masque_ip (masque v0.7.0)
View SourceIP address classification for SSRF protection.
is_public/1 returns false for loopback, RFC 1918 private, link-local, multicast, and reserved address ranges in both IPv4 and IPv6. The built-in proxy handlers call this after DNS resolution to reject tunnels targeting internal networks.
Summary
Functions
Push an IP packet into a server session for delivery to its connected client. Non-blocking. Intended for out-of-band injectors (e.g. a TUN device owner that holds the session pid via the address registry); accepted by both masque_ip_server_session (h2/h3) and masque_ip_h1_server_session (h1).
Build the RFC 9484 §5.2 "reject all" answer to a batch of inbound ADDRESS_REQUEST entries: each reply carries the same Request ID and IP Version, an all-zero address, and the maximum prefix length for that version (32 for v4, 128 for v6).
Functions
Push an IP packet into a server session for delivery to its connected client. Non-blocking. Intended for out-of-band injectors (e.g. a TUN device owner that holds the session pid via the address registry); accepted by both masque_ip_server_session (h2/h3) and masque_ip_h1_server_session (h1).
-spec is_public(inet:ip_address()) -> boolean().
-spec reject_requests([#ip_prefix_request{request_id :: pos_integer(), version :: 4 | 6, address :: inet:ip_address(), prefix_len :: 0..128}]) -> [#ip_assignment{request_id :: non_neg_integer(), version :: 4 | 6, address :: inet:ip_address(), prefix_len :: 0..128}].
Build the RFC 9484 §5.2 "reject all" answer to a batch of inbound ADDRESS_REQUEST entries: each reply carries the same Request ID and IP Version, an all-zero address, and the maximum prefix length for that version (32 for v4, 128 for v6).