Skip Menu |
 

This queue is for tickets about the Net-CIDR-Lite CPAN distribution.

Report information
The Basics
Id: 110702
Status: open
Priority: 0/
Queue: Net-CIDR-Lite

People
Owner: Nobody in particular
Requestors: fe [...] nginx.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



MIME-Version: 1.0
X-Spam-Status: No, score=-2.61 tagged_above=-99.9 required=10 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
X-Spam-Flag: NO
X-Virus-Checked: Checked
Content-Type: multipart/mixed; boundary="------------080708080605010801020801"
Message-ID: <56814635.3020805 [...] nginx.com>
X-Virus-Scanned: Debian amavisd-new at bestpractical.com
X-Spam-Score: -2.61
Received: from localhost (localhost [127.0.0.1]) by hipster.bestpractical.com (Postfix) with ESMTP id 89871240124 for <cpan-bug+Net-CIDR-Lite [...] hipster.bestpractical.com>; Mon, 28 Dec 2015 09:25:09 -0500 (EST)
Received: from hipster.bestpractical.com ([127.0.0.1]) by localhost (hipster.bestpractical.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id PLe015qAKB9A for <cpan-bug+Net-CIDR-Lite [...] hipster.bestpractical.com>; Mon, 28 Dec 2015 09:25:07 -0500 (EST)
Received: from la.mx.develooper.com (x1.develooper.com [207.171.7.70]) by hipster.bestpractical.com (Postfix) with SMTP id 1C1C52400A4 for <bug-Net-CIDR-Lite [...] rt.cpan.org>; Mon, 28 Dec 2015 09:25:06 -0500 (EST)
Received: (qmail 4522 invoked by alias); 28 Dec 2015 14:25:06 -0000
Received: from mail.nginx.com (HELO mail.nginx.com) (206.251.255.65) by la.mx.develooper.com (qpsmtpd/0.28) with ESMTP; Mon, 28 Dec 2015 06:25:02 -0800
Received: from fe-laptop-mb.local (ppp79-139-152-191.pppoe.spdop.ru [79.139.152.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by mail.nginx.com (Postfix) with ESMTPSA id 480892C5107E for <bug-Net-CIDR-Lite [...] rt.cpan.org>; Mon, 28 Dec 2015 14:24:56 +0000 (UTC)
Delivered-To: cpan-bug+Net-CIDR-Lite [...] hipster.bestpractical.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
Subject: [v0.21] Wrongly finds ip when both ipv6 and ipv4 are used
Return-Path: <fe [...] nginx.com>
X-RT-Mail-Extension: net-cidr-lite
X-Original-To: cpan-bug+Net-CIDR-Lite [...] hipster.bestpractical.com
X-Spam-Check-BY: la.mx.develooper.com
Date: Mon, 28 Dec 2015 17:24:53 +0300
X-Spam-Level:
To: bug-Net-CIDR-Lite [...] rt.cpan.org
From: Fedor Dikarev <fe [...] nginx.com>
X-RT-Interface: Email
Content-Length: 0
content-type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-RT-Original-Encoding: utf-8
Content-Length: 5670
Download (untitled) / with headers
text/plain 5.5k
Hi! I've made script which analyses auth.log files, compares ip addresses based on known whitelist and inform in case login from unknown ip address is found. You could find this script in attachment. And I found that for some combinations on ipv4 and ipv6 nets Net::CIDR::Lite wrongly finds ip address in my whitelist. Example: === wh-debug.json == Show quoted text
> # Due to some bug in Perl Net::CIDR::Lite IPv6 addresses must be before IPv4 addresses > { "global": "2606:7100:1:69::/64" } > > { "global": [ "37.190.0.0/18" ] }
=== debug.log == Show quoted text
> /var/log/auth.log.0.bz2:2015-12-27T11:08:02.196704+00:00 server sshd[92250]: Accepted publickey for user from 37.145.5.60 port 56219 ssh2: RSA b5:e2:85:9c:7b:ca:02:e2:68:8a:09:08:99:04:d2:9c
=== check log file === Show quoted text
> perl susp_logins.pl -f wh-debug.json -a debug.log > GOOD GLOBAL: user from 37.145.5.60.
which is wrong cause 37.145.5.60 doesn't belong to 37.190.0.0/18. And if I remove ipv6 addresses from whitelist, everything goes fine: === wh-debug.json === Show quoted text
> { "global": [ "37.190.0.0/18" ] }
=== check log file === Show quoted text
> perl susp_logins.pl -f wh-debug.json -a debug.log > SUSP: user from 37.145.5.60.
Strange for me but everything works when I split /18 on two /19: === wh-debug.json === Show quoted text
> # Due to some bug in Perl Net::CIDR::Lite IPv6 addresses must be before IPv4 addresses > { "global": "2606:7100:1:69::/64" } > > { "global": [ "37.190.0.0/19", "37.190.32.0/19" ] } > # { "global": [ "37.190.0.0/18" ] }
=== check log file === Show quoted text
> perl susp_logins.pl -f wh-debug.json -a debug.log > SUSP: user from 37.145.5.60.
Versions used: Show quoted text
> perl -MNet::CIDR::Lite -e 'CORE::say $Net::CIDR::Lite::VERSION' > 0.21
Show quoted text
