[secnet] / ipaddr.py

# -*- coding: iso-8859-1 -*-
# ipaddr.py -- handle IP addresses and set of IP addresses.
# Copyright (C) 1996-2000 Cendio Systems AB
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# 
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# 
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA

"""IP address manipulation.

This module is useful if you need to manipulate IP addresses or sets
of IP addresses.

The main classes are:

    ipaddr   -- a single IP address.
    netmask  -- a netmask.
    network  -- an IP address/netmask combination.  It is often, but
		not always, better to use the ip_set class instead.
    ip_set   -- a set of IP addresses, that may or may not be adjacent.

So, what can you do with this module?  As a simple example of the kind
of things this module can do, this code computes the set of all IP
addresses except 127.0.0.0/8 and prints it, expressed as a union of
network/netmask pairs.

    import ipaddr

    s = ipaddr.ip_set()
    s.add_network(ipaddr.network('127.0.0.0', '255.0.0.0',
                                 ipaddr.DEMAND_FILTER))
    for nw in s.complement().as_list_of_networks():
	print nw.ip_str() + '/' + nw.mask.netmask_bits_str

Errors are reported by raising an exception from the following
exception hierarcy:

Exception       # The standard Python base exception class.
 |
 +-- BadType    # Only raised if the programmer makes an error.
 +-- IpError    # Base class for errors that depend on the data.
      |
      +-- SetNotRepresentable
      +-- BrokenIpAddress
      |    |
      |    +-- PartNegative
      |    +-- PartOverflow
      |
      +-- BrokenNetmask
      |    |
      |    +-- NeedOneBit
      |    +-- NeedMoreBits
      |    +-- NeedLessBits
      |
      +-- BrokenNetwork
  	    |
  	    +-- EmptyIpAddress
  	    +-- EmptyNetmask
  	    +-- BrokenNetworkAddress
  	    +-- NetworkAddressClash
  	    +-- BroadcastAddressClash
  
BadType may be raised at any time if the programmer makes an error
(such as passing a dictionary to a function that expects a string).
SetNotRepresentable may be raised by ip_set.as_str_range().  All other
exceptions are raised from the constructors and helper functions only.

The following constants are present in this module:

    DEMAND_NONE		See class network.
    DEMAND_FILTER	See class network.
    DEMAND_NETWORK	See class network.
    DEMAND_INTERFACE	See class network.

    hostmask		A netmask object with all 32 bits set.
    complete_network	A network object representing all IP addresses.
    complete_set	An ip_set object representing all IP addresses.
    broadcast_network	A network object representing 255.255.255.255.
    broadcast_set	An ip_set object representing 255.255.255.255.
    
The as_ipaddr function can be used when you have an object that you
know are an ipaddr or network, and you want to get the ipaddr part.

All the other functions in this module are internal helper functions,
and they should not be used.

The internal representation used for IP addresses is currently a long
number.  That may change in the future, so where the internal
representation is visible, you should do nothing with it except
compare it to None.

This module was developed by Cendio Systems AB for use in the Fuego
Firewall.  Bug reports can be sent to Per Cederqvist <ceder@cendio.se>
who is currently acting as maintainer for this module.

Brief history:
    1997-03-11      Module created, and used internally.
    2000-03-09 1.0: First non-public beta release outside of Cendio Systems.
    2000-03-17 1.1: First public release under the GNU GPL license.

"""


import copy
import string
import types

# The error messages are marked with a call to this function, so that
# they can easily be found and translated.
def _(s):
    return s

# The exception hierarchy.
class IpError(Exception):
    """Base class for errors that are cause by errors in input data.
    """
    def __str__(self):
	return self.format % self.args

class SetNotRepresentable(IpError):
    format = _("The set of IP addresses cannot be represented "
	       "as a single network range")

class BrokenIpAddress(IpError):
    format = _("Felaktigt IP-nummer")

class PartNegative(BrokenIpAddress):
Commit	Line	Data
eaef42b7	1	# -- coding: iso-8859-1 --
3454dce4 SE	2	# ipaddr.py -- handle IP addresses and set of IP addresses.
	3	# Copyright (C) 1996-2000 Cendio Systems AB
	4	#
	5	# This program is free software; you can redistribute it and/or modify
	6	# it under the terms of the GNU General Public License as published by
	7	# the Free Software Foundation; either version 2 of the License, or
	8	# (at your option) any later version.
	9	#
	10	# This program is distributed in the hope that it will be useful,
	11	# but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	# GNU General Public License for more details.
	14	#
	15	# You should have received a copy of the GNU General Public License
	16	# along with this program; if not, write to the Free Software
	17	# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	18
	19	"""IP address manipulation.
	20
	21	This module is useful if you need to manipulate IP addresses or sets
	22	of IP addresses.
	23
	24	The main classes are:
	25
	26	ipaddr -- a single IP address.
	27	netmask -- a netmask.
	28	network -- an IP address/netmask combination. It is often, but
	29	not always, better to use the ip_set class instead.
	30	ip_set -- a set of IP addresses, that may or may not be adjacent.
	31
	32	So, what can you do with this module? As a simple example of the kind
	33	of things this module can do, this code computes the set of all IP
	34	addresses except 127.0.0.0/8 and prints it, expressed as a union of
	35	network/netmask pairs.
	36
	37	import ipaddr
	38
	39	s = ipaddr.ip_set()
	40	s.add_network(ipaddr.network('127.0.0.0', '255.0.0.0',
	41	ipaddr.DEMAND_FILTER))
	42	for nw in s.complement().as_list_of_networks():
	43	print nw.ip_str() + '/' + nw.mask.netmask_bits_str
	44
	45	Errors are reported by raising an exception from the following
	46	exception hierarcy:
	47
	48	Exception # The standard Python base exception class.
	49	\|
	50	+-- BadType # Only raised if the programmer makes an error.
	51	+-- IpError # Base class for errors that depend on the data.
	52	\|
	53	+-- SetNotRepresentable
	54	+-- BrokenIpAddress
	55	\| \|
	56	\| +-- PartNegative
	57	\| +-- PartOverflow
	58	\|
	59	+-- BrokenNetmask
	60	\| \|
	61	\| +-- NeedOneBit
	62	\| +-- NeedMoreBits
	63	\| +-- NeedLessBits
	64	\|
	65	+-- BrokenNetwork
66	\|
67	+-- EmptyIpAddress
68	+-- EmptyNetmask
69	+-- BrokenNetworkAddress
70	+-- NetworkAddressClash
71	+-- BroadcastAddressClash
72
73	BadType may be raised at any time if the programmer makes an error
74	(such as passing a dictionary to a function that expects a string).
75	SetNotRepresentable may be raised by ip_set.as_str_range(). All other
76	exceptions are raised from the constructors and helper functions only.
77
78	The following constants are present in this module:
79
80	DEMAND_NONE See class network.
81	DEMAND_FILTER See class network.
82	DEMAND_NETWORK See class network.
83	DEMAND_INTERFACE See class network.
84
85	hostmask A netmask object with all 32 bits set.
86	complete_network A network object representing all IP addresses.
87	complete_set An ip_set object representing all IP addresses.
88	broadcast_network A network object representing 255.255.255.255.
89	broadcast_set An ip_set object representing 255.255.255.255.
90
91	The as_ipaddr function can be used when you have an object that you
92	know are an ipaddr or network, and you want to get the ipaddr part.
93
94	All the other functions in this module are internal helper functions,
95	and they should not be used.
96
97	The internal representation used for IP addresses is currently a long
98	number. That may change in the future, so where the internal
99	representation is visible, you should do nothing with it except
100	compare it to None.
101
102	This module was developed by Cendio Systems AB for use in the Fuego
103	Firewall. Bug reports can be sent to Per Cederqvist <ceder@cendio.se>
104	who is currently acting as maintainer for this module.
105
106	Brief history:
107	1997-03-11 Module created, and used internally.
108	2000-03-09 1.0: First non-public beta release outside of Cendio Systems.
109	2000-03-17 1.1: First public release under the GNU GPL license.
110
111	"""
112
113
114	import copy
115	import string
116	import types
117
118	# The error messages are marked with a call to this function, so that
119	# they can easily be found and translated.
120	def _(s):
121	return s
122
123	# The exception hierarchy.
124	class IpError(Exception):
125	"""Base class for errors that are cause by errors in input data.
126	"""
127	def __str__(self):
128	return self.format % self.args
129
130	class SetNotRepresentable(IpError):
131	format = _("The set of IP addresses cannot be represented "
132	"as a single network range")
133
134	class BrokenIpAddress(IpError):
135	format = _("Felaktigt IP-nummer")
136
137	class PartNegative(BrokenIpAddress):
138