Skip to content

Commit 9637798

Browse files
MattAlpMattAlp
committed
Good place to checkpoint
1 parent 0682615 commit 9637798

File tree

7 files changed

+488
-98
lines changed

7 files changed

+488
-98
lines changed

modules/ingest-common/src/main/java/org/elasticsearch/ingest/common/NetworkDirectionProcessor.java

Lines changed: 3 additions & 97 deletions
Original file line numberDiff line numberDiff line change
@@ -10,28 +10,22 @@
1010
package org.elasticsearch.ingest.common;
1111

1212
import org.elasticsearch.cluster.metadata.ProjectId;
13-
import org.elasticsearch.common.network.CIDRUtils;
14-
import org.elasticsearch.common.network.InetAddresses;
13+
import org.elasticsearch.common.network.NetworkDirectionUtils;
1514
import org.elasticsearch.ingest.AbstractProcessor;
1615
import org.elasticsearch.ingest.ConfigurationUtils;
1716
import org.elasticsearch.ingest.IngestDocument;
1817
import org.elasticsearch.ingest.Processor;
1918
import org.elasticsearch.script.ScriptService;
2019
import org.elasticsearch.script.TemplateScript;
2120

22-
import java.net.InetAddress;
2321
import java.util.ArrayList;
24-
import java.util.Arrays;
2522
import java.util.List;
2623
import java.util.Map;
2724

2825
import static org.elasticsearch.ingest.ConfigurationUtils.newConfigurationException;
2926
import static org.elasticsearch.ingest.ConfigurationUtils.readBooleanProperty;
3027

3128
public class NetworkDirectionProcessor extends AbstractProcessor {
32-
static final byte[] UNDEFINED_IP4 = new byte[] { 0, 0, 0, 0 };
33-
static final byte[] UNDEFINED_IP6 = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
34-
static final byte[] BROADCAST_IP4 = new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff };
3529

3630
public static final String TYPE = "network_direction";
3731

@@ -40,17 +34,6 @@ public class NetworkDirectionProcessor extends AbstractProcessor {
4034
public static final String DIRECTION_INBOUND = "inbound";
4135
public static final String DIRECTION_OUTBOUND = "outbound";
4236

43-
private static final String LOOPBACK_NAMED_NETWORK = "loopback";
44-
private static final String GLOBAL_UNICAST_NAMED_NETWORK = "global_unicast";
45-
private static final String UNICAST_NAMED_NETWORK = "unicast";
46-
private static final String LINK_LOCAL_UNICAST_NAMED_NETWORK = "link_local_unicast";
47-
private static final String INTERFACE_LOCAL_NAMED_NETWORK = "interface_local_multicast";
48-
private static final String LINK_LOCAL_MULTICAST_NAMED_NETWORK = "link_local_multicast";
49-
private static final String MULTICAST_NAMED_NETWORK = "multicast";
50-
private static final String UNSPECIFIED_NAMED_NETWORK = "unspecified";
51-
private static final String PRIVATE_NAMED_NETWORK = "private";
52-
private static final String PUBLIC_NAMED_NETWORK = "public";
53-
5437
private final String sourceIpField;
5538
private final String destinationIpField;
5639
private final String targetField;
@@ -140,8 +123,8 @@ private String getDirection(IngestDocument d) throws Exception {
140123
return null;
141124
}
142125

143-
boolean sourceInternal = isInternal(networks, sourceIpAddrString);
144-
boolean destinationInternal = isInternal(networks, destIpAddrString);
126+
boolean sourceInternal = NetworkDirectionUtils.isInternal(networks, sourceIpAddrString);
127+
boolean destinationInternal = NetworkDirectionUtils.isInternal(networks, destIpAddrString);
145128

146129
if (sourceInternal && destinationInternal) {
147130
return DIRECTION_INTERNAL;
@@ -155,83 +138,6 @@ private String getDirection(IngestDocument d) throws Exception {
155138
return DIRECTION_EXTERNAL;
156139
}
157140

