Пример #1
0
func routableIP(network string, ip net.IP) net.IP {
	if !ip.IsLoopback() && !ip.IsLinkLocalUnicast() && !ip.IsGlobalUnicast() {
		return nil
	}
	switch network {
	case "ip4":
		if ip := ip.To4(); ip != nil {
			return ip
		}
	case "ip6":
		if ip.IsLoopback() { // addressing scope of the loopback address depends on each implementation
			return nil
		}
		if ip := ip.To16(); ip != nil && ip.To4() == nil {
			return ip
		}
	default:
		if ip := ip.To4(); ip != nil {
			return ip
		}
		if ip := ip.To16(); ip != nil {
			return ip
		}
	}
	return nil
}
Пример #2
0
// IsGlobalIP determs passed ip address is global or not.
// if ip address is global , it returns address type(ip4 or ip6).
func IsGlobalIP(trial net.IP) string {
	type localIPrange struct {
		from net.IP
		to   net.IP
	}
	locals := []localIPrange{
		localIPrange{net.ParseIP("10.0.0.0"), net.ParseIP("10.255.255.255")},
		localIPrange{net.ParseIP("172.16.0.0"), net.ParseIP("172.31.255.255")},
		localIPrange{net.ParseIP("192.168.0.0"), net.ParseIP("192.168.255.255")}}

	if trial == nil || trial.IsLoopback() {
		return ""
	}
	//for udp6
	if trial.To4() == nil {
		if trial.IsGlobalUnicast() {
			return "ip6"
		}
		return ""
	}
	//for udp4
	for _, r := range locals {
		if bytes.Compare(trial, r.from) >= 0 && bytes.Compare(trial, r.to) <= 0 {
			return ""
		}
	}
	return "ip4"
}
Пример #3
0
func (d *Daemon) ListenAddresses() ([]string, error) {
	addresses := make([]string, 0)

	value, err := d.ConfigValueGet("core.https_address")
	if err != nil || value == "" {
		return addresses, err
	}

	localHost, localPort, err := net.SplitHostPort(value)
	if err != nil {
		localHost = value
		localPort = shared.DefaultPort
	}

	if localHost == "0.0.0.0" || localHost == "::" || localHost == "[::]" {
		ifaces, err := net.Interfaces()
		if err != nil {
			return addresses, err
		}

		for _, i := range ifaces {
			addrs, err := i.Addrs()
			if err != nil {
				continue
			}

			for _, addr := range addrs {
				var ip net.IP
				switch v := addr.(type) {
				case *net.IPNet:
					ip = v.IP
				case *net.IPAddr:
					ip = v.IP
				}

				if !ip.IsGlobalUnicast() {
					continue
				}

				if ip.To4() == nil {
					if localHost == "0.0.0.0" {
						continue
					}
					addresses = append(addresses, fmt.Sprintf("[%s]:%s", ip, localPort))
				} else {
					addresses = append(addresses, fmt.Sprintf("%s:%s", ip, localPort))
				}
			}
		}
	} else {
		if strings.Contains(localHost, ":") {
			addresses = append(addresses, fmt.Sprintf("[%s]:%s", localHost, localPort))
		} else {
			addresses = append(addresses, fmt.Sprintf("%s:%s", localHost, localPort))
		}
	}

	return addresses, nil
}
Пример #4
0
func isPublicIPv6(ip net.IP) bool {
	if ip.To4() != nil {
		// Not an IPv6 address (IPv4)
		// (To16() returns a v6 mapped v4 address so can't be used to check
		// that it's an actual v6 address)
		return false
	}

	return ip.IsGlobalUnicast()
}
Пример #5
0
Файл: xff.go Проект: mapix/xff
// IsPublicIP returns true if the given IP can be routed on the Internet
func IsPublicIP(ip net.IP) bool {
	if !ip.IsGlobalUnicast() {
		return false
	}
	for _, mask := range privateMasks {
		if mask.Contains(ip) {
			return false
		}
	}
	return true
}
Пример #6
0
func isBadIPv4(ip net.IP) bool {
	if ip.To4() == nil {
		panic("cannot be called for IPv6")
	}

	if ip.Equal(net.IPv4bcast) || !ip.IsGlobalUnicast() ||
		netPrivateClassA.Contains(ip) || netPrivateClassB.Contains(ip) || netPrivateClassC.Contains(ip) ||
		netTestNet.Contains(ip) || net6To4Relay.Contains(ip) {
		return true
	}

	return false
}
Пример #7
0
// getClientConnectURLs returns suitable URLs for clients to connect to the listen
// port based on the server options' Host and Port. If the Host corresponds to
// "any" interfaces, this call returns the list of resolved IP addresses.
func (s *Server) getClientConnectURLs() []string {
	s.mu.Lock()
	defer s.mu.Unlock()

	sPort := strconv.Itoa(s.opts.Port)
	urls := make([]string, 0, 1)

