diff options
| author | darkain <github@darkain.com> | 2012-10-09 18:09:07 -0700 |
|---|---|---|
| committer | darkain <github@darkain.com> | 2012-10-09 18:09:07 -0700 |
| commit | e81d17ee8ee214544b6dd52de145ad704e69fa12 (patch) | |
| tree | 2eff0175ef2a6cb5205f91c5243ce57d29804824 /config/pf-blocker | |
| parent | 720d50b07c40e0f8ad418cc4dc78537f38fa21ec (diff) | |
| download | pfsense-packages-e81d17ee8ee214544b6dd52de145ad704e69fa12.tar.gz pfsense-packages-e81d17ee8ee214544b6dd52de145ad704e69fa12.tar.bz2 pfsense-packages-e81d17ee8ee214544b6dd52de145ad704e69fa12.zip | |
IP Range to CIDRs not calculating properly
Several IP address ranges were being calculated improperly.
Examples:
10.0.0.0-10.255.255.255 became 160.0.0.0/8
65.113.241.0-65.113.241.255 became 130.227.226.0/24
72.165.61.0-72.165.61.255 became 145.74.122.0/24
The use of complicated string and regular expressions to calculate netmasks
has been replaced with basic and proper bit masking.
Diffstat (limited to 'config/pf-blocker')
| -rwxr-xr-x | config/pf-blocker/pfblocker.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index 1c107dc4..d2080d04 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -70,9 +70,9 @@ function pfblocker_Range2CIDR($ip_min, $ip_max) { if ($bits < 0) return ""; #identify first ip on range network - $network=long2ip(bindec(substr(decbin($ip_min_long),0,$bits).preg_replace("/\d/","0",substr(decbin($ip_min_long),0,(32-$bits))))); + $network=long2ip($ip_min_long & (2<<32)-(2<<(32-$bits))); #print decbin($ip_min_long)."\n".$network."\n"; - return $network . "/". (32 -strlen(decbin($ip_max_long - $ip_min_long))); + return $network . "/". $bits; } function sync_package_pfblocker($cron="") { |