diff options
author | Marcello Coutinho <marcellocoutinho@gmail.com> | 2013-03-28 05:23:01 -0700 |
---|---|---|
committer | Marcello Coutinho <marcellocoutinho@gmail.com> | 2013-03-28 05:23:01 -0700 |
commit | a6d5beb3f21295543ce8532ee6fd55d1a0e1ae0d (patch) | |
tree | eb1e9327baf8d9ae00947125788b57b74a66c4ea /config | |
parent | d7ec5f1ec1c8eeee6c84bc3b85543543711655bc (diff) | |
parent | e2ec86f40c9573292a46d4ab89ae70e353a99f8f (diff) | |
download | pfsense-packages-a6d5beb3f21295543ce8532ee6fd55d1a0e1ae0d.tar.gz pfsense-packages-a6d5beb3f21295543ce8532ee6fd55d1a0e1ae0d.tar.bz2 pfsense-packages-a6d5beb3f21295543ce8532ee6fd55d1a0e1ae0d.zip |
Merge pull request #415 from phil-davis/master
pfBlocker allow list ranges that are not exact subnets
Diffstat (limited to 'config')
-rwxr-xr-x | config/pf-blocker/pfblocker.inc | 33 |
1 files changed, 6 insertions, 27 deletions
diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index 58b93bb5..c40d742e 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -52,29 +52,6 @@ function cb_get_real_interface_address($iface) { return array($ip, long2ip(hexdec($netmask))); } -function pfblocker_Range2CIDR($ip_min, $ip_max) { - #function called without any args - if ($ip_min == "" || $ip_max == "") - return ""; - #function called with same ip in min and max - if ($ip_min == $ip_max) - return $ip_min. "/32"; - #convert ip to decimal numbers - $ip_min_long=ip2long($ip_min); - $ip_max_long=ip2long($ip_max); - #check long results - if ($ip_min_long == -1 || $ip_max_long == -1) - return ""; - #identify bits mask - $bits=(32 -strlen(decbin($ip_max_long - $ip_min_long))); - if ($bits < 0) - return ""; - #identify first ip on range network - $network=long2ip( $ip_min_long & ((1<<32)-(1<<(32-$bits))-1) ); - #print decbin($ip_min_long)."\n".$network."\n"; - return $network . "/". $bits; -} - function sync_package_pfblocker($cron="") { global $g,$config; @@ -290,10 +267,12 @@ function sync_package_pfblocker($cron="") { foreach ($url_list as $line){ # Network range 192.168.0.0-192.168.0.254 if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ - $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); - if ($cidr != ""){ - ${$alias}.= $cidr."\n"; - $new_file.= $cidr."\n"; + $a_cidr = ip_range_to_subnet_array($matches[1],$matches[2]); + if (is_array($a_cidr)) { + foreach ($a_cidr as $cidr) { + ${$alias}.= $cidr."\n"; + $new_file.= $cidr."\n"; + } } } # CIDR format 192.168.0.0/16 |