var testCidrBlock = function(ip,constraint,mode){ var block = new Netmask(constraint); if(block.contains(ip)){ return mode === 'allow'; }else{ return mode === 'deny'; } };
getNetworkAddress : function (ip){ for (var i = 0; i < arrayObjectProblem.length; i++) { var objectProblem = arrayObjectProblem[i]; var block = new Netmask(objectProblem.network); if (block.contains(ip)) { return objectProblem.network; } } return null; },
var check = geoAccessArr.some(function (addr) { try { var block = new Netmask(addr); return block.contains(ip); } catch (err) { obj.req.soajs.log.error('Geographic security configuration failed: ', addr); obj.req.soajs.log.error(err); } return false; });
exports.processNext = function(data,callback) { var block = new Netmask(data.args[1]); var next = block.next(); var result = "subnet: " + next.base; result += ", mask: " + next.mask; result += ", broadcast: " + next.broadcast; result += ", first: " + next.first; result += ", last: " + next.last; callback(false,result); }
belongNetwork : function(ip){ for (var i = 0; i < arrayObjectProblem.length; i++){ var objectProblem = arrayObjectProblem[i]; var block = new Netmask(objectProblem.network); if (block.contains(ip)){ return true; } } return false; },
isNetmaskAddressIp : function (netmask, ip){ for (var i = 0; i < arrayObjectProblem.length; i++){ var objectProblem = arrayObjectProblem[i]; var block = new Netmask(objectProblem.network); if (block.contains(ip)){ if (netmask == block.mask){ return true; } } } return false },
LimitExceed : function(ip){ for (var i = 0; i < arrayObjectProblem.length; i++){ var objectProblem = arrayObjectProblem[i]; var block = new Netmask(objectProblem.network); if ((block.contains(ip)) && (objectProblem.hostLimit > 0)){ arrayObjectProblem[i].hostLimit--; return false; } } return true; },
this.checkNetworkConfig = function() { if(!os.networkInterfaces) { console.log("Remember to give you ethernet interface a static IP in the range 192.168.1.x (and not "+this.opts.ip+") and ensure that no other network interfaces have an IP in the same range (hint: Turn off your wifi to be sure)."); return true; } var found = 0; var ifaces = os.networkInterfaces(); var i, iface, addrs, addr, netmask; for(iface in ifaces) { addrs = ifaces[iface]; for(i=0; i < addrs.length; i++) { addr = addrs[i]; if(addr.internal || addr.family != 'IPv4') continue; if(addr.address == this.opts.ip) { console.error("Error: Your network adapater "+iface+" has the same IP as the router ("+this.opts.ip+"). Flashing is not possible. Aborting."); return false; } if(!addr.netmask) { // node pre 0.11 did not include netmask so make assumptions if(addr.address.match(/^10\./)) { addr.netmask = '255.0.0.0'; } else { addr.netmask = '255.255.255.0'; } } var block = new Netmask(addr.address+'/'+addr.netmask); if(block.contains(this.opts.ip)) { found += 1; break; } } } if(found == 0) { console.error("========= WARNING ========="); console.error("It looks like you don't have any network interfaces configured with an IP on the same subnet as the router you are trying to flash ("+this.opts.ip+"). Flashing is likely to fail. Consult the README if you are confused. Proceeding anyway in case you know what you are doing."); console.error(''); } else if(found > 1) { console.error("========= WARNING ========="); console.error("It looks like you have more than one network interfaces configured with an IP on the same subnet as the router you are trying to flash ("+this.opts.ip+"). Flashing is likely to fail. Consult the README if you are confused. Proceeding anyway in case you know what you are doing."); console.error(''); } return true; };
var matchClientIp = function(ip){ var mode = settings.mode.toLowerCase(), allowedIp = false, notBannedIp = false, isPrivateIpOkay = false; // Normalize mode if(settings.cidr){ for(var i = 0; i < ips.length; i++){ var block = new Netmask(ips[i]); if(block.contains(ip)){ allowedIp = (mode === 'allow'); if(mode === 'deny'){ notBannedIp = false; } break; }else{ notBannedIp = (mode === 'deny'); isPrivateIpOkay = settings.allowPrivateIPs && iputil.isPrivate(ip); } } }else if(settings.ranges){ var filteredSet = _.filter(ips,function(ipSet){ if(ipSet.length > 1){ var startIp = iputil.toLong(ipSet[0]); var endIp = iputil.toLong(ipSet[1]); var longIp = iputil.toLong(ip); return longIp >= startIp && longIp <= endIp; }else{ return ip === ipSet[0]; } }); allowedIp = (mode === 'allow' && filteredSet.length > 0); notBannedIp = (mode === 'deny' && filteredSet.length === 0); isPrivateIpOkay = settings.allowPrivateIPs && iputil.isPrivate(ip) && !(mode === 'deny' && filteredSet.length > 0); }else{ allowedIp = (mode === 'allow' && ips.indexOf(ip) !== -1); notBannedIp = (mode === 'deny' && ips.indexOf(ip) === -1); isPrivateIpOkay = settings.allowPrivateIPs && iputil.isPrivate(ip) && !(mode === 'deny' && ips.indexOf(ip) !== -1); } return allowedIp || notBannedIp || isPrivateIpOkay; };
