mirror of
https://git.sr.ht/~magic_rb/dotfiles
synced 2024-11-29 11:36:16 +01:00
3c40bda301
Signed-off-by: magic_rb <magic_rb@redalder.org>
51 lines
1.3 KiB
Nix
51 lines
1.3 KiB
Nix
{lib, ...}: let
|
|
inherit
|
|
(lib)
|
|
makeBinPath
|
|
;
|
|
in {
|
|
flake.overlays.ip-search = final: prev: {
|
|
ip-search = prev.writeShellScriptBin "ip-search" ''
|
|
if [ $# -lt 2 ] ; then
|
|
echo "usage: ip-search <allowed ips file> <directory>"
|
|
exit 1
|
|
fi
|
|
|
|
export PATH="${makeBinPath [prev.ripgrep]}:$PATH"
|
|
_ipv4_regex='((25[0-5]|(2[0-4]|1\d|[1-9]|)\d)\.){3}(25[0-5]|(2[0-4]|1\d|[1-9]|)\d)'
|
|
_ipv4_matches=()
|
|
|
|
mapfile -t _ipv4_matches < <( rg "$_ipv4_regex" $2 -oNI | sort | uniq )
|
|
|
|
_ipv6_regex='a'
|
|
_ipv6_matches=()
|
|
|
|
# TODO
|
|
|
|
_ipv4_allowed=()
|
|
mapfile -t _ipv4_allowed <$1
|
|
|
|
_ipv4_offending=()
|
|
mapfile -t _ipv4_offending < <( diff -U 1 \
|
|
<( echo ''${_ipv4_matches[@]} | tr ' ' '\n' | sort | uniq -u ) \
|
|
<( echo ''${_ipv4_allowed[@]} | tr ' ' '\n' | sort | uniq -u ) \
|
|
| grep '^-' \
|
|
| cut -b 2- \
|
|
| tail +2 )
|
|
|
|
for _offending in ''${_ipv4_offending[@]} ; do
|
|
echo "found offending ipv4 address $_offending in file(s):"
|
|
|
|
mapfile -t _files < <( rg -FoN "$_offending" $2 | cut -f 1 -d : | sort | uniq )
|
|
for _file in ''${_files[@]} ; do
|
|
echo $' - '"$_file"
|
|
done
|
|
done
|
|
|
|
echo "Found ''${#_ipv4_offending[@]} offending ipv4 addresses"
|
|
|
|
exit 69
|
|
'';
|
|
};
|
|
}
|