Skip to content

Instantly share code, notes, and snippets.

@syzdek

syzdek/ipv6-regex-test.sh

Last active October 5, 2024 06:10
Show Gist options
  • Save syzdek/6086792 to your computer and use it in GitHub Desktop.
Save syzdek/6086792 to your computer and use it in GitHub Desktop.
Download ZIP
Simple script to test my IPv6 regular expression.
Raw
ipv6-regex-test.sh
#!/bin/sh
#
# Use posixregex CLI tool from: https://github.com/syzdek/dmstools/blob/master/src/posixregex.c
RE_IPV4="((25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])\.){3,3}(25[0-5]|(2[0-4]|1{0,1}[0-9]){0,1}[0-9])"
posixregex -r "^(${RE_IPV4})$" \
127.0.0.1 \
10.0.0.1 \
192.168.1.1 \
0.0.0.0 \
255.255.255.255 \
|sed -e 's/not found/fail/g' -e 's/found/pass/g' \
|awk '{print$4" "$3" "$2}' \
|sed -e 's/^/IPv4 Pass: /g'
echo ""
posixregex -r "^(${RE_IPV4})$" \
10002.3.4 \
1.2.3.4.5 \
256.0.0.0 \
260.0.0.0 \
|sed -e 's/not found/fail/g' -e 's/found/pass/g' \
|awk '{print$4" "$3" "$2}' \
|sed -e 's/^/IPv4 Fail: /g'
echo ""
SEG="[0-9a-fA-F]{1,4}"
RE_IPV6="([0-9a-fA-F]{1,4}:){7,7}[0-9a-fA-F]{1,4}|" # TEST: 1:2:3:4:5:6:7:8
RE_IPV6="${RE_IPV6}([0-9a-fA-F]{1,4}:){1,7}:|" # TEST: 1:: 1:2:3:4:5:6:7::
RE_IPV6="${RE_IPV6}([0-9a-fA-F]{1,4}:){1,6}:[0-9a-fA-F]{1,4}|" # TEST: 1::8 1:2:3:4:5:6::8 1:2:3:4:5:6::8
RE_IPV6="${RE_IPV6}([0-9a-fA-F]{1,4}:){1,5}(:[0-9a-fA-F]{1,4}){1,2}|" # TEST: 1::7:8 1:2:3:4:5::7:8 1:2:3:4:5::8
RE_IPV6="${RE_IPV6}([0-9a-fA-F]{1,4}:){1,4}(:[0-9a-fA-F]{1,4}){1,3}|" # TEST: 1::6:7:8 1:2:3:4::6:7:8 1:2:3:4::8
RE_IPV6="${RE_IPV6}([0-9a-fA-F]{1,4}:){1,3}(:[0-9a-fA-F]{1,4}){1,4}|" # TEST: 1::5:6:7:8 1:2:3::5:6:7:8 1:2:3::8
RE_IPV6="${RE_IPV6}([0-9a-fA-F]{1,4}:){1,2}(:[0-9a-fA-F]{1,4}){1,5}|" # TEST: 1::4:5:6:7:8 1:2::4:5:6:7:8 1:2::8
RE_IPV6="${RE_IPV6}[0-9a-fA-F]{1,4}:((:[0-9a-fA-F]{1,4}){1,6})|" # TEST: 1::3:4:5:6:7:8 1::3:4:5:6:7:8 1::8
RE_IPV6="${RE_IPV6}:((:[0-9a-fA-F]{1,4}){1,7}|:)|" # TEST: ::2:3:4:5:6:7:8 ::2:3:4:5:6:7:8 ::8 ::
RE_IPV6="${RE_IPV6}fe08:(:[0-9a-fA-F]{1,4}){2,2}%[0-9a-zA-Z]{1,}|" # TEST: fe08::7:8%eth0 fe08::7:8%1 (link-local IPv6 addresses with zone index)
RE_IPV6="${RE_IPV6}::(ffff(:0{1,4}){0,1}:){0,1}${RE_IPV4}|" # TEST: ::255.255.255.255 ::ffff:255.255.255.255 ::ffff:0:255.255.255.255 (IPv4-mapped IPv6 addresses and IPv4-translated addresses)
RE_IPV6="${RE_IPV6}([0-9a-fA-F]{1,4}:){1,4}:${RE_IPV4}" # TEST: 2001:db8:3:4::192.0.2.33 64:ff9b::192.0.2.33 (IPv4-Embedded IPv6 Address)
TEST_STRINGS=`grep '# TEST: ' $0 |grep -v grep |cut -d# -f 2 |cut -d\( -f1 |sed -e 's/^ TEST: //g'`
posixregex -r "^(${RE_IPV6})$" \
1:2:3:4:5:6:7:8 \
::ffff:10.0.0.1 \
::ffff:1.2.3.4 \
::ffff:0.0.0.0 \
1:2:3:4:5:6:77:88 \
::ffff:255.255.255.255 \
fe08::7:8 \
ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff \
|sed -e 's/not found/fail/g' -e 's/found/pass/g' \
|awk '{print$4" "$3" "$2}' \
|sed -e 's/^/IPv6 Pass: /g'
echo ""
posixregex -r "^(${RE_IPV6})$" \
${TEST_STRINGS} \
|sed -e 's/not found/fail/g' -e 's/found/pass/g' \
|awk '{print$4" "$3" "$2}' \
|sed -e 's/^/IPv6 Test: /g'
echo ""
posixregex -r "^(${RE_IPV6})$" \
1:2:3:4:5:6:7:8:9 \
1:2:3:4:5:6::7:8 \
:1:2:3:4:5:6:7:8 \
1:2:3:4:5:6:7:8: \
::1:2:3:4:5:6:7:8 \
1:2:3:4:5:6:7:8:: \
1:2:3:4:5:6:7:88888 \
2001:db8:3:4:5::192.0.2.33 \
fe08::7:8% \
fe08::7:8i \
fe08::7:8interface \
|sed -e 's/not found/fail/g' -e 's/found/pass/g' \
|awk '{print$4" "$3" "$2}' \
|sed -e 's/^/IPv6 Fail: /g'
echo ""
@allyunion
Copy link

