def _format_host_range(self, host, range, allow_everything=False):
# IPv4?
try:
addr = ipaddress.IPv4Network(host, strict=False)
max = 4 if allow_everything else 3
# Round up subnet to nearest octet.
subnet = addr.prefixlen + (8 - addr.prefixlen % 8)
# Remove range mask.
subnet -= min(range, max) * 8
rangeaddr = addr.supernet(new_prefix=subnet).exploded.split(
'/', 1)[0]
return rangeaddr.replace('0', '*')
except ValueError:
pass
# IPv6?
try:
addr = ipaddress.IPv6Network(host, strict=False)
max = 4 if allow_everything else 3
# Round up subnet to nearest 32-et.
subnet = addr.prefixlen + (32 - addr.prefixlen % 32)
# Remove range mask.
subnet -= min(range, max) * 32
rangeaddr = addr.supernet(new_prefix=subnet).exploded.split(
'/', 1)[0]
return rangeaddr.replace(':0000', ':*')
except ValueError:
pass
# Host?
if '.' in host:
# Split pieces.
pieces = host.split('.')
max = len(pieces)
if not allow_everything:
max -= 1
# Figure out how many to mask.
to_mask = min(range, max)
# Mask pieces.
pieces[:to_mask] = '*' * to_mask
return '.'.join(pieces)
# Wat.
if allow_everything and range >= 4:
return '*'
else:
return host
def test_serialize_field_inetaddr(self):
test_data_ipv4 = b"\x00\x64\x00\x00\x00\x00\x00\x30\x00\x00\x00\xc8\x00\x00\x00\x01\x00\x00\x01\x2c\x06\x00\x00\x00\x01\x02\x03\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x20\x00\x00\x00\x00\x00\x00"
test_data_ipv6 = b"\x00\x64\x00\x00\x00\x00\x00\x30\x00\x00\x00\xc8\x00\x00\x00\x01\x00\x00\x01\x2c\x06\x00\x00\x00\x20\x01\x0d\xb8\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x01\x80\x00\x00\x00\x00\x00\x00"
m = netxms.Message(Command(100), 200)
m.set(Variable(300), ipaddress.IPv4Network('1.2.3.4/32'))
serialized = m.serialize()
self.assertEqual(serialized, test_data_ipv4)
m = netxms.Message(Command(100), 200)
m.set(Variable(300), ipaddress.IPv6Network('2001:db8::1/128'))
serialized = m.serialize()
self.assertEqual(serialized, test_data_ipv6)
def _calculate_address_pool(addrmask, ipv6=False):
"""
Return a pool of addresses contained in the network.
@param addrmask: Network in IP/mask format.
@return: A list of ip addresses
"""
if ipv6:
netobj = ipaddress.IPv6Network(addrmask, strict=False)
else:
netobj = ipaddress.IPv4Network(addrmask, strict=False)
return [format(addr) for addr in netobj]
def _secondary_tfvars(master_count, nodes_details, machine_net):
if machine_net.has_ip_v4:
secondary_master_starting_ip = str(
ipaddress.ip_address(
ipaddress.IPv4Network(
machine_net.provisioning_cidr_v4).network_address) + 10)
secondary_worker_starting_ip = str(
ipaddress.ip_address(
ipaddress.IPv4Network(
machine_net.provisioning_cidr_v4).network_address) + 10 +
int(master_count))
else:
secondary_master_starting_ip = str(
ipaddress.ip_address(
ipaddress.IPv6Network(
machine_net.provisioning_cidr_v6).network_address) + 16)
secondary_worker_starting_ip = str(
ipaddress.ip_address(
ipaddress.IPv6Network(
machine_net.provisioning_cidr_v6).network_address) + 16 +
int(master_count))
worker_count = nodes_details['worker_count']
if machine_net.has_ip_v4:
return {
'libvirt_secondary_worker_ips':
utils.create_ip_address_nested_list(
worker_count, starting_ip_addr=secondary_worker_starting_ip),
'libvirt_secondary_master_ips':
utils.create_ip_address_nested_list(
master_count, starting_ip_addr=secondary_master_starting_ip)
}
else:
return {
'libvirt_secondary_worker_ips':
utils.create_empty_nested_list(worker_count),
'libvirt_secondary_master_ips':
utils.create_empty_nested_list(master_count)
}
def ip_address_to_prefix(
ip_address,
prefix_length): # For OSPFv2 netmask can replace prefix length
if Utils.is_ipv4_address(ip_address):
return str(
ipaddress.IPv4Network((ip_address, prefix_length),
strict=False).network_address)
elif Utils.is_ipv6_address(ip_address):
return str(
ipaddress.IPv6Network((ip_address, prefix_length),
strict=False).network_address)
else:
raise ValueError("Invalid IP address")
def test_cidr_range_cleaner():
for cidr in cidr_ranges:
formatted_range = str()
new_list = [
section.replace("0000", "xxxx").lstrip("0") for section in
ipaddress.IPv6Network(cidr['input']).exploded.split(":")
]
formatted_range = ":".join(new_list)
formatted_range = formatted_range.replace("xxxx", "0")
assert formatted_range == cidr['output']
def test_single_domain_ip6(self):
with patch('dns.resolver.query', mock) as dns.resolver.query:
lookup = SPF2IP(None)
expected = [
'1080::8:800:0:0/96', '2a03:2880:f01c:601:dead:beef:0:1/128'
]
output = lookup.Worker('ipv61.local', '6')
self.assertTrue(type(output) is list)
self.assertEqual(sorted(list(set(output))), sorted(output))
self.assertEqual(expected, output)
for entry in output:
self.assertTrue(isinstance(entry, unicode))
self.assertTrue(ipaddress.IPv6Network(entry))
def unpack_cidr(buf):
family, prefix, is_cidr, length = struct.unpack('!BBBB', buf[:4])
if length == 4:
val = ipaddress.IPv4Network(buf[4:])
elif length == 16:
val = ipaddress.IPv6Network(buf[4:])
else:
raise InterfaceError('Unable to unpack \'inet\' value %r' % buf)
# This is violates the documented interface, but the interface provides
# no efficient way to create an IP*Network from packed data *with* a mask.
val._prefixlen = prefix
val.netmask = val._ip_int_from_prefix(val._prefixlen)
return val
def test_ipv6_prefix_roundtrips(self) -> None:
"""Test that random IPv6 network ranges roundtrip through prefix encoding."""
for _ in range(20):
net_bits = random.getrandbits(128)
for prefix_len in range(0, 129):
masked_bits = (net_bits >>
(128 - prefix_len)) << (128 - prefix_len)
net = ipaddress.IPv6Network(
(masked_bits.to_bytes(16, 'big'), prefix_len))
prefix = net_to_prefix(net)
self.assertTrue(len(prefix) <= 128)
net2 = prefix_to_net(prefix)
self.assertEqual(net, net2)
def route6_add(self, args):
try:
net = ipaddress.IPv6Network(args.network)
except Exception as e:
print("Sorry, {} does not look like an IPv6 network: {}".format(
args.network, e))
raise
url = "{}/route6/?password={}".format(RIPE_URL, args.password)
ripe_object = {}
ripe_object['route6'] = args.network
ripe_object['origin'] = "AS209898"
ripe_object['descr'] = args.description
ripe_object['mnt-by'] = "mnt-ungleich"
ripe_attributes = [{
"name": key,
"value": value
} for key, value in ripe_object.items()]
# Format according to API layout
ripe_element = {}
ripe_element['objects'] = []
ripe_element['objects'].append(
{"object": [{
"attributes": {
"attribute": ripe_attributes
}
}]})
data = json.dumps(ripe_element).encode('utf-8')
