Digital Mages

Digital Mages - Paranoid::Network(3)

Paranoid::Network

Section: User Contributed Perl Documentation (3)
Updated: 2022-03-08
Index  

NAME

Paranoid::Network - Network functions for paranoid programs  

VERSION

$Id: lib/Paranoid/Network.pm, 2.10 2022/03/08 00:01:04 acorliss Exp $  

SYNOPSIS

  use Paranoid::Network;

  $rv  = ipInNetworks($ip, @networks);
  $rv  = hostInDomains($host, @domains);
  $cidr = Paranoid::Network::NETMATCH();
  @ips = extractIPs($string1);
  @ips = extractIPs(@lines);
  $rv  = netIntersect( $cidr1, $cidr2 );

 

DESCRIPTION

This modules contains functions that may be useful for working with network data. It attempts to be IPv4/IPv6 agnostic, assuming IPv6 support is present. Due to the gradual introduction of IPv6 support into Perl there may be caveats. Please consult Paranoid::Network::Socket for more details.

NETMATCH and HOSTNAME_REGEX are not exported by default.  

IMPORT LISTS

This module exports the following symbols by default:

    ipInNetworks hostInDomains extractIPs netIntersect

The following specialized import lists also exist:

    List        Members
    --------------------------------------------------------
    all         @defaults NETMATCH HOSTNAME_REGEX

 

SUBROUTINES/METHODS

 

ipInNetworks

  $rv = ipInNetworks($ip, @networks);

This function checks the passed IP (in string format) against each of the networks or IPs in the list and returns true if there's a match. The list of networks can be either individual IP address or network addresses in CIDR notation or with full netmasks:

  @networks = qw(127.0.0.1 
                 192.168.0.0/24 
                 172.16.12.0/255.255.240.0);

You can safely comingle IPv4 & IPv6 addresses in the list to check against. Addresses not belonging to the same address family as the IP being tested will be ignored.

NOTE: IPv4 addresses encoded as IPv6 addresses, e.g.:

  ::ffff:192.168.0.5

are supported, however an IP address submitted in this format as the IP to test for will be converted to a pure IPv4 address and compared only against the IPv4 networks. This is meant as a convenience to the developer supporting dual-stack systems to avoid having to list IPv4 networks in the array twice like so:

  ::ffff:192.168.0.0/120, 192.168.0.0/24

Just list IPv4 as IPv4, IPv6 as IPv6, and this routine will convert IPv6-encoded IPv4 addresses automatically. This would make the following test return a true value:

  ipInNetworks( '::ffff:192.168.0.5', '192.168.0.0/24' );

but

  ipInNetworks( '::ffff:192.168.0.5', '::ffff:192.168.0.0/120' );

return a false value. This may seem counter intuitive, but it simplifies things in (my alternate) reality.

Please note that this automatic conversion only applies to the IP argument, not to any member of the network array.  

hostInDomains

  $rv = hostInDomains($host, @domains);

This function checks the passed hostname (fully qualified) against each of the domains in the list and returns true if there's a match. None of the domains should have the preceding '.' (i.e., 'foo.com' rather than '.foo.com').  

NETMATCH

  $cidr = Paranoid::Network::NETMATCH();

This stores the IP, network address, or domain that matched in ipInNetworks or hostInDomains. This returns undef if any function call fails to make a match.  

HOSTNAME_REGEX

    $rv = $hostname =~ /^@{[ HOSTNAME_REGEX ]}$/so;

This constant is just a regex meant to be a basic sanity check for appropriate hostnames. It is probably overly strict in accordance with outdated RFCs.  

extractIPs

    @ips = extractIPs($string1);
    @ips = extractIPs(@lines);

This function extracts IPv4/IPv6 addresses from arbitrary text. IPv6 support is contingent upon the presence of proper support (please see Paranoid::Network::Socket for more details).

This extracts only IP addresses, not network addresses in CIDR or dotted octet notation. In the case of the latter the netmask will be extracted as an additional address.

NOTE: in the interest of performance this function does only rough regex extraction of IP-looking candidates, then runs them through inet_aton (for IPv4) and inet_pton (for IPv6) to see if they successfully convert. Even with the overhead of Paranoid (with debugging and loadModule calls for Socket6 and what-not) it seems that this is an order of a magnitude faster than doing a pure regex extraction & validation of IPv6 addresses.

NOTE: Like the ipInNetworks function we filter out IPv4 addresses encoded as IPv6 addresses since that address is already returned as a pure IPv4 address.  

netIntersect

  $rv = netIntersect( $cidr1, $cidr2 );

This function is an IPv4/IPv6 agnostic wrapper for the ipv{4,6}NetIntersect functions provided by Paranoid::Network::IPv{4,6} modules. The return value from which ever function called is passed on directly. Passing this function non-IP or undefined values simply returns a zero.  

DEPENDENCIES

o
Paranoid
o
Paranoid::Debug
o
Paranoid::Network::Socket
o
Paranoid::Network::IPv4
o
Paranoid::Network::IPv6
 

BUGS AND LIMITATIONS

 

AUTHOR

Arthur Corliss (corliss@digitalmages.com)  

LICENSE AND COPYRIGHT

This software is free software. Similar to Perl, you can redistribute it and/or modify it under the terms of either:

  a)     the GNU General Public License
         <https://www.gnu.org/licenses/gpl-1.0.html> as published by the 
         Free Software Foundation <http://www.fsf.org/>; either version 1
         <https://www.gnu.org/licenses/gpl-1.0.html>, or any later version
         <https://www.gnu.org/licenses/license-list.html#GNUGPL>, or
  b)     the Artistic License 2.0
         <https://opensource.org/licenses/Artistic-2.0>,

subject to the following additional term: No trademark rights to ``Paranoid'' have been or are conveyed under any of the above licenses. However, ``Paranoid'' may be used fairly to describe this unmodified software, in good faith, but not as a trademark.

(c) 2005 - 2020, Arthur Corliss (corliss@digitalmages.com) (tm) 2008 - 2020, Paranoid Inc. (www.paranoid.com)


 

Index

NAME
VERSION
SYNOPSIS
DESCRIPTION
IMPORT LISTS
SUBROUTINES/METHODS
ipInNetworks
hostInDomains
NETMATCH
HOSTNAME_REGEX
extractIPs
netIntersect
DEPENDENCIES
BUGS AND LIMITATIONS
AUTHOR
LICENSE AND COPYRIGHT