_.each(cidr, function(range){ const block = new Netmask(range); const targets = []; block.forEach((address) => { targets.push({ address: { public: address, private: address } }); }); legiond.send({ event: 'legiond.discovery', data: legiond.libraries.node.attributes }, targets); });
var directPath = function(req, res, next){ var namespace = config.get('namespace'); var podIp = req.params[0]; var filePath = req.params[1] || ''; var pod_host = "http://"+podIp+":8080"; var qs = url.parse(req.url).search req.url = filePath; if( qs && qs !== ''){ req.url += qs; } if(config.get('allowed_subnet')){ var block = new Netmask(config.get('allowed_subnet')); if( !block.contains(podIp) ){ console.log('PROXY request FILTERED - req.url', pod_host+req.url); } } console.log('PROXY req.url', pod_host+req.url); proxy.web(req, res, { target: pod_host }); };
function iterIpCidr(value) { const splitValue = value.split('/'); // TODO: Review and implement all we need to have fuff IPv6 support. if (net.isIPv6(splitValue[0])) { throw new Error(errMsgs.notV6); } if (!net.isIPv4(splitValue[0]) || (net.isIPv4(splitValue[0]) && !isCidrMask(splitValue[1], 4))) { throw new Error(errMsgs.ipsCidr); } // TODO: Possible big memory fingerprint. // User library: https://github.com/rs/node-netmask // Implement a pure iterator or use any library which makes it for us. // It should suppose a problem this fake iterator because the list should fit in memory. const block = new Netmask(value); const finalIps = []; block.forEach(ipAdd => finalIps.push(ipAdd)); return iterMulti(finalIps); }
var getTestingIp = function(link, node) { var testingIp, ifaceName; if (link.nodes[0].id === node.id.toString()) { ifaceName = link.nodes[0].iface; } else if (link.nodes[1].id === node.id.toString()) { ifaceName = link.nodes[1].iface; } else { return; } var network = new Netmask(link.network); var interfaces = node.interfaces; for (var i=0; i<interfaces.length; i++) { var iface = interfaces[i]; var ip = iface.address.split('/')[0]; if (iface.name === ifaceName && network.contains(ip)) { return ip; } } return; };
app.use(function (req, res, next) { var settings = settingsModule.settings; var isPrivate = ip.isPrivate(req.connection.remoteAddress); if (!isPrivate && githubBlock.contains(req.connection.remoteAddress)) { isPrivate = true; } if (settings.isPasswordProtected && !isPrivate && settings.userName && settings.userPassword) { var credentials = auth(req); if (!credentials || credentials.name !== settings.userName || credentials.pass !== settings.userPassword) { res.writeHead(401, { 'WWW-Authenticate': 'Basic realm="buttlejs"' }); return res.end('OH no you didnt?!'); } else { return next(); } } return next(); });
if ((!self.whitelist.some(function(str) { var b = new netmask(str); return b.contains(clientip); }) && self.whitecity.indexOf(city) < 0) &&
bitbucketIps.forEach(function (value) { var block = new Netmask(value) if (block.contains(ipv4)) authorizedIp = true })
const isInCidr = (remoteAddress) => (cidr) => { const range = new Netmask(cidr) return range.contains(remoteAddress) }
[].concat(req.body.ip).forEach(ip=>{ const block = new netmask.Netmask(ip); block.forEach((ip, long)=>{ ips.push(long); }); });
// calculate reserved extender node IPs // and add them to nodeInfo function calcExtenderNodeIPs(nodeInfo, cb) { var subnet = new Netmask(nodeInfo.open_subnet_ipv4+'/'+nodeInfo.open_subnet_ipv4_bitmask); var ips = []; var i = 0; subnet.forEach(function(ip) { if(i++ == 0) return; // skip first IP if(ips.length >= extender_node_max) { return; } ips.push(ip); if(ips.length >= extender_node_max) { return cb(null, extend(nodeInfo, { extender_node_ips: ips })); } }); };