GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → yl2chen → Cidranger

yl2chen / Cidranger

Licence: mit
Fast IP to CIDR lookup in Golang

Programming Languages

go
31211 projects - #10 most used programming language

Labels

network-analysisip

Projects that are alternatives of or similar to Cidranger

network-pipeline
Network traffic data pipeline for real-time predictions and building datasets for deep neural networks
Stars: ✭ 36 (-93.86%)
Mutual labels:  ip, network-analysis
Nali
An offline tool for querying IP geographic information and CDN provider.一个查询IP地理信息和CDN服务提供商的离线终端工具.
Stars: ✭ 535 (-8.7%)
Mutual labels:  ip
Flare
An analytical framework for network traffic and behavioral analytics
Stars: ✭ 363 (-38.05%)
Mutual labels:  network-analysis
Hosthunter
HostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (-27.13%)
Mutual labels:  ip
Pig
A Linux packet crafting tool.
Stars: ✭ 384 (-34.47%)
Mutual labels:  network-analysis
Cnp3
Computer Networking : Principles, Protocols and Practice (first and second edition, third edition is being written on https://github.com/cnp3/ebook)
Stars: ✭ 471 (-19.62%)
Mutual labels:  ip
Qnsm
QNSM is network security monitoring framework based on DPDK.
Stars: ✭ 334 (-43%)
Mutual labels:  network-analysis
Ip Location Zh
获取 IP 地址的真实地理位置
Stars: ✭ 556 (-5.12%)
Mutual labels:  ip
Proxyiplib
全球免费代理IP库,高可用IP,精心筛选优质IP,2s必达
Stars: ✭ 521 (-11.09%)
Mutual labels:  ip
Hellraiser
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
Stars: ✭ 413 (-29.52%)
Mutual labels:  network-analysis
Tidygraph
A tidy API for graph manipulation
Stars: ✭ 398 (-32.08%)
Mutual labels:  network-analysis
Jekyll
Jekyll-based static site for The Programming Historian
Stars: ✭ 387 (-33.96%)
Mutual labels:  network-analysis
Cuteit
IP obfuscator made to make a malicious ip a bit cuter
Stars: ✭ 475 (-18.94%)
Mutual labels:  ip
Networkit
NetworKit is a growing open-source toolkit for large-scale network analysis.
Stars: ✭ 383 (-34.64%)
Mutual labels:  network-analysis
Pythoncode Tutorials
The Python Code Tutorials
Stars: ✭ 544 (-7.17%)
Mutual labels:  network-analysis
Cocoadebug
iOS Debugging Tool 🚀
Stars: ✭ 3,769 (+543.17%)
Mutual labels:  network-analysis
Scr1
SCR1 is a high-quality open-source RISC-V MCU core in Verilog
Stars: ✭ 393 (-32.94%)
Mutual labels:  ip
Information collection handbook
Handbook of information collection for penetration testing and src
Stars: ✭ 447 (-23.72%)
Mutual labels:  ip
Qqwry.dat
自动更新的纯真ip库,每天自动更新
Stars: ✭ 559 (-4.61%)
Mutual labels:  ip
Easy hack
Hack the World using Termux
Stars: ✭ 549 (-6.31%)
Mutual labels:  network-analysis
View All Similar Projects ➔

cidranger

Fast IP to CIDR block(s) lookup using trie in Golang, inspired by IPv4 route lookup linux. Possible use cases include detecting if a IP address is from published cloud provider CIDR blocks (e.g. 52.95.110.1 is contained in published AWS Route53 CIDR 52.95.110.0/24), IP routing rules, etc.

GoDoc Reference Build Status Coverage Status Go Report Card

This is visualization of a trie storing CIDR blocks 128.0.0.0/2 192.0.0.0/2 200.0.0.0/5 without path compression, the 0/1 number on the path indicates the bit value of the IP address at specified bit position, hence the path from root node to a child node represents a CIDR block that contains all IP ranges of its children, and children's children.

Visualization of trie storing same CIDR blocks with path compression, improving both lookup speed and memory footprint.

Getting Started

Configure imports.

import (
  "net"

  "github.com/yl2chen/cidranger"
)

Create a new ranger implemented using Path-Compressed prefix trie.

ranger := NewPCTrieRanger()

Inserts CIDR blocks.

