From 52f0eed6fbac5653c1bf1a9c3b079b0fbb28bef7 Mon Sep 17 00:00:00 2001
From: Oliver Gorwits <oliver@cpan.org>
Date: Sat, 11 Jan 2014 13:02:45 +0000
Subject: [PATCH] [#13] Support IP address ranges in *_only/*_no configuration

---
 Netdisco/Changes                              |  1 +
 .../lib/App/Netdisco/Manual/Configuration.pod | 22 +++++---
 Netdisco/lib/App/Netdisco/Util/Device.pm      | 51 +++++++++++++++++--
 3 files changed, 62 insertions(+), 12 deletions(-)

diff --git a/Netdisco/Changes b/Netdisco/Changes
index 11d864ab..d8344491 100644
--- a/Netdisco/Changes
+++ b/Netdisco/Changes
@@ -3,6 +3,7 @@
   [NEW FEATURES]
 
   * [#81] Identify wireless nodes and provide information when available 
+  * [#13] Support IP address ranges in *_only/*_no configuration
 
   [ENHANCEMENTS]
 
diff --git a/Netdisco/lib/App/Netdisco/Manual/Configuration.pod b/Netdisco/lib/App/Netdisco/Manual/Configuration.pod
index ca22d841..58d77899 100644
--- a/Netdisco/lib/App/Netdisco/Manual/Configuration.pod
+++ b/Netdisco/lib/App/Netdisco/Manual/Configuration.pod
@@ -381,7 +381,8 @@ devices. For more fine-grained control see the C<bulkwalk_no> setting.
 Value: List of Network Identifiers or Device Properties. Default: Empty List.
 
 IP addresses in the list will use C<GETNEXT> (and not C<BULKWALK>). You can
-include hostnames, IP addresses and subnets (IPv4 or IPv6) in the list.
+include hostnames, IP addresses, subnets (IPv4 or IPv6), and address ranges
+(using a hyphen and no whitespace) in the list.
 
 Alternatively include a "C<property:regex>" entry to match the named property
 of the device. The regex must match the complete value.
@@ -445,7 +446,8 @@ Number of times to retry connecting to a device before giving up.
 Value: List of Network Identifiers or Device Properties. Default: Empty List.
 
 IP addresses in the list will not be visited during device discovery. You can
-include hostnames, IP addresses and subnets (IPv4 or IPv6) in the list.
+include hostnames, IP addresses, subnets (IPv4 or IPv6), and address ranges
+(using a hyphen and no whitespace) in the list.
 
 Alternatively include a "C<property:regex>" entry to match the named property
 of the device. The regex must match the complete value.
@@ -455,8 +457,8 @@ of the device. The regex must match the complete value.
 Value: List of Network Identifiers or Device Properties. Default: Empty List.
 
 If present, device discovery will be limited to IP addresses matching entries
-in this list. You can include hostnames, IP addresses and subnets (IPv4 and
-IPv6).
+in this list. You can include hostnames, IP addresses, subnets (IPv4 and
+IPv6), and address ranges (using a hyphen and no whitespace).
 
 Alternatively include a "C<property:regex>" entry to match the named property
 of the device. The regex must match the complete value.
@@ -486,7 +488,8 @@ discover jobs for a device.
 Value: List of Network Identifiers or Device Properties. Default: Empty List.
 
 IP addresses in the list will not be visited for macsuck. You can include
-hostnames, IP addresses and subnets (IPv4 or IPv6) in the list.
+hostnames, IP addresses, subnets (IPv4 or IPv6), and address ranges (using a
+hyphen and no whitespace) in the list.
 
 Alternatively include a "C<property:regex>" entry to match the named property
 of the device. The regex must match the complete value.
@@ -496,7 +499,8 @@ of the device. The regex must match the complete value.
 Value: List of Network Identifiers or Device Properties. Default: Empty List.
 
 If present, macsuck will be limited to IP addresses matching entries in this
-list. You can include hostnames, IP addresses and subnets (IPv4 and IPv6).
+list. You can include hostnames, IP addresses, subnets (IPv4 and IPv6), and
+address ranges (using a hyphen and no whitespace).
 
