oracular (3) Paranoid::Network.3pm.gz
NAME
Paranoid::Network - Network functions for paranoid programs
VERSION
$Id: lib/Paranoid/Network.pm, 2.10 2022/03/08 00:01:04 acorliss Exp $
SYNOPSIS
use Paranoid::Network;
$rv = ipInNetworks($ip, @networks);
$rv = hostInDomains($host, @domains);
$cidr = Paranoid::Network::NETMATCH();
@ips = extractIPs($string1);
@ips = extractIPs(@lines);
$rv = netIntersect( $cidr1, $cidr2 );
DESCRIPTION
This modules contains functions that may be useful for working with network data. It attempts to be
IPv4/IPv6 agnostic, assuming IPv6 support is present. Due to the gradual introduction of IPv6 support
into Perl there may be caveats. Please consult Paranoid::Network::Socket for more details.
NETMATCH and HOSTNAME_REGEX are not exported by default.
IMPORT LISTS
This module exports the following symbols by default:
ipInNetworks hostInDomains extractIPs netIntersect
The following specialized import lists also exist:
List Members
--------------------------------------------------------
all @defaults NETMATCH HOSTNAME_REGEX
SUBROUTINES/METHODS
ipInNetworks
$rv = ipInNetworks($ip, @networks);
This function checks the passed IP (in string format) against each of the networks or IPs in the list and
returns true if there's a match. The list of networks can be either individual IP address or network
addresses in CIDR notation or with full netmasks:
@networks = qw(127.0.0.1
192.168.0.0/24
172.16.12.0/255.255.240.0);
You can safely comingle IPv4 & IPv6 addresses in the list to check against. Addresses not belonging to
the same address family as the IP being tested will be ignored.
NOTE: IPv4 addresses encoded as IPv6 addresses, e.g.:
::ffff:192.168.0.5
are supported, however an IP address submitted in this format as the IP to test for will be converted to
a pure IPv4 address and compared only against the IPv4 networks. This is meant as a convenience to the
developer supporting dual-stack systems to avoid having to list IPv4 networks in the array twice like so:
::ffff:192.168.0.0/120, 192.168.0.0/24
Just list IPv4 as IPv4, IPv6 as IPv6, and this routine will convert IPv6-encoded IPv4 addresses
automatically. This would make the following test return a true value:
ipInNetworks( '::ffff:192.168.0.5', '192.168.0.0/24' );
but
ipInNetworks( '::ffff:192.168.0.5', '::ffff:192.168.0.0/120' );
return a false value. This may seem counter intuitive, but it simplifies things in (my alternate)
reality.
Please note that this automatic conversion only applies to the IP argument, not to any member of the
network array.
hostInDomains
$rv = hostInDomains($host, @domains);
This function checks the passed hostname (fully qualified) against each of the domains in the list and
returns true if there's a match. None of the domains should have the preceding '.' (i.e., 'foo.com'
rather than '.foo.com').
NETMATCH
$cidr = Paranoid::Network::NETMATCH();
This stores the IP, network address, or domain that matched in ipInNetworks or hostInDomains. This
returns undef if any function call fails to make a match.
HOSTNAME_REGEX
$rv = $hostname =~ /^@{[ HOSTNAME_REGEX ]}$/so;
This constant is just a regex meant to be a basic sanity check for appropriate hostnames. It is probably
overly strict in accordance with outdated RFCs.
extractIPs
@ips = extractIPs($string1);
@ips = extractIPs(@lines);
This function extracts IPv4/IPv6 addresses from arbitrary text. IPv6 support is contingent upon the
presence of proper support (please see Paranoid::Network::Socket for more details).
This extracts only IP addresses, not network addresses in CIDR or dotted octet notation. In the case of
the latter the netmask will be extracted as an additional address.
NOTE: in the interest of performance this function does only rough regex extraction of IP-looking
candidates, then runs them through inet_aton (for IPv4) and inet_pton (for IPv6) to see if they
successfully convert. Even with the overhead of Paranoid (with debugging and loadModule calls for
Socket6 and what-not) it seems that this is an order of a magnitude faster than doing a pure regex
extraction & validation of IPv6 addresses.
NOTE: Like the ipInNetworks function we filter out IPv4 addresses encoded as IPv6 addresses since that
address is already returned as a pure IPv4 address.
netIntersect
$rv = netIntersect( $cidr1, $cidr2 );
This function is an IPv4/IPv6 agnostic wrapper for the ipv{4,6}NetIntersect functions provided by
Paranoid::Network::IPv{4,6} modules. The return value from which ever function called is passed on
directly. Passing this function non-IP or undefined values simply returns a zero.
DEPENDENCIES
o Paranoid
o Paranoid::Debug
o Paranoid::Network::Socket
o Paranoid::Network::IPv4
o Paranoid::Network::IPv6
BUGS AND LIMITATIONS
AUTHOR
Arthur Corliss (corliss@digitalmages.com)
LICENSE AND COPYRIGHT
This software is free software. Similar to Perl, you can redistribute it and/or modify it under the
terms of either:
a) the GNU General Public License
<https://www.gnu.org/licenses/gpl-1.0.html> as published by the
Free Software Foundation <http://www.fsf.org/>; either version 1
<https://www.gnu.org/licenses/gpl-1.0.html>, or any later version
<https://www.gnu.org/licenses/license-list.html#GNUGPL>, or
b) the Artistic License 2.0
<https://opensource.org/licenses/Artistic-2.0>,
subject to the following additional term: No trademark rights to "Paranoid" have been or are conveyed
under any of the above licenses. However, "Paranoid" may be used fairly to describe this unmodified
software, in good faith, but not as a trademark.
(c) 2005 - 2020, Arthur Corliss (corliss@digitalmages.com) (tm) 2008 - 2020, Paranoid Inc.
(www.paranoid.com)