]> git.ipfire.org Git - people/ms/network.git/blob - src/inetcalc.c
projects / people / ms / network.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
inetcalc: Add subset check
[people/ms/network.git] / src / inetcalc.c
1 /*#############################################################################
2 # #
3 # IPFire.org - A linux based firewall #
4 # Copyright (C) 2015 IPFire Network Development Team #
5 # #
6 # This program is free software: you can redistribute it and/or modify #
7 # it under the terms of the GNU General Public License as published by #
8 # the Free Software Foundation, either version 3 of the License, or #
9 # (at your option) any later version. #
10 # #
11 # This program is distributed in the hope that it will be useful, #
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
14 # GNU General Public License for more details. #
15 # #
16 # You should have received a copy of the GNU General Public License #
17 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
18 # #
19 #############################################################################*/
20
21 #include <assert.h>
22 #include <arpa/inet.h>
23 #include <errno.h>
24 #include <getopt.h>
25 #include <netinet/in.h>
26 #include <stdio.h>
27 #include <stdlib.h>
28 #include <string.h>
29 #include <sys/socket.h>
30
31 typedef struct ip_address {
32 int family;
33 struct in6_addr addr;
34 int prefix;
35 } ip_address_t;
36
37 static struct in6_addr prefix_to_bitmask(int prefix) {
38 assert(prefix <= 128);
39
40 struct in6_addr bitmask;
41
42 for (int i = 0; i < 16; i++)
43 bitmask.s6_addr[i] = 0;
44
45 for (int i = prefix, j = 0; i > 0; i -= 8, j++) {
46 if (i >= 8)
47 bitmask.s6_addr[j] = 0xff;
48 else
49 bitmask.s6_addr[j] = 0xff << (8 - i);
50 }
51
52 return bitmask;
53 }
54
55 static int bitmask_to_prefix(uint32_t bits) {
56 int prefix = 0;
57
58 // Count all ones until we find the first zero
59 while (bits & (1 << 31)) {
60 bits <<= 1;
61 prefix++;
62 }
63
64 // The remaining bits must all be zero
65 if (bits)
66 return -1;
67
68 return prefix;
69 }
70
71 static int ip_address_parse_subnet_mask(ip_address_t* ip, const char* prefix) {
72 struct in_addr mask;
73
74 int r = inet_pton(AF_INET, prefix, &mask.s_addr);
75 if (r != 1)
76 return 1;
77
78 uint32_t bits = ntohl(mask.s_addr);
79 ip->prefix = bitmask_to_prefix(bits);
80
81 return (ip->prefix < 0 || ip->prefix > 32);
82 }
83
84 static int ip_address_parse_prefix_cidr(ip_address_t* ip, const int family, const char* prefix) {
85 ip->prefix = 0;
86 while (*prefix) {
87 char p = *prefix++;
88
89 if (p >= '0' && p <= '9') {
90 ip->prefix *= 10;
91 ip->prefix += p - '0';
92 } else {
93 return 1;
94 }
95 }
96
97 switch (family) {
98 case AF_INET6:
99 return (ip->prefix < 0 || ip->prefix > 128);
100
101 case AF_INET:
102 return (ip->prefix < 0 || ip->prefix > 32);
103
104 default:
105 return 1;
106 }
107 }
108
109 static int ip_address_parse_prefix(ip_address_t* ip, const int family, const char* prefix) {
110 int r = ip_address_parse_prefix_cidr(ip, family, prefix);
111
112 if (r && family == AF_INET) {
113 r = ip_address_parse_subnet_mask(ip, prefix);
114 }
115
116 return r;
117 }
118
119 static int default_prefix(const int family) {
120 switch (family) {
121 case AF_INET6:
122 return 128;
