2 # IP Address block list / checker
4 # This is a DXSpider compatible, optional skin over Net::CIDR::Lite
5 # If Net::CIDR::Lite is not present, then a find will always returns 0
19 use Socket qw(AF_INET AF_INET6 inet_pton inet_ntop);
22 our $badipfn = "badip";
32 $count4 = _load($ipv4, 4);
33 $count6 = _load($ipv6, 6);
35 LogDbg('DXProt', "DXCIDR: loaded $count4 IPV4 addresses and $count6 IPV6 addresses");
36 return $count4 + $count6;
41 return localdata($badipfn) . ".$_[0]";
49 my $fh = IO::File->new($fn);
61 $list->clean if $count;
64 LogDbg('err', "DXCIDR: $fn not found ($!)");
75 my $fh = IO::File->new (">$fn.$r");
82 LogDbg('err', "DXCIDR: cannot write $fn.$r $!");
91 # protect against stupid or malicious
95 if ($ipv4->find($ip)) {
96 LogDbg('DXProt', "DXCIDR: Ignoring existing IPV4 $ip");
103 if ($ipv6->find($ip)) {
104 LogDbg('DXProt', "DXCIDR: Ignoring existing IPV6 $ip");
110 LogDbg('DXProt', "DXCIDR: Added IPV6 $ip address");
113 if ($ipv4 && $count4) {
117 if ($ipv6 && $count6) {
126 return 0 unless $active;
127 _put($ipv4, 4) if $count4;
128 _put($ipv6, 6) if $count6;
136 push @in, [inet_pton(m|:|?AF_INET6:AF_INET, $_), split m|/|];
138 @out = sort {$a->[0] <=> $b->[0]} @in;
139 return map { "$_->[1]/$_->[2]"} @out;
145 push @out, $ipv4->list if $count4;
146 push @out, $ipv6->list if $count6;
152 return 0 unless $active;
153 return 0 unless $_[0];
156 return $ipv4->find($_[0]) if $count4;
158 return $ipv6->find($_[0]) if $count6;
163 eval { require Net::CIDR::Lite };
165 LogDbg('DXProt', "DXCIDR: load (cpanm) the perl module Net::CIDR::Lite to check for bad IP addresses (or CIDR ranges)");
169 import Net::CIDR::Lite;
171 $ipv4 = Net::CIDR::Lite->new;
172 $ipv6 = Net::CIDR::Lite->new;