/** * Evaluates whether the argument is an ISATAP address. * * <p>From RFC 5214: "ISATAP interface identifiers are constructed in Modified EUI-64 format [...] * by concatenating the 24-bit IANA OUI (00-00-5E), the 8-bit hexadecimal value 0xFE, and a 32-bit * IPv4 address in network byte order [...]" * * <p>For more on ISATAP addresses see section 6.1 of <a target="_parent" * href="http://tools.ietf.org/html/rfc5214#section-6.1">RFC 5214</a>. * * @param ip {@link Inet6Address} to be examined for ISATAP address format * @return {@code true} if the argument is an ISATAP address */ public static boolean isIsatapAddress(Inet6Address ip) { // If it's a Teredo address with the right port (41217, or 0xa101) // which would be encoded as 0x5efe then it can't be an ISATAP address. if (isTeredoAddress(ip)) { return false; } byte[] bytes = ip.getAddress(); if ((bytes[8] | (byte) 0x03) != (byte) 0x03) { // Verify that high byte of the 64 bit identifier is zero, modulo // the U/L and G bits, with which we are not concerned. return false; } return (bytes[9] == (byte) 0x00) && (bytes[10] == (byte) 0x5e) && (bytes[11] == (byte) 0xfe); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one of the specified address * types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Evaluates whether the argument is an ISATAP address. * * <p>From RFC 5214: "ISATAP interface identifiers are constructed in Modified EUI-64 format [...] * by concatenating the 24-bit IANA OUI (00-00-5E), the 8-bit hexadecimal value 0xFE, and a 32-bit * IPv4 address in network byte order [...]" * * <p>For more on ISATAP addresses see section 6.1 of <a target="_parent" * href="http://tools.ietf.org/html/rfc5214#section-6.1">RFC 5214</a>. * * @param ip {@link Inet6Address} to be examined for ISATAP address format * @return {@code true} if the argument is an ISATAP address */ public static boolean isIsatapAddress(Inet6Address ip) { // If it's a Teredo address with the right port (41217, or 0xa101) // which would be encoded as 0x5efe then it can't be an ISATAP address. if (isTeredoAddress(ip)) { return false; } byte[] bytes = ip.getAddress(); if ((bytes[8] | (byte) 0x03) != (byte) 0x03) { // Verify that high byte of the 64 bit identifier is zero, modulo // the U/L and G bits, with which we are not concerned. return false; } return (bytes[9] == (byte) 0x00) && (bytes[10] == (byte) 0x5e) && (bytes[11] == (byte) 0xfe); }
/** * Evaluates whether the argument is an ISATAP address. * * <p>From RFC 5214: "ISATAP interface identifiers are constructed in Modified EUI-64 format [...] * by concatenating the 24-bit IANA OUI (00-00-5E), the 8-bit hexadecimal value 0xFE, and a 32-bit * IPv4 address in network byte order [...]" * * <p>For more on ISATAP addresses see section 6.1 of <a target="_parent" * href="http://tools.ietf.org/html/rfc5214#section-6.1">RFC 5214</a>. * * @param ip {@link Inet6Address} to be examined for ISATAP address format * @return {@code true} if the argument is an ISATAP address */ public static boolean isIsatapAddress(Inet6Address ip) { // If it's a Teredo address with the right port (41217, or 0xa101) // which would be encoded as 0x5efe then it can't be an ISATAP address. if (isTeredoAddress(ip)) { return false; } byte[] bytes = ip.getAddress(); if ((bytes[8] | (byte) 0x03) != (byte) 0x03) { // Verify that high byte of the 64 bit identifier is zero, modulo // the U/L and G bits, with which we are not concerned. return false; } return (bytes[9] == (byte) 0x00) && (bytes[10] == (byte) 0x5e) && (bytes[11] == (byte) 0xfe); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one of the specified address * types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one of the specified address * types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Returns the Teredo information embedded in a Teredo address. * * @param ip {@link Inet6Address} to be examined for embedded Teredo information * @return extracted {@code TeredoInfo} * @throws IllegalArgumentException if the argument is not a valid IPv6 Teredo address */ public static TeredoInfo