private static IpWildcard toIpWildcard(Wildcard_addressContext ctx) { Ip address = Ip.parse(ctx.ip_address.getText()); Ip mask = Ip.parse(ctx.wildcard_mask.getText()); // Mask needs to be inverted since 0's are don't-cares in this context return new IpWildcard(address, mask.inverted()); }
public Ip getSubnetEnd(Ip mask) { return create(_ip | mask.inverted().asLong()); }
private static Ip parseMask(String str) { if (str.contains(":")) { String[] parts = str.split(":"); if (parts.length != 2) { throw new BatfishException("Invalid IpWildcard string: '" + str + "'"); } else { return Ip.parse(parts[1]); } } else if (str.contains("/")) { String[] parts = str.split("/"); if (parts.length != 2) { throw new BatfishException("Invalid IpWildcard string: '" + str + "'"); } else { int prefixLength = Integer.parseInt(parts[1]); return Ip.numSubnetBitsToSubnetMask(prefixLength).inverted(); } } else { return Ip.ZERO; } }
public Prefix toPrefix() { if (isPrefix()) { return Prefix.create(_first, _second.inverted()); } else { throw new BatfishException("Invalid wildcard format for conversion to prefix: " + _second); } }
@Override public void exitCisprf_match(Cisprf_matchContext ctx) { _currentIsakmpProfile.setMatchIdentity( new IpWildcard(toIp(ctx.address), toIp(ctx.mask).inverted())); }
@Override public void exitRe_network(Re_networkContext ctx) { if (_currentEigrpProcess == null) { _w.addWarning(ctx, getFullText(ctx), _parser, "No EIGRP process available"); return; } // In process context Ip address = toIp(ctx.address); Ip mask = (ctx.mask != null) ? toIp(ctx.mask) : address.getClassMask().inverted(); _currentEigrpProcess.getWildcardNetworks().add(new IpWildcard(address, mask)); }
@Nullable private IpWildcard formIpWildCard(Fftfa_address_mask_prefixContext ctx) { IpWildcard ipWildcard = null; if (ctx == null) { return null; } else if (ctx.ip_address != null && ctx.wildcard_mask != null) { Ip ipAddress = Ip.parse(ctx.ip_address.getText()); Ip mask = Ip.parse(ctx.wildcard_mask.getText()); ipWildcard = new IpWildcard(ipAddress, mask.inverted()); } else if (ctx.ip_address != null) { ipWildcard = new IpWildcard( Prefix.create(Ip.parse(ctx.ip_address.getText()), Prefix.MAX_PREFIX_LENGTH)); } else if (ctx.IP_PREFIX() != null) { ipWildcard = new IpWildcard(Prefix.parse(ctx.IP_PREFIX().getText())); } return ipWildcard; }
@Override public void exitIp_nat_pool(Ip_nat_poolContext ctx) { String name = ctx.name.getText(); Ip first = toIp(ctx.first); Ip last = toIp(ctx.last); if (ctx.mask != null) { Prefix subnet = new IpWildcard(first, toIp(ctx.mask).inverted()).toPrefix(); createNatPool(name, first, last, subnet, ctx); } else if (ctx.prefix_length != null) { Prefix subnet = Prefix.create(first, Integer.parseInt(ctx.prefix_length.getText())); createNatPool(name, first, last, subnet, ctx); } else { _configuration.getNatPools().put(name, new NatPool(first, last)); } defineStructure(NAT_POOL, name, ctx); }
@Test public void testNotIntersects() { /* * Since the significant regions of wc1 and wc2 overlap and are not equal, there is no * intersection between them. */ IpWildcard wc1 = new IpWildcard(Ip.create(0x00000F00L), Ip.create(0x0000FF00L).inverted()); IpWildcard wc2 = new IpWildcard(Ip.create(0x0000F000L), Ip.create(0x0000FF00L).inverted()); assertThat("wildcards should not overlap", !wc1.intersects(wc2)); }
@Test public void testIntersects() { /* * The second Ip of an IpWildcard indicates which bits of the first Ip * are significant (i.e. not wild). In this example, since the significant bits of * wc1 and wc2 don't overlap, they should intersect (i.e. their bitwise OR is included in each). */ IpWildcard wc1 = new IpWildcard(Ip.create(0x00b0000aL), Ip.create(0x00FF00FFL).inverted()); IpWildcard wc2 = new IpWildcard(Ip.create(0x000cd000L), Ip.create(0x0000FF00L).inverted()); assertThat("wildcards should overlap", wc1.intersects(wc2)); }