# debug
pprint.pprint(ripe_element)
method = 'POST'
req = urllib.request.Request(url=url,
data=data,
method='POST',
headers={
"Content-Type": "application/json",
"Accept": "application/json"
})
print("Adding a v6 route object at {} for {} with {} req={}".format(
url, args.network, data, str(req)))
with urllib.request.urlopen(req) as f:
print(f.read().decode('utf-8'))
def ipv6_get_country_code(ip_address):
with lock:
for record in database.search(query.type == 'ipv6'):
network = ipaddress.IPv6Network('{}/{}'.format(
record.get('start'), record.get('value')))
if ip_address in network:
country_code = record.get('country_code')
if six.PY2:
country_code = str(country_code)
logger.debug('Country code for ip=%s is %s.', ip_address,
country_code)
return country_code
logger.debug('Cannot find country code for ip=%s', ip_address)
return None
def _filter_ipv6(s, i):
ip = ipaddress.IPv6Network(i)
mask = ip.prefixlen
if mask < 32:
raise ValueError('prefix needs to be greater than or equal to 32')
start = binascii.b2a_hex(socket.inet_pton(
socket.AF_INET6, str(ip.network_address))).decode('utf-8')
end = binascii.b2a_hex(socket.inet_pton(
socket.AF_INET6, str(ip.broadcast_address))).decode('utf-8')
s = s.filter('range', indicator_ipv6={'gte': start, 'lte': end})
return s
def generate_ips(self):
'''
Generates the prefixes that will be added to the neighbor
'''
self.start_ip_pfx = '123.45.67.0/25'
self.start_ip6_pfx = '20d0:a808:0:80::/120'
self.ip_pfx_list = list(
ipaddress.ip_network(u'%s' %
self.start_ip_pfx).hosts())[0:self.ip_cnt]
self.ip_pfx_list = [str(ip) for ip in self.ip_pfx_list]
self.ip6_pfx_list = list(
ipaddress.IPv6Network(u'%s' %
self.start_ip6_pfx).hosts())[0:self.ip_cnt]
self.ip6_pfx_list = [str(ip) for ip in self.ip6_pfx_list]
def calc_prefix(arg, addresses):
"""Calculates the prefix for the list of addresses.
Creates the prefix from arg if one is supplied, otherwise computes the prefix
from the addresses.
"""
# This can throw an exception if they supplied an invalid netmask.
if arg:
return (ipaddress.ip_network(arg))
# Should be at least one address present or we return nothing.
if not addresses:
return None
v4max = int(ipaddress.IPv4Network('0.0.0.0/0').hostmask)
v6max = int(ipaddress.IPv6Network('::/0').hostmask)
v6bitsonly = v4max ^ v6max
# Prefix should be the same for both the ORed and ANDed values.
ival = int(addresses[0])
ored = ival
if ival <= v4max:
ival |= v6bitsonly
anded = ival
for address in addresses[1:]:
ival = int(address)
ored |= ival
if ival <= v4max:
ival |= v6bitsonly
anded &= ival
if ored > v4max:
all_bits = v6max
n_bits = 128
else:
all_bits = v4max
n_bits = 32
i = 0
low_bits = 2**i - 1
mask = low_bits ^ all_bits
while low_bits <= ored:
if (anded & mask) == (ored & mask):
break
i += 1
low_bits = 2**i - 1
mask = low_bits ^ all_bits
return ipaddress.ip_network(((anded & mask), (n_bits - i)))
def test_single_domain_with_mx_aaaa_external_longslash(self):
with patch('dns.resolver.query', mock) as dns.resolver.query:
expected = [
'::/97', '2a03:2880:f01c:601:1bad:babe:8000:0/97',
'2a03:2880:f01c:601:dead:beef::/97'
]
lookup = SPF2IP(None)
output = lookup.Worker('mxrecords_external_longslash.local', '6')
self.assertTrue(type(output) is list)