getTeredoInfo(Inet6Address ip) { checkArgument(isTeredoAddress(ip), "Address '%s' is not a Teredo address.", toAddrString(ip)); byte[] bytes = ip.getAddress(); Inet4Address server = getInet4Address(Arrays.copyOfRange(bytes, 4, 8)); int flags = ByteStreams.newDataInput(bytes, 8).readShort() & 0xffff; // Teredo obfuscates the mapped client port, per section 4 of the RFC. int port = ~ByteStreams.newDataInput(bytes, 10).readShort() & 0xffff; byte[] clientBytes = Arrays.copyOfRange(bytes, 12, 16); for (int i = 0; i < clientBytes.length; i++) { // Teredo obfuscates the mapped client IP, per section 4 of the RFC. clientBytes[i] = (byte) ~clientBytes[i]; } Inet4Address client = getInet4Address(clientBytes); return new TeredoInfo(server, client, port, flags); }
/** * Returns the Teredo information embedded in a Teredo address. * * @param ip {@link Inet6Address} to be examined for embedded Teredo information * @return extracted {@code TeredoInfo} * @throws IllegalArgumentException if the argument is not a valid IPv6 Teredo address */ public static TeredoInfo getTeredoInfo(Inet6Address ip) { checkArgument(isTeredoAddress(ip), "Address '%s' is not a Teredo address.", toAddrString(ip)); byte[] bytes = ip.getAddress(); Inet4Address server = getInet4Address(Arrays.copyOfRange(bytes, 4, 8)); int flags = ByteStreams.newDataInput(bytes, 8).readShort() & 0xffff; // Teredo obfuscates the mapped client port, per section 4 of the RFC. int port = ~ByteStreams.newDataInput(bytes, 10).readShort() & 0xffff; byte[] clientBytes = Arrays.copyOfRange(bytes, 12, 16); for (int i = 0; i < clientBytes.length; i++) { // Teredo obfuscates the mapped client IP, per section 4 of the RFC. clientBytes[i] = (byte) ~clientBytes[i]; } Inet4Address client = getInet4Address(clientBytes); return new TeredoInfo(server, client, port, flags); }
/** * Returns the Teredo information embedded in a Teredo address. * * @param ip {@link Inet6Address} to be examined for embedded Teredo information * @return extracted {@code TeredoInfo} * @throws IllegalArgumentException if the argument is not a valid IPv6 Teredo address */ public static TeredoInfo getTeredoInfo(Inet6Address ip) { checkArgument(isTeredoAddress(ip), "Address '%s' is not a Teredo address.", toAddrString(ip)); byte[] bytes = ip.getAddress(); Inet4Address server = getInet4Address(Arrays.copyOfRange(bytes, 4, 8)); int flags = ByteStreams.newDataInput(bytes, 8).readShort() & 0xffff; // Teredo obfuscates the mapped client port, per section 4 of the RFC. int port = ~ByteStreams.newDataInput(bytes, 10).readShort() & 0xffff; byte[] clientBytes = Arrays.copyOfRange(bytes, 12, 16); for (int i = 0; i < clientBytes.length; i++) { // Teredo obfuscates the mapped client IP, per section 4 of the RFC. clientBytes[i] = (byte) ~clientBytes[i]; } Inet4Address client = getInet4Address(clientBytes); return new TeredoInfo(server, client, port, flags); }
/** * Examines the Inet6Address to extract the embedded IPv4 client address if the InetAddress is an * IPv6 address of one of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@link Inet4Address} of embedded IPv4 client address * @throws IllegalArgumentException if the argument does not have a valid embedded IPv4 address */ public static Inet4Address getEmbeddedIPv4ClientAddress(Inet6Address ip) { if (isCompatIPv4Address(ip)) { return getCompatIPv4Address(ip); } if (is6to4Address(ip)) { return get6to4IPv4Address(ip); } if (isTeredoAddress(ip)) { return getTeredoInfo(ip).getClient(); } throw formatIllegalArgumentException("'%s' has no embedded IPv4 address.", toAddrString(ip)); }
/** * Examines the Inet6Address to extract the embedded IPv4 client address if the InetAddress is an * IPv6 address of one of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@link Inet4Address} of embedded IPv4 client address * @throws IllegalArgumentException if the argument does not have a valid embedded IPv4 address */ public static Inet4Address getEmbeddedIPv4ClientAddress(Inet6Address ip) { if (isCompatIPv4Address(ip)) { return getCompatIPv4Address(ip); } if (is6to4Address(ip)) { return get6to4IPv4Address(ip); } if (isTeredoAddress(ip)) { return getTeredoInfo(ip).getClient(); } throw formatIllegalArgumentException("'%s' has no embedded IPv4 address.", toAddrString(ip)); }