123
124 case AF_INET:
125 return 32;
126
127 default:
128 return -1;
129 }
130 }
131
132 static int ip_address_parse_simple(ip_address_t* ip, const int family, const char* address) {
133 assert(family == AF_INET || family == AF_INET6);
134
135 size_t address_length = strlen(address);
136 char buffer[address_length + 1];
137 strncpy(buffer, address, sizeof(buffer));
138
139 // Search for a prefix or subnet mask
140 char* prefix = strchr(buffer, '/');
141 if (prefix) {
142 buffer[prefix - buffer] = '\0';
143 prefix++;
144 }
145
146 memset(&ip->addr, 0, sizeof(ip->addr));
147 int r = inet_pton(family, buffer, &ip->addr);
148
149 switch (r) {
150 // If parsing the IP address failed, we will return false
151 case 0:
152 return 1;
153
154 // If the IP address could be successfully parsed, we will
155 // save the address family and return true
156 case 1:
157 ip->family = family;
158 r = 0;
159 break;
160
161 default:
162 return r;
163 }
164
165 if (prefix)
166 r = ip_address_parse_prefix(ip, family, prefix);
167 else
168 ip->prefix = default_prefix(family);
169
170 return r;
171 }
172
173 static int ip_address_parse(ip_address_t* ip, const int family, const char* address) {
174 static int families[] = { AF_INET, AF_INET6, 0 };
175
176 int r = 1;
177 int* f = families;
178 while (*f) {
179 if (family == AF_UNSPEC || family == *f) {
180 r = ip_address_parse_simple(ip, *f, address);
181
182 if (r == 0)
183 break;
184 }
185
186 f++;
187 }
188
189 return r;
190 }
191
192 static int ip_address_eq(const ip_address_t* a1, const ip_address_t* a2) {
193 if (a1->family != a2->family)
194 return 1;
195
196 if (!IN6_ARE_ADDR_EQUAL(&a1->addr, &a2->addr))
197 return 1;
198
199 if (a1->prefix != a2->prefix)
200 return 1;
201
202 return 0;
203 }
204
205 static int ip_address_gt(const ip_address_t* a1, const ip_address_t* a2) {
206 if (a1->family != a2->family || a1->prefix != a2->prefix)
207 return -1;
208
209 for (unsigned int i = 0; i < 4; i++) {
210 if (a1->addr.s6_addr[i] > a2->addr.s6_addr[i])
211 return 0;
212 }
213
214 return 1;
215 }
216
217 static int ip_address_ge(const ip_address_t* a1, const ip_address_t* a2) {
218 int r = ip_address_eq(a1, a2);
219 if (r <= 0)
220 return r;
221
222 return ip_address_gt(a1, a2);
223 }
224
225 static int ip_address_le(const ip_address_t* a1, const ip_address_t* a2) {
226 int r = ip_address_eq(a1, a2);
227 if (r <= 0)
228 return r;
229
230 return !ip_address_gt(a1, a2);
231 }
232
233 static int ip_address_format_string(char* buffer, size_t size, const ip_address_t* ip) {
234 assert(ip->family == AF_INET || ip->family == AF_INET6);
235
236 const char* p = inet_ntop(ip->family, &ip->addr.s6_addr, buffer, size);
237 if (!p)
238 return errno;
239
240 return 0;
241 }
242
243 static void ip_address_print(const ip_address_t* ip) {
244 char buffer[INET6_ADDRSTRLEN+4];
245
246 int r = ip_address_format_string(buffer, sizeof(buffer), ip);
247 if (r)
248 return;
249
250 if (ip->prefix >= 0) {
251 size_t len = strlen(buffer);
252 snprintf(buffer + len, sizeof(buffer) - len, "/%d", ip->prefix);
253 }
254
255 printf("%s\n", buffer);
256 }
257
258 static void ip_address_get_first_address(ip_address_t* first, const ip_address_t* network) {
259 assert(network->prefix >= 0);
260
261 struct in6_addr mask = prefix_to_bitmask(network->prefix);
