def iniplist(ipaddr, iplist):
"""Return whether ip is in cidr list
>>> iniplist('66.179.26.146',['127.0.0.1','66.179.26.128/26'])
True
>>> iniplist('127.0.0.1',['127.0.0.1','66.179.26.128/26'])
True
>>> iniplist('192.168.0.45',['192.168.0.*'])
True
>>> iniplist('4.2.2.2',['b.resolvers.Level3.net'])
True
>>> iniplist('2606:2800:220:1::',['example.com/40'])
True
>>> iniplist('4.2.2.2',['nothing.example.com'])
False
>>> iniplist('2001:610:779:0:223:6cff:fe9a:9cf3',['127.0.0.1','172.20.1.0/24','2001:610:779::/48'])
True
>>> iniplist('2G01:610:779:0:223:6cff:fe9a:9cf3',['127.0.0.1','172.20.1.0/24','2001:610:779::/48'])
Traceback (most recent call last):
...
ValueError: Invalid ip syntax:2G01:610:779:0:223:6cff:fe9a:9cf3
"""
if ip4re.match(ipaddr):
fam = socket.AF_INET
ipnum = addr2bin(ipaddr)
elif ip6re.match(ipaddr):
fam = socket.AF_INET6
ipnum = bin2long6(inet_pton(ipaddr))
else:
raise ValueError('Invalid ip syntax:' + ipaddr)
for pat in iplist:
p = pat.split('/', 1)
if ip4re.match(p[0]):
if len(p) > 1:
n = int(p[1])
else:
n = 32
if cidr(addr2bin(p[0]), n) == cidr(ipnum, n):
return True
elif ip6re.match(p[0]):
if len(p) > 1:
n = int(p[1])
else:
n = 128
if cidr(bin2long6(inet_pton(p[0])), n,
MASK6) == cidr(ipnum, n, MASK6):
return True
elif dnsre.match(p[0]):
try:
sfx = '/'.join([''] + p[1:])
addrlist = [
r[4][0] + sfx for r in socket.getaddrinfo(p[0], 25, fam)
]
if iniplist(ipaddr, addrlist):
return True
except socket.gaierror:
pass
elif fnmatchcase(ipaddr, pat):
return True
return False
def iniplist(ipaddr,iplist):
"""Return whether ip is in cidr list
>>> iniplist('66.179.26.146',['127.0.0.1','66.179.26.128/26'])
True
>>> iniplist('127.0.0.1',['127.0.0.1','66.179.26.128/26'])
True
>>> iniplist('192.168.0.45',['192.168.0.*'])
True
>>> iniplist('4.2.2.2',['b.resolvers.Level3.net'])
True
>>> iniplist('2606:2800:220:1::',['example.com/40'])
True
>>> iniplist('4.2.2.2',['nothing.example.com'])
False
>>> iniplist('2001:610:779:0:223:6cff:fe9a:9cf3',['127.0.0.1','172.20.1.0/24','2001:610:779::/48'])
True
>>> iniplist('2G01:610:779:0:223:6cff:fe9a:9cf3',['127.0.0.1','172.20.1.0/24','2001:610:779::/48'])
Traceback (most recent call last):
...
ValueError: Invalid ip syntax:2G01:610:779:0:223:6cff:fe9a:9cf3
"""
if ip4re.match(ipaddr):
fam = socket.AF_INET
ipnum = addr2bin(ipaddr)
elif ip6re.match(ipaddr):
fam = socket.AF_INET6
ipnum = bin2long6(inet_pton(ipaddr))
else:
raise ValueError('Invalid ip syntax:'+ipaddr)
for pat in iplist:
p = pat.split('/',1)
if ip4re.match(p[0]):
if len(p) > 1:
n = int(p[1])
else:
n = 32
if cidr(addr2bin(p[0]),n) == cidr(ipnum,n):
return True
elif ip6re.match(p[0]):
if len(p) > 1:
n = int(p[1])
else:
n = 128
if cidr(bin2long6(inet_pton(p[0])),n,MASK6) == cidr(ipnum,n,MASK6):
return True
elif dnsre.match(p[0]):
try:
sfx = '/'.join(['']+p[1:])
addrlist = [r[4][0]+sfx for r in socket.getaddrinfo(p[0],25,fam)]
if iniplist(ipaddr,addrlist):
return True
except socket.gaierror: pass
elif fnmatchcase(ipaddr,pat):
return True
return False
def sani_aaaa(self,a):
a = pyip6.inet_pton(a)
a2 = list(binascii.b2a_hex(a))
a2.reverse()
a2.extend(['ip6','arpa'])
#print a2
return '.'.join(a2)
def addr2bin(s):
"""Convert a string IPv4 address into an unsigned integer."""