158-
private static boolean isInternal(List<String> networks, String ip) {
159-
for (String network : networks) {
160-
if (inNetwork(ip, network)) {
161-
return true;
162-
}
163-
}
164-
return false;
165-
}
166-
167-
private static boolean inNetwork(String ip, String network) {
168-
InetAddress address = InetAddresses.forString(ip);
169-
return switch (network) {
170-
case LOOPBACK_NAMED_NETWORK -> isLoopback(address);
171-
case GLOBAL_UNICAST_NAMED_NETWORK, UNICAST_NAMED_NETWORK -> isUnicast(address);
172-
case LINK_LOCAL_UNICAST_NAMED_NETWORK -> isLinkLocalUnicast(address);
173-
case INTERFACE_LOCAL_NAMED_NETWORK -> isInterfaceLocalMulticast(address);
174-
case LINK_LOCAL_MULTICAST_NAMED_NETWORK -> isLinkLocalMulticast(address);
175-
case MULTICAST_NAMED_NETWORK -> isMulticast(address);
176-
case UNSPECIFIED_NAMED_NETWORK -> isUnspecified(address);
177-
case PRIVATE_NAMED_NETWORK -> isPrivate(ip);
178-
case PUBLIC_NAMED_NETWORK -> isPublic(ip);
179-
default -> CIDRUtils.isInRange(ip, network);
180-
};
181-
}
182-
183-
private static boolean isLoopback(InetAddress ip) {
184-
return ip.isLoopbackAddress();
185-
}
186-
187-
private static boolean isUnicast(InetAddress ip) {
188-
return Arrays.equals(ip.getAddress(), BROADCAST_IP4) == false
189-
&& isUnspecified(ip) == false
190-
&& isLoopback(ip) == false
191-
&& isMulticast(ip) == false
192-
&& isLinkLocalUnicast(ip) == false;
193-
}
194-
195-
private static boolean isLinkLocalUnicast(InetAddress ip) {
196-
return ip.isLinkLocalAddress();
197-
}
198-
199-
private static boolean isInterfaceLocalMulticast(InetAddress ip) {
200-
return ip.isMCNodeLocal();
201-
}
202-
203-
private static boolean isLinkLocalMulticast(InetAddress ip) {
204-
return ip.isMCLinkLocal();
205-
}
206-
207-
private static boolean isMulticast(InetAddress ip) {
208-
return ip.isMulticastAddress();
209-
}
210-
211-
private static boolean isUnspecified(InetAddress ip) {
212-
var address = ip.getAddress();
213-
return Arrays.equals(UNDEFINED_IP4, address) || Arrays.equals(UNDEFINED_IP6, address);
214-
}
215-
216-
private static boolean isPrivate(String ip) {
217-
return CIDRUtils.isInRange(ip, "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fd00::/8");
218-
}
219-
220-
private static boolean isPublic(String ip) {
221-
return isLocalOrPrivate(ip) == false;
222-
}
223-
224-
private static boolean isLocalOrPrivate(String ip) {
225-
var address = InetAddresses.forString(ip);
226-
return isPrivate(ip)
227-
|| isLoopback(address)
228-
|| isUnspecified(address)
229-
|| isLinkLocalUnicast(address)
230-
|| isLinkLocalMulticast(address)
231-
|| isInterfaceLocalMulticast(address)
232-
|| Arrays.equals(address.getAddress(), BROADCAST_IP4);
233-
}
234-
235141
@Override
236142
public String getType() {
237143
return TYPE;

