nx3/registry
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: nx3:2f8cec54c146418178dd3f86b0ed1b4021d5e887
Branches Tags
nx3:main
..
compare: nx3:main
Branches Tags
nx3:main

11 Commits
2f8cec54c1 ... main

Author SHA1 Message Date
Brett Bender
fa674a5981 chore: Fully Flesh out BRETTB IPv4 2024-11-28 17:21:06 -06:00
Brett Bender
4db5d329a5 Flesh out BRETTB ROA 2024-11-28 16:48:33 -06:00
Brett Bender
967bc3e4b7 chore: Assign v6 space to BRETTB 2024-11-28 13:39:11 -06:00
Brett Bender
7e25e2cc3f chore: add route filtering doc 2024-11-28 13:32:34 -06:00
Brett Bender
8b0efcc4d2 chore: Update DNS Zones 2024-11-28 13:28:40 -06:00
Brett Bender
8452b71c02 Register BrettB 2024-11-28 12:26:37 -06:00
Brett Bender
5272330fa2 feat: Policy checker 2024-11-28 12:08:11 -06:00
Brett Bender
cb7862dac8 chore: Remove NX3-ORG from V6 range 2024-11-28 12:03:24 -06:00
Brett Bender
888274bcdb chore: Format repo 2024-11-28 12:01:47 -06:00
Brett Bender
ed6719a224 chore: .gitignore file 2024-11-28 12:01:35 -06:00
Brett Bender
9af1dd6579 feat: More schema checking 2024-11-28 11:59:53 -06:00
68 changed files with 3100 additions and 1529 deletions
Expand all files Collapse all files

21
.gitignore vendored Normal file
View File

@@ -0,0 +1,21 @@
_MTN
lib/
whoisd/
__pycache__
/data/.rpsl
# ---> Emacs
# -*- mode: gitignore; -*-
*~
\#*\#
.\#*
# ---> macOS
# General
.DS_Store
.AppleDouble
.LSOverride
# Thumbnails
._*

18
check-my-stuff Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/sh
if [ "$#" -eq "0" ]
then
echo "Usage: $0 YOUR-MNT"
exit
fi
BASE="$(readlink -f "$0" 2>/dev/null || python -c 'import os,sys;print(os.path.realpath(sys.argv[1]))' "$0")"
BASE="$(dirname "$BASE")"
cd "$BASE" || exit 1
if [ "$1" = "--all" ]; then
utils/schema-check/nx3_schema.py -v scan data/ || ( echo "Schema validation failed, please check above!" ; exit 1 )
else
utils/schema-check/nx3_schema.py -v scan data/ -f "data/mntner/$1" || ( echo "Schema validation for mntner object failed, please check above!" ; exit 1 )
utils/schema-check/nx3_schema.py -v scan data/ -m "$1" || ( echo "Schema validation for related objects failed, please check above!" ; exit 1 )
fi

18
check-pol Executable file
View File

@@ -0,0 +1,18 @@
#!/usr/bin/env bash
set -o pipefail
if [ $# -eq 0 ]
then
echo "Usage: $0 COMMIT YOUR-MNT"
exit
fi
BASE="$(readlink -f "$0" 2>/dev/null || python -c 'import os,sys;print(os.path.realpath(sys.argv[1]))' "$0")"
BASE="$(dirname "$BASE")"
cd "$BASE" || exit 1
git diff --name-only "$1" | while IFS='/' read -ra LINE; do
if [[ "${LINE[0]}" = "data" && -n "${LINE[2]}" ]]; then
utils/schema-check/nx3_schema.py -v policy "${LINE[1]}" "${LINE[2]}" "$2"
fi
done

6
data/aut-num/AS4266030001 Normal file
View File

@@ -0,0 +1,6 @@
aut-num: AS4266030001
as-name: AS1-BRETTB-NX3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
source: NX3

6
data/aut-num/AS4266030002 Normal file
View File

@@ -0,0 +1,6 @@
aut-num: AS4266030002
as-name: AS2-BRETTB-NX3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
source: NX3

