Moved ipaddr library to common package

1084a556 · Patrick J Cherry · eec5b85b · 1084a556 · eec5b85b · 1084a556
Commit 1084a556 authored Dec 14, 2011 by Patrick J Cherry
--- a/firewall/Makefile
+++ b/firewall/Makefile
@@ -2,6 +2,8 @@
 #  Makefile for the firewall package
 #

+RUBYLIB := "$(PWD)/lib:$(PWD)/ext:$(PWD)/../common/lib"
+
 nop:
 	@echo "Makefile - available targets"
 	@echo " "
@@ -22,7 +24,7 @@ clean:

 manpages/%.man: ./sbin/%
 	[ -d ./manpages ] || mkdir ./manpages
-	RUBYLIB=./lib:./ext $<  --manual | sed -e 's/^=\+$$//' | txt2man -s 1 -t $(notdir $<) | sed -e 's/\\\\fB/\\fB/' > $@
+	RUBYLIB=$(RUBYLIB) $<  --manual | sed -e 's/^=\+$$//' | txt2man -s 1 -t $(notdir $<) | sed -e 's/\\\\fB/\\fB/' > $@

 manpages: ./manpages/symbiosis-firewall-whitelist.man ./manpages/symbiosis-firewall.man ./manpages/symbiosis-firewall-blacklist.man

@@ -31,7 +33,7 @@ all: manpages ext/symbiosis_utmp.so
 distclean: clean

 test: ext/symbiosis_utmp.so
-	@cd test && ruby ./ts_firewall.rb
+	@cd test && RUBYLIB=$(RUBYLIB) ruby ./ts_firewall.rb
 	@if [ ! -d ./i ]; then mkdir ./i ; fi
 	@if [ ! -d ./i/incoming.d/ ]; then mkdir ./i/incoming.d/; fi
 	@if [ ! -d ./i/outgoing.d/ ]; then mkdir ./i/outgoing.d/; fi
@@ -65,7 +67,7 @@ test: ext/symbiosis_utmp.so
 	@echo "212.110.161.177" > i/outgoing.d/20-accept
 	@echo "2001:41c8:20:862:ac1:1::|48" >> i/outgoing.d/20-accept
 	@touch  i/outgoing.d/99-reject
-	@ruby -I lib ./sbin/symbiosis-firewall -p ./i -t rule.d -x -v -d
+	@RUBYLIB=$(RUBYLIB) ruby ./sbin/symbiosis-firewall -p ./i -t rule.d -x -v -d

 ext/symbiosis_utmp.so: ext/Makefile
 	make -C ext $(notdir $@)

--- a/firewall/lib/symbiosis/firewall/ipaddr.rb
+++ b/firewall/lib/symbiosis/firewall/ipaddr.rb
-require 'ipaddr'
-require 'pp'
-
-module Symbiosis
-module Firewall
-class IPAddr < ::IPAddr
-  include Enumerable
-
-  def broadcast
-    case @family
-    when Socket::AF_INET
-      @mask_addr = IN4MASK if @mask_addr > IN4MASK
-      self.clone.set(self.network.to_i | ((~@mask_addr) & IN4MASK))
-    when Socket::AF_INET6
-      @mask_addr = IN6MASK if @mask_addr > IN6MASK
-      self.clone.set(self.network.to_i | ((~@mask_addr) & IN6MASK))
-    end
-  end
-
-  def network
-    self.clone.set(@addr & @mask_addr)
-  end
-  
-  alias max broadcast
-  alias min network
-
-  def each
-    case @family
-    when Socket::AF_INET
-      (self.network.to_i..self.broadcast.to_i).each do |addr|
-        yield self.clone.set(addr).mask!(32)
-      end
-    when Socket::AF_INET6
-      (self.network.to_i..self.broadcast.to_i).each do |addr|
-        yield self.clone.set(addr).mask!(128)
-      end
-    end
-  end
-  
-  def <=>(other)
-    @addr.to_i <=> other.to_i
-  end
-
-  def IPAddr.from_i(arg)
-    if arg < 0xffffffff
-      IPAddr.new((0..3).collect{|x| x*8}.collect{|x| (arg.to_i >> x & 0xff).to_s}.reverse.join("."))
-    else
-      IPAddr.new((0..7).collect{|x| x*16}.collect{|x| (arg.to_i >> x & 0xffff).to_s(16)}.reverse.join(":"))
-    end
-  end
-
-  def range_to_s
-    [_to_string(@addr), _to_string(@mask_addr)].join('/')
-  end
-
-  def cidr_mask
-    #
-    # Hmm.. this is a bit horrid.  But without a log2 function, there's not
-    # much else we can do..
-    case @family
-    when Socket::AF_INET
-      @mask_addr = IN4MASK if @mask_addr > IN4MASK
-      n_addresses = ((~@mask_addr) & IN4MASK) + 1
-      32 - (0..32).find{|m| 2**m == n_addresses}
-    when Socket::AF_INET6
-      @mask_addr = IN6MASK if @mask_addr > IN6MASK
-      n_addresses = ((~@mask_addr) & IN6MASK) + 1
-      128 - (0..128).find{|m| 2**m == n_addresses}
-    end
-  end
-  
-  #
-  # Append the CIDR mask if there is more than on IP in the range.
-  #
-  def to_s
-    s = [super]
-    s << cidr_mask if max.to_i - min.to_i > 0
-    s.join("/")
-  end
-
-end
-
-end
-
-end
-
--- a/firewall/lib/symbiosis/firewall/pattern.rb
+++ b/firewall/lib/symbiosis/firewall/pattern.rb