self.assertEqual(sorted(list(set(output))), sorted(output))
self.assertEqual(expected, output)
for entry in output:
self.assertTrue(isinstance(entry, unicode))
self.assertTrue(ipaddress.IPv6Network(entry))
def extract_ipv6_info():
# Extracts the desired IPv6 Information
answer = socket.has_ipv6
print(f"Is IPv6 support built into Python 3? {answer}")
for interface in ni.interfaces():
all_addresses = ni.ifaddresses(interface)
print(f"Interface: {interface}")
for family, addrs in all_addresses.items():
fam_name = ni.address_families[family]
print(f'Address(es) of Interface(s): {fam_name}')
for addr in addrs:
if fam_name == 'AF_INET6':
addr = addr['addr']
ipaddr = ip6.IPv6Network(addr)
ipvers = ip6.IPv6Network(addr).version
ipprefix = ip6.IPv6Network(addr).prefixlen
ipnet = ip6.IPv6Network(addr).network_address
ipcast = ip6.IPv6Network(addr).broadcast_address
print(f"\t IP Address: {ipaddr}")
print(f"\t IP Version: {ipvers}")
print(f"\t IP Prefix Length: {ipprefix}")
print(f"\t Network: {ipnet}")
print(f"\t Broadcast: {ipcast}")
def test_single_domain_with_aaaa(self):
with patch('dns.resolver.query', mock) as dns.resolver.query:
expected = [
'2a03:2880:f01c:601:1bad:babe:ffff:ffff/128',
'2a03:2880:f01c:601:dead:beef:0:1/128'
]
lookup = SPF2IP(None)
output = lookup.Worker('hostrecords.local', '6')
self.assertTrue(type(output) is list)
self.assertEqual(sorted(list(set(output))), sorted(output))
self.assertEqual(expected, output)
for entry in output:
self.assertTrue(isinstance(entry, unicode))
self.assertTrue(ipaddress.IPv6Network(entry))
class Fixture:
INT = 123
FLOAT = 1.23
BOOL = True
LIST = [1, 2, 3]
TUPLE = (1, 2, 3)
DEQUE = collections.deque([1, 2, 3])
SET = {1, 2, 3}
FROZEN_SET = frozenset([1, 2, 3])
CHAIN_MAP = collections.ChainMap({"a": 1, "b": 2}, {"c": 3, "d": 4})
MAPS_LIST = [{"a": 1, "b": 2}, {"c": 3, "d": 4}]
DICT = {"a": 1, "b": 2}
BYTES = b"123"
BYTES_BASE64 = "MTIz\n"
BYTE_ARRAY = bytearray(b"123")
STR = "123"
ENUM = MyEnum.a
INT_ENUM = MyIntEnum.a
FLAG = MyFlag.a
INT_FLAG = MyIntFlag.a
DATA_CLASS = MyDataClass(a=1, b=2)
NONE = None
DATETIME = datetime(2018, 10, 29, 12, 46, 55, 308495)
DATE = DATETIME.date()
TIME = DATETIME.time()
TIMEDELTA = timedelta(3.14159265358979323846)
TIMEZONE = timezone(timedelta(hours=3))
UUID = uuid.UUID("3c25dd74-f208-46a2-9606-dd3919e975b7")
UUID_STR = "3c25dd74-f208-46a2-9606-dd3919e975b7"
IP4ADDRESS_STR = "127.0.0.1"
IP4ADDRESS = ipaddress.IPv4Address(IP4ADDRESS_STR)
IP6ADDRESS_STR = "::1"
IP6ADDRESS = ipaddress.IPv6Address(IP6ADDRESS_STR)
IP4NETWORK_STR = "127.0.0.0/8"
IP4NETWORK = ipaddress.IPv4Network(IP4NETWORK_STR)
IP6NETWORK_STR = "::/128"
IP6NETWORK = ipaddress.IPv6Network(IP6NETWORK_STR)
IP4INTERFACE_STR = "192.168.1.1/24"
IP4INTERFACE = ipaddress.IPv4Interface(IP4INTERFACE_STR)
IP6INTERFACE_STR = "::1/128"
IP6INTERFACE = ipaddress.IPv6Interface(IP6INTERFACE_STR)
DECIMAL = decimal.Decimal("1.33")
DECIMAL_STR = "1.33"
FRACTION = fractions.Fraction("1/3")
FRACTION_STR = "1/3"
MUTABLE_STRING = MutableString(STR)
MUTABLE_STRING_STR = STR
CUSTOM_PATH = CustomPath("/a/b/c")
CUSTOM_PATH_STR = "/a/b/c"
CUSTOM_SERIALIZE = "_FOOBAR_"
def add_ndp_proxy(ip, dev, vlan=None):