allyunion commented Oct 11, 2018
edited
Loading

How do you test loopback:port number? Example:
::1:(port)

@allyunion
Copy link

Never mind. Need to detect [IPv6]:port

@mlibbey
Copy link

mlibbey commented Apr 6, 2019

I think the regexes may need some "^" and "$". I think they match strings like 127.0.0.1 127.0.0.1a crud127.0.0.1 crud.127.0.0.1 1:2:3:4:5:6:7:8:9 1:2:3:4:5:6:7:8:crud crud1:2:3:4:5:6:7:8 crud:1:2:3:4:5:6:7:8

@fooofei
Copy link

fooofei commented Sep 29, 2019

0:0:0:0:0:0:10.0.0.1 is a valid IPv6 address, but the regex cannot match it.

@Oyonax
Copy link

Oyonax commented Feb 7, 2020

I noticed several occurrences of "fe08" strings in your ipv6-regex-test.sh script, instead of "fe80".
PS:Thank you for sharing you valuable code

@arafatx
Copy link

arafatx commented Oct 5, 2021

IPv6 regex is so complex, there are many Ipv6 regex available and most of them don't work properly. I guess, Ipv6 might need more than 100lines of regex to fully validate itself.

@namnamir
Copy link

namnamir commented Mar 14, 2022
edited
Loading

It doesn't match with many of them listed here: https://regex101.com/r/uwPxJf/1

Out of your work, I have made a simpler catch that is posted here:
https://github.com/namnamir/configurations-and-security-hardening/blob/main/regex.md

@t-shangwei
Copy link

@namnamir nice short regex 👍 but :1 should able to pass I guess.

@KOUISAmine
Copy link

Check this demo it doesn't work for 192.168.0.14

@namnamir
Copy link

@t-shangwei
All possible cases are captured if you check the demo. It needs more work not to capture the wrong cases, but it works

@e39a562r
Copy link

@namnamir
Thanks, I probably got something wrong. 🙏

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment