hamishforbes/lua-resty-iputils hamishforbes/lua-resty-iputils

  • Stars
    star
    243
  • Rank 160,979 (Top 4 %)
  • Language
    Perl
  • License
    MIT License
  • Created over 9 years ago
  • Updated about 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
hamishforbes/lua-resty-iputils
github

hamishforbes

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Utility functions for working with IP addresses in Openresty

lua-resty-iputils

Collection of utility functions for working with IP addresses.

Overview

init_by_lua_block {
  local iputils = require("resty.iputils")
  iputils.enable_lrucache()
  local whitelist_ips = {
      "127.0.0.1",
      "10.10.10.0/24",
      "192.168.0.0/16",
  }

  -- WARNING: Global variable, recommend this is cached at the module level
  -- https://github.com/openresty/lua-nginx-module#data-sharing-within-an-nginx-worker
  whitelist = iputils.parse_cidrs(whitelist_ips)
}

access_by_lua_block {
    local iputils = require("resty.iputils")
    if not iputils.ip_in_cidrs(ngx.var.remote_addr, whitelist) then
      return ngx.exit(ngx.HTTP_FORBIDDEN)
    end
}

Methods

enable_lrucache

syntax: ok, err = iputils.enable_lrucache(size?)

Creates a global lrucache object for caching ip2bin lookups.

Size is optional and defaults to 4000 entries (~1MB per worker)

Calling this repeatedly will reset the cache

ip2bin

syntax: bin_ip, bin_octets = iputils.ip2bin(ip)

Returns the binary representation of an IPv4 address and a table containing the binary representation of each octet

Returns nil and and error message for bad IPs

parse_cidr

syntax: lower, upper = iputils.parse_cidr(cidr)

Returns a binary representation of the lowest (network) and highest (broadcast) addresses of an IPv4 network.

parse_cidrs

syntax: parsed = iputils.parse_cidrs(cidrs)

Takes a table of CIDR format IPV4 networks and returns a table of tables containg the lower and upper addresses.

If an invalid network is in the table an error is logged and the other networks are returned

ip_in_cidrs

syntax: bool, err = iputils.ip_in_cidrs(ip, cidrs)

Takes a string IPv4 address and a table of parsed CIDRs (e.g. from iputils.parse_cidrs).

Returns a true or false if the IP exists within any of the specified networks.

Returns nil and an error message with an invalid IP

binip_in_cidrs

syntax: bool, err = iputils.binip_in_cidrs(bin_ip, cidrs)

Takes a nginx binary IPv4 address (e.g. ngx.var.binary_remote_addr) and a table of parsed CIDRs (e.g. from iputils.parse_cidrs).

This method is much faster than ip_in_cidrs() if the IP being checked is already available as a binary representation.

Returns a true or false if the IP exists within any of the specified networks.

Returns nil and an error message with an invalid IP

TODO

More Repositories

1

lua-resty-consul

Library to interface with the consul HTTP API from ngx_lua
Perl
129
star
2

lua-resty-upstream

Upstream connection load balancing and failover module for Openresty
Perl
117
star
3

lua-ffi-zlib

Lua
65
star
4

lua-resty-tlc

General two level cache (lrucache + shared dict)
Perl
19
star
5

lua-resty-qless-web

Port of Qless' web interface to the Openresty environment.
JavaScript
14
star
6

lua-resty-locations

Lua library implementing nginx style location uri matching.
Perl
13
star
7

lua-resty-vhost

Hostname matching library for ngx_lua
Perl
12
star
8

lua-resty-dns-cache

Cache wrapper for lua-resty-dns
Perl
10
star
9

zedcup

Zero Conf Upstream load balancing and failover for Openresty and Consul
Perl
4
star
10

graphite-frontend

JavaScript
2
star
11

aws-node-asg-detach

Go
1
star