# FIXME(ltomasbo): This should use pyroute instead but I didn't find
# out how
net_ip = str(ipaddress.IPv6Network(ip, strict=False).network_address)
dev_name = dev
if vlan:
dev_name = "{}.{}".format(dev, vlan)
command = ["ip", "-6", "nei", "add", "proxy", net_ip, "dev", dev_name]
try:
return processutils.execute(*command, run_as_root=True)
except Exception as e:
LOG.error("Unable to execute {}. Exception: {}".format(
command, e))
raise
def DecodeIPv6Prefix(value):
try:
import ipaddress
except ImportError:
raise Exception('ipaddress module is required for IPv6Prefix support')
_, prefixlen = struct.unpack('BB', value[0:2])
assert prefixlen <= 128
if len(value[2:]) % 2 == 1: # pad last incomplete block with zero
value += six.b('\x00')
fmt = '!' + ('H' * (len(value[2:]) // 2))
blocks = ['0'] * 8
for index, block in enumerate(struct.unpack(fmt, value[2:])):
blocks[index] = six.u('{:x}').format(block)
prefix = six.u(':').join(blocks)
return ipaddress.IPv6Network(six.u('{}/{}').format(prefix, prefixlen))
def __init__(self, network_ip: str, host_discovery: AbstractHostDiscovery):
"""
:param network_ip: IP of the targeted network with, or without submask
:param host_discovery: Type of the network mapping to be performed
"""
if verify_ipv4(network_ip):
self.network_addresses = ipaddress.IPv4Network(network_ip)
elif verify_ipv6(network_ip):
self.network_addresses = ipaddress.IPv6Network(network_ip)
else:
raise InvalidIPError(network_ip)
self.network_result = NetworkDiscoveryResult(network_ip, host_discovery)
self.host_discovery = host_discovery
def host_ping_ether(dest, interface, ttl=10, add_interface=False, add_route=False, gateway=None):
if add_interface:
host.bash(f'ip -6 addr add {interface}/64 dev {host.ETH_DEV} scope global')
route = str(ipaddress.IPv6Network(f'{interface}/64', strict=False))
host.bash(f'ip -6 route del {route} dev {host.ETH_DEV}')
if add_route:
host.bash(f'ip -6 route add {dest} dev {host.ETH_DEV} via {gateway}')
self.simulator.go(2)
result = host.ping_ether(dest, ttl=ttl, interface=interface)
if add_route:
host.bash(f'ip -6 route del {dest}')
if add_interface:
host.bash(f'ip -6 addr del {interface}/64 dev {host.ETH_DEV} scope global')
self.simulator.go(1)
return result
def test_ip6_results(self):
with patch('dns.resolver.query', mock) as dns.resolver.query:
expected = [
'::9/128', '::1:1/128', '1080::8:800:0:0/96',
'2a03:2880:f01c:601:1bad:babe:0:1/128',
'2a03:2880:f01c:601:dead:beef:0:1/128'
]
lookup = SPF2IP('redirect.local')
output = lookup.IPArray('6')
self.assertTrue(type(output) is list)
self.assertEqual(sorted(list(set(output))), sorted(output))
self.assertEqual(expected, output)
for entry in output:
self.assertTrue(isinstance(entry, unicode))
self.assertTrue(ipaddress.IPv6Network(entry))
def out(self):
try:
in_net = ipaddress.IPv6Address(self.getRemoteIP()) in ipaddress.IPv6Network(self.http.getApp().getConfig().get('network-ipv6-space'))
except:
in_net = False
if not in_net:
return self.http.send_return(404, 'This only works inside %s' % self.http.getApp().getConfig().get('network-ipv6-space'))
tunnel_config = self.setup_tunnel()
if tunnel_config:
return self.http.send_return(200, tunnel_config)
else:
return self.http.send_return(400, 'Ran out of IP space')
def random_private_ip(cidr=None, ipv6=False):