6
data/aut-num/AS4266030003 Normal file
View File

@@ -0,0 +1,6 @@
aut-num: AS4266030003
as-name: AS3-BRETTB-NX3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
source: NX3

6
data/aut-num/AS4266030004 Normal file
View File

@@ -0,0 +1,6 @@
aut-num: AS4266030004
as-name: AS4-BRETTB-NX3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
source: NX3

4
data/dns/delegation-servers.nx3 Normal file
View File

@@ -0,0 +1,4 @@
domain: delegation-servers.nx3
nserver: a.delegation-servers.nx3 172.24.31.2
mnt-by: NX3-MNT
source: NX3

6
data/dns/info.nx3 Normal file
View File

@@ -0,0 +1,6 @@
domain: info.nx3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: NX3-MNT
nserver: ns1.info.nx3 172.24.33.10
source: NX3

4
data/dns/nx3 Normal file
View File

@@ -0,0 +1,4 @@
domain: nx3
nserver: a.delegation-servers.nx3
mnt-by: NX3-MNT
source: NX3

4
data/dns/recursive-servers.nx3 Normal file
View File

@@ -0,0 +1,4 @@
domain: recursive-servers.nx3
nserver: a.delegation-servers.nx3
mnt-by: NX3-MNT
source: NX3

24
data/filter.txt Normal file
View File

@@ -0,0 +1,24 @@
# For FRR Rules:
# cat filter.txt | \
# grep -e ^[0-9] | \
# awk '{ print "ip prefix-list nx3-in seq " $1 " " $2 " " $3 " ge " $4 " le " $5}' | \
# sed "s_/\([0-9]\+\) ge \1_/\1_g;s_/\([0-9]\+\) le \1_/\1_g"
#
# For BIRD Rules:
# cat filter.txt | \
# awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n" } \
# /^[0-9]/ && $2 ~ /permit/ {printf " %s{%s,%s},\n", $3, $4, $5};' | \
# sed "$ s/,$/\n ];\n}/"
# The rules MUST be sorted by the number column first and then the first matching rule MUST be used.
# ROAs MUST be checked against these rules and max-length of the ROA NUST NOT be longer than allowed by the matching rule.
#Nr Action Prefix MinLen MaxLen # Comment
1001 permit 172.24.0.0/24 28 32 # dn42 anycast range
1002 permit 172.25.0.0/24 28 32 # dn42 anycast range
1003 permit 172.26.0.0/24 28 32 # dn42 anycast range
1004 permit 172.27.0.0/24 28 32 # dn42 anycast range
1100 permit 172.24.0.0/14 21 29 # dn42 main net
9999 deny 0.0.0.0/0 0 32 # block the rest

20
data/filter6.txt Normal file
View File

@@ -0,0 +1,20 @@
# To FRR Rules:
# cat filter6.txt | \
# grep -e ^[0-9] | \
# awk '{ print "ipv prefix-list nx3v6-in seq " $1 " " $2 " " $3 " ge " $4 " le " $5}' | \
# sed "s_/\([0-9]\+\) ge \1_/\1_g;s_/\([0-9]\+\) le \1_/\1_g"
#
# For BIRD Rules:
# cat filter6.txt | \
# awk 'BEGIN {printf "function is_valid_network() {\n return net ~ [\n" } \
# /^[0-9]/ && $2 ~ /permit/ {printf " %s{%s,%s},\n", $3, $4, $5};' | \
# sed "$ s/,$/\n ];\n}/"
# The rules MUST be sorted by the number column first and then the first matching rule MUST be used.
# ROAs MUST be checked against these rules and max-length of the ROA NUST NOT be longer than allowed by the matching rule.
# Nr Action Prefix MinLen MaxLen # Comment
1001 permit fd00::/8 44 64 # ULA (defined)
9999 deny ::/0 0 128 # block the rest

1
data/inet6num/fd00::_8
View File

@@ -5,6 +5,5 @@ descr: NX3 ULA Address Space
remarks: Only /48 prefixes may be allocated out of this range.
status: ALLOCATED
policy: open
org: ORG-NX3
mnt-by: NX3-MNT
source: NX3

