MINOR: contrib/iprange: add a network IP range to mask converter

This tool has remained uncommitted in my development tree for almost a year.
Just minor polish and commit.

It can be used to convert some geolocation IP lists to ACLs.
This commit is contained in:
Willy Tarreau 2012-04-02 21:44:05 +02:00
parent 5dd7fa1f6b
commit 9bb0e2042e
2 changed files with 200 additions and 0 deletions

13
contrib/iprange/Makefile Normal file
View File

@ -0,0 +1,13 @@
CC = gcc
OPTIMIZE = -O3
LDFLAGS = -s
OBJS = iprange
all: $(OBJS)
%: %.c
$(CC) $(LDFLAGS) $(OPTIMIZE) -o $@ $^
clean:
rm -f $(OBJS) *.o *.a *~

187
contrib/iprange/iprange.c Normal file
View File

@ -0,0 +1,187 @@
/*
* network range to IP+mask converter
*
* Copyright 2011-2012 Willy Tarreau <w@1wt.eu>
*
* This program reads lines starting by two IP addresses and outputs them with
* the two IP addresses replaced by a netmask covering the range between these
* IPs (inclusive). When multiple ranges are needed, as many lines are emitted.
* The IP addresses may be delimited by spaces, tabs or commas. Quotes are
* stripped, and lines beginning with a sharp character ('#') are ignored. The
* IP addresses may be either in the dotted format or represented as a 32-bit
* integer value in network byte order.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version
* 2 of the License, or (at your option) any later version.
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#define MAXLINE 1024
/* returns a string version of an IPv4 address in host order */
static const char *get_ipv4_addr(unsigned int addr)
{
struct in_addr a;
a.s_addr = ntohl(addr);
return inet_ntoa(a);
}
/* print all networks present between address <low> and address <high> in
* cidr format, followed by <eol>.
*/
static void convert_range(unsigned int low, unsigned int high, const char *eol)
{
int bit;
if (low == high) {
/* single value */
printf("%s%s\n", get_ipv4_addr(low), eol);
return;
}
else if (low > high) {
int swap = low;
low = high;
high = swap;
}
if (low == high + 1) {
/* full range */
printf("0.0.0.0/0%s\n", eol);
return;
}
//printf("low=%08x high=%08x\n", low, high);
bit = 0;
while (bit < 32 && low + (1 << bit) - 1 <= high) {
/* enlarge mask */
if (low & (1 << bit)) {
/* can't aggregate anymore, dump and retry from the same bit */
printf("%s/%d%s\n", get_ipv4_addr(low), 32-bit, eol);
low += (1 << bit);
}
else {
/* try to enlarge the mask as much as possible first */
bit++;
//printf(" ++bit=%d\n", bit);
}
}
//printf("stopped 1 at low=%08x, bit=%d\n", low, bit);
bit = 31;
while (bit >= 0 && high - low + 1 != 0) {
/* shrink mask */
if ((high - low + 1) & (1 << bit)) {
/* large bit accepted, dump and go on from the same bit */
//printf("max: %08x/%d\n", low, 32-bit);
printf("%s/%d%s\n", get_ipv4_addr(low), 32-bit, eol);
low += (1 << bit);
}
else {
bit--;
//printf(" --bit=%d, low=%08x\n", bit, low);
}
}
//printf("stopped at low=%08x\n", low);
}
static void usage(const char *argv0)
{
fprintf(stderr,
"Usage: %s < iplist.csv\n"
"\n"
"This program reads lines starting by two IP addresses and outputs them with\n"
"the two IP addresses replaced by a netmask covering the range between these\n"
"IPs (inclusive). When multiple ranges are needed, as many lines are emitted.\n"
"The IP addresses may be delimited by spaces, tabs or commas. Quotes are\n"
"stripped, and lines beginning with a sharp character ('#') are ignored. The\n"
"IP addresses may be either in the dotted format or represented as a 32-bit\n"
"integer value in network byte order.\n"
"\n", argv0);
}
main(int argc, char **argv)
{
char line[MAXLINE];
int l, lnum;
char *lb, *le, *hb, *he, *err;
struct in_addr src_addr, dst_addr;
unsigned int sa, da;
if (argc > 1) {
usage(argv[0]);
exit(1);
}
lnum = 0;
while (fgets(line, sizeof(line), stdin) != NULL) {
l = strlen(line);
if (l && line[l - 1] == '\n')
line[--l] = '\0';
lnum++;
/* look for the first field which must be the low address of a range,
* in dotted IPv4 format or as an integer. spaces and commas are
* considered as delimiters, quotes are removed.
*/
for (lb = line; *lb == ' ' || *lb == '\t' || *lb == ',' || *lb == '"'; lb++);
if (!*lb || *lb == '#')
continue;
for (le = lb + 1; *le != ' ' && *le != '\t' && *le != ',' && *le != '"' && *le; le++);
if (!*le)
continue;
/* we have the low address between lb(included) and le(excluded) */
*(le++) = 0;
for (hb = le; *hb == ' ' || *hb == '\t' || *hb == ',' || *hb == '"'; hb++);
if (!*hb || *hb == '#')
continue;
for (he = hb + 1; *he != ' ' && *he != '\t' && *he != ',' && *he != '"' && *he; he++);
if (!*he)
continue;
/* we have the high address between hb(included) and he(excluded) */
*(he++) = 0;
/* we want to remove a possible ending quote and a possible comma,
* not more.
*/
while (*he == '"')
*(he++) = ' ';
while (*he == ',' || *he == ' ' || *he == '\t')
*(he++) = ' ';
/* if the trailing string is not empty, prefix it with a space */
if (*(he-1) == ' ')
he--;
if (inet_pton(AF_INET, lb, &src_addr) <= 0) {
/* parsing failed, retry with a plain numeric IP */
src_addr.s_addr = ntohl(strtoul(lb, &err, 10));
if (err && *err) {
fprintf(stderr, "Failed to parse source address <%s> at line %d, skipping line\n", lb, lnum);
continue;
}
}
if (inet_pton(AF_INET, hb, &dst_addr) <= 0) {
/* parsing failed, retry with a plain numeric IP */
dst_addr.s_addr = ntohl(strtoul(hb, &err, 10));
if (err && *err) {
fprintf(stderr, "Failed to parse destination address <%s> at line %d, skipping line\n", hb, lnum);
continue;
}
}
sa = htonl(src_addr.s_addr);
da = htonl(dst_addr.s_addr);
convert_range(sa, da, he);
}
}