@Test public void testSupersetOf() { IpWildcard wc1 = new IpWildcard("1.2.0.0/16"); IpWildcard wc2 = new IpWildcard("1.2.3.0/24"); assertThat("IpWildcard.supersetOf should not be strict", wc1.supersetOf(wc1)); assertThat("wc1 should be a superset of wc2", wc1.supersetOf(wc2)); assertThat("wc2 should not be a superset of wc1", !wc2.supersetOf(wc1)); wc1 = new IpWildcard(Ip.create(0x12005600L), Ip.create(0xFF00FF00L).inverted()); wc2 = new IpWildcard(Ip.create(0x12345600L), Ip.create(0xFFFFFF00L).inverted()); assertThat("wc1 should be a superset of wc2", wc1.supersetOf(wc2)); assertThat("wc2 should not be a superset of wc1", !wc2.supersetOf(wc1)); }
@Override public void exitRo_network(Ro_networkContext ctx) { Ip address; Ip wildcard; if (ctx.prefix != null) { Prefix prefix = Prefix.parse(ctx.prefix.getText()); address = prefix.getStartIp(); wildcard = prefix.getPrefixWildcard(); } else { address = toIp(ctx.ip); wildcard = toIp(ctx.wildcard); } if (_format == CISCO_ASA) { wildcard = wildcard.inverted(); } long area; if (ctx.area_int != null) { area = toLong(ctx.area_int); } else if (ctx.area_ip != null) { area = toIp(ctx.area_ip).asLong(); } else { throw new BatfishException("bad area"); } OspfWildcardNetwork network = new OspfWildcardNetwork(address, wildcard, area); _currentOspfProcess.getWildcardNetworks().add(network); }
@Override public void exitCkr_psk(Ckr_pskContext ctx) { Ip wildCardMask = ctx.wildcard_mask == null ? Ip.MAX : toIp(ctx.wildcard_mask); _currentKeyring.setKey( CommonUtil.sha256Digest(ctx.variable_permissive().getText() + CommonUtil.salt())); _currentKeyring.setRemoteIdentity( new IpWildcard(toIp(ctx.ip_address), wildCardMask.inverted())); }
@Override public void exitOgn_network_object(Ogn_network_objectContext ctx) { IpSpace ipSpace = null; if (ctx.prefix != null) { ipSpace = new IpWildcard(ctx.prefix.getText()).toIpSpace(); } else if (ctx.wildcard_address != null && ctx.wildcard_mask != null) { // Mask needs to be inverted since zeros are don't-cares in this context ipSpace = new IpWildcard(toIp(ctx.wildcard_address), toIp(ctx.wildcard_mask).inverted()) .toIpSpace(); } else if (ctx.address != null) { ipSpace = new IpWildcard(ctx.address.getText()).toIpSpace(); } else if (ctx.name != null) { String name = ctx.name.getText(); ipSpace = new IpSpaceReference(name); _configuration.referenceStructure( NETWORK_OBJECT, name, NETWORK_OBJECT_GROUP_NETWORK_OBJECT, ctx.name.start.getLine()); } if (ipSpace == null) { _w.redFlag("Unimplemented object-group network line: " + getFullText(ctx)); } else { _currentNetworkObjectGroup.getLines().add(ipSpace); } }
@Override public void exitPopsfrf_address_mask(Popsfrf_address_maskContext ctx) { if (_currentRouteFilterPrefix != null) { // ipv4 if (ctx.IP_ADDRESS() != null) { Route4FilterLine line = new Route4FilterLineAddressMask( _currentRouteFilterPrefix, Ip.parse(ctx.IP_ADDRESS().getText()).inverted()); _currentRouteFilterLine = _currentRouteFilter.insertLine(line, Route4FilterLine.class); } else { _w.redFlag( String.format( "Route filter mask does not match version for prefix %s", _currentRouteFilterPrefix)); } } else if (_currentRoute6FilterPrefix != null) { // ipv6 if (ctx.IPV6_ADDRESS() != null) { Route6FilterLine line = new Route6FilterLineAddressMask( _currentRoute6FilterPrefix, new Ip6(ctx.IPV6_ADDRESS().getText()).inverted()); _currentRoute6FilterLine = _currentRouteFilter.insertLine(line, Route6FilterLine.class); } else { _w.redFlag( String.format( "Route filter mask does not match version for prefix %s", _currentRouteFilterPrefix)); } } }
private static RouteFilterLine toRouteFilterLine(ExtendedAccessListLine fromLine) { LineAction action = fromLine.getAction(); IpWildcard srcIpWildcard = ((WildcardAddressSpecifier) fromLine.getSourceAddressSpecifier()).getIpWildcard(); Ip ip = srcIpWildcard.getIp(); IpWildcard dstIpWildcard = ((WildcardAddressSpecifier) fromLine.getDestinationAddressSpecifier()).getIpWildcard(); long minSubnet = dstIpWildcard.getIp().asLong(); long maxSubnet = minSubnet | dstIpWildcard.getWildcard().asLong(); int minPrefixLength = dstIpWildcard.getIp().numSubnetBits(); int maxPrefixLength = Ip.create(maxSubnet).numSubnetBits(); int statedPrefixLength = srcIpWildcard.getWildcard().inverted().numSubnetBits(); int prefixLength = Math.min(statedPrefixLength, minPrefixLength); Prefix prefix = Prefix.create(ip, prefixLength); return new RouteFilterLine( action, new IpWildcard(prefix), new SubRange(minPrefixLength, maxPrefixLength)); }
wildcard = wildcard.inverted();