From: Frank Brehm <frank.brehm@pixelpark.com>
Date: Wed, 22 Nov 2017 10:52:27 +0000 (+0100)
Subject: Detecting, whether a zone is a local only zone.
X-Git-Tag: 0.1.2~67
X-Git-Url: https://git.uhu-banane.net/?a=commitdiff_plain;h=93e9ab4c9cd18d933c47326c9996e8474bc9c21a;p=pixelpark%2Fadmin-tools.git

Detecting, whether a zone is a local only zone.
---

diff --git a/pp_lib/import_pdnsdata.py b/pp_lib/import_pdnsdata.py
index 2788b69..09f8572 100644
--- a/pp_lib/import_pdnsdata.py
+++ b/pp_lib/import_pdnsdata.py
@@ -18,6 +18,7 @@ import pwd
 import textwrap
 import traceback
 import socket
+import ipaddress
 
 # Third party modules
 import six
@@ -30,7 +31,7 @@ from .common import pp, to_bool
 
 from .cfg_app import PpCfgAppError, PpConfigApplication
 
-__version__ = '0.7.5'
+__version__ = '0.8.1'
 LOG = logging.getLogger(__name__)
 
 # =============================================================================
@@ -623,6 +624,8 @@ class ImportPdnsdataApp(PpConfigApplication):
 
                 for result in results:
                     i += 1
+                    if self.is_local(result['name']):
+                        LOG.debug("Setting zone {!r} to a local only zone.".format(result['name']))
                     if not self.simulate:
                         tgt_cursor.execute(tgt_sql, result)
                 LOG.info("Imported {} domains.".format(i))
@@ -647,6 +650,60 @@ class ImportPdnsdataApp(PpConfigApplication):
         LOG.debug("Commiting changes ...")
         self.tgt_connection.commit()
 
+    # -------------------------------------------------------------------------
+    def is_local(self, domain):
+
+        if self.verbose > 1:
+            LOG.debug("Checking, whether {!r} is a not public zone.".format(domain))
+
+        tld = domain.split('.')[-1]
+        if tld in ('intern', 'internal', 'local', 'localdomain'):
+            LOG.debug("Zone {!r} has a local TLD {!r}.".format(domain, tld))
+            return True
+
+        if tld != 'arpa':
+            if self.verbose > 2:
+                LOG.debug("Zone {!r} has a public TLD {!r}.".format(domain, tld))
+                return False
+
+        if domain.endswith('.in-addr.arpa'):
+            tupels = []
+            for tupel in reversed(domain.replace('.in-addr.arpa', '').split('.')):
+                tupels.append(tupel)
+            if self.verbose > 2:
+                LOG.debug("Got IPv4 tupels from zone {!r}: {}".format(domain, pp(tupels)))
+            bitmask = None
+            if len(tupels) == 1:
+                bitmask = 8
+                tupels.append('0')
+                tupels.append('0')
+                tupels.append('0')
+            elif len(tupels) == 2:
+                tupels.append('0')
+                tupels.append('0')
+                bitmask = 16
+            elif len(tupels) == 3:
+                bitmask = 24
+                tupels.append('0')
+            else:
+                LOG.warn("Could not interprete reverse IPv4 zone {!r}.".format(domain))
+                return False
+            net_address = '.'.join(tupels) + '/{}'.format(bitmask)
+            if self.verbose > 2:
+                LOG.debug("Got IPv4 network address of zone {!r}: {!r}.".format(domain, net_address))
+            network = ipaddress.ip_network(net_address)
+            if network.is_global:
+                LOG.debug("The network {!r} of zone {!r} is allocated for public networks.".format(
+                    net_address, domain))
+                return False
+            LOG.debug("The network {!r} of zone {!r} is allocated for local networks.".format(
+                net_address, domain))
+            return True
+
+        if self.verbose > 2:
+            LOG.debug("Zone {!r} seems to be a reverse zone for a public network.".format(domain))
+        return False
+
     # -------------------------------------------------------------------------
     def import_cryptokeys(self):