262
263 first->family = network->family;
264 first->prefix = default_prefix(network->family);
265
266 for (int i = 0; i < 16; i++)
267 first->addr.s6_addr[i] = network->addr.s6_addr[i] & mask.s6_addr[i];
268 }
269
270 static void ip_address_get_last_address(ip_address_t* last, const ip_address_t* network) {
271 assert(network->prefix >= 0);
272
273 struct in6_addr mask = prefix_to_bitmask(network->prefix);
274
275 last->family = network->family;
276 last->prefix = default_prefix(network->family);
277
278 for (int i = 0; i < 16; i++)
279 last->addr.s6_addr[i] = network->addr.s6_addr[i] | ~mask.s6_addr[i];
280 }
281
282 static void ip_address_make_network(ip_address_t* net, const ip_address_t* network) {
283 ip_address_get_first_address(net, network);
284
285 // Copy the prefix
286 net->prefix = network->prefix;
287 }
288
289 static void ip_address_make_broadcast(ip_address_t* broadcast, const ip_address_t* network) {
290 assert(network->family == AF_INET);
291
292 ip_address_get_last_address(broadcast, network);
293
294 // Copy the prefix
295 broadcast->prefix = network->prefix;
296 }
297
298 static int ip_address_is_subset(const ip_address_t* network1, const ip_address_t* network2) {
299 ip_address_t first1;
300 ip_address_t first2;
301 ip_address_t last1;
302 ip_address_t last2;
303
304 // Get the first address of the networks
305 ip_address_get_first_address(&first1, network1);
306 ip_address_get_first_address(&first2, network2);
307
308 // Get the highest address in both networks
309 ip_address_get_last_address(&last1, network1);
310 ip_address_get_last_address(&last2, network2);
311
312 // The start address must be in the network
313 if (ip_address_ge(&first1, &first2) == 0 && ip_address_le(&first1, &last2) == 0) {
314 // The end address must be in the network, too
315 if (ip_address_ge(&last1, &first2) == 0 && ip_address_le(&last1, &last2) == 0) {
316 return 0;
317 }
318 }
319
320 return 1;
321 }
322
323 static int action_check(const int family, const char* address) {
324 ip_address_t ip;
325
326 int r = ip_address_parse(&ip, family, address);
327 if (r)
328 return r;
329
330 // If the prefix is the host prefix this is a host address
331 if (ip.prefix == default_prefix(family))
332 return 0;
333
334 return 1;
335 }
336
337 static int action_equal(const int family, const char* addr1, const char* addr2) {
338 ip_address_t a1;
339 ip_address_t a2;
340 int r;
341
342 r = ip_address_parse(&a1, family, addr1);
343 if (r)
344 return 2;
345
346 r = ip_address_parse(&a2, family, addr2);
347 if (r)
348 return 2;
349
350 return ip_address_eq(&a1, &a2);
351 }
352
353 static int action_greater(const int family, const char* addr1, const char* addr2) {
354 ip_address_t a1;
355 ip_address_t a2;
356 int r;
357
358 r = ip_address_parse(&a1, family, addr1);
359 if (r)
360 return 2;
361
362 r = ip_address_parse(&a2, family, addr2);
363 if (r)
364 return 2;
365
366 return ip_address_gt(&a1, &a2);
367 }
368
369 static int action_format(const int family, const char* address) {
370 ip_address_t ip;
371
372 int r = ip_address_parse(&ip, family, address);
373 if (r)
374 return r;
375
376 ip_address_print(&ip);
377 return 0;
378 }
379
380 static int action_broadcast(const int family, const char* address) {