	ipAddr, err := net.ResolveIPAddr("ip", s.opts.Host)
	// If the host is "any" (0.0.0.0 or ::), get specific IPs from available
	// interfaces.
	if err == nil && ipAddr.IP.IsUnspecified() {
		var ip net.IP
		ifaces, _ := net.Interfaces()
		for _, i := range ifaces {
			addrs, _ := i.Addrs()
			for _, addr := range addrs {
				switch v := addr.(type) {
				case *net.IPNet:
					ip = v.IP
				case *net.IPAddr:
					ip = v.IP
				}
				// Skip non global unicast addresses
				if !ip.IsGlobalUnicast() || ip.IsUnspecified() {
					ip = nil
					continue
				}
				urls = append(urls, net.JoinHostPort(ip.String(), sPort))
			}
		}
	}
	if err != nil || len(urls) == 0 {
		// We are here if s.opts.Host is not "0.0.0.0" nor "::", or if for some
		// reason we could not add any URL in the loop above.
		// We had a case where a Windows VM was hosed and would have err == nil
		// and not add any address in the array in the loop above, and we
		// ended-up returning 0.0.0.0, which is problematic for Windows clients.
		// Check for 0.0.0.0 or :: specifically, and ignore if that's the case.
		if s.opts.Host == "0.0.0.0" || s.opts.Host == "::" {
			Errorf("Address %q can not be resolved properly", s.opts.Host)
		} else {
			urls = append(urls, net.JoinHostPort(s.opts.Host, sPort))
		}
	}
	return urls
}
Пример #8
0
func (p *Parser) isBlacklistedIP(addr net.IP) bool {
	// if whitelisted then return false
	for _, w := range p.WhitelistedIPNetworks {
		if w.Contains(addr) {
			return false
		}
	}

	// if blacklisted then return true
	for _, b := range p.BlacklistedIPNetworks {
		if b.Contains(addr) {
			return true
		}
	}

	// by default we disable local addresses and bradcast ones
	return !addr.IsGlobalUnicast()
}
Пример #9
0
func getLocalAddresses() ([]net.IP, error) {
	addrs, err := net.InterfaceAddrs()
	if err != nil {
		return nil, err
	}

	privates := make([]net.IPNet, 0, len(privateRanges))
	for _, s := range privateRanges {
		_, ipnet, err := net.ParseCIDR(s)
		if err != nil {
			panic(err)
		}
		privates = append(privates, *ipnet)
	}

	result := make([]net.IP, 0, 5)

addrLoop:
	for _, a := range addrs {
		var ip net.IP

		if ipaddr, ok := a.(*net.IPAddr); ok {
			ip = ipaddr.IP
		}

		if ipnet, ok := a.(*net.IPNet); ok {
			ip = ipnet.IP
		}

		if !ip.IsGlobalUnicast() {
			continue
		}

		for _, n := range privates {
			if n.Contains(ip) {
				continue addrLoop
			}
		}

		result = append(result, ip)
	}

	return result, nil
}
Пример #10
0
func isPublicIPv4(ip net.IP) bool {
	ip = ip.To4()
	if ip == nil {
		// Not an IPv4 address (IPv6)
		return false
	}

	// IsGlobalUnicast below only checks that it's not link local or
	// multicast, and we want to exclude private (NAT:ed) addresses as well.
	rfc1918 := []net.IPNet{
		{IP: net.IP{10, 0, 0, 0}, Mask: net.IPMask{255, 0, 0, 0}},
		{IP: net.IP{172, 16, 0, 0}, Mask: net.IPMask{255, 240, 0, 0}},
		{IP: net.IP{192, 168, 0, 0}, Mask: net.IPMask{255, 255, 0, 0}},
	}
	for _, n := range rfc1918 {
		if n.Contains(ip) {
			return false
		}
	}

	return ip.IsGlobalUnicast()
}
Пример #11
0
func isGlobalIP(ip net.IP) bool {
	if ip == nil {
		return false
	}
	if !ip.IsGlobalUnicast() {
		return false
	}
	if ip4 := ip.To4(); ip4 != nil {
		if ip4[0] == 10 {
			return false
		}
		if ip4[0] == 192 && ip4[1] == 168 {
			return false
		}
		if ip4[0] == 172 && ip4[1] >= 16 && ip4[1] <= 31 {
			return false
		}
	}
	// TODO(tav): Exclude unique local addresses within the block fc00::/7 for
	// IPv6 addresses.
	return true
}
Пример #12
0
func (self *defaultRuler) ConnectionAllowed(requestee, requested net.IP) RulerResult {
	if !requested.IsGlobalUnicast() {
		return DenyConnection
	}
	addrs, err := net.InterfaceAddrs()
	if err != nil {
		return DenyConnection
	}
	for _, addr := range addrs {
		switch ipa := addr.(type) {
		case *net.IPAddr:
			if ipa.IP.Equal(requested) {
				return DenyConnection
			}
		case *net.IPNet:
			if ipa.Contains(requested) {
				return DenyConnection
			}
		}
	}
	return AllowConnection
}
Пример #13
0
func routableIP(network string, ip net.IP) net.IP {
	if !ip.IsLoopback() && !ip.IsLinkLocalUnicast() && !ip.IsGlobalUnicast() {
		return nil
	}
	switch network {
	case "ip4":
		if ip := ip.To4(); ip != nil {
			return ip
		}
	case "ip6":
		if ip := ip.To16(); ip != nil && ip.To4() == nil {
			return ip
		}
	default:
		if ip := ip.To4(); ip != nil {
			return ip
		}
		if ip := ip.To16(); ip != nil {
			return ip
		}
	}
	return nil
}
Пример #14
0
func usableAddress(ip net.IP) bool {
	return ip.To4() != nil && ip.IsGlobalUnicast()
}
Пример #15
0
func isUnicast(ip net.IP) bool {
	return ip.To4() != nil && (ip.IsLoopback() || ip.IsLinkLocalUnicast() || ip.IsGlobalUnicast())
}
Пример #16
0
func ignoreIp(ip net.IP) bool {
	return !ip.IsGlobalUnicast() || isPrivateAddress(ip)
}