in range(len(my_targets['nets'])): netops = options + 'g' # generate target list for net target commands.append([self.fping, netops, my_targets['nets'][ target]]) """ Start pinging each item in my_targets and return the requested results when done. """ pool = ThreadPool(self.num_pools) raw_results = pool.map(self.get_results, commands) pool.close() pool.join() self.results = {line[0]: line[2:] for line in csv.reader( ''.join(raw_results).splitlines())} if not status: return self.results elif status == 'alive': return self.alive elif status == 'dead': return self.dead elif status == 'noip': return self.noip else: raise SyntaxError("Valid status options are 'alive', 'dead' or " "'noip'")
def reserved_ip_check(ip_string): """determine if IP address in RFC1918 or reserved""" # IP details for invalid IP addresses invalid_ip_details = { "country": "INVALID", "location": RESERVED_IP_COORDINATES, "subdivisions": "INVALID", "dch_company": "", "asn_number": "", "asn_name": "" } # IP details for MULTICAST IP addresses multicast_ip_details = { "country": "MULTICAST", "location": RESERVED_IP_COORDINATES, "subdivisions": "MULTICAST", "dch_company": "", "asn_number": "", "asn_name": "" } # IP details for PRIVATE IP addresses private_ip_details = { "country": "PRIVATE", "location": RESERVED_IP_COORDINATES, "subdivisions": "PRIVATE", "dch_company": "", "asn_number": "", "asn_name": "" } # IP details for RESERVED IP addresses reserved_ip_details = { "country": "RESERVED", "location": RESERVED_IP_COORDINATES, "subdivisions": "RESERVED", "dch_company": "", "asn_number": "", "asn_name": "" } # IP details for NETMASK IP addresses netmask_ip_details = { "country": "NETMASK", "location": RESERVED_IP_COORDINATES, "subdivisions": "NETMASK", "dch_company": "", "asn_number": "", "asn_name": "" } # IP details for HOSTMASK IP addresses hostmask_ip_details = { "country": "HOSTMASK", "location": RESERVED_IP_COORDINATES, "subdivisions": "HOSTMASK", "dch_company": "", "asn_number": "", "asn_name": "" } # IP details for LOOPBACK IP addresses loopback_ip_details = { "country": "LOOPBACK", "location": RESERVED_IP_COORDINATES, "subdivisions": "LOOPBACK", "dch_company": "", "asn_number": "", "asn_name": "" } # Check to see if IP matches a reserved category try: ip_address = IPAddress(ip_string) except AddrFormatError: return invalid_ip_details if ip_address.is_multicast(): return multicast_ip_details elif ip_address.is_private(): return private_ip_details elif ip_address.is_reserved(): return reserved_ip_details elif ip_address.is_netmask(): return netmask_ip_details elif ip_address.is_hostmask(): return hostmask_ip_details elif ip_address.is_loopback(): return loopback_ip_details elif ip_address.is_unicast() and not ip_address.is_private(): # Boolean to be returned if IP is Public ip_reserved = False return ip_reserved else: return invalid_ip_details