NAME
Paranoid::Network - Network functions for paranoid programs
VERSION
$Id: lib/Paranoid/Network.pm, 2.07 2019/01/30 18:25:27 acorliss Exp $
SYNOPSIS
use Paranoid::Network;
$rv = ipInNetworks($ip, @networks);
$rv = hostInDomains($host, @domains);
$cidr = Paranoid::Network::NETMATCH();
@ips = extractIPs($string1);
@ips = extractIPs(@lines);
$rv = netIntersect( $cidr1, $cidr2 );
DESCRIPTION
This modules contains functions that may be useful for working with network data. It attempts to be IPv4/IPv6 agnostic, assuming IPv6 support is present. Due to the gradual introduction of IPv6 support into Perl there may be caveats. Please consult Paranoid::Network::Socket for more details.
NETMATCH and HOSTNAME_REGEX are not exported by default.
SUBROUTINES/METHODS
ipInNetworks
$rv = ipInNetworks($ip, @networks);
This function checks the passed IP (in string format) against each of the networks or IPs in the list and returns true if there's a match. The list of networks can be either individual IP address or network addresses in CIDR notation or with full netmasks:
@networks = qw(127.0.0.1
192.168.0.0/24
172.16.12.0/255.255.240.0);
You can safely comingle IPv4 & IPv6 addresses in the list to check against. Addresses not belonging to the same address family as the IP being tested will be ignored.
NOTE: IPv4 addresses encoded as IPv6 addresses, e.g.:
::ffff:192.168.0.5
are supported, however an IP address submitted in this format as the IP to test for will be converted to a pure IPv4 address and compared only against the IPv4 networks. This is meant as a convenience to the developer supporting dual-stack systems to avoid having to list IPv4 networks in the array twice like so:
::ffff:192.168.0.0/120, 192.168.0.0/24
Just list IPv4 as IPv4, IPv6 as IPv6, and this routine will convert IPv6-encoded IPv4 addresses automatically. This would make the following test return a true value:
ipInNetworks( '::ffff:192.168.0.5', '192.168.0.0/24' );
but
ipInNetworks( '::ffff:192.168.0.5', '::ffff:192.168.0.0/120' );
return a false value. This may seem counter intuitive, but it simplifies things in (my alternate) reality.
Please note that this automatic conversion only applies to the IP argument, not to any member of the network array.
hostInDomains
$rv = hostInDomains($host, @domains);
This function checks the passed hostname (fully qualified) against each of the domains in the list and returns true if there's a match. None of the domains should have the preceding '.' (i.e., 'foo.com' rather than '.foo.com').
NETMATCH
$cidr = Paranoid::Network::NETMATCH();
This stores the IP, network address, or domain that matched in ipInNetworks or hostInDomains. This returns undef if any function call fails to make a match.
HOSTNAME_REGEX
$rv = $hostname =~ /^@{[ HOSTNAME_REGEX ]}$/so;
This constant is just a regex meant to be a basic sanity check for appropriate hostnames. It is probably overly strict in accordance with outdated RFCs.
extractIPs
@ips = extractIPs($string1);
@ips = extractIPs(@lines);
This function extracts IPv4/IPv6 addresses from arbitrary text. IPv6 support is contingent upon the presence of proper support (please see Paranoid::Network::Socket for more details).
This extracts only IP addresses, not network addresses in CIDR or dotted octet notation. In the case of the latter the netmask will be extracted as an additional address.
NOTE: in the interest of performance this function does only rough regex extraction of IP-looking candidates, then runs them through inet_aton (for IPv4) and inet_pton (for IPv6) to see if they successfully convert. Even with the overhead of Paranoid (with debugging and loadModule calls for Socket6 and what-not) it seems that this is an order of a magnitude faster than doing a pure regex extraction & validation of IPv6 addresses.
NOTE: Like the ipInNetworks function we filter out IPv4 addresses encoded as IPv6 addresses since that address is already returned as a pure IPv4 address.
netIntersect
$rv = netIntersect( $cidr1, $cidr2 );
This function is an IPv4/IPv6 agnostic wrapper for the ipv{4,6}NetIntersect functions provided by Paranoid::Network::IPv{4,6} modules. The return value from which ever function called is passed on directly. Passing this function non-IP or undefined values simply returns a zero.
DEPENDENCIES
- o
- o
- o
- o
- o
BUGS AND LIMITATIONS
AUTHOR
Arthur Corliss (corliss@digitalmages.com)
LICENSE AND COPYRIGHT
This software is licensed under the same terms as Perl, itself. Please see http://dev.perl.org/licenses/ for more information.
(c) 2005 - 2017, Arthur Corliss (corliss@digitalmages.com)