github.com/nxtrace/NTrace-core@v1.3.1-0.20240513132635-39169291e8c9/ipgeo/ipfilter.go (about) 1 package ipgeo 2 3 import ( 4 "net" 5 ) 6 7 func cidrRangeContains(cidrRange string, checkIP string) bool { 8 _, ipNet, err := net.ParseCIDR(cidrRange) 9 if err != nil { 10 return false 11 } 12 secondIP := net.ParseIP(checkIP) 13 return ipNet.Contains(secondIP) 14 } 15 16 // Filter 被选到的返回 geodata, true 否则返回 nil, false 17 func Filter(ip string) (*IPGeoData, bool) { 18 //geodata := &IPGeoData{} 19 asn := "" 20 whois := "" 21 isFiltered := false 22 switch { 23 case cidrRangeContains("0.0.0.0/8", ip): 24 asn = "" 25 whois = "RFC1122" 26 isFiltered = true 27 //IANA Reserved Address Space 28 case cidrRangeContains("100.64.0.0/10", ip): 29 asn = "" 30 whois = "RFC6598" 31 isFiltered = true 32 //127.0.0.0/8 33 case cidrRangeContains("127.0.0.0/8", ip): 34 asn = "" 35 whois = "RFC1122" 36 isFiltered = true 37 //169.254.0.0/16 38 case cidrRangeContains("169.254.0.0/16", ip): 39 asn = "" 40 whois = "RFC3927" 41 isFiltered = true 42 //192.0.0.0/24 43 case cidrRangeContains("192.0.0.0/24", ip): 44 asn = "" 45 whois = "RFC6890" 46 isFiltered = true 47 //192.0.2.0/24 48 case cidrRangeContains("192.0.2.0/24", ip): 49 asn = "" 50 whois = "RFC5737" 51 isFiltered = true 52 //192.88.99.0/24 53 case cidrRangeContains("192.88.99.0/24", ip): 54 asn = "" 55 whois = "RFC3068" 56 isFiltered = true 57 case cidrRangeContains("198.18.0.0/15", ip): 58 asn = "" 59 whois = "RFC2544" 60 isFiltered = true 61 case cidrRangeContains("198.51.100.0/24", ip): 62 fallthrough 63 case cidrRangeContains("203.0.113.0/24", ip): 64 asn = "" 65 whois = "RFC5737" 66 isFiltered = true 67 //224.0.0.0/4 68 case cidrRangeContains("224.0.0.0/4", ip): 69 asn = "" 70 whois = "RFC5771" 71 isFiltered = true 72 //255.255.255.255/32 73 case cidrRangeContains("255.255.255.255/32", ip): 74 asn = "" 75 whois = "RFC0919" 76 isFiltered = true 77 case cidrRangeContains("240.0.0.0/4", ip): 78 asn = "" 79 whois = "RFC1112" 80 isFiltered = true 81 case cidrRangeContains("fe80::/10", ip): 82 asn = "" 83 whois = "RFC4291" 84 isFiltered = true 85 case cidrRangeContains("ff00::/8", ip): 86 asn = "" 87 whois = "RFC4291" 88 isFiltered = true 89 case cidrRangeContains("fec0::/10", ip): 90 asn = "" 91 whois = "RFC3879" 92 isFiltered = true 93 case cidrRangeContains("fe00::/9", ip): 94 asn = "" 95 whois = "RFC4291" 96 isFiltered = true 97 case cidrRangeContains("64:ff9b::/96", ip): 98 asn = "" 99 whois = "RFC6052" 100 isFiltered = true 101 case cidrRangeContains("0::/96", ip): 102 asn = "" 103 whois = "RFC4291" 104 isFiltered = true 105 case cidrRangeContains("64:ff9b:1::/48", ip): 106 asn = "" 107 whois = "RFC6052" 108 isFiltered = true 109 case cidrRangeContains("2001:db8::/32", ip): 110 asn = "" 111 whois = "RFC3849" 112 isFiltered = true 113 case cidrRangeContains("2002::/16", ip): 114 asn = "" 115 whois = "RFC3056" 116 isFiltered = true 117 case net.ParseIP(ip).IsPrivate(): 118 //rfc4193 119 if cidrRangeContains("fc00::/7", ip) { 120 asn = "" 121 whois = "RFC4193" 122 isFiltered = true 123 //rfc1918 124 } else { 125 asn = "" 126 whois = "RFC1918" 127 isFiltered = true 128 } 129 //Defense Information System Network 130 case cidrRangeContains("6.0.0.0/8", ip): 131 fallthrough 132 case cidrRangeContains("7.0.0.0/8", ip): 133 fallthrough 134 case cidrRangeContains("11.0.0.0/8", ip): 135 fallthrough 136 case cidrRangeContains("21.0.0.0/8", ip): 137 fallthrough 138 case cidrRangeContains("22.0.0.0/8", ip): 139 fallthrough 140 case cidrRangeContains("26.0.0.0/8", ip): 141 fallthrough 142 case cidrRangeContains("28.0.0.0/8", ip): 143 fallthrough 144 case cidrRangeContains("29.0.0.0/8", ip): 145 fallthrough 146 case cidrRangeContains("30.0.0.0/8", ip): 147 fallthrough 148 case cidrRangeContains("33.0.0.0/8", ip): 149 fallthrough 150 case cidrRangeContains("55.0.0.0/8", ip): 151 fallthrough 152 case cidrRangeContains("214.0.0.0/8", ip): 153 fallthrough 154 case cidrRangeContains("215.0.0.0/8", ip): 155 asn = "" 156 whois = "DOD" 157 isFiltered = true 158 default: 159 } 160 // 判断是否为v6 且不在2000::/3 161 if net.ParseIP(ip).To4() == nil && !cidrRangeContains("2000::/3", ip) && !isFiltered { 162 asn = "" 163 whois = "INVALID" 164 isFiltered = true 165 } 166 if !isFiltered { 167 return nil, false 168 } else { 169 return &IPGeoData{ 170 Asnumber: asn, 171 Whois: whois, 172 }, true 173 } 174 }