Malin/krawl.es
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e93bcb959a74ed4a0a17a0d1a6145cbb105ced94
krawl.es/src/ip_utils.py
Lorenzo Venerandi 8c76f6c847 Feat/deployment update (#56) 
* feat: update analyzer thresholds and add crawl configuration options

* feat: update Helm chart version and add README for installation instructions

* feat: update installation instructions in README and add Docker support

* feat: update deployment manifests and configuration for improved service handling and analyzer settings

* feat: add API endpoint for paginated IP retrieval and enhance dashboard visualization with category filters

* feat: update configuration for Krawl service to use external config file

* feat: refactor code for improved readability and consistency across multiple files

* feat: remove Flake8, Pylint, and test steps from PR checks workflow
2026-01-26 12:36:22 +01:00

62 lines
1.6 KiB
Python
Raw Blame History

#!/usr/bin/env python3
"""
IP utility functions for filtering and validating IP addresses.
Provides common IP filtering logic used across the Krawl honeypot.
"""
import ipaddress
from typing import Optional
def is_local_or_private_ip(ip_str: str) -> bool:
"""
Check if an IP address is local, private, or reserved.
Filters out:
- 127.0.0.1 (localhost)
- 127.0.0.0/8 (loopback)
- 10.0.0.0/8 (private network)
- 172.16.0.0/12 (private network)
- 192.168.0.0/16 (private network)
- 0.0.0.0/8 (this network)
- ::1 (IPv6 localhost)
- ::ffff:127.0.0.0/104 (IPv6-mapped IPv4 loopback)
Args:
ip_str: IP address string
Returns:
True if IP is local/private/reserved, False if it's public
"""
try:
ip = ipaddress.ip_address(ip_str)
return (
ip.is_private
or ip.is_loopback
or ip.is_reserved
or ip.is_link_local
or str(ip) in ("0.0.0.0", "::1")
)
except ValueError:
# Invalid IP address
return True
def is_valid_public_ip(ip: str, server_ip: Optional[str] = None) -> bool:
"""
Check if an IP is public and not the server's own IP.
Returns True only if:
- IP is not in local/private ranges AND
- IP is not the server's own public IP (if server_ip provided)
Args:
ip: IP address string to check
server_ip: Server's public IP (optional). If provided, filters out this IP too.
Returns:
True if IP is a valid public IP to track, False otherwise
"""
return not is_local_or_private_ip(ip) and (server_ip is None or ip != server_ip)
Reference in New Issue View Git Blame Copy Permalink