def _in_network(value, p_value, exact_match=False):
"""
"""
# 'any' address is an automatic match if we are exact
if exact_match and 'any' in p_value:
return True
addresses = [IPRange(a.split('-')[0], a.split('-')[1]) if '-' in a else IPNetwork(a)
for a in value if is_ipv4(a)]
fqdns = [a for a in value if not is_ipv4(a)]
p_addresses = [IPRange(a.split('-')[0], a.split('-')[1]) if '-' in a else IPNetwork(a)
for a in p_value if is_ipv4(a)]
p_fqdns = [a for a in p_value if not is_ipv4(a)]
# network containment implies exact match... i think?
for a in addresses:
addr_result = any(a == b or a in b for b in p_addresses)
if not addr_result:
return False
# now match the fqdns
if exact_match:
fqdn_result = set(fqdns) == set(p_fqdns)
else:
fqdn_result = set(p_fqdns).issubset(set(fqdns))
return fqdn_result
评论列表
文章目录