381 ip_address_t ip;
382 int r = ip_address_parse(&ip, family, address);
383 if (r) {
384 fprintf(stderr, "Invalid IP address: %s\n", address);
385 return r;
386 }
387
388 if (ip.family != AF_INET) {
389 fprintf(stderr, "This is only possible for IPv4\n");
390 return 1;
391 }
392
393 ip_address_t broadcast;
394 ip_address_make_broadcast(&broadcast, &ip);
395
396 ip_address_print(&broadcast);
397 return 0;
398 }
399
400 static int action_network(const int family, const char* address) {
401 ip_address_t ip;
402
403 int r = ip_address_parse(&ip, family, address);
404 if (r) {
405 fprintf(stderr, "Invalid IP address: %s\n", address);
406 return r;
407 }
408
409 ip_address_t network;
410 ip_address_make_network(&network, &ip);
411
412 ip_address_print(&network);
413 return 0;
414 }
415
416 static int action_prefix(const int family, const char* addr1, const char* addr2) {
417 int r;
418
419 ip_address_t network;
420 r = ip_address_parse(&network, family, addr1);
421 if (r)
422 return r;
423
424 ip_address_t broadcast;
425 r = ip_address_parse(&broadcast, family, addr2);
426 if (r)
427 return r;
428
429 r = ip_address_gt(&broadcast, &network);
430 if (r)
431 return r;
432
433 struct in6_addr netmask;
434 for (int i = 0; i < 16; i++)
435 netmask.s6_addr[i] = network.addr.s6_addr[i] ^ broadcast.addr.s6_addr[i];
436
437 uint32_t mask = netmask.s6_addr[0] << 24 | netmask.s6_addr[1] << 16 |
438 netmask.s6_addr[2] << 8 | netmask.s6_addr[3];
439
440 int prefix = bitmask_to_prefix(~mask);
441 if (prefix < 0)
442 return 1;
443
444 printf("%d\n", prefix);
445 return 0;
446 }
447
448 static int action_subset(const int family, const char* address1, const char* address2) {
449 int r;
450 ip_address_t network1;
451 ip_address_t network2;
452
453 // Parse both networks and/or IP addresses
454 r = ip_address_parse(&network1, family, address1);
455 if (r)
456 return r;
457
458 r = ip_address_parse(&network2, family, address2);
459 if (r)
460 return r;
461
462 if (network1.family != network2.family) {
463 fprintf(stderr, "Address family of both arguments must match\n");
464 return -1;
465 }
466
467 return ip_address_is_subset(&network1, &network2);
468 }
469
470 enum actions {
471 AC_UNSPEC = 0,
472 AC_BROADCAST,
473 AC_CHECK,
474 AC_EQUAL,
475 AC_FORMAT,
476 AC_GREATER,
477 AC_NETWORK,
478 AC_SUBSET,
479 AC_PREFIX,
480 };
481
482 static void set_action(int* action, int what) {
483 if (*action != AC_UNSPEC) {
484 printf("Another action has already been selected\n");
485 exit(1);
486 }
487
488 *action = what;
489 }
490
491 static struct option long_options[] = {
492 {"broadcast", no_argument, 0, 'b'},
493 {"check", no_argument, 0, 'c'},
494 {"equal", no_argument, 0, 'e'},
495 {"format", no_argument, 0, 'f'},
496 {"greater", no_argument, 0, 'g'},
497 {"ipv4-only", no_argument, 0, '4'},
498 {"ipv6-only", no_argument, 0, '6'},
499 {"network", no_argument, 0, 'n'},
500 {"prefix", no_argument, 0, 'p'},
501 {"subset", no_argument, 0, 's'},
502 {"verbose", no_argument, 0, 'v'},
503 {0, 0, 0, 0}
504 };
505
506 int main(int argc, char** argv) {
507 int option_index = 0;
508 int required_arguments = 0;
509
510 int verbose = 0;
511 int action = AC_UNSPEC;
512 int family = AF_UNSPEC;
513
514 while (1) {
515 int c = getopt_long(argc, argv, "46bcefgnpsv", long_options, &option_index);
