* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ require_once('config.php'); /** * Test if a given parameter is a private IPv4 or IPv6. * * @param string $ip the parameter to test. * @return boolean true if the parameter is a private IP address, false * otherwise. */ function match_private_ip_range($ip) { if (empty($ip)) { return false; } $is_private = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE); return (!$is_private ? true : false); } /** * Test if a given parameter is a reserved IPv4. * * @param string $ip the parameter to test. * @return boolean true if the parameter is a reserved IPv4 address, false * otherwise. */ function match_reserved_ip_range($ip) { if (empty($ip)) { return false; } $is_reserved = filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE); return (!$is_reserved ? true : false); } /** * Test if a given parameter is an IPv4 or not. * * @param string $ip the parameter to test. * @param boolean $ip_only optional parameter, if omitted or set to true, it * will ensure that the first parameter is an IPv4 * address without mask, if set to false the IP/MASK * form is considered as valid. * @return boolean true if the parameter matches an IPv4 address, false * otherwise. */ function match_ipv4($ip, $ip_only = true) { global $config; if (empty($ip)) { return false; } if (strrpos($ip, '/') && !$ip_only) { $ip_and_mask = explode('/', $ip, 2); if (!$config['misc']['allow_private_ip'] && match_private_ip_range($ip_and_mask[0])) { return false; } if (!$config['misc']['allow_reserved_ip'] && match_reserved_ip_range($ip_and_mask[0])) { return false; } return filter_var($ip_and_mask[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && filter_var($ip_and_mask[1], FILTER_VALIDATE_INT); } else { if (!$config['misc']['allow_private_ip'] && match_private_ip_range($ip)) { return false; } if (!$config['misc']['allow_reserved_ip'] && match_reserved_ip_range($ip)) { return false; } return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4); } } /** * Test if a given parameter is an IPv6 or not. * * @param string $ip the parameter to test. * @param boolean $ip_only optional parameter, if omitted or set to true, it * will ensure that the first parameter is an IPv6 * address without mask, if set to false the IP/MASK * form is considered as valid. * @return boolean true if the parameter matches an IPv6 address, false * otherwise. */ function match_ipv6($ip, $ip_only = true) { global $config; if (empty($ip)) { return false; } if (strrpos($ip, '/') && !$ip_only) { $ip_and_mask = explode('/', $ip, 2); if (!$config['misc']['allow_private_ip'] && match_private_ip_range($ip_and_mask[0])) { return false; } return filter_var($ip_and_mask[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) && filter_var($ip_and_mask[1], FILTER_VALIDATE_INT); } else { if (!$config['misc']['allow_private_ip'] && match_private_ip_range($ip)) { return false; } return filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6); } } /** * Test if a given parameter is a valid FQDN or not. * * @param string $fqdn the parameter to test. * @return boolean true if the parameter matches a valid FQDN, false otherwise. */ function match_fqdn($fqdn) { $regex = '/(?=^.{4,255}$)(^((?!-)[a-zA-Z0-9-]{1,63}(? array('min_range' => 1, 'max_range' => 4294967294) ); $options_16bit_private = array( 'options' => array( 'min_range' => 64512, 'max_range' => 65534) ); $options_32bit_private = array( 'options' => array('min_range' => 4200000000, 'max_range' => 4294967294) ); if (empty($as)) { return false; } if (!filter_var($as, FILTER_VALIDATE_INT, $options_wide_range)) { return false; } if (filter_var($as, FILTER_VALIDATE_INT, $options_16bit_private)) { return isset($config['misc']['allow_private_asn']) && $config['misc']['allow_private_asn'] == true; } if (filter_var($as, FILTER_VALIDATE_INT, $options_32bit_private)) { return isset($config['misc']['allow_private_asn']) && $config['misc']['allow_private_asn'] == true; } return true; } function match_aspath_regex($aspath_regex) { if (empty($aspath_regex)) { return false; } // TODO: validate a regex with a regex? return true; } /** * For a given FQDN try to find the corresponding IPv4 or IPv6 address. * * If there is multiple addresses attached to the same FQDN it will give the * first IPv4 or IPv6 found. * * If the FQDN have both IPv4 and IPv6 addresses it will give the first IPv6 * address found. * * @param string $fqdn the FQDN to use to search in the DNS databases. * @return string an IPv4 or IPv6 address based on the DNS records. */ function fqdn_to_ip_address($fqdn) { $dns_record = dns_get_record($fqdn, DNS_A + DNS_AAAA); // No DNS record found if (!$dns_record) { return false; } $records_nb = count($dns_record); // Only one record found if ($records_nb == 1) { if ($dns_record[0]['type'] == 'AAAA') { return $dns_record[0]['ipv6']; } else if ($dns_record[0]['type'] == 'A') { return $dns_record[0]['ip']; } else { return false; } } // Several records found if ($records_nb > 1) { // TODO: this could probably be more optimal foreach ($dns_record as $record) { if ($record['type'] == 'AAAA') { return $record['ipv6']; } } foreach ($dns_record as $record) { if ($record['type'] == 'AAA') { return $record['ipv4']; } } return false; } } /** * Send the given parameter to the logs file. * * @param string $log the log to be recorded in the logs file. */ function log_to_file($log) { global $config; $log .= "\n"; file_put_contents($config['logs']['file'], $log, FILE_APPEND | LOCK_EX); } // End of utils.php