diff options
author | darkain <github@darkain.com> | 2012-10-09 19:08:12 -0700 |
---|---|---|
committer | darkain <github@darkain.com> | 2012-10-09 19:08:12 -0700 |
commit | 83f8ac2d59dc43987d87299e954f3b664c12f0d2 (patch) | |
tree | 50fc4b304018eca8070d3d23e919e8c5855b48b3 /config/pf-blocker | |
parent | e81d17ee8ee214544b6dd52de145ad704e69fa12 (diff) | |
download | pfsense-packages-83f8ac2d59dc43987d87299e954f3b664c12f0d2.tar.gz pfsense-packages-83f8ac2d59dc43987d87299e954f3b664c12f0d2.tar.bz2 pfsense-packages-83f8ac2d59dc43987d87299e954f3b664c12f0d2.zip |
Fixing duplicate IP/Range entries
Because all three cases (CIDR, IP Range, and Single IP Address) are always
tested, it is possible that more than one will have a positive match.
Examples:
172.16.0.0/12 matches both for CIDR and Individual IP Address
169.254.0.0-169.254.255.255 matches for both Address Range and Individual IP
By doing if, elseif, elseif instead of if, if, if testing, the later tests
will only be performed if the former tests fail. Because the Individual IP
Address test will return a result, even for CIDRs and IP Ranges, that test
has been moved to the end of the elseif list.
Diffstat (limited to 'config/pf-blocker')
-rwxr-xr-x | config/pf-blocker/pfblocker.inc | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index d2080d04..64171b01 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -288,16 +288,6 @@ function sync_package_pfblocker($cron="") { $new_file=""; if (is_array($url_list)){ foreach ($url_list as $line){ - # CIDR format 192.168.0.0/16 - if (preg_match("/(\d+\.\d+\.\d+\.\d+\/\d+)/",$line,$matches)){ - ${$alias}.= $matches[1]."\n"; - $new_file.= $matches[1]."\n"; - } - # Single ip addresses - if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ - ${$alias}.= $matches[1]."/32\n"; - $new_file.= $matches[1]."/32\n"; - } # Network range 192.168.0.0-192.168.0.254 if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); @@ -306,6 +296,16 @@ function sync_package_pfblocker($cron="") { $new_file.= $cidr."\n"; } } + # CIDR format 192.168.0.0/16 + else if (preg_match("/(\d+\.\d+\.\d+\.\d+\/\d+)/",$line,$matches)){ + ${$alias}.= $matches[1]."\n"; + $new_file.= $matches[1]."\n"; + } + # Single ip addresses + else if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ + ${$alias}.= $matches[1]."/32\n"; + $new_file.= $matches[1]."/32\n"; + } } } if ($new_file != ""){ |