8
data/inet6num/fd06:108f:6f8e::_48 Normal file
View File

@@ -0,0 +1,8 @@
inet6num: fd06:108f:6f8e:0000:0000:0000:0000:0000 - fd06:108f:6f8e:ffff:ffff:ffff:ffff:ffff
cidr: fd06:108f:6f8e::/48
netname: NET3-BRETTB-NX3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
status: ASSIGNED
source: NX3

8
data/inet6num/fd48:c420:f618::_48 Normal file
View File

@@ -0,0 +1,8 @@
inet6num: fd48:c420:f618:0000:0000:0000:0000:0000 - fd48:c420:f618:ffff:ffff:ffff:ffff:ffff
cidr: fd48:c420:f618::/48
netname: NET1-BRETTB-NX3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
status: ASSIGNED
source: NX3

8
data/inet6num/fdd8:4045:c53c::_48 Normal file
View File

@@ -0,0 +1,8 @@
inet6num: fdd8:4045:c53c:0000:0000:0000:0000:0000 - fdd8:4045:c53c:ffff:ffff:ffff:ffff:ffff
cidr: fdd8:4045:c53c::/48
netname: NET2-BRETTB-NX3
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
status: ASSIGNED
source: NX3

7
data/inetnum/172.24.31.0_24 Normal file
View File

@@ -0,0 +1,7 @@
inetnum: 172.24.31.0 - 172.24.31.255
cidr: 172.24.31.0/24
netname: NET1-BRETTB-NX3
descr: Brett B Network 1
mnt-by: BRETTB-MNT
status: ASSIGNED
source: NX3

7
data/inetnum/172.24.32.0_24 Normal file
View File

@@ -0,0 +1,7 @@
inetnum: 172.24.32.0 - 172.24.32.255
cidr: 172.24.32.0/24
netname: NET2-BRETTB-NX3
descr: Brett B Network 2
mnt-by: BRETTB-MNT
status: ASSIGNED
source: NX3

7
data/inetnum/172.24.33.0_24 Normal file
View File

@@ -0,0 +1,7 @@
inetnum: 172.24.33.0 - 172.24.33.255
cidr: 172.24.33.0/24
netname: NET3-BRETTB-NX3
descr: Brett B Network 3
mnt-by: BRETTB-MNT
status: ASSIGNED
source: NX3

7
data/inetnum/172.24.34.0_24 Normal file
View File

@@ -0,0 +1,7 @@
inetnum: 172.24.34.0 - 172.24.34.255
cidr: 172.24.34.0/24
netname: NET4-BRETTB-NX3
descr: Brett B Network 4
mnt-by: BRETTB-MNT
status: ASSIGNED
source: NX3

5
data/mntner/BRETTB-MNT Normal file
View File

@@ -0,0 +1,5 @@
mntner: BRETTB-MNT
admin-c: BRETTB-NX3
tech-c: BRETTB-NX3
mnt-by: BRETTB-MNT
source: NX3

5
data/person/BRETTB-NX3 Normal file
View File

@@ -0,0 +1,5 @@
person: Brett Bender
e-mail: brett@brettb.xyz
nic-hdl: BRETTB-NX3
mnt-by: BRETTB-MNT
source: NX3

5
data/route/172.24.0.53_32 Normal file
View File

@@ -0,0 +1,5 @@
route: 172.24.0.53/32
origin: AS4266030002
max-length: 32
mnt-by: NX3-MNT
source: NX3

5
data/route/172.24.31.0_24 Normal file
View File

@@ -0,0 +1,5 @@
route: 172.24.31.0/24
origin: AS4266030001
max-length: 24
mnt-by: BRETTB-MNT
source: NX3

5
data/route/172.24.32.0_24 Normal file
View File

@@ -0,0 +1,5 @@
route: 172.24.32.0/24
origin: AS4266030002
max-length: 24
mnt-by: BRETTB-MNT
source: NX3

5
data/route/172.24.33.0_24 Normal file
View File

@@ -0,0 +1,5 @@
route: 172.24.33.0/24
origin: AS4266030003
max-length: 24
mnt-by: BRETTB-MNT
source: NX3

