diff --git a/peeringdb_server/inet.py b/peeringdb_server/inet.py index 241da04f..535b06f6 100644 --- a/peeringdb_server/inet.py +++ b/peeringdb_server/inet.py @@ -9,17 +9,52 @@ from django.utils.translation import ugettext_lazy as _ from peeringdb_server import settings +# RFC 5398 documentation asn range +ASN_RFC_5398_16BIT = (64496, 64511) +ASN_RFC_5398_32BIT = (65536, 65551) + +# RFC 6996 private asn range +ASN_RFC_6996_16BIT = (64512, 65534) +ASN_RFC_6996_32BIT = (4200000000, 4294967294) + +# RFC 7003 last asn +ASN_LAST_16BIT = (65535, 65535) +ASN_LAST_32BIT = (4294967295, 4294967295) + +ASN_TRANS = (23456, 23456) + BOGON_ASN_RANGES = [ # RFC 5398 - documentation 16-bit - (64496, 64511), + ASN_RFC_5398_16BIT, # RFC 5398 - documentation 32-bit - (65536, 65551), + ASN_RFC_5398_32BIT, # RFC 6996 - private 16-bit - (64512, 65534), + ASN_RFC_6996_16BIT, # RFC 6996 - private 32-bit - (4200000000, 4294967294), + ASN_RFC_6996_32BIT, + # RFC 7003 - last asn 16-bit + ASN_LAST_16BIT, + # RFC 7003 - last asn 32-bit + ASN_LAST_32BIT, + # trans + ASN_TRANS ] +# the following bogon asn ranges are allowed on envionments +# where TUTORIAL_MODE is set to True + +TUTORIAL_ASN_RANGES = [ + # RFC 5398 - documentation 16-bit + ASN_RFC_5398_16BIT, + # RFC 5398 - documentation 32-bit + ASN_RFC_5398_32BIT, + # RFC 6996 - private 16-bit + ASN_RFC_6996_16BIT, + # RFC 6996 - private 32-bit + ASN_RFC_6996_32BIT, +] + + class BogonAsn(rdap.RdapAsn): """ @@ -59,10 +94,10 @@ class RdapLookup(rdap.RdapClient): """ if asn_is_bogon(asn): - if settings.TUTORIAL_MODE: + if settings.TUTORIAL_MODE and asn_is_in_ranges(asn, TUTORIAL_ASN_RANGES): return BogonAsn(asn) else: - raise RdapException(_("ASNs for documentation/private purposes " \ + raise RdapException(_("ASNs in this range " \ "are not allowed in this environment")) return super(RdapLookup, self).get_asn(asn) @@ -79,15 +114,27 @@ def asn_is_bogon(asn): Return: - bool: True if in bogon range """ + return asn_is_in_ranges(asn, BOGON_ASN_RANGES) + +def asn_is_in_ranges(asn, ranges): + """ + Test if an asn falls within any of the ranges provided + + Arguments: + - asn + - ranges + + Return: + - bool + """ asn = int(asn) - for as_range in BOGON_ASN_RANGES: + for as_range in ranges: if asn >= as_range[0] and asn <= as_range[1]: return True return False - def network_is_bogon(network): """ Returns if the passed ipaddress network is a bogon diff --git a/peeringdb_server/management/commands/pdb_api_test.py b/peeringdb_server/management/commands/pdb_api_test.py index db50c679..6b7fabf7 100644 --- a/peeringdb_server/management/commands/pdb_api_test.py +++ b/peeringdb_server/management/commands/pdb_api_test.py @@ -1052,7 +1052,7 @@ class TestJSON(unittest.TestCase): pdb_settings.TUTORIAL_MODE = True - for bogon_asn in inet.BOGON_ASN_RANGES: + for bogon_asn in inet.TUTORIAL_ASN_RANGES: data = self.make_data_net(asn=bogon_asn[0]) r_data = self.assert_create(self.db_org_admin, "net", data) diff --git a/tests/test_asn_automation.py b/tests/test_asn_automation.py index 77f201b2..43bf557c 100644 --- a/tests/test_asn_automation.py +++ b/tests/test_asn_automation.py @@ -11,8 +11,8 @@ import peeringdb_server.inet as pdbinet from util import SettingsCase ERR_COULD_NOT_GET_RIR_ENTRY = "RDAP Lookup Error: Test Not Found" -ERR_BOGON_ASN = "RDAP Lookup Error: ASNs for documentation/private purposes " \ - "are not allowed in this environment" +ERR_BOGON_ASN = "RDAP Lookup Error: ASNs in this range are not allowed " \ + "in this environment" RdapLookup_get_asn = pdbinet.RdapLookup.get_asn @@ -282,7 +282,7 @@ class TestTutorialMode(SettingsCase): """ user = get_user_model().objects.create_user("user_a", "user_a@localhost", "user_a") asns = [] - for a,b in pdbinet.BOGON_ASN_RANGES: + for a,b in pdbinet.TUTORIAL_ASN_RANGES: asns.extend([a,b]) for asn in asns: