Uploaded image for project: 'CFEngine Community'
  1. CFEngine Community
  2. CFE-3478

Functions for validating IP addresses

    XMLWordPrintable

    Details

    • Type: Story
    • Status: Open
    • Priority: (None)
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:
      None

      Description

      From: https://groups.google.com/g/help-cfengine/c/JmUub2581HE/m/ZgbzQMiKAgAJ

      It would be nice if there were functions that allowed us to validate strings as being IPv4 or IPv6 addresses for example isvalidip( "ipv4", "1.1.1.1" ), isvalidip( "ipv6", "FE80:CD00:0000:0CDE:1257:0000:211E:729C"). This is most useful in validating policy driven by data that comes from external systems.

      This capability should exist already as part of functions like isipinsubnet(). It's possible to do this validation from policy, but it could be easier.

      For example, this policy from Ted Zlatanov will validate ipv4 addresses.

      bundle agent main
      {
        vars:
            "candidates" slist => { "10510.17.10", "1.2.3.4", "", "100", "127.0.0.1", "5.9.10.22", "233.444.23.1", "300.123.123.1" };
      
        classes:
            "valid_$(candidates)" and => { isgreaterthan(format("%d", $(candidates)), 0),
                                          isipinsubnet(format("%d.0.0.0/8", $(candidates)), $(candidates)) };
      
        reports:
            "$(this.bundle): candidates '$(candidates)'";
            "$(this.bundle): VALID IP '$(candidates)'"
              if => canonify("valid_$(candidates)");
            "$(this.bundle): BAD IP '$(candidates)'"
              unless => canonify("valid_$(candidates)");
            "$(this.bundle): mask of $(candidates) is $(with)" with => format("%d.0.0.0/8", $(candidates));
      }
      
      R: main: candidates '10510.17.10'
      R: main: candidates '1.2.3.4'
      R: main: candidates ''
      R: main: candidates '100'
      R: main: candidates '127.0.0.1'
      R: main: candidates '5.9.10.22'
      R: main: candidates '233.444.23.1'
      R: main: candidates '300.123.123.1'
      R: main: VALID IP '1.2.3.4'
      R: main: VALID IP '127.0.0.1'
      R: main: VALID IP '5.9.10.22'
      R: main: BAD IP '10510.17.10'
      R: main: BAD IP ''
      R: main: BAD IP '100'
      R: main: BAD IP '233.444.23.1'
      R: main: BAD IP '300.123.123.1'
      R: main: mask of 10510.17.10 is 10510.0.0.0/8
      R: main: mask of 1.2.3.4 is 1.0.0.0/8
      R: main: mask of  is 0.0.0.0/8
      R: main: mask of 100 is 100.0.0.0/8
      R: main: mask of 127.0.0.1 is 127.0.0.0/8
      R: main: mask of 5.9.10.22 is 5.0.0.0/8
      R: main: mask of 233.444.23.1 is 233.0.0.0/8
      R: main: mask of 300.123.123.1 is 300.0.0.0/8
      

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              a10042 Nick Anderson
            • Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:

                Summary Panel