5
data/route/172.24.34.0_24 Normal file
View File

@@ -0,0 +1,5 @@
route: 172.24.34.0/24
origin: AS4266030004
max-length: 24
mnt-by: BRETTB-MNT
source: NX3

5
data/route6/fd06:108f:6f8e::_48 Normal file
View File

@@ -0,0 +1,5 @@
route6: fd06:108f:6f8e::/48
origin: AS4266030003
max-length: 48
mnt-by: BRETTB-MNT
source: NX3

5
data/route6/fd48:c420:f618::_48 Normal file
View File

@@ -0,0 +1,5 @@
route6: fd48:c420:f618::/48
origin: AS4266030001
max-length: 48
mnt-by: BRETTB-MNT
source: NX3

5
data/route6/fdd8:4045:c53c::_48 Normal file
View File

@@ -0,0 +1,5 @@
route6: fdd8:4045:c53c::/48
origin: AS4266030002
max-length: 48
mnt-by: BRETTB-MNT
source: NX3

9
data/schema/SCHEMA-SCHEMA
View File

@@ -23,39 +23,30 @@ mnt-by: NX3-MNT
source: NX3
remarks: # option descriptions
Attribute names must match /[a-zA-Z]([a-zA-Z0-9_\-]*[a-zA-Z0-9])?/.
+
required
: object required to have at least one
optional
: object not required to have at least one
+
single
: only one of this type allowed
multiple
: more than one of this type allowed
+
primary
: use field as lookup key for lookup
* only one allowed per schema
* does not allow newlines
+
schema
: use field name as the name of the schema
* only one allowed per schema
* does not allow newlines
+
lookup
: schema match to use for related record
+
\> option specs
: defines the option specifications for the key.
* must come last in option list
+
[label] string value. A positional string argument required.
Text inside brackets represent a label for the string and must match the same rules as attribute names.
If follwed by '...' values are gathered as an array.
+
{enum1|enum2|} enumeration. One option in pipe('|') deliniation is allowed.
If there is a trailing pipe it means the enum is optional. Enum values must match the same rules as attribute names.
+
'literal' Literal value. literal text value which must not contain any whitespace or single quotes.

14
fmt-my-stuff Executable file
View File

@@ -0,0 +1,14 @@
#!/bin/sh
if [ "$#" -eq "0" ]
then
echo "Usage: $0 YOUR-MNT"
exit
fi
BASE="$(readlink -f "$0" 2>/dev/null || python -c 'import os,sys;print(os.path.realpath(sys.argv[1]))' "$0")"
BASE="$(dirname "$BASE")"
grep -lrE "(\s|:)$1(\s|\$)" "$BASE/data/" | while read -r line; do
utils/schema-check/nx3_schema.py fmt -i "$line"
done

177
utils/schema-check/log.py Executable file
View File

@@ -0,0 +1,177 @@
from __future__ import print_function
import os
import sys
import inspect
import datetime
OUTPUT = sys.stderr
LEVEL = ["CRIT", "ERR ", "WARN", "NOTE", "INFO", "DBUG", "...."]
CLEVEL = ["\x1B[41mCRIT\x1B[0m",
"\x1B[31mERR \x1B[0m",
"\x1B[33mWARN\x1B[0m",
"\x1B[32mNOTE\x1B[0m",
"\x1B[34mINFO\x1B[0m",
"\x1B[90mDBUG\x1B[0m",
"\x1B[90m....\x1B[0m"]
MSG = "{0} {1} {2} {3} {4} {5} :: {6}"
CMSG = "[{1}]\x1B[90m {2} {3}:{5} [{4}]\x1B[0m {6}\x1B[0m"
CMULTI = "[{1}]\x1B[90m {2}\x1B[0m"
VERB_CRITICAL = 0
VERB_ERROR = 1
VERB_WARN = 2
VERB_NOTICE = 3
VERB_INFO = 4
VERB_DEBUG = 5
VERB_NONE = -1
class Log:
log_dir = ""
log_pfx = "main"
level_console = VERB_ERROR
level_file = VERB_NONE
level_full = False
count = [0, 0, 0, 0, 0, 0]
def __init__(self):
self.prog_name = sys.argv[0].rsplit("/", 1)[-1]
self.prog_name = self.prog_name.split(".", 1)[0]
self.log_pfx = self.prog_name
def __del__(self):
if self.level_console >= 5:
os.write(1, b"[\x1B[90m\x1B[90mDBUG\x1B[90m] Log Counters crit:%d err:%d warn:%d note:%d info:%d dbug:%d\x1B[0m\n" % tuple(self.count))
def set_dir(self, name):
if not os.path.isdir(name):
os.makedirs(name)
self.log_dir = name
# Write a message to console or log, conditionally.
def output(self, level, message, frame=1):
if level < 0 or level > 5:
level = 5
self.count[level] += 1
# function_name = inspect.stack()[1][3]
cur_date = datetime.datetime.now()
(frame, file, ln, fn, lines, index) = inspect.getouterframes(
inspect.currentframe())[frame]
message = str(message).split("\n")
cmsg = CMSG if self.level_full else CMULTI
if self.level_console >= level:
if len(message) == 1:
if self.level_full:
arg = str(cur_date), CLEVEL[
level], self.prog_name, file, fn, ln, message[0]
else:
arg = str(cur_date), CLEVEL[level], message[0]
print(cmsg.format(*arg), file=OUTPUT)
else:
if self.level_full:
arg = str(cur_date), CLEVEL[
level], self.prog_name, file, fn, ln, ""
print(cmsg.format(*arg), file=OUTPUT)
for line in message:
print(CMULTI.format(str(cur_date), CLEVEL[
VERB_NONE], line), file=OUTPUT)
if self.level_file >= level:
self.set_dir("./logs")
log_file_name = os.path.join(
self.log_dir, self.log_pfx + str(cur_date.strftime('%Y-%m-%d')) + ".txt")
with open(log_file_name, "a") as logger:
logger.write(MSG.format(str(cur_date), LEVEL[
level], self.prog_name, file, fn, ln, message[0]) + "\n")
for line in message[1:]:
logger.write(MSG.format(str(cur_date), LEVEL[
VERB_NONE], self.prog_name, file, fn, ln, line) + "\n")
def fatal(self, message):
self.output(VERB_CRITICAL, message, 2)
sys.exit(1)
def critical(self, message):
self.output(VERB_CRITICAL, message, 2)
def error(self, message):
self.output(VERB_ERROR, message, 2)
def warning(self, message):
self.output(VERB_WARN, message, 2)
def notice(self, message):
self.output(VERB_NOTICE, message, 2)
def info(self, message):
self.output(VERB_INFO, message, 2)
def debug(self, message):
self.output(VERB_DEBUG, message, 2)
def fmt_exception(exc_type, exc_value, exc_traceback):
import traceback
lines = traceback.format_exception(exc_type, exc_value, exc_traceback)
log_string = ''.join(line for line in lines)
email_string = ''.join('<br />' + line for line in lines)
return log_string, email_string
default = Log()
fatal = default.fatal
critical = default.critical
error = default.error
warning = default.warning
notice = default.notice
info = default.info
debug = default.debug
class LogException:
stop = None
def __init__(self, stop=True):
self.stop = stop
def __enter__(self, stop=True):
pass
def __exit__(self, exc_type, value, traceback):
if exc_type is None:
return True
if exc_type is SystemExit and value.args == (0,):
return True
log_string, email_string = fmt_exception(exc_type, value, traceback)
default.output(VERB_CRITICAL, 'Failure\n\n' + log_string, 2)
if self.stop is False:
return False
from . import email
email.send(default.prog_name + ' FAILURE', email_string)
fatal("ABORTING EXECUTION")
exception = LogException

1145
utils/schema-check/nx3_schema.py Executable file
View File

File diff suppressed because it is too large Load Diff

0
utils/schema-check/nx3_schema_local.py Normal file → Executable file
View File