516 if (c == -1)
517 break;
518
519 switch (c) {
520 case 0:
521 if (long_options[option_index].flag != 0)
522 break;
523
524 printf("option: %s", long_options[option_index].name);
525 if (optarg)
526 printf(" with arg %s", optarg);
527 printf("\n");
528 break;
529
530 case '4':
531 family = AF_INET;
532 break;
533
534 case '6':
535 family = AF_INET6;
536 break;
537
538 case 'b':
539 set_action(&action, AC_BROADCAST);
540 required_arguments = 1;
541 break;
542
543 case 'c':
544 set_action(&action, AC_CHECK);
545 required_arguments = 1;
546 break;
547
548 case 'e':
549 set_action(&action, AC_EQUAL);
550 required_arguments = 2;
551 break;
552
553 case 'f':
554 set_action(&action, AC_FORMAT);
555 required_arguments = 1;
556 break;
557
558 case 'g':
559 set_action(&action, AC_GREATER);
560 required_arguments = 2;
561 break;
562
563 case 'n':
564 set_action(&action, AC_NETWORK);
565 required_arguments = 1;
566 break;
567
568 case 'p':
569 set_action(&action, AC_PREFIX);
570 required_arguments = 2;
571 break;
572
573 case 's':
574 set_action(&action, AC_SUBSET);
575 required_arguments = 2;
576 break;
577
578 case 'v':
579 verbose = 1;
580 break;
581
582 case '?':
583 break;
584
585 default:
586 abort();
587 }
588 }
589
590 while (optind--) {
591 argc--;
592 argv++;
593 }
594
595 if (argc != required_arguments) {
596 fprintf(stderr, "Invalid number of arguments. Got %d, required %d.\n",
597 argc, required_arguments);
598 return 1;
599 }
600
601 if (verbose && family != AF_UNSPEC)
602 printf("Address family = %d\n", family);
603
604 int r = 0;
605
606 switch (action) {
607 case AC_UNSPEC:
608 printf("No action specified\n");
609 r = 1;
610 break;
611
612 case AC_BROADCAST:
613 r = action_broadcast(family, argv[0]);
614 break;
615
616 case AC_CHECK:
617 r = action_check(family, argv[0]);
618
619 if (verbose) {
620 if (r == 0)
621 printf("%s is a valid IP address\n", argv[0]);
622 else
623 printf("%s is not a valid IP address\n", argv[0]);
624 }
625 break;
626
627 case AC_EQUAL:
628 r = action_equal(family, argv[0], argv[1]);
629
630 if (verbose) {
631 if (r == 0)
632 printf("%s equals %s\n", argv[0], argv[1]);
633 else if (r == 2)
634 printf("Invalid IP address provided\n");
635 else
636 printf("%s does not equal %s\n", argv[0], argv[1]);
637 }
638 break;
639
640 case AC_FORMAT:
641 r = action_format(family, argv[0]);
642
643 if (verbose && r)
644 printf("Invalid IP address given\n");
645
646 break;
647
648 case AC_GREATER:
649 r = action_greater(family, argv[0], argv[1]);
650
651 if (verbose) {
652 if (r == 0)
653 printf("%s is greater than %s\n", argv[0], argv[1]);
654 else if (r == 2)
655 printf("Invalid IP address provided\n");
656 else
657 printf("%s is not greater than %s\n", argv[0], argv[1]);
658 }
659 break;
660
661 case AC_NETWORK:
662 r = action_network(family, argv[0]);
663 break;
664
665 case AC_SUBSET:
666 r = action_subset(family, argv[0], argv[1]);
667
668 if (verbose) {
669 if (r == 0)
670 printf("%s is a subset of %s\n", argv[0], argv[1]);
671 else if (r > 0)
672 printf("%s is not a subset of %s\n", argv[0], argv[1]);
673 }
674
675 break;
676
677 case AC_PREFIX:
678 r = action_prefix(family, argv[0], argv[1]);
679 break;
680 }
681
682 return r;
683 }
Networking code of IPFire 3.x.