src/ip_utils.py

#!/usr/bin/env python3

"""
IP utility functions for filtering and validating IP addresses.
Provides common IP filtering logic used across the Krawl honeypot.
"""

import ipaddress
from typing import Optional


def is_local_or_private_ip(ip_str: str) -> bool:
    """
    Check if an IP address is local, private, or reserved.

    Filters out:
    - 127.0.0.1 (localhost)
    - 127.0.0.0/8 (loopback)
    - 10.0.0.0/8 (private network)
    - 172.16.0.0/12 (private network)
    - 192.168.0.0/16 (private network)
    - 0.0.0.0/8 (this network)
    - ::1 (IPv6 localhost)
    - ::ffff:127.0.0.0/104 (IPv6-mapped IPv4 loopback)

    Args:
        ip_str: IP address string

    Returns:
        True if IP is local/private/reserved, False if it's public
    """
    try:
        ip = ipaddress.ip_address(ip_str)
        return (
            ip.is_private
            or ip.is_loopback
            or ip.is_reserved
            or ip.is_link_local
            or str(ip) in ("0.0.0.0", "::1")
        )
    except ValueError:
        # Invalid IP address
        return True


def is_valid_public_ip(ip: str, server_ip: Optional[str] = None) -> bool:
    """
    Check if an IP is public and not the server's own IP.

    Returns True only if:
    - IP is not in local/private ranges AND
    - IP is not the server's own public IP (if server_ip provided)

    Args:
        ip: IP address string to check
        server_ip: Server's public IP (optional). If provided, filters out this IP too.

    Returns:
        True if IP is a valid public IP to track, False otherwise
    """
    return not is_local_or_private_ip(ip) and (server_ip is None or ip != server_ip)
added ip logging memory improvements, added local ip and public ip exlusion 2026-01-24 23:28:10 +01:00			`#!/usr/bin/env python3`

			`"""`
			`IP utility functions for filtering and validating IP addresses.`
			`Provides common IP filtering logic used across the Krawl honeypot.`
			`"""`

			`import ipaddress`
			`from typing import Optional`


			`def is_local_or_private_ip(ip_str: str) -> bool:`
			`"""`
			`Check if an IP address is local, private, or reserved.`
Feat/deployment update (#56) * feat: update analyzer thresholds and add crawl configuration options * feat: update Helm chart version and add README for installation instructions * feat: update installation instructions in README and add Docker support * feat: update deployment manifests and configuration for improved service handling and analyzer settings * feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters * feat: update configuration for Krawl service to use external config file * feat: refactor code for improved readability and consistency across multiple files * feat: remove Flake8, Pylint, and test steps from PR checks workflow 2026-01-26 12:36:22 +01:00
added ip logging memory improvements, added local ip and public ip exlusion 2026-01-24 23:28:10 +01:00			`Filters out:`
			`- 127.0.0.1 (localhost)`
			`- 127.0.0.0/8 (loopback)`
			`- 10.0.0.0/8 (private network)`
			`- 172.16.0.0/12 (private network)`
			`- 192.168.0.0/16 (private network)`
			`- 0.0.0.0/8 (this network)`
			`- ::1 (IPv6 localhost)`
			`- ::ffff:127.0.0.0/104 (IPv6-mapped IPv4 loopback)`
Feat/deployment update (#56) * feat: update analyzer thresholds and add crawl configuration options * feat: update Helm chart version and add README for installation instructions * feat: update installation instructions in README and add Docker support * feat: update deployment manifests and configuration for improved service handling and analyzer settings * feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters * feat: update configuration for Krawl service to use external config file * feat: refactor code for improved readability and consistency across multiple files * feat: remove Flake8, Pylint, and test steps from PR checks workflow 2026-01-26 12:36:22 +01:00
added ip logging memory improvements, added local ip and public ip exlusion 2026-01-24 23:28:10 +01:00			`Args:`
			`ip_str: IP address string`
Feat/deployment update (#56) * feat: update analyzer thresholds and add crawl configuration options * feat: update Helm chart version and add README for installation instructions * feat: update installation instructions in README and add Docker support * feat: update deployment manifests and configuration for improved service handling and analyzer settings * feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters * feat: update configuration for Krawl service to use external config file * feat: refactor code for improved readability and consistency across multiple files * feat: remove Flake8, Pylint, and test steps from PR checks workflow 2026-01-26 12:36:22 +01:00
added ip logging memory improvements, added local ip and public ip exlusion 2026-01-24 23:28:10 +01:00			`Returns:`
			`True if IP is local/private/reserved, False if it's public`
			`"""`
			`try:`
			`ip = ipaddress.ip_address(ip_str)`
			`return (`
			`ip.is_private`
			`or ip.is_loopback`
			`or ip.is_reserved`
			`or ip.is_link_local`
			`or str(ip) in ("0.0.0.0", "::1")`
			`)`
			`except ValueError:`
			`# Invalid IP address`
			`return True`


			`def is_valid_public_ip(ip: str, server_ip: Optional[str] = None) -> bool:`
			`"""`
			`Check if an IP is public and not the server's own IP.`
Feat/deployment update (#56) * feat: update analyzer thresholds and add crawl configuration options * feat: update Helm chart version and add README for installation instructions * feat: update installation instructions in README and add Docker support * feat: update deployment manifests and configuration for improved service handling and analyzer settings * feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters * feat: update configuration for Krawl service to use external config file * feat: refactor code for improved readability and consistency across multiple files * feat: remove Flake8, Pylint, and test steps from PR checks workflow 2026-01-26 12:36:22 +01:00
added ip logging memory improvements, added local ip and public ip exlusion 2026-01-24 23:28:10 +01:00			`Returns True only if:`
			`- IP is not in local/private ranges AND`
			`- IP is not the server's own public IP (if server_ip provided)`
Feat/deployment update (#56) * feat: update analyzer thresholds and add crawl configuration options * feat: update Helm chart version and add README for installation instructions * feat: update installation instructions in README and add Docker support * feat: update deployment manifests and configuration for improved service handling and analyzer settings * feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters * feat: update configuration for Krawl service to use external config file * feat: refactor code for improved readability and consistency across multiple files * feat: remove Flake8, Pylint, and test steps from PR checks workflow 2026-01-26 12:36:22 +01:00
added ip logging memory improvements, added local ip and public ip exlusion 2026-01-24 23:28:10 +01:00			`Args:`
			`ip: IP address string to check`
			`server_ip: Server's public IP (optional). If provided, filters out this IP too.`
Feat/deployment update (#56) * feat: update analyzer thresholds and add crawl configuration options * feat: update Helm chart version and add README for installation instructions * feat: update installation instructions in README and add Docker support * feat: update deployment manifests and configuration for improved service handling and analyzer settings * feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters * feat: update configuration for Krawl service to use external config file * feat: refactor code for improved readability and consistency across multiple files * feat: remove Flake8, Pylint, and test steps from PR checks workflow 2026-01-26 12:36:22 +01:00
added ip logging memory improvements, added local ip and public ip exlusion 2026-01-24 23:28:10 +01:00			`Returns:`
			`True if IP is a valid public IP to track, False otherwise`
			`"""`
			`return not is_local_or_private_ip(ip) and (server_ip is None or ip != server_ip)`