/** * Examines the Inet6Address to extract the embedded IPv4 client address if the InetAddress is an * IPv6 address of one of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@link Inet4Address} of embedded IPv4 client address * @throws IllegalArgumentException if the argument does not have a valid embedded IPv4 address */ public static Inet4Address getEmbeddedIPv4ClientAddress(Inet6Address ip) { if (isCompatIPv4Address(ip)) { return getCompatIPv4Address(ip); } if (is6to4Address(ip)) { return get6to4IPv4Address(ip); } if (isTeredoAddress(ip)) { return getTeredoInfo(ip).getClient(); } throw formatIllegalArgumentException("'%s' has no embedded IPv4 address.", toAddrString(ip)); }
public void testTeredoAddresses() { String[] nonTeredoAddresses = { "::1.2.3.4", "3ffe::1", "::", "::1", }; for (int i = 0; i < nonTeredoAddresses.length; i++) { InetAddress ip = InetAddresses.forString(nonTeredoAddresses[i]); assertFalse(InetAddresses.isTeredoAddress((Inet6Address) ip)); try { InetAddresses.getTeredoInfo((Inet6Address) ip); fail("IllegalArgumentException expected for '" + nonTeredoAddresses[i] + "'"); } catch (IllegalArgumentException expected) { } } String validTeredoAddress = "2001:0000:4136:e378:8000:63bf:3fff:fdd2"; String serverStr = "65.54.227.120"; String clientStr = "192.0.2.45"; int port = 40000; int flags = 0x8000; InetAddress ip = InetAddresses.forString(validTeredoAddress); assertTrue(InetAddresses.isTeredoAddress((Inet6Address) ip)); InetAddresses.TeredoInfo teredo = InetAddresses.getTeredoInfo((Inet6Address) ip); InetAddress server = InetAddresses.forString(serverStr); assertEquals(server, teredo.getServer()); InetAddress client = InetAddresses.forString(clientStr); assertEquals(client, teredo.getClient()); assertEquals(port, teredo.getPort()); assertEquals(flags, teredo.getFlags()); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one * of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method * due to their trivial spoofability. With other transition addresses * spoofing involves (at least) infection of one's BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one * of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method * due to their trivial spoofability. With other transition addresses * spoofing involves (at least) infection of one's BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one * of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method * due to their trivial spoofability. With other transition addresses * spoofing involves (at least) infection of one's BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one * of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method * due to their trivial spoofability. With other transition addresses * spoofing involves (at least) infection of one's BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one * of the specified address types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method * due to their trivial spoofability. With other transition addresses * spoofing involves (at least) infection of one's BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one of the specified address * types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }
/** * Examines the Inet6Address to determine if it is an IPv6 address of one of the specified address * types that contain an embedded IPv4 address. * * <p>NOTE: ISATAP addresses are explicitly excluded from this method due to their trivial * spoofability. With other transition addresses spoofing involves (at least) infection of one's * BGP routing table. * * @param ip {@link Inet6Address} to be examined for embedded IPv4 client address * @return {@code true} if there is an embedded IPv4 client address * @since 7.0 */ public static boolean hasEmbeddedIPv4ClientAddress(Inet6Address ip) { return isCompatIPv4Address(ip) || is6to4Address(ip) || isTeredoAddress(ip); }