From 83f8ac2d59dc43987d87299e954f3b664c12f0d2 Mon Sep 17 00:00:00 2001 From: darkain Date: Tue, 9 Oct 2012 19:08:12 -0700 Subject: Fixing duplicate IP/Range entries Because all three cases (CIDR, IP Range, and Single IP Address) are always tested, it is possible that more than one will have a positive match. Examples: 172.16.0.0/12 matches both for CIDR and Individual IP Address 169.254.0.0-169.254.255.255 matches for both Address Range and Individual IP By doing if, elseif, elseif instead of if, if, if testing, the later tests will only be performed if the former tests fail. Because the Individual IP Address test will return a result, even for CIDRs and IP Ranges, that test has been moved to the end of the elseif list. --- config/pf-blocker/pfblocker.inc | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) (limited to 'config/pf-blocker') diff --git a/config/pf-blocker/pfblocker.inc b/config/pf-blocker/pfblocker.inc index d2080d04..64171b01 100755 --- a/config/pf-blocker/pfblocker.inc +++ b/config/pf-blocker/pfblocker.inc @@ -288,16 +288,6 @@ function sync_package_pfblocker($cron="") { $new_file=""; if (is_array($url_list)){ foreach ($url_list as $line){ - # CIDR format 192.168.0.0/16 - if (preg_match("/(\d+\.\d+\.\d+\.\d+\/\d+)/",$line,$matches)){ - ${$alias}.= $matches[1]."\n"; - $new_file.= $matches[1]."\n"; - } - # Single ip addresses - if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ - ${$alias}.= $matches[1]."/32\n"; - $new_file.= $matches[1]."/32\n"; - } # Network range 192.168.0.0-192.168.0.254 if (preg_match("/(\d+\.\d+\.\d+\.\d+)-(\d+\.\d+\.\d+\.\d+)/",$line,$matches)){ $cidr= pfblocker_Range2CIDR($matches[1],$matches[2]); @@ -306,6 +296,16 @@ function sync_package_pfblocker($cron="") { $new_file.= $cidr."\n"; } } + # CIDR format 192.168.0.0/16 + else if (preg_match("/(\d+\.\d+\.\d+\.\d+\/\d+)/",$line,$matches)){ + ${$alias}.= $matches[1]."\n"; + $new_file.= $matches[1]."\n"; + } + # Single ip addresses + else if (preg_match("/(\d+\.\d+\.\d+\.\d+)\s+/",$line,$matches)){ + ${$alias}.= $matches[1]."/32\n"; + $new_file.= $matches[1]."/32\n"; + } } } if ($new_file != ""){ -- cgit v1.2.3