-require 'symbiosis/firewall/ipaddr'
+require 'symbiosis/ipaddr'

 module Symbiosis
  module Firewall

--- a/firewall/lib/symbiosis/firewall/template.rb
+++ b/firewall/lib/symbiosis/firewall/template.rb
-require 'symbiosis/firewall/ipaddr'
+require 'symbiosis/ipaddr'
 require 'symbiosis/firewall/ports'
 require 'erb'


--- a/firewall/sbin/symbiosis-firewall-blacklist
+++ b/firewall/sbin/symbiosis-firewall-blacklist
@@ -69,10 +69,10 @@
 require 'getoptlong'
 require 'tempfile'
 require 'fileutils'
+require 'symbiosis/ipaddr'
 require 'symbiosis/firewall/blacklist'
 require 'symbiosis/firewall/directory'
 require 'symbiosis/firewall/template'
-require 'symbiosis/firewall/ipaddr'
 require 'symbiosis/firewall/logtail'
 require 'symbiosis/firewall/pattern'

@@ -220,7 +220,7 @@ blacklist.generate.each do |ip, ports|
  # Make sure we can parse stuff
  #
  begin
-    ip = IPAddr.new(ip)
+    ip = Symbiosis::IPAddr.new(ip)
  rescue ArgumentError => err
    warn "Ignoring #{ip.inspect} because of #{err.to_s}"
    next
@@ -241,8 +241,8 @@ blacklist.generate.each do |ip, ports|
  #
  # FIXME: Need better IPv6 conditions.
  #
-  next if ip.ipv4? and (IPAddr.new("127.0.0.1/8").include?(ip) or IPAddr.new("0.0.0.0") == ip )
-  next if ip.ipv6? and !IPAddr.new("2000::/3").include?(ip)
+  next if ip.ipv4? and (Symbiosis::IPAddr.new("127.0.0.1/8").include?(ip) or Symbiosis::IPAddr.new("0.0.0.0") == ip )
+  next if ip.ipv6? and !Symbiosis::IPAddr.new("2000::/3").include?(ip)

  puts "Found IP address: #{ip}" if ( $VERBOSE )


--- a/firewall/sbin/symbiosis-firewall-whitelist
+++ b/firewall/sbin/symbiosis-firewall-whitelist
@@ -64,7 +64,7 @@ require 'fileutils'
 require 'symbiosis/utmp'
 require 'symbiosis/firewall/directory'
 require 'symbiosis/firewall/template'
-require 'symbiosis/firewall/ipaddr'
+require 'symbiosis/ipaddr'


 #
@@ -204,7 +204,7 @@ updated=false
 Symbiosis::Utmp.read(wtmp_file).each do |entry|

  begin
-    ip = Symbiosis::Firewall::IPAddr.new(entry['ip'].to_s)
+    ip = Symbiosis::IPAddr.new(entry['ip'].to_s)
  rescue ArgumentError
    #
    # Oops.  Can't interpret the IP.
@@ -233,8 +233,8 @@ Symbiosis::Utmp.read(wtmp_file).each do |entry|
  #
  # FIXME: Need better IPv6 conditions.
  #
-  next if ip.ipv4? and (IPAddr.new("127.0.0.1/8").include?(ip) or IPAddr.new("0.0.0.0") == ip )
-  next if ip.ipv6? and !IPAddr.new("2000::/3").include?(ip)
+  next if ip.ipv4? and (Symbiosis::IPAddr.new("127.0.0.1/8").include?(ip) or Symbiosis::IPAddr.new("0.0.0.0") == ip )
+  next if ip.ipv6? and !Symbiosis::IPAddr.new("2000::/3").include?(ip)

  puts "Found IP address: #{ip}" if ( $VERBOSE )


--- a/firewall/test/tc_ipaddr.rb
+++ b/firewall/test/tc_ipaddr.rb
-$: << "../lib/"
-require 'symbiosis/firewall/ipaddr'
-require 'test/unit'
-require 'pp'
-
-class TestIPAddr < Test::Unit::TestCase
-
-  include Symbiosis::Firewall
-
-  def test_to_s
-    assert_equal("1.2.3.4/32", IPAddr.new("1.2.3.4/32").to_s)
-    assert_equal("1.2.3.0/24", IPAddr.new("1.2.3.4/24").to_s)
-
-    assert_equal("2001:dead:beef:cafe:1234::1/128",IPAddr.new("2001:dead:beef:cafe:1234::1/128").to_s)
-    assert_equal("2001:dead:beef:cafe::/64",IPAddr.new("2001:dead:beef:cafe:1234::1/64").to_s)
-  end
-
-  def test_equality
-
-    assert_equal(IPAddr.new("1.2.3.4/24"), IPAddr.new("1.2.3.4/24"))
-  end
-
-  
-end
-
-
-
-
-
-