> perl -V > Summary of my perl5 (revision 5 version 22 subversion 1) configuration: > > Platform: > osname=darwin, osvers=15.2.0, archname=darwin-thread-multi-2level > uname='darwin fe-laptop-mb.local 15.2.0 darwin kernel version 15.2.0: fri nov 13 19:56:56 pst 2015; root:xnu-3248.20.55~2release_x86_64 x86_64 ' > config_args='-des -Dprefix=/opt/local -Dscriptdir=/opt/local/bin -Dcppflags=-I/opt/local/include -Dccflags=-pipe -Os -Dldflags=-L/opt/local/lib -Wl,-headerpad_max_install_names -Dvendorprefix=/opt/local -Dusemultiplicity=y -Dusethreads -Duseshrplib -Dcc=/usr/bin/clang -Dld=env MACOSX_DEPLOYMENT_TARGET=10.11 /usr/bin/clang -Dman1ext=1pm -Dman3ext=3pm -Dman1dir=/opt/local/share/man/man1p -Dman3dir=/opt/local/share/man/man3p -Dsitebin=/opt/local/libexec/perl5.22/sitebin -Dsiteman1dir=/opt/local/share/perl5.22/siteman/man1 -Dsiteman3dir=/opt/local/share/perl5.22/siteman/man3 -Dvendorbin=/opt/local/libexec/perl5.22 -Dvendorman1dir=/opt/local/share/perl5.22/man/man1 -Dvendorman3dir=/opt/local/share/perl5.22/man/man3 -Dpager=/usr/bin/less -sR -Dperlpath=/opt/local/bin/perl5.22 -Dstartperl=#!/opt/local/bin/perl5.22' > hint=recommended, useposix=true, d_sigaction=define > useithreads=define, usemultiplicity=define > use64bitint=define, use64bitall=define, uselongdouble=undef > usemymalloc=n, bincompat5005=undef > Compiler: > cc='/usr/bin/clang', ccflags ='-pipe -Os -fno-common -DPERL_DARWIN -I/opt/local/include -fno-strict-aliasing -fstack-protector-strong -I/opt/local/include', > optimize='-O3', > cppflags='-I/opt/local/include -pipe -Os -fno-common -DPERL_DARWIN -I/opt/local/include -fno-strict-aliasing -fstack-protector-strong -I/opt/local/include' > ccversion='', gccversion='4.2.1 Compatible Apple LLVM 7.0.2 (clang-700.1.81)', gccosandvers='' > intsize=4, longsize=8, ptrsize=8, doublesize=8, byteorder=12345678, doublekind=3 > d_longlong=define, longlongsize=8, d_longdbl=define, longdblsize=16, longdblkind=3 > ivtype='long', ivsize=8, nvtype='double', nvsize=8, Off_t='off_t', lseeksize=8 > alignbytes=8, prototype=define > Linker and Libraries: > ld='env MACOSX_DEPLOYMENT_TARGET=10.11 /usr/bin/clang', ldflags ='-L/opt/local/lib -Wl,-headerpad_max_install_names -fstack-protector-strong' > libpth=/opt/local/lib /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib /usr/lib > libs=-lpthread -lgdbm -ldbm -ldl -lm -lutil -lc > perllibs=-lpthread -ldl -lm -lutil -lc > libc=, so=dylib, useshrplib=true, libperl=libperl.dylib > gnulibc_version='' > Dynamic Linking: > dlsrc=dl_dlopen.xs, dlext=bundle, d_dlsymun=undef, ccdlflags=' ' > cccdlflags=' ', lddlflags='-L/opt/local/lib -Wl,-headerpad_max_install_names -bundle -undefined dynamic_lookup -fstack-protector-strong' > > > Characteristics of this binary (from libperl): > Compile-time options: HAS_TIMES MULTIPLICITY PERLIO_LAYERS > PERL_DONT_CREATE_GVSV > PERL_HASH_FUNC_ONE_AT_A_TIME_HARD > PERL_IMPLICIT_CONTEXT PERL_MALLOC_WRAP > PERL_NEW_COPY_ON_WRITE PERL_PRESERVE_IVUV > USE_64_BIT_ALL USE_64_BIT_INT USE_ITHREADS > USE_LARGE_FILES USE_LOCALE USE_LOCALE_COLLATE > USE_LOCALE_CTYPE USE_LOCALE_NUMERIC USE_LOCALE_TIME > USE_PERLIO USE_PERL_ATOF USE_REENTRANT_API > Built under darwin > Compiled at Dec 23 2015 15:06:40 > @INC: > /opt/local/lib/perl5/site_perl/5.22/darwin-thread-multi-2level > /opt/local/lib/perl5/site_perl/5.22 > /opt/local/lib/perl5/vendor_perl/5.22/darwin-thread-multi-2level > /opt/local/lib/perl5/vendor_perl/5.22 > /opt/local/lib/perl5/5.22/darwin-thread-multi-2level > /opt/local/lib/perl5/5.22 > .
-- Fedor Dikarev
Content-Type: text/x-perl-script; name="susp_logins.pl"
Content-Disposition: attachment; filename="susp_logins.pl"
Content-Transfer-Encoding: 7bit
Content-Length: 2007
Download susp_logins.pl
text/x-perl 1.9k

Message body is not shown because sender requested not to inline it.

MIME-Version: 1.0
In-Reply-To: <56814635.3020805 [...] nginx.com>
X-Mailer: MIME-tools 5.504 (Entity 5.504)
Content-Disposition: inline
X-RT-Interface: Web
References: <56814635.3020805 [...] nginx.com>
Content-Type: text/plain; charset="utf-8"
Message-ID: <rt-4.0.18-21860-1451515214-1365.110702-0-0 [...] rt.cpan.org>
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
X-RT-Encrypt: 0
X-RT-Sign: 0
Content-Length: 209
Download (untitled) / with headers
text/plain 209b
You can currently only specify one or the other format of ipv4 or ipv6 for any one Net::CIDR::Lite object. This should probably be specified in the docs, and probably throw an exception if you mix the formats.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.