 Alternatively include a "C<property:regex>" entry to match the named property
 of the device. The regex must match the complete value.
@@ -552,7 +556,8 @@ macsuck jobs for a device.
 Value: List of Network Identifiers or Device Properties. Default: Empty List.
 
 IP addresses in the list will not be visited for arpnip. You can include
-hostnames, IP addresses and subnets (IPv4 or IPv6) in the list.
+hostnames, IP addresses, subnets (IPv4 or IPv6), and address ranges (using a
+hyphen and no whitespace) in the list.
 
 Alternatively include a "C<property:regex>" entry to match the named property
 of the device. The regex must match the complete value.
@@ -562,7 +567,8 @@ of the device. The regex must match the complete value.
 Value: List of Network Identifiers or Device Properties. Default: Empty List.
 
 If present, arpnip will be limited to IP addresses matching entries in this
-list. You can include hostnames, IP addresses and subnets (IPv4 and IPv6).
+list. You can include hostnames, IP addresses, subnets (IPv4 and IPv6), and
+address ranges (using a hyphen and no whitespace).
 
 Alternatively include a "C<property:regex>" entry to match the named property
 of the device. The regex must match the complete value.
diff --git a/Netdisco/lib/App/Netdisco/Util/Device.pm b/Netdisco/lib/App/Netdisco/Util/Device.pm
index 6ecae240..a95c9a0d 100644
--- a/Netdisco/lib/App/Netdisco/Util/Device.pm
+++ b/Netdisco/lib/App/Netdisco/Util/Device.pm
@@ -59,10 +59,10 @@ sub get_device {
     ->find_or_new({ip => $ip});
 }
 
-=head2 check_acl( $ip, \@prefixes )
+=head2 check_acl( $ip, \@config )
 
-Given the IP address of a device, returns true if any of the IP prefixes in
-C<< \@prefixes >> contains that device, otherwise returns false.
+Given the IP address of a device, returns true if any of the items in C<<
+\@config >> matches that device, otherwise returns false.
 
 Normally you use C<check_no> and C<check_only>, passing the name of the
 configuration setting to load. This helper instead requires not the name of
@@ -88,10 +88,45 @@ sub check_acl {
               and $device->prop =~ m/^$match$/) {
               return 1;
           }
+
           next;
       }
 
-      my $ip = NetAddr::IP::Lite->new($item) or next;
+      if ($item =~ m/([a-f0-9]+)-([a-f0-9]+)$/i) {
+          my $first = $1;
+          my $last  = $2;
+
+          if ($item =~ m/:/) {
+              next unless $addr->bits == 128;
+
+              $first = hex $first;
+              $last  = hex $last;
+
+              (my $header = $item) =~ s/:[^:]+$/:/;
+              foreach my $part ($first .. $last) {
+                  my $ip = NetAddr::IP::Lite->new($header . sprintf('%x',$part) . '/128')
+                    or next;
+                  return 1 if $ip == $addr;
+              }
+          }
+          else {
+              next unless $addr->bits == 32;
+
+              (my $header = $item) =~ s/\.[^.]+$/./;
+              foreach my $part ($first .. $last) {
+                  my $ip = NetAddr::IP::Lite->new($header . $part . '/32')
+                    or next;
+                  return 1 if $ip == $addr;
+              }
+          }
+
+          next;
+      }
+
+      my $ip = NetAddr::IP::Lite->new($item)
+        or next;
+      next unless $ip->bits == $addr->bits;
+
       return 1 if $ip->contains($addr);
   }
 
@@ -116,6 +151,10 @@ Hostname, IP address, IP prefix
 
 =item *
 
+IP address range, using a hyphen and no whitespace
+
+=item *
+
 C<"model:regex"> - matched against the device model
 
 =item *
@@ -157,6 +196,10 @@ Hostname, IP address, IP prefix
 
 =item *
 
+IP address range, using a hyphen and no whitespace
+
+=item *
+
 C<"model:regex"> - matched against the device model
 
 =item *