more bogons and tests

bogons.go

@@ -2,9 +2,9 @@ package bogons
 
 import "net"
 
-// ValidASN checks whether an ASN is valid.
+// ValidPublicASN checks whether an ASN is valid.
 // No private or reserved ASNs are valid.
-func ValidASN(asn uint32) bool {
+func ValidPublicASN(asn uint32) bool {
 	switch {
 	case asn == 0: // RFC6483, RFC7607
 		return false
@@ -30,9 +30,9 @@ func ValidASN(asn uint32) bool {
 
 }
 
-// ValidIP just checks whether the strings parses into
+// ValidPublicIP just checks whether the strings parses into
 // either an IPv4 or IPv6 address. It must also be public.
-func ValidIP(ip string) bool {
+func ValidPublicIP(ip string) bool {
 	parsed := net.ParseIP(ip)
 	if parsed == nil {
 		return false
@@ -79,13 +79,16 @@ func IsPublicIPv4(ip net.IP) bool {
 	// rfc3927
 	case ip[0] == 169 && ip[1] == 254:
 		return false
-	// rfc6980 && rfc5737
+	// rfc5737
 	case ip[0] == 192 && ip[1] == 0 && (ip[2] == 0 || ip[2] == 2):
 		return false
 	// rfc5737
 	case ip[0] == 198 && ip[1] == 51 && ip[2] == 100:
 		return false
 	// rfc5737
+	case ip[0] == 198 && (ip[1] == 18 || ip[1] == 19):
+		return false
+	// rfc5737
 	case ip[0] == 203 && ip[1] == 0 && ip[2] == 113:
 		return false
 	// class D,E
@@ -104,11 +107,17 @@ func IsPublicIPv6(ip net.IP) bool {
 	}
 	switch {
 	// Teredo tunnels 2001::/32
-	case ip[0] == 32 && ip[1] == 1 && ip[2] == 0 && ip[3] == 0:
+	case ip[0] == 32 && ip[1] == 1 && ip[2] == 0:
+		return false
+	// 6bone 3ffe::/16
+	case ip[0] == 63 && ip[1] == 254:
 		return false
 	// documentation 2001:db8::/32
 	case ip[0] == 32 && ip[1] == 1 && ip[2] == 13 && ip[3] == 184:
 		return false
+	// 6to4 2002::/16
+	case ip[0] == 32 && ip[1] == 2:
+		return false
 	}
 	// Besides the above, as long as the prefix sits inside 2000::/3 it's public
 	return ip[0] >= 32 && ip[0] <= 63

bogons_test.go

@@ -19,18 +19,18 @@ func TestValidASN(t *testing.T) {
 		{"rfc5398", 64496, false},
 		{"rfc5398", 64511, false},
 		{"rfc1930", 64512, false},
-		//{65534, false},
-		//{65535, false},
-		//{65551, false},
-		//{131071, false},
-		//{4199999999, true},
-		//{4200000000, false},
-		//{4294967295, false},
+		{"rfc6996", 65534, false},
+		{"rfc7300", 65535, false},
+		{"rfc4893", 65551, false},
+		{"rfc5398", 131071, false},
+		{"valid", 4199999999, true},
+		{"rfc6996", 4200000000, false},
+		{"rfc7300", 4294967295, false},
 	}
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			got := bogons.ValidASN(tt.asn)
+			got := bogons.ValidPublicASN(tt.asn)
 			if got != tt.want {
 				t.Errorf("Expected %v, got %v, with value %d", got, tt.want, tt.asn)
 			}
@@ -49,21 +49,35 @@ func TestValidIP(t *testing.T) {
 		{"10.1.1.1", false},
 		{"11.1.1.1", true},
 		{"11.1.1.1.1", false},
+		{"172.16.1.1", false},
+		{"100.64.0.1", false},
+		{"100.127.0.0", false},
+		{"169.254.10.1", false},
+		{"192.0.0.1", false},
+		{"192.0.1.1", true},
+		{"192.0.2.1", false},
 		{"192.168.1.1", false},
 		{"193.168.1.1", true},
+		{"198.18.100.2", false},
+		{"198.51.100.2", false},
+		{"203.0.113.2", false},
 		{"224.168.1.1", false},
 		{"11.1.1.1.1", false},
+		{"2001:1:2::3", false},
+		{"2001:db8:1:2::3", false},
+		{"2002:b8:1:2::3", false},
 		{"2600::", true},
+		{"3ffe::", false},
 		{"3fff::", true},
 		{"3fff:::", false},
 		{"4600::", false},
 		{"", false},
 		{"👻", false},
 	}
 	for _, tt := range tests {
-		got := bogons.ValidIP(tt.ip)
+		got := bogons.ValidPublicIP(tt.ip)
 		if got != tt.want {
-			t.Errorf("Expected %v, got %v, with value %s", got, tt.want, tt.ip)
+			t.Errorf("Expected %v, got %v, with value %s", tt.want, got, tt.ip)
 		}
 	}
 }