Compare IP to list of host/network address

Question

I appoligize but am new to C++. At our organization we recieve a daily black list (much bigger as this is just a snippet) in the following format:

172.44.12.0

198.168.1.5

10.10.0.0

192.168.78.6

192.168.22.22

111.111.0.0

222.222.0.0

12.12.12.12

When I run the program after the code compiles I receive:

1

1

1

1

1

1

1

1

I am using C++ in a Linux/Unix environment.

So far, I am just spitting it out to make sure I have it formatted correctly. Please be kind I am sure this is considered sloppy programming, I am a noob.

The name of the file is blacklist.txt which contains the IP's listed above for now. I am only using cout to make sure my variable are defined correctly.

#include <iostream>
#include <vector>
#include <fstream>
#include <string>
#include <netinet/in.h>
#include <stdint.h>
#include <arpa/inet.h>

using namespace std;

bool is_match(std::string &hay_stack, std::string &srcip) {
in_addr_t _ip = inet_addr(hay_stack.c_str());
in_addr_t _IP = inet_addr(srcip.c_str());
_ip = ntohl(_ip);
_IP = ntohl(_IP);
uint32_t mask=(_ip & 0x00ffffff == 0) ? 0xff000000 :
(_ip & 0x0000ffff == 0 ? 0xffff0000 : 0);
return ( (_ip & mask) == (_IP & mask) );
}

int main()
{
vector<std::string> lines;
lines.reserve(5000); //Assuming that the file to read can have max 5K lines

string fileName("blacklist.txt");

ifstream file;
file.open(fileName.c_str());

if(!file.is_open())
{
cerr<<"Error opening file : "<<fileName.c_str()<<endl;
return -1;
}

//Read the lines and store it in the vector
string line;
while(getline(file,line))
{
lines.push_back(line);
}

file.close();


//Dump all the lines in output
for(unsigned int i = 0; i < lines.size(); i++)
{
string h = lines[i];
string mi = "10.10.10.10";
cout<<is_match(h,mi)<<endl;
}

return 0;
}

I am expecting the output to be 10.10.10.10 10.10.0.0 (and some sort of subnet mask here)

Any help is great.

Answer 1

IPv4]1 consists of 4 bytes and therefore it can (and usually is) represented as unsigned int or rather Uint32 (32 bits long number/ 4 bytes), for example:

decimal:     172.16.254.1
hexadecimal: ac 10 fe 01
binary:      10101100 0001000 11111110 00000001

Subnet mask in /XX form specifies how many bits (binary ones) from the start should there be in the mask, for example:

/24: 11111111 11111111 11111111 00000000  > 0xffffff00
/16: 11111111 11111111 00000000 00000000  > 0xffff0000

Now you'll use binary AND (represented with & in C/C++) on IP & Mask which will give you this output:

IP:      172.16.254.1  | 0xac10fe01 | 10101100 0001000 11111110 00000001 &
Mask:    255.255.255.0 | 0xffffff00 | 11111111 1111111 11111111 00000000 =
Result:  172.16.254.0  | 0xac10fe00 | 10101100 0001000 11111110 00000000

Which you can now compare with subnet represented as Uint32, at first you'll generate mask:

uint32 get_mask( const int mask_length = 24){ // for /24 mask notation
    if( mask_length > 31){
        return 0xffffffff;
    }
    return (1 << (mask_length + 1)) - 1;
    // << 25 will shift 1 to 25th place, -1 will than generate 24 ones in row
    // this wouldn't work with 32 because you would shift 1 outside 32b int
}

And then just simply use & and ==:

if( (ip&get_mask(24)) == subnet){
// if( (ip&0xffffff00) == subnet){
// if( (ip&get_mask(subnet.mask.length)) == subnet){
    // match
}

_{Note that x86 architecture uses little-endian so when inspecting memory/bytes directly, you will see bytes in "opposite order".}

Answer 2

#include <netinet/in.h>
#include <stdint.h>
#include <string>
#include <arpa/inet.h>

bool is_match(std::string &hay_ip, std::string &needle_ip) {
  in_addr_t _ip = inet_addr(hay_ip.c_str());
  in_addr_t _IP = inet_addr(needle_ip.c_str());
  _ip = ntohl(_ip);
  _IP = ntohl(_IP);
  uint32_t mask=(_ip & 0x0000ffff == 0) ? 0xffff0000 : 
                (_ip & 0x000000ff == 0 ? 0xffffff00 : 0xffffffff); 
  return ( (_ip & mask) == (_IP & mask) );
}