Exemple #1
0
// MaskToInt converts net.IPMask to integer.
// TODO Not strictly firewall method, maybe put in different place.
func MaskToInt(mask net.IPMask) (uint64, error) {
	var imask uint64
	m, err := strconv.ParseInt(mask.String(), 16, 64)
	imask = uint64(m)
	if err != nil {
		return 0, err
	}
	return imask, nil
}
Exemple #2
0
// ifaceAddIPv4Addr adds the given IPv4 address to the network interface.
func ifaceAddIPv4Addr(iface *net.Interface, ip net.IP, mask net.IPMask) error {
	if ip.To4() == nil {
		return fmt.Errorf("IP %v is not a valid IPv4 address", ip)
	}
	brd := make(net.IP, net.IPv4len)
	copy(brd, ip.To4())
	for i := 0; i < net.IPv4len; i++ {
		brd[i] |= ^mask[i]
	}
	prefixLen, _ := mask.Size()
	return ipRunIface(iface, "addr add %s/%d brd %s dev %s", ip, prefixLen, brd, iface.Name)
}
func getHostOnlyNetwork(nets map[string]*hostOnlyNetwork, hostIP net.IP, netmask net.IPMask) *hostOnlyNetwork {
	for _, n := range nets {
		// Second part of this conditional handles a race where
		// VirtualBox returns us the incorrect netmask value for the
		// newly created interface.
		if hostIP.Equal(n.IPv4.IP) &&
			(netmask.String() == n.IPv4.Mask.String() || n.IPv4.Mask.String() == buggyNetmask) {
			return n
		}
	}

	return nil
}
Exemple #4
0
func getHostOnlyNetwork(hostIP net.IP, netmask net.IPMask) (*hostOnlyNetwork, error) {
	nets, err := listHostOnlyNetworks()
	if err != nil {
		return nil, err
	}
	for _, n := range nets {
		if hostIP.Equal(n.IPv4.IP) &&
			netmask.String() == n.IPv4.Mask.String() {
			return n, nil
		}
	}
	return nil, nil
}
Exemple #5
0
func (r *MySQL) addNetwork(tx *sql.Tx, addr net.IP, mask net.IPMask) (netID uint64, err error) {
	qry := "INSERT INTO network (address, mask) VALUES (INET_ATON(?), ?)"
	ones, _ := mask.Size()
	result, err := tx.Exec(qry, addr.String(), ones)
	if err != nil {
		return 0, err
	}
	id, err := result.LastInsertId()
	if err != nil {
		return 0, err
	}

	return uint64(id), nil
}
Exemple #6
0
func getHostOnlyAdapter(nets map[string]*hostOnlyNetwork, hostIP net.IP, netmask net.IPMask) *hostOnlyNetwork {
	for _, n := range nets {
		// Second part of this conditional handles a race where
		// VirtualBox returns us the incorrect netmask value for the
		// newly created adapter.
		if hostIP.Equal(n.IPv4.IP) &&
			(netmask.String() == n.IPv4.Mask.String() || n.IPv4.Mask.String() == buggyNetmask) {
			log.Debugf("Found: %s", n.Name)
			return n
		}
	}

	log.Debug("Not found")
	return nil
}
Exemple #7
0
func (r *MySQL) addIPAddrs(tx *sql.Tx, netID uint64, addr net.IP, mask net.IPMask) error {
	stmt, err := tx.Prepare("INSERT INTO ip (network_id, address) VALUES (?, INET_ATON(?) + ?)")
	if err != nil {
		return err
	}
	defer stmt.Close()

	ones, bits := mask.Size()
	n_addrs := int(math.Pow(2, float64(bits-ones))) - 2 // Minus two due to network and broadcast addresses
	for i := 0; i < n_addrs; i++ {
		if _, err := stmt.Exec(netID, addr.String(), i+1); err != nil {
			return err
		}
	}

	return nil
}
Exemple #8
0
func NewContext(bridgePool net.IPNet, bridgeMask net.IPMask) (*Context, error) {
	pones, pbits := bridgePool.Mask.Size()
	mones, mbits := bridgeMask.Size()
	if pbits != mbits || mones < pones {
		return nil, fmt.Errorf("bridge mask is not compatiable with bridge pool mask")
	}

	ctx := &Context{
		defaultBridgeMask: bridgeMask,
		defaultBridgePool: NewAddressSpaceFromNetwork(&bridgePool),
		scopes:            make(map[string]*Scope),
		containers:        make(map[uid.UID]*Container),
	}

	s, err := ctx.NewScope(DefaultScopeName, BridgeScopeType, nil, net.IPv4(0, 0, 0, 0), nil, nil)
	if err != nil {
		return nil, err
	}
	s.builtin = true
	s.dns = []net.IP{s.gateway}
	ctx.defaultScope = s

