https://bugs.contribs.org/show_bug.cgi?id=10472
Bug ID: 10472
Summary: NFR Add subnet checking to whitelist hosts
Classification: Contribs
Product: SME Contribs
Version: Futur
Hardware: ---
OS: ---
Status: CONFIRMED
Severity: normal
Priority: P3
Component: smeserver-wbl
Assignee: [email protected]
Reporter: [email protected]
QA Contact: [email protected]
Target Milestone: ---
Created attachment 6009
--> https://bugs.contribs.org/attachment.cgi?id=6009&action=edit
IP Subnet Test
Bit of a follow up to this post:
https://forums.contribs.org/index.php/topic,51429.0.html
Currently you can whitelist an individual host. You can also do a primitive
form of subnet checking by using this sort of form
201.201.127.
That gives you all IPs under 127 e.g. 201.201.127.0-255
But what if we want to open up say 201.201.127.0/20 ?
The host range is 205.201.112.1 - 205.201.127.254 but there is no easy way to
do this currently.
I noticed that the wbl panel and code seems to happily accept ranges in this
form (actually it isn't fussy and will accept pretty well anything, but
anyways....):
201.201.127.0/20
I had a read around and we can use NetAddr::IP and 'within' to check for
subnets.
This would be easy to modify on the whitelist plugin - or perhaps create one of
our own?
Attached is a bit of PoC code that seems to work.
$ip is the incoming code.
@hs is an IP or IP/subnet from the whitelistshosts DB
Just run with ./IPTest.pl
This should be fairly easy to add to the whitelist plugin
I'll attach a patch to the whitelist plugin for comments.
--
You are receiving this mail because:
You are the QA Contact for the bug._______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at https://lists.contribs.org/mailman/public/contribteam/
