def is_managed(self):
"""Returns True if this FQDN is a managed DN."""
for fqdn in saq.CONFIG['global']['local_domains'].split(','):
if is_subdomain(self.value, fqdn):
return True
return False
def is_whitelisted(self, value):
if is_ipv4(value):
for cidr in self.whitelisted_cidr:
if IPv4Address(value) in cidr:
logging.debug("{} matches whitelisted cidr {}".format(value, cidr))
return True
return False
for dst in self.whitelisted_fqdn:
if is_subdomain(value, dst):
logging.debug("{} matches whitelisted fqdn {}".format(value, dst))
return True
return False
def is_blacklisted(self, value):
if is_ipv4(value):
for cidr in self.blacklisted_cidr:
try:
if IPv4Address(value) in cidr:
logging.debug("{} matches blacklisted cidr {}".format(value, cidr))
return True
except Exception as e:
logging.error("failed to compare {} to {}: {}".format(value, cidr, e))
report_exception()
return False
for dst in self.blacklisted_fqdn:
if is_subdomain(value, dst):
logging.debug("{} matches blacklisted fqdn {}".format(value, dst))
return True
return False
def _matches_subdomain(self, value):
# is value equal to or a subdomain of self.value?
return is_subdomain(value, self.value)