File tree 1 file changed +39
-0
lines changed
1 file changed +39
-0
lines changed Original file line number Diff line number Diff line change 1+ import re
2+ from .base import RegexBasedDetector
3+
4+ class IPPublicDetector (RegexBasedDetector ):
5+ """Scans for public ip address (ipv4)
6+
7+ Some non-public ipv4 addresses are ignored, such as:
8+ - 127.
9+ - 10.
10+ - 172.(16-31)
11+ - 192.168.
12+
13+ Reference:
14+ https://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml
15+ https://en.wikipedia.org/wiki/Private_network
16+ """
17+ secret_type = 'Public IP (ipv4)'
18+
19+ denylist_ipv4_address = r"""
20+ (?<![0-9]) # Negative lookbehind: Asserts that what immediately precedes the current position in the string is not a digit
21+ (?! # Negative lookahead: Asserts that what immediately follows the current position in the string does not match the enclosed pattern
22+ 192\.168\.| # Match "192.168."
23+ 127\.| # Match "127."
24+ 10\.| # Match "10."
25+ 172\.(?:1[6-9]|2[0-9]|3[01]) # Match "172." followed by a number between 16 and 31
26+ )
27+ (?: # Non-capturing group: Groups the enclosed pattern but does not create a backreference
28+ (?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\. # Match a number between 0 and 255 followed by a dot
29+ ){3} # Repeat the preceding non-capturing group three times
30+ (?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?) # Match a number between 0 and 255
31+ (?::\d{1,5})? # Optional non-capturing group: Match a colon followed by a number between 0 and 99999 (a port number)
32+ (?! # Negative lookahead: Asserts that what immediately follows the current position in the string does not match the enclosed pattern
33+ [0-9] # Match a digit
34+ )
35+ """
36+
37+ denylist = [
38+ re .compile (denylist_ipv4_address , flags = re .IGNORECASE | re .VERBOSE )
39+ ]
You can’t perform that action at this time.
0 commit comments