Added network whitelist
This commit is contained in:
parent
4a15a1c897
commit
8a6853bd41
|
|
@ -1,4 +1,4 @@
|
|||
-- Configuration
|
||||
-- Configuration Start
|
||||
|
||||
local lookup_dhcp_leases = true
|
||||
local dhcp_leases_file = "/tmp/dhcp.leases"
|
||||
|
|
@ -7,19 +7,24 @@ local lookup_ip_neigh = true
|
|||
|
||||
local non_fqdn = true
|
||||
local network_domain = ".lan"
|
||||
local whitelisted_networks = {"192.168.0.0/16", "172.16.0.0/12", "10.0.0.0/8", "fd00::/8"}
|
||||
|
||||
local output_file = "/tmp/dyndns"
|
||||
|
||||
local reload_command = "/etc/init.d/dnsmasq reload"
|
||||
|
||||
-- Configuration End
|
||||
|
||||
|
||||
local ip = require("ip")
|
||||
|
||||
function split(inputstr, sep)
|
||||
if sep == nil then
|
||||
sep = "%s"
|
||||
sep = "%s"
|
||||
end
|
||||
local t={}
|
||||
local t = {}
|
||||
for str in string.gmatch(inputstr, "([^"..sep.."]+)") do
|
||||
table.insert(t, str)
|
||||
table.insert(t, str)
|
||||
end
|
||||
return t
|
||||
end
|
||||
|
|
@ -38,25 +43,22 @@ function contains(tab, val)
|
|||
return false
|
||||
end
|
||||
|
||||
function ipv4(ip)
|
||||
local chunks = {ip:match("(%d+)%.(%d+)%.(%d+)%.(%d+)")}
|
||||
if (#chunks == 4) then
|
||||
for _,v in pairs(chunks) do
|
||||
if (tonumber(v) < 0 or tonumber(v) > 255) then
|
||||
return false
|
||||
end
|
||||
end
|
||||
return true
|
||||
else
|
||||
return false
|
||||
end
|
||||
whitelisted_networks_v4 = {}
|
||||
whitelisted_networks_v6 = {}
|
||||
for index, value in ipairs(whitelisted_networks) do
|
||||
local parsed_ip = ip.parse(value)
|
||||
local ip_kind = parsed_ip:kind()
|
||||
if ip_kind == "ipv4" then table.insert(whitelisted_networks_v4, parsed_ip) end
|
||||
if ip_kind == "ipv6" then table.insert(whitelisted_networks_v6, parsed_ip) end
|
||||
end
|
||||
|
||||
function ipv6(ip)
|
||||
local _, chunks = ip:gsub("[%a%d]+%:?", "")
|
||||
if chunks == 8 then
|
||||
return true
|
||||
end
|
||||
function ip_match(parsed_ip)
|
||||
local ip_kind = parsed_ip:kind()
|
||||
if ip_kind == "ipv4" then whitelisted_list = whitelisted_networks_v4 end
|
||||
if ip_kind == "ipv6" then whitelisted_list = whitelisted_networks_v6 end
|
||||
for index, value in ipairs(whitelisted_list) do
|
||||
if parsed_ip:match(value) then return true end
|
||||
end
|
||||
return false
|
||||
end
|
||||
|
||||
|
|
@ -80,8 +82,8 @@ function pairs_by_keys(t, f)
|
|||
table.insert(a, n)
|
||||
end
|
||||
table.sort(a, f)
|
||||
local i = 0 -- iterator variable
|
||||
local iter = function () -- iterator function
|
||||
local i = 0
|
||||
local iter = function ()
|
||||
i = i + 1
|
||||
if a[i] == nil then
|
||||
return nil
|
||||
|
|
@ -117,7 +119,7 @@ function compare_tables(a,b)
|
|||
end
|
||||
|
||||
|
||||
array = {}
|
||||
local array = {}
|
||||
|
||||
if lookup_dhcp_leases then
|
||||
|
||||
|
|
@ -125,7 +127,7 @@ if lookup_dhcp_leases then
|
|||
local dhcp_table = split(dhcp_file:read('*all'), "\r\n")
|
||||
dhcp_file:close()
|
||||
|
||||
for key,value in pairs(dhcp_table) do
|
||||
for key, value in pairs(dhcp_table) do
|
||||
local dhcp_lease = split(value, " ")
|
||||
local mac = dhcp_lease[2]
|
||||
if not array[mac] then
|
||||
|
|
@ -145,7 +147,7 @@ if lookup_ip_neigh then
|
|||
local neigh_table = split(neigh_file:read('*all'), "\r\n")
|
||||
neigh_file:close()
|
||||
|
||||
for key,value in pairs(neigh_table) do
|
||||
for key, value in pairs(neigh_table) do
|
||||
local neigh = split(value, " ")
|
||||
local mac = neigh[5]
|
||||
local ip = neigh[1]
|
||||
|
|
@ -161,30 +163,32 @@ if lookup_ip_neigh then
|
|||
|
||||
end
|
||||
|
||||
config = ""
|
||||
local config = ""
|
||||
|
||||
for key,value in pairs(array) do
|
||||
local mac = key
|
||||
local ip = value["ip"]
|
||||
for i1, value in pairs(array) do
|
||||
local ip_list = value["ip"]
|
||||
local hostname = value["hostname"]
|
||||
if hostname ~= "?" and hostname ~= "*" then
|
||||
for key,value in pairs(ip) do
|
||||
line = value
|
||||
if non_fqdn then line = line .. " " .. hostname end
|
||||
if network_domain then line = line .. " " .. (hostname .. network_domain) end
|
||||
if line ~= value then config = config .. "\r\n" .. line end
|
||||
for i2, ip_addr in pairs(ip_list) do
|
||||
parsed_ip = ip.parse(ip_addr)
|
||||
if ip_match(parsed_ip) then
|
||||
local line = ip_addr
|
||||
if non_fqdn then line = line .. " " .. hostname end
|
||||
if network_domain then line = line .. " " .. (hostname .. network_domain) end
|
||||
if line ~= ip_addr then config = config .. "\r\n" .. line end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
config_file = read_file(output_file)
|
||||
local config_file = read_file(output_file)
|
||||
if config_file == nil then config_file = "" end
|
||||
|
||||
c1 = sort_table(split(config_file, "\r\n"))
|
||||
c2 = sort_table(split(config, "\r\n"))
|
||||
local c1 = sort_table(split(config_file, "\r\n"))
|
||||
local c2 = sort_table(split(config, "\r\n"))
|
||||
|
||||
if not compare_tables(c1, c2) then
|
||||
file = io.open(output_file, "w")
|
||||
local file = io.open(output_file, "w")
|
||||
file:write(config)
|
||||
file:close()
|
||||
os.execute(reload_command)
|
||||
|
|
|
|||
Loading…
Reference in a new issue