feat(asn): expose BGP prefix in AsnInfo and enrich_ip

Synthesize the covering CIDR at lookup time from the matched iptoasn range using ipaddress.summarize_address_range. AsnInfo.prefix is populated per-query; not persisted in the pickle cache. enrich_ip now returns (asn, as_name, bgp_prefix, provider_name). Profiler worker updated to unpack the 4-tuple and write bgp_prefix into the attacker record dict.
2026-05-21 16:07:57 -04:00
parent f160eccdae
commit e3d9908bed
5 changed files with 65 additions and 14 deletions
--- a/tests/asn/test_lookup.py
+++ b/tests/asn/test_lookup.py
@@ -26,6 +26,39 @@ def test_asn_hits_known_ranges() -> None:
    assert lookup.asn("46.101.10.20").asn == 14061


+def test_prefix_aligned_range() -> None:
+    lookup = _fixture_lookup()
+    assert lookup.asn("8.8.8.8").prefix == "8.8.8.0/24"
+    assert lookup.asn("8.8.8.0").prefix == "8.8.8.0/24"
+    assert lookup.asn("8.8.8.255").prefix == "8.8.8.0/24"
+
+
+def test_prefix_aligned_16() -> None:
+    lookup = _fixture_lookup()
+    assert lookup.asn("46.101.10.20").prefix == "46.101.0.0/16"
+
+
+def test_prefix_non_power_of_two_range() -> None:
+    # 1.0.0.0–1.0.0.191 spans /25 (0-127) and /26 (128-191)
+    lookup = AsnLookup.from_ranges([
+        (_ip("1.0.0.0"), _ip("1.0.0.191"), AsnInfo(13335, "CF")),
+    ])
+    assert lookup.asn("1.0.0.5").prefix == "1.0.0.0/25"
+    assert lookup.asn("1.0.0.130").prefix == "1.0.0.128/26"
+
+
+def test_prefix_single_host_range() -> None:
+    lookup = AsnLookup.from_ranges([
+        (_ip("1.2.3.4"), _ip("1.2.3.4"), AsnInfo(1, "X")),
+    ])
+    assert lookup.asn("1.2.3.4").prefix == "1.2.3.4/32"
+
+
+def test_prefix_not_set_on_miss() -> None:
+    lookup = _fixture_lookup()
+    assert lookup.asn("9.0.0.0") is None
+
+
 def test_asn_misses_gap() -> None:
    lookup = _fixture_lookup()
    assert lookup.asn("9.0.0.0") is None
--- a/tests/asn/test_provider.py
+++ b/tests/asn/test_provider.py
@@ -67,16 +67,17 @@ def test_enrich_ip_short_circuits_when_disabled(monkeypatch: pytest.MonkeyPatch)
    import decnet.asn as asn

    monkeypatch.setenv("DECNET_ASN_ENABLED", "false")
-    assert asn.enrich_ip("8.8.8.8") == (None, None, None)
+    assert asn.enrich_ip("8.8.8.8") == (None, None, None, None)


-def test_enrich_ip_returns_asn_and_source(tmp_path: Path) -> None:
+def test_enrich_ip_returns_asn_prefix_and_source(tmp_path: Path) -> None:
    from decnet.asn import enrich_ip

    _seed_fixture(tmp_path)
-    asn, name, src = enrich_ip("8.8.8.8")
+    asn, name, prefix, src = enrich_ip("8.8.8.8")
    assert asn == 15169
    assert name == "GOOGLE"
+    assert prefix == "8.8.8.0/24"
    assert src == "iptoasn"


@@ -84,7 +85,7 @@ def test_enrich_ip_private_returns_none(tmp_path: Path) -> None:
    from decnet.asn import enrich_ip

    _seed_fixture(tmp_path)
-    assert enrich_ip("192.168.1.1") == (None, None, None)
+    assert enrich_ip("192.168.1.1") == (None, None, None, None)


 def test_enrich_ip_unannounced_returns_none(tmp_path: Path) -> None:
@@ -92,4 +93,4 @@ def test_enrich_ip_unannounced_returns_none(tmp_path: Path) -> None:

    _seed_fixture(tmp_path)
    # 9.0.0.0 isn't in our fixture range — no BGP announcement we know of.
-    assert enrich_ip("9.0.0.0") == (None, None, None)
+    assert enrich_ip("9.0.0.0") == (None, None, None, None)