2 # IP Address block list / checker
4 # This is a DXSpider compatible, optional skin over Net::CIDR::Lite
5 # If Net::CIDR::Lite is not present, then a find will always returns 0
19 use Socket qw(AF_INET AF_INET6 inet_pton inet_ntop);
22 our $badipfn = "badip";
32 $count4 = _load($ipv4, 4);
33 $count6 = _load($ipv6, 6);
35 LogDbg('DXProt', "DXCIDR: loaded $count4 IPV4 addresses and $count6 IPV6 addresses");
36 return $count4 + $count6;
41 return localdata($badipfn) . ".$_[0]";
49 my $fh = IO::File->new($fn);
61 $list->clean if $count;
64 LogDbg('err', "DXCIDR: $fn not found ($!)");
75 my $fh = IO::File->new (">$fn.$r");
82 LogDbg('err', "DXCIDR: cannot write $fn.$r $!");
89 # protect against stupid or malicious
93 if ($ipv4->find($ip)) {
94 LogDbg('DXProt', "DXCIDR: Ignoring existing IPV4 $ip");
100 if ($ipv6->find($ip)) {
101 LogDbg('DXProt', "DXCIDR: Ignoring existing IPV6 $ip");
106 LogDbg('DXProt', "DXCIDR: Added IPV6 $ip address");
109 if ($ipv4 && $count4) {
113 if ($ipv6 && $count6) {
121 return 0 unless $active;
122 _put($ipv4, 4) if $count4;
123 _put($ipv6, 6) if $count6;
131 push @in, [inet_pton(m|:|?AF_INET6:AF_INET, $_), split m|/|];
133 @out = sort {$a->[0] <=> $b->[0]} @in;
134 return map { "$_->[1]/$_->[2]"} @out;
140 push @out, $ipv4->list if $count4;
141 push @out, $ipv6->list if $count6;
147 return 0 unless $active;
148 return 0 unless $_[0];
151 return $ipv4->find($_[0]) if $count4;
153 return $ipv6->find($_[0]) if $count6;
158 eval { require Net::CIDR::Lite };
160 LogDbg('DXProt', "DXCIDR: load (cpanm) the perl module Net::CIDR::Lite to check for bad IP addresses (or CIDR ranges)");
164 import Net::CIDR::Lite;
166 $ipv4 = Net::CIDR::Lite->new;
167 $ipv6 = Net::CIDR::Lite->new;