I want to figure out if a device is within a subnet. Example:
q: cidr strings of ip interfaces whose (loopback of it = false) of network
A: 10.3.152.0/24
…but…
q: disjunction of ( (set of ("10.3.150.0/16"; "192.168.1.0/24")) contains it ) of (cidr strings of ip interfaces whose (loopback of it = false) of network )
A: False
The subnet 10.3.155.0/24 … is within the subnet of 10.3.152.0/16
You’re going to want to define what the actual subnets are – 10.3.150.0/16 is not a subnet it’s a just a network.
If you’ve got your heart set on knowing whether or not an IP address is within a larger CIDR range that is not the computer’s subnet (an arbitrary IP range) then your best bet is probably to convert the subnet to binary and do a simple comparison that way
You should be able to define the top and bottom of the IP range that your checking that the computer is within, and then use the version inspector to do the actual check.
My current favorite for determining the location of an endpoint is …
registration subnet address of client
It does return an error when a client is outside the network, connected to one of the DMZ Relays, but otherwise it works great. Our Network Services group maintains a database of the allocated subnets that have been assigned around campus.
I use a text file that I’ve added to a Custom Site to return the location (at least the location of the Wiring Closet they endpoint is connected to). I review the returned ‘Locations’ about once a month to find the subnets that are <Unlisted>.
IF (EXISTS file "NetworkLocations.csv" of (client folder of site whose (name of it = "My Custom Site"))) THEN (IF (exists line whose (it starts with (registration subnet address of client as string)) of file "NetworkLocations.csv" of (client folder of site whose (Name of it = "My Custom Site"))) THEN (tuple string item 1 of (concatenation ", " of (substrings separated by "," of (lines of file "NetworkLocations.csv" of client folder of site whose (name of it = "My Custom Site")) whose (it as string starts with (registration subnet address of client as string))))) ELSE ("<Unlisted>")) ELSE ("<No File>")