_, network1, _ := net.ParseCIDR("192.168.1.0/24")
_, network2, _ := net.ParseCIDR("128.168.1.0/24")
ranger.Insert(NewBasicRangerEntry(*network1))
ranger.Insert(NewBasicRangerEntry(*network2))

To attach any additional value(s) to the entry, simply create custom struct storing the desired value(s) that implements the RangerEntry interface:

type RangerEntry interface {
	Network() net.IPNet
}

The prefix trie can be visualized as:

0.0.0.0/0 (target_pos:31:has_entry:false)
| 1--> 128.0.0.0/1 (target_pos:30:has_entry:false)
| | 0--> 128.168.1.0/24 (target_pos:7:has_entry:true)
| | 1--> 192.168.1.0/24 (target_pos:7:has_entry:true)

To test if given IP is contained in constructed ranger,

contains, err = ranger.Contains(net.ParseIP("128.168.1.0")) // returns true, nil
contains, err = ranger.Contains(net.ParseIP("192.168.2.0")) // returns false, nil

To get all the networks given is contained in,

containingNetworks, err = ranger.ContainingNetworks(net.ParseIP("128.168.1.0"))

To get all networks in ranger,

entries, err := ranger.CoveredNetworks(*AllIPv4) // for IPv4
entries, err := ranger.CoveredNetworks(*AllIPv6) // for IPv6

Benchmark

Compare hit/miss case for IPv4/IPv6 using PC trie vs brute force implementation, Ranger is initialized with published AWS ip ranges (889 IPv4 CIDR blocks and 360 IPv6)

// Ipv4 lookup hit scenario
BenchmarkPCTrieHitIPv4UsingAWSRanges-4         	 5000000	       353   ns/op
BenchmarkBruteRangerHitIPv4UsingAWSRanges-4    	  100000	     13719   ns/op

// Ipv6 lookup hit scenario, counter-intuitively faster then IPv4 due to less IPv6 CIDR
// blocks in the AWS dataset, hence the constructed trie has less path splits and depth.
BenchmarkPCTrieHitIPv6UsingAWSRanges-4         	10000000	       143   ns/op
BenchmarkBruteRangerHitIPv6UsingAWSRanges-4    	  300000	      5178   ns/op

// Ipv4 lookup miss scenario
BenchmarkPCTrieMissIPv4UsingAWSRanges-4        	20000000	        96.5 ns/op
BenchmarkBruteRangerMissIPv4UsingAWSRanges-4   	   50000	     24781   ns/op

// Ipv6 lookup miss scenario
BenchmarkPCTrieHMissIPv6UsingAWSRanges-4       	10000000	       115   ns/op
BenchmarkBruteRangerMissIPv6UsingAWSRanges-4   	  100000	     10824   ns/op

Example of IPv6 trie:

::/0 (target_pos:127:has_entry:false)
| 0--> 2400::/14 (target_pos:113:has_entry:false)
| | 0--> 2400:6400::/22 (target_pos:105:has_entry:false)
| | | 0--> 2400:6500::/32 (target_pos:95:has_entry:false)
| | | | 0--> 2400:6500::/39 (target_pos:88:has_entry:false)
| | | | | 0--> 2400:6500:0:7000::/53 (target_pos:74:has_entry:false)
| | | | | | 0--> 2400:6500:0:7000::/54 (target_pos:73:has_entry:false)
| | | | | | | 0--> 2400:6500:0:7000::/55 (target_pos:72:has_entry:false)
| | | | | | | | 0--> 2400:6500:0:7000::/56 (target_pos:71:has_entry:true)
| | | | | | | | 1--> 2400:6500:0:7100::/56 (target_pos:71:has_entry:true)
| | | | | | | 1--> 2400:6500:0:7200::/56 (target_pos:71:has_entry:true)
| | | | | | 1--> 2400:6500:0:7400::/55 (target_pos:72:has_entry:false)
| | | | | | | 0--> 2400:6500:0:7400::/56 (target_pos:71:has_entry:true)
| | | | | | | 1--> 2400:6500:0:7500::/56 (target_pos:71:has_entry:true)
| | | | | 1--> 2400:6500:100:7000::/54 (target_pos:73:has_entry:false)
| | | | | | 0--> 2400:6500:100:7100::/56 (target_pos:71:has_entry:true)
| | | | | | 1--> 2400:6500:100:7200::/56 (target_pos:71:has_entry:true)
| | | | 1--> 2400:6500:ff00::/64 (target_pos:63:has_entry:true)
| | | 1--> 2400:6700:ff00::/64 (target_pos:63:has_entry:true)
| | 1--> 2403:b300:ff00::/64 (target_pos:63:has_entry:true)
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].