diff --git a/NEWS b/NEWS index 8ac7e1fcb8..1c6d756fed 100644 --- a/NEWS +++ b/NEWS @@ -27,6 +27,8 @@ New Functionality - Geneve tunnel options of the current packet can be extracted from scripts using the new PacketAnalyzer::Geneve::get_options() builtin function. +- The new ``is_valid_subnet()`` function mirrors ``is_valid_ip()``, for subnets. + Changed Functionality --------------------- diff --git a/src/script_opt/FuncInfo.cc b/src/script_opt/FuncInfo.cc index 50d17440ca..be25a66a8f 100644 --- a/src/script_opt/FuncInfo.cc +++ b/src/script_opt/FuncInfo.cc @@ -353,6 +353,7 @@ static std::unordered_map func_attrs = { {"is_v6_addr", ATTR_FOLDABLE}, {"is_v6_subnet", ATTR_FOLDABLE}, {"is_valid_ip", ATTR_FOLDABLE}, + {"is_valid_subnet", ATTR_FOLDABLE}, {"join_string_set", ATTR_FOLDABLE}, {"join_string_vec", ATTR_FOLDABLE}, {"levenshtein_distance", ATTR_FOLDABLE}, diff --git a/src/zeek.bif b/src/zeek.bif index 3a7bb3644b..e97c988d39 100644 --- a/src/zeek.bif +++ b/src/zeek.bif @@ -2831,10 +2831,17 @@ function to_addr%(ip: string%): addr ## Returns: T if the string is a valid IPv4 or IPv6 address format. function is_valid_ip%(ip: string%): bool %{ - char* s = ip->AsString()->Render(); - auto rval = zeek::IPAddr::IsValid(s); - delete [] s; - return zeek::val_mgr->Bool(rval); + return zeek::val_mgr->Bool(zeek::IPAddr::IsValid(ip->ToStdString().c_str())); + %} + +## Checks if a string is a valid IPv4 or IPv6 subnet. +## +## cidr: the string to check for valid subnet formatting. +## +## Returns: T if the string is a valid IPv4 or IPv6 subnet format. +function is_valid_subnet%(cidr: string%): bool + %{ + return zeek::val_mgr->Bool(zeek::IPPrefix::IsValid(cidr->ToStdString().c_str())); %} ## Converts a :zeek:type:`string` to a :zeek:type:`subnet`. diff --git a/testing/btest/Baseline/opt.ZAM-bif-tracking/output b/testing/btest/Baseline/opt.ZAM-bif-tracking/output index 972665cbdb..3c90b8960c 100644 --- a/testing/btest/Baseline/opt.ZAM-bif-tracking/output +++ b/testing/btest/Baseline/opt.ZAM-bif-tracking/output @@ -1,2 +1,2 @@ ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63. -556 seen BiFs, 0 unseen BiFs (), 0 new BiFs () +557 seen BiFs, 0 unseen BiFs (), 0 new BiFs () diff --git a/testing/btest/Baseline/scripts.base.utils.addrs/output b/testing/btest/Baseline/scripts.base.utils.addrs/output index 622edef994..c64ea7defb 100644 --- a/testing/btest/Baseline/scripts.base.utils.addrs/output +++ b/testing/btest/Baseline/scripts.base.utils.addrs/output @@ -48,6 +48,16 @@ F F F F +============ test is_valid_subnet() +T +T +T +T +F +F +F +F +F ============ test extract_ip_addresses() [1.1.1.1, 2.2.2.2, 3.3.3.3] [1.1.1.1, 0:0:0:0:0:0:0:0, 3.3.3.3] diff --git a/testing/btest/opt/ZAM-bif-tracking.zeek b/testing/btest/opt/ZAM-bif-tracking.zeek index 1d11c555c5..b57e55e762 100644 --- a/testing/btest/opt/ZAM-bif-tracking.zeek +++ b/testing/btest/opt/ZAM-bif-tracking.zeek @@ -386,6 +386,7 @@ global known_BiFs = set( "is_v6_addr", "is_v6_subnet", "is_valid_ip", + "is_valid_subnet", "join_string_set", "join_string_vec", "levenshtein_distance", diff --git a/testing/btest/scripts/base/utils/addrs.test b/testing/btest/scripts/base/utils/addrs.test index e0bc384fad..68dcdaf4d3 100644 --- a/testing/btest/scripts/base/utils/addrs.test +++ b/testing/btest/scripts/base/utils/addrs.test @@ -132,6 +132,17 @@ event zeek_init() print is_valid_ip("6:1:2::3:4:5:6:7"); print is_valid_ip("6:1:2::3:4:5:6:7:8"); + print "============ test is_valid_subnet()"; + print is_valid_subnet("10.0.0.0/0"); # T! + print is_valid_subnet("10.0.0.0/8"); + print is_valid_subnet("10.0.0.0/32"); + print is_valid_subnet("fe80::/64"); + print is_valid_subnet("10.0.0.0/64"); # F + print is_valid_subnet("256.256.256.256/32"); # F + print is_valid_subnet("10.0.0.0"); # F + print is_valid_subnet("[fe80::]/64"); # F + print is_valid_subnet("10/8"); # F + print "============ test extract_ip_addresses()"; print extract_ip_addresses("this is 1.1.1.1 a test 2.2.2.2 string with ip addresses 3.3.3.3"); print extract_ip_addresses("this is 1.1.1.1 a test 0:0:0:0:0:0:0:0 string with ip addresses 3.3.3.3");