ipn: Router.Contains must handle both ip:ports & subnet addrs

celzero · Nov 23, 2024 · bcf6123 · bcf6123
1 parent 9806ac7
commit bcf6123
Show file tree

Hide file tree

Showing 3 changed files with 39 additions and 21 deletions.
diff --git a/intra/backend/core_iptree.go b/intra/backend/core_iptree.go
@@ -9,12 +9,10 @@ package backend
 import (
 	"errors"
 	"net"
-	"net/netip"
 	"strings"
 	"sync"
 
 	"github.com/celzero/firestack/intra/core"
-	"github.com/celzero/firestack/intra/log"
 	"github.com/k-sone/critbitgo"
 )
 
@@ -441,20 +439,5 @@ func (c *iptree) Len() int {
 }
 
 func ip2cidr(ippOrCidr string) (*net.IPNet, error) {
-	var ipaddr netip.Addr
-	if _, ipnet, err := net.ParseCIDR(ippOrCidr); err == nil {
-		return ipnet, err
-	} else {
-		if ipp, err1 := netip.ParseAddrPort(ippOrCidr); err1 == nil {
-			ipaddr = ipp.Addr()
-		} else if ip, err2 := netip.ParseAddr(ippOrCidr); err2 == nil {
-			ipaddr = ip
-		} else {
-			log.W("iptree: ip2cidr: cidr %v / ipp %v / ip %v", err, err1, err2)
-			return nil, core.JoinErr(err, err1, err2)
-		}
-		ip := ipaddr.AsSlice()
-		mask := net.CIDRMask(ipaddr.BitLen(), ipaddr.BitLen())
-		return &net.IPNet{IP: ip, Mask: mask}, nil
-	}
+	return core.IP2Cidr(ippOrCidr)
 }
diff --git a/intra/core/ip.go b/intra/core/ip.go
@@ -18,6 +18,7 @@ import (
 	"fmt"
 	"math/big"
 	"math/rand"
+	"net"
 	"net/netip"
 	"time"
 )
@@ -67,3 +68,37 @@ func RandomIPFromPrefix(cidr netip.Prefix) (netip.Addr, error) {
 	// Unmap any mapped v4 addresses before return
 	return randomAddress.Unmap(), nil
 }
+
+func IP2Cidr(ippOrCidr string) (*net.IPNet, error) {
+	var ipaddr netip.Addr
+	if _, ipnet, err := net.ParseCIDR(ippOrCidr); err == nil {
+		return ipnet, err
+	} else {
+		if ipp, err1 := netip.ParseAddrPort(ippOrCidr); err1 == nil {
+			ipaddr = ipp.Addr()
+		} else if ip, err2 := netip.ParseAddr(ippOrCidr); err2 == nil {
+			ipaddr = ip
+		} else {
+			return nil, fmt.Errorf("ip2cidr: errs: cidr %v / ipp %v / ip %v", err, err1, err2)
+		}
+		ip := ipaddr.AsSlice()
+		mask := net.CIDRMask(ipaddr.BitLen(), ipaddr.BitLen())
+		return &net.IPNet{IP: ip, Mask: mask}, nil
+	}
+}
+
+func IP2Cidr2(ippOrCidr string) (zz netip.Prefix, err error) {
+	var ipaddr netip.Addr
+	if prefix, err := netip.ParsePrefix(ippOrCidr); err == nil {
+		return prefix, err
+	} else {
+		if ipp, err1 := netip.ParseAddrPort(ippOrCidr); err1 == nil {
+			ipaddr = ipp.Addr()
+		} else if ip, err2 := netip.ParseAddr(ippOrCidr); err2 == nil {
+			ipaddr = ip
+		} else {
+			return zz, fmt.Errorf("ip2cidr2: errs: cidr %v / ipp %v / ip %v", err, err1, err2)
+		}
+		return netip.PrefixFrom(ipaddr, ipaddr.BitLen()), nil
+	}
+}
diff --git a/intra/ipn/nop.go b/intra/ipn/nop.go
@@ -55,12 +55,12 @@ func (w *GW) Stat() *x.RouterStats {
 }
 
 // Contains implements Router.
-func (w *GW) Contains(prefix string) bool {
-	ipnet, err := netip.ParsePrefix(prefix)
+func (w *GW) Contains(ippOrCidr string) bool {
+	prefix, err := core.IP2Cidr2(ippOrCidr)
 	if err != nil {
 		return false
 	}
-	return (w.ok(ipnet.Addr()))
+	return w.ok(prefix.Addr())
 }
 
 func (w *GW) ok(ip netip.Addr) bool  { return w.ok4(ip) || w.ok6(ip) }