static int
compareIPs(
const skipaddr_t *ipa,
const skipaddr_t *ipb)
{
uint8_t ipa_v6[16];
uint8_t ipb_v6[16];
if (skipaddrIsV6(ipa)) {
if (!skipaddrIsV6(ipb)) {
/* treat the IPv4 'ipb' as less than IPv6 */
return 1;
}
/* both are IPv6 */
skipaddrGetV6(ipa, ipa_v6);
skipaddrGetV6(ipb, ipb_v6);
return memcmp(ipa_v6, ipb_v6, sizeof(ipa_v6));
}
if (skipaddrIsV6(ipb)) {
return -1;
}
/* both are IPv4 */
return ((skipaddrGetV4(ipa) < skipaddrGetV4(ipb))
? -1
: (skipaddrGetV4(ipa) > skipaddrGetV4(ipb)));
}
static int
processOneAddress(
const char *addr)
{
char final_delim[] = {'\0', '\0'};
char cc[16];
char ipbuf[SK_NUM2DOT_STRLEN];
skipaddr_t ip;
int rv;
if (!app_opt.no_final_delimiter) {
final_delim[0] = app_opt.column_separator;
}
rv = skStringParseIP(&ip, addr);
if (rv) {
skAppPrintErr("Invalid %s '%s': %s",
appOptions[OPT_ADDRESS].name, addr,
skStringParseStrerror(rv));
return 1;
}
#if SK_ENABLE_IPV6
if (skipaddrIsV6(&ip)) {
skAppPrintErr("Invalid %s '%s': IPv6 addresses not supported",
appOptions[OPT_ADDRESS].name, addr);
return 1;
}
#endif /* SK_ENABLE_IPV6 */
skCountryLookupName(&ip, cc, sizeof(cc));
if (!app_opt.print_ips) {
skStreamPrint(out, "%s\n", cc);
} else {
skipaddrString(ipbuf, &ip, ip_flags);
if (app_opt.no_columns) {
skStreamPrint(out, "%s%c%s%s\n",
ipbuf, app_opt.column_separator, cc, final_delim);
} else {
skStreamPrint(out, "%15s%c%2s%s\n",
ipbuf, app_opt.column_separator, cc, final_delim);
}
}
return 0;
}
/*
* buildIPSetWildcards(stream);
*
* Read IP addresses from the stream named by 'stream' and use them
* to build the global ipset. Allow the input to contain
* IPWildcards. Return 0 on success or -1 on failure.
*/
static int
buildIPSetWildcards(
skstream_t *stream)
{
#if SK_ENABLE_IPV6
int saw_integer = 0;
#endif
int lc = 0;
char line_buf[512];
skIPWildcard_t ipwild;
skipaddr_t ip;
uint32_t prefix;
char *cp;
int rv;
/* read until end of file */
while ((rv = skStreamGetLine(stream, line_buf, sizeof(line_buf), &lc))
!= SKSTREAM_ERR_EOF)
{
switch (rv) {
case SKSTREAM_OK:
/* good, we got our line */
break;
case SKSTREAM_ERR_LONG_LINE:
/* bad: line was longer than sizeof(line_buf) */
skAppPrintErr("Input line %d too long. ignored",
lc);
continue;
default:
/* unexpected error */
skStreamPrintLastErr(stream, rv, &skAppPrintErr);
goto END;
}
/* first, attempt to parse as a CIDR block */
rv = skStringParseCIDR(&ip, &prefix, line_buf);
if (rv == 0) {
#if SK_ENABLE_IPV6
/* do not allow integers mixed with IPv6 addresses */
if (saw_integer) {
if (skipaddrIsV6(&ip)) {
skAppPrintErr("Error on line %d: %s",
lc, SETBUILD_ERR_MIX_INT_V6);
rv = -1;
goto END;
}
} else if (SETBUILD_BUF_IS_INT(line_buf)) {
saw_integer = 1;
if (skIPSetIsV6(ipset)) {
skAppPrintErr("Error on line %d: %s",
lc, SETBUILD_ERR_MIX_INT_V6);
rv = -1;
goto END;
}
}
#endif /* SK_ENABLE_IPV6 */
rv = skIPSetInsertAddress(ipset, &ip, prefix);
if (rv) {
skAppPrintErr("Error adding IP on line %d to IPset: %s",
lc, skIPSetStrerror(rv));
goto END;
}
continue;
}
/* else parse the line as an IPWildcard */
rv = skStringParseIPWildcard(&ipwild, line_buf);
if (rv != 0) {
/* failed to parse an IPWildcard. See if the user has
* entered two IP addresses, and if so, suggest they use
* the --ip-ranges switch. */
int rv2;
rv2 = skStringParseIP(&ip, line_buf);
if (rv2 > 0) {
/* parsed an IP and there is extra text after the IP
* address; check to see if it is another IP addr */
#if SK_ENABLE_IPV6
if (skipaddrIsV6(&ip)
&& ((cp = strchr(line_buf + rv2, ':')) != NULL))
{
while (isxdigit((int) *(cp - 1))) {
--cp;
}
if (skStringParseIP(&ip, cp) == 0) {
skAppPrintErr(("Invalid IP on line %d: "
SUGGEST_IP_RANGES),
lc);
goto END;
}
}
#endif
if (!skipaddrIsV6(&ip)
&& ((cp = strchr(line_buf + rv2, '.')) != NULL))
{
while (isxdigit((int) *(cp - 1))) {
--cp;
}
if (skStringParseIP(&ip, cp) == 0) {
skAppPrintErr(("Invalid IP on line %d: "
SUGGEST_IP_RANGES),
lc);
goto END;
}
}
}
/* report initial error */
skAppPrintErr("Invalid IP Wildcard on line %d: %s",
lc, skStringParseStrerror(rv));
goto END;
}
#if SK_ENABLE_IPV6
/* do not allow integers mixed with IPv6 addresses */
if (saw_integer && skIPWildcardIsV6(&ipwild)) {
skAppPrintErr("Error on line %d: %s",
lc, SETBUILD_ERR_MIX_INT_V6);
rv = -1;
goto END;
}
#endif /* SK_ENABLE_IPV6 */
rv = skIPSetInsertIPWildcard(ipset, &ipwild);
if (rv) {
skAppPrintErr("Error adding IP Wildcard on line %d to IPset: %s",
lc, skIPSetStrerror(rv));
goto END;
}
}
/* success */
rv = 0;
END:
if (rv != 0) {
return -1;
}
return 0;
}
/*
* buildIPSetRanges(stream);
*
* Read IP addresses from the stream named by 'stream' and use them
* to build the global ipset. Allow the input to support ranges of
* IPs. Return 0 on success or -1 on failure.