server/src/main/java/org/elasticsearch/common/network/NetworkDirectionUtils.java

Lines changed: 108 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,108 @@
1+
/*
2+
* Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
3+
* or more contributor license agreements. Licensed under the "Elastic License
4+
* 2.0", the "GNU Affero General Public License v3.0 only", and the "Server Side
5+
* Public License v 1"; you may not use this file except in compliance with, at
6+
* your election, the "Elastic License 2.0", the "GNU Affero General Public
7+
* License v3.0 only", or the "Server Side Public License, v 1".
8+
*/
9+
10+
package org.elasticsearch.common.network;
11+
12+
import java.net.InetAddress;
13+
import java.util.Arrays;
14+
import java.util.List;
15+
16+
public class NetworkDirectionUtils {
17+
18+
static final byte[] UNDEFINED_IP4 = new byte[] { 0, 0, 0, 0 };
19+
static final byte[] UNDEFINED_IP6 = new byte[] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
20+
static final byte[] BROADCAST_IP4 = new byte[] { (byte) 0xff, (byte) 0xff, (byte) 0xff, (byte) 0xff };
21+
22+
private static final String LOOPBACK_NAMED_NETWORK = "loopback";
23+
private static final String GLOBAL_UNICAST_NAMED_NETWORK = "global_unicast";
24+
private static final String UNICAST_NAMED_NETWORK = "unicast";
25+
private static final String LINK_LOCAL_UNICAST_NAMED_NETWORK = "link_local_unicast";
26+
private static final String INTERFACE_LOCAL_NAMED_NETWORK = "interface_local_multicast";
27+
private static final String LINK_LOCAL_MULTICAST_NAMED_NETWORK = "link_local_multicast";
28+
private static final String MULTICAST_NAMED_NETWORK = "multicast";
29+
private static final String UNSPECIFIED_NAMED_NETWORK = "unspecified";
30+
private static final String PRIVATE_NAMED_NETWORK = "private";
31+
private static final String PUBLIC_NAMED_NETWORK = "public";
32+
33+
public static boolean isInternal(List<String> networks, String ip) {
34+
for (String network : networks) {
35+
if (inNetwork(InetAddresses.forString(ip), network)) {
36+
return true;
37+
}
38+
}
39+
return false;
40+
}
41+
42+
public static boolean inNetwork(InetAddress address, String network) {
43+
return switch (network) {
44+
case LOOPBACK_NAMED_NETWORK -> isLoopback(address);
45+
case GLOBAL_UNICAST_NAMED_NETWORK, UNICAST_NAMED_NETWORK -> isUnicast(address);
46+
case LINK_LOCAL_UNICAST_NAMED_NETWORK -> isLinkLocalUnicast(address);
47+
case INTERFACE_LOCAL_NAMED_NETWORK -> isInterfaceLocalMulticast(address);
48+
case LINK_LOCAL_MULTICAST_NAMED_NETWORK -> isLinkLocalMulticast(address);
49+
case MULTICAST_NAMED_NETWORK -> isMulticast(address);
50+
case UNSPECIFIED_NAMED_NETWORK -> isUnspecified(address);
51+
case PRIVATE_NAMED_NETWORK -> isPrivate(address.getHostAddress());
52+
case PUBLIC_NAMED_NETWORK -> isPublic(address.getHostAddress());
53+
default -> CIDRUtils.isInRange(address.getHostAddress(), network);
54+
};
55+
}
56+
57+
private static boolean isLoopback(InetAddress ip) {
58+
return ip.isLoopbackAddress();
59+
}
60+
61+
private static boolean isUnicast(InetAddress ip) {
62+
return Arrays.equals(ip.getAddress(), BROADCAST_IP4) == false
63+
&& isUnspecified(ip) == false
64+
&& isLoopback(ip) == false
65+
&& isMulticast(ip) == false
66+
&& isLinkLocalUnicast(ip) == false;
67+
}
68+
69+
private static boolean isLinkLocalUnicast(InetAddress ip) {
70+
return ip.isLinkLocalAddress();
71+
}
72+
73+
private static boolean isInterfaceLocalMulticast(InetAddress ip) {
74+
return ip.isMCNodeLocal();
75+
}
76+
77+
private static boolean isLinkLocalMulticast(InetAddress ip) {
78+
return ip.isMCLinkLocal();
79+
}
80+
81+
private static boolean isMulticast(InetAddress ip) {
82+
return ip.isMulticastAddress();
83+
}
84+
85+
private static boolean isUnspecified(InetAddress ip) {
86+
var address = ip.getAddress();
87+
return Arrays.equals(UNDEFINED_IP4, address) || Arrays.equals(UNDEFINED_IP6, address);
88+
}
89+
90+
private static boolean isPrivate(String ip) {
91+
return CIDRUtils.isInRange(ip, "10.0.0.0/8", "172.16.0.0/12", "192.168.0.0/16", "fd00::/8");
92+
}
93+
94+
private static boolean isPublic(String ip) {
95+
return isLocalOrPrivate(ip) == false;
96+
}
97+
98+
private static boolean isLocalOrPrivate(String ip) {
99+
var address = InetAddresses.forString(ip);
100+
return isPrivate(ip)
101+
|| isLoopback(address)
102+
|| isUnspecified(address)
103+
|| isLinkLocalUnicast(address)
104+
|| isLinkLocalMulticast(address)
105+
|| isInterfaceLocalMulticast(address)
106+
|| Arrays.equals(address.getAddress(), BROADCAST_IP4);
107+
}
108+
}

0 commit comments

Comments
 (0)