	// add any external networks
	for nn, n := range Config.ContainerNetworks {
		if nn == "bridge" {
			continue
		}

		pools := make([]string, len(n.Pools))
		for i, p := range n.Pools {
			pools[i] = p.String()
		}

		s, err := ctx.NewScope(ExternalScopeType, nn, &net.IPNet{IP: n.Gateway.IP.Mask(n.Gateway.Mask), Mask: n.Gateway.Mask}, n.Gateway.IP, n.Nameservers, pools)
		if err != nil {
			return nil, err
		}

		s.builtin = true
	}

	return ctx, nil
}
Exemple #9
0
// Sets the IP for the interface. Superuser authentication is required.
func (self IFConfig) SetIP(interfaceName string,
	ipAddress net.IP, netMask net.IPMask) error {
	logger.Debug("IFConfig: Setting the IP and Netmask")

	if !authorized() {
		return ErrAuthRequired
	}

	cmd := exec.Command("sudo", "ifconfig", interfaceName, ipAddress.String(),
		"netmask", netMask.String())
	logger.Debug("Command Start: %v", cmd.Args)
	out, err := cmd.CombinedOutput()
	if err != nil {
		logger.Error("Command Error: %v : %v", err, limitText(out))
		return err
	}
	logger.Debug("Command Return: %v", limitText(out))

	return nil
}
Exemple #10
0
// ReserveNextIP4Net reserves a new sub address space within the given address
// space, given a bitmask specifying the "width" of the requested space.
func (s *AddressSpace) ReserveNextIP4Net(mask net.IPMask) (*AddressSpace, error) {
	ones, _ := mask.Size()
	for i, r := range s.availableRanges {
		network := r.FirstIP.Mask(mask).To16()
		var firstIP net.IP
		// check if the start of the current range
		// is lower than the network boundary
		if compareIP4(network, r.FirstIP) >= 0 {
			// found the start of the range
			firstIP = network
		} else {
			// network address is lower than the first
			// ip in the range; try the next network
			// in the mask
			for i := len(network) - 1; i >= 12; i-- {
				partialByteIndex := ones/8 + 12
				var inc byte
				if i == partialByteIndex {
					// this octet may only be occupied
					// by the mask partially, e.g.
					// for a /25, the last octet has
					// only one bit in the mask
					//
					// in order to get the next network
					// we need to increment starting at
					// the last bit of the mask, e.g. 25
					// in this example, which would be
					// bit 8 in the last octet.
					inc = (byte)(1 << (uint)(8-ones%8))
				} else if i < partialByteIndex {
					// we are past the partial octets,
					// so this is portion where the mask
					// occupies the octets fully, so
					// we can just increment the last bit
					inc = 1
				}

				if inc == 0 {
					continue
				}

				network[i] += inc
				if network[i] > 0 {
					firstIP = network
					break
				}

			}
		}

		if firstIP != nil {
			// we found the first IP for the requested range,
			// now check if the available range can accommodate
			// the highest address given the first IP and the mask
			lastIP := highestIP4(&net.IPNet{IP: firstIP, Mask: mask})
			if compareIP4(lastIP, r.LastIP) <= 0 {
				s.reserveSubRange(firstIP, lastIP, i)
				subSpace := NewAddressSpaceFromRange(firstIP, lastIP)
				subSpace.Network = &net.IPNet{IP: firstIP, Mask: mask}
				subSpace.Parent = s
				return subSpace, nil
			}
		}
	}

	return nil, fmt.Errorf("could not find IP range for mask %s", mask)
}
Exemple #11
0
// ifaceDelIPAddr deletes the given IP address from the network interface.
func ifaceDelIPAddr(iface *net.Interface, ip net.IP, mask net.IPMask) error {
	prefixLen, _ := mask.Size()
	return ipRunIface(iface, "addr del %s/%d dev %s", ip, prefixLen, iface.Name)
}