if s.find(':') >= 0:
try:
return bin2long6(inet_pton(s))
except:
raise socket.error("Invalid IP6 address: "+s)
try:
return struct.unpack("!L", socket.inet_aton(s))[0]
except socket.error:
raise socket.error("Invalid IP4 address: "+s)
def addr2bin(s):
"""Convert a string IPv4 address into an unsigned integer."""
if s.find(':') >= 0:
try:
return bin2long6(inet_pton(s))
except:
raise socket.error("Invalid IP6 address: "+s)
try:
return struct.unpack("!L", socket.inet_aton(s))[0]
except socket.error:
raise socket.error("Invalid IP4 address: "+s)
def getaddr_from_list(self, addr_str, list):
for name in list:
if self.str_is_ipv6(list[name][0]):
# remove trailing zeroes from IPv6 address
a = pyip6.inet_pton(list[name][0])
cmp_addr = pyip6.inet_ntop(a)
else:
cmp_addr = list[name][0]
if self.sani(addr_str) == cmp_addr:
return name
return None
def iniplist(ipaddr,iplist):
"""Return whether ip is in cidr list
>>> iniplist('66.179.26.146',['127.0.0.1','66.179.26.128/26'])
True
>>> iniplist('127.0.0.1',['127.0.0.1','66.179.26.128/26'])
True
>>> iniplist('192.168.0.45',['192.168.0.*'])
True
>>> iniplist('2001:610:779:0:223:6cff:fe9a:9cf3',['127.0.0.1','172.20.1.0/24','2001:610:779::/48'])
True
>>> iniplist('2G01:610:779:0:223:6cff:fe9a:9cf3',['127.0.0.1','172.20.1.0/24','2001:610:779::/48'])
Traceback (most recent call last):
...
ValueError: Invalid ip syntax:2G01:610:779:0:223:6cff:fe9a:9cf3
"""
if ip4re.match(ipaddr):
ipnum = addr2bin(ipaddr)
elif ip6re.match(ipaddr):
ipnum = bin2long6(inet_pton(ipaddr))
else:
raise ValueError('Invalid ip syntax:'+ipaddr)
for pat in iplist:
p = pat.split('/',1)
if ip4re.match(p[0]):
if len(p) > 1:
n = int(p[1])
else:
n = 32
if cidr(addr2bin(p[0]),n) == cidr(ipnum,n):
return True
elif ip6re.match(p[0]):
if len(p) > 1:
n = int(p[1])
else:
n = 128
if cidr(bin2long6(inet_pton(p[0])),n,MASK6) == cidr(ipnum,n,MASK6):
return True
elif fnmatchcase(ipaddr,pat):
return True
return False
def getaddr(self, addr):
if addr is None:
return None
if self.str_is_ipv6(addr):
# remove trailing zeroes from IPv6 address
a = pyip6.inet_pton(addr)
addr_str = pyip6.inet_ntop(a)
if self.str_is_hit(addr):
return self.getaddr_from_list(addr_str, self.aaaa_hit)
else:
return self.getaddr_from_list(addr_str, self.aaaa)
else:
return self.getaddr_from_list(addr, self.a)
def addaddr6(self, addr):
n = inet_pton(addr)
self.buf = self.buf + n
def addaddr6(self, addr):
n = inet_pton(addr)
self.buf = self.buf + n
