To avoid a ban on 89.0.0.13 also banning 9.0.0.1, we might want to
include the separators in the strstr, as in the attached patch.
--- mod_noloris.c-orig 2009-07-01 08:57:32.000000000 -0400
+++ mod_noloris.c 2009-07-01 09:15:21.918474373 -0400
@@ -61,7 +61,7 @@
* accepts a conn_rec.
*/
struct { int child_num; int thread_num; } *sbh = conn->sbh;
-
+ char search_string[18];
char *shm_rec;
worker_score *ws;
if (shm == NULL) {
@@ -70,7 +70,10 @@
/* check the IP is not banned */
shm_rec = apr_shm_baseaddr_get(shm);
- if (strstr(shm_rec, conn->remote_ip)) {
+ search_string[0] = ' ';
+ strcpy(search_string+1, conn->remote_ip);
+ strcat(search_string, " ");
+ if (strstr(shm_rec, search_string)) {
ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, conn,
"Dropping connection from banned IP %s", conn->remote_ip);
return OK;
@@ -155,6 +158,7 @@
strcpy(shm_rec++, " "); /* space == separator */
strcpy(shm_rec, ip);
shm_rec += strlen(ip);
+ strcpy(shm_rec, " "); /* put separator at end too */
}
}
}
--
Dan Poirier <[email protected]>