*/
static int
buildIPSetRanges(
skstream_t *stream)
{
#if SK_ENABLE_IPV6
int saw_integer = 0;
#endif
int lc = 0;
char line_buf[512];
char *sep;
skipaddr_t ip;
skipaddr_t ip_min;
skipaddr_t ip_max;
uint32_t prefix;
const int delim_is_space = isspace((int)delimiter);
int rv;
/* read until end of file */
while ((rv = skStreamGetLine(stream, line_buf, sizeof(line_buf), &lc))
!= SKSTREAM_ERR_EOF)
{
switch (rv) {
case SKSTREAM_OK:
/* good, we got our line */
break;
case SKSTREAM_ERR_LONG_LINE:
/* bad: line was longer than sizeof(line_buf) */
skAppPrintErr("Input line %d too long. ignored",
lc);
continue;
default:
/* unexpected error */
skStreamPrintLastErr(stream, rv, &skAppPrintErr);
goto END;
}
/* support whitespace separators */
if (!delim_is_space) {
sep = strchr(line_buf, delimiter);
} else {
/* ignore leading whitespace */
sep = line_buf;
while (isspace((int)*sep)) {
++sep;
}
sep = strchr(sep, delimiter);
if (sep) {
/* allow a lone IP to have trailing whitespace */
char *cp = sep;
while (isspace((int)*cp)) {
++cp;
}
if (*cp == '\0') {
sep = NULL;
}
}
}
if (sep == NULL) {
/* parse as IP with possible CIDR designation */
rv = skStringParseCIDR(&ip, &prefix, line_buf);
if (rv != 0) {
skAppPrintErr("Invalid IP on line %d: %s",
lc, skStringParseStrerror(rv));
goto END;
}
#if SK_ENABLE_IPV6
/* do not allow integers mixed with IPv6 addresses */
if (saw_integer) {
if (skipaddrIsV6(&ip)) {
skAppPrintErr("Error on line %d: %s",
lc, SETBUILD_ERR_MIX_INT_V6);
rv = -1;
goto END;
}
} else if (SETBUILD_BUF_IS_INT(line_buf)) {
saw_integer = 1;
if (skIPSetIsV6(ipset)) {
skAppPrintErr("Error on line %d: %s",
lc, SETBUILD_ERR_MIX_INT_V6);
rv = -1;
goto END;
}
}
#endif /* SK_ENABLE_IPV6 */
rv = skIPSetInsertAddress(ipset, &ip, prefix);
if (rv) {
skAppPrintErr("Error adding IP on line %d to IPset: %s",
lc, skIPSetStrerror(rv));
goto END;
}
continue;
}
/* parse two IP addresses */
*sep = '\0';
++sep;
rv = skStringParseIP(&ip_min, line_buf);
if (rv != 0) {
skAppPrintErr("Invalid minimum IP on line %d: %s",
lc, skStringParseStrerror(rv));
goto END;
}
rv = skStringParseIP(&ip_max, sep);
if (rv != 0) {
skAppPrintErr("Invalid maximum IP on line %d: %s",
lc, skStringParseStrerror(rv));
goto END;
}
if (skipaddrCompare(&ip_min, &ip_max) > 0) {
skAppPrintErr("Invalid IP range on line %d: min > max",
lc);
rv = -1;
goto END;
}
#if SK_ENABLE_IPV6
/* do not allow integers mixed with IPv6 addresses */
if (saw_integer) {
if (skipaddrIsV6(&ip_min) || skipaddrIsV6(&ip_max)) {
skAppPrintErr("Error on line %d: %s",
lc, SETBUILD_ERR_MIX_INT_V6);
rv = -1;
goto END;
}
} else if (SETBUILD_BUF_IS_INT(line_buf) || SETBUILD_BUF_IS_INT(sep)) {
saw_integer = 1;
if (skIPSetIsV6(ipset)) {
skAppPrintErr("Error on line %d: %s",
lc, SETBUILD_ERR_MIX_INT_V6);
rv = -1;
goto END;
}
}
#endif /* SK_ENABLE_IPV6 */
rv = skIPSetInsertRange(ipset, &ip_min, &ip_max);
if (rv) {
skAppPrintErr("Error adding IP range on line %d to IPset: %s",
lc, skIPSetStrerror(rv));
goto END;
}
}
/* success */
rv = 0;
END:
if (rv != 0) {
return -1;
}
return 0;
}