# prefix - ula.prefixlen : get number of remaing length for the IP.
# prefix will be 32 for IPv4 and 128 for IPv6.
# random.getrandbits() will generate remaining bits for IPv6 or Ipv4 in decimal format
if cidr:
if ipv6:
ula = ipaddress.IPv6Network(cidr)
return str(ula.network_address + (random.getrandbits(128 - ula.prefixlen)))
ula = ipaddress.IPv4Network(cidr)
return str(ula.network_address + (random.getrandbits(32 - ula.prefixlen)))
if ipv6:
return "2001::cafe:%x/64" % random.getrandbits(16)
return "10.{0}.{1}.{2}".format(
random.choice(range(255)), random.choice(range(255)), random.choice(range(255))
)
def test_make_section_nomock(provider, asserts, live_config):
provider.ranges = {
asnblock.Target("enwiki"): [
ipaddress.IPv4Network("10.0.0.0/16"),
ipaddress.IPv4Network("10.1.0.0/32"),
ipaddress.IPv6Network("fd00::/19"),
ipaddress.IPv6Network("fd00:2000::/128"),
],
asnblock.Target("enwiki", "30"): [
ipaddress.IPv4Network("10.1.0.0/32"),
],
asnblock.Target("centralauth"): [
ipaddress.IPv6Network("fd00::/19"),
ipaddress.IPv6Network("fd00:3000::/128"),
],
}
site_config = live_config.sites["enwiki"]
section = asnblock.make_section(provider, site_config,
asnblock.Target("enwiki"))
for statement in asserts:
assert statement in section
assert "spinach" not in section
def handle_dhclient6_command_old_ip6_prefix(self, command_obj) -> None:
old_ip6_prefix = command_obj.get('old_ip6_prefix')
if old_ip6_prefix is not None:
subnet = ipaddress.IPv6Network(old_ip6_prefix)
try:
del self.my_lan_prefixes[subnet]
except KeyError:
pass
try:
with pyroute2.IPRoute() as netlink_route:
idx = netlink_route.link_lookup(ifname=self.lan_interface)[0]
netlink_route.addr('del', index=idx, address=str(subnet[1]), prefixlen=subnet.prefixlen)
except pyroute2.NetlinkError:
logging.error('dhclient6_command could not delete old prefix first address')
def _get_vips_ips(machine_net):
if machine_net.has_ip_v4:
network_subnet_starting_ip = str(
ipaddress.ip_address(
ipaddress.IPv4Network(machine_net.cidr_v4).network_address) +
100)
else:
network_subnet_starting_ip = str(
ipaddress.ip_address(
ipaddress.IPv6Network(machine_net.cidr_v6).network_address) +
100)
ips = utils.create_ip_address_list(
2,
starting_ip_addr=str(ipaddress.ip_address(network_subnet_starting_ip)))
return ips[0], ips[1]
def prefix_to_net(
prefix: List[bool]
) -> Union[ipaddress.IPv4Network, ipaddress.IPv6Network]:
"""The reverse operation of net_to_prefix."""
# Convert to number
netrange = sum(b << (127 - i) for i, b in enumerate(prefix))
num_bits = len(prefix)
assert num_bits <= 128
# Return IPv4 range if in ::ffff:0:0/96
if num_bits >= 96 and (netrange >> 32) == 0xffff:
return ipaddress.IPv4Network((netrange & 0xffffffff, num_bits - 96),
True)
# Return IPv6 range otherwise.
return ipaddress.IPv6Network((netrange, num_bits), True)
def ip_in_blacklist(ip):
if IP_BLACKLIST is None:
return False
if is_ipv6(ip):
for blacklisted_network in IP_BLACKLIST:
if is_ipv6(blacklisted_network) and ipaddress.IPv6Address(
u(ip)) in ipaddress.IPv6Network(u(blacklisted_network)):
return True
else:
for blacklisted_network in IP_BLACKLIST:
if not is_ipv6(blacklisted_network) and ipaddress.IPv4Address(
u(ip)) in ipaddress.IPv4Network(u(blacklisted_network)):
return True
return False
