version 1.1075.2.127, 2017/04/02 03:09:27
|
version 1.1075.2.127.6.1, 2019/03/02 16:25:45
|
Line 4946 sub check_ip_acc {
|
Line 4946 sub check_ip_acc {
|
if (!defined($acc) || $acc =~ /^\s*$/ || $acc =~/^\s*no\s*$/i) { |
if (!defined($acc) || $acc =~ /^\s*$/ || $acc =~/^\s*no\s*$/i) { |
return 1; |
return 1; |
} |
} |
my $allowed=0; |
my $allowed; |
my $ip=$ENV{'REMOTE_ADDR'} || $clientip || $env{'request.host'}; |
my $ip=$ENV{'REMOTE_ADDR'} || $clientip || $env{'request.host'}; |
|
|
my $name; |
my $name; |
foreach my $pattern (split(',',$acc)) { |
my %access = ( |
$pattern =~ s/^\s*//; |
allowfrom => 1, |
$pattern =~ s/\s*$//; |
denyfrom => 0, |
|
); |
|
my @allows; |
|
my @denies; |
|
foreach my $item (split(',',$acc)) { |
|
$item =~ s/^\s*//; |
|
$item =~ s/\s*$//; |
|
if ($item =~ /^\!(.+)$/) { |
|
push(@denies,$1); |
|
} else { |
|
push(@allows,$item); |
|
} |
|
} |
|
my $numdenies = scalar(@denies); |
|
my $numallows = scalar(@allows); |
|
my $count = 0; |
|
foreach my $pattern (@denies,@allows) { |
|
$count ++; |
|
my $acctype = 'allowfrom'; |
|
if ($count <= $numdenies) { |
|
$acctype = 'denyfrom'; |
|
} |
if ($pattern =~ /\*$/) { |
if ($pattern =~ /\*$/) { |
#35.8.* |
#35.8.* |
$pattern=~s/\*//; |
$pattern=~s/\*//; |
if ($ip =~ /^\Q$pattern\E/) { $allowed=1; } |
if ($ip =~ /^\Q$pattern\E/) { $allowed=$access{$acctype}; } |
} elsif ($pattern =~ /(\d+\.\d+\.\d+)\.\[(\d+)-(\d+)\]$/) { |
} elsif ($pattern =~ /(\d+\.\d+\.\d+)\.\[(\d+)-(\d+)\]$/) { |
#35.8.3.[34-56] |
#35.8.3.[34-56] |
my $low=$2; |
my $low=$2; |
Line 4964 sub check_ip_acc {
|
Line 4985 sub check_ip_acc {
|
$pattern=$1; |
$pattern=$1; |
if ($ip =~ /^\Q$pattern\E/) { |
if ($ip =~ /^\Q$pattern\E/) { |
my $last=(split(/\./,$ip))[3]; |
my $last=(split(/\./,$ip))[3]; |
if ($last <=$high && $last >=$low) { $allowed=1; } |
if ($last <=$high && $last >=$low) { $allowed=$access{$acctype}; } |
} |
} |
} elsif ($pattern =~ /^\*/) { |
} elsif ($pattern =~ /^\*/) { |
#*.msu.edu |
#*.msu.edu |
Line 4974 sub check_ip_acc {
|
Line 4995 sub check_ip_acc {
|
my $netaddr=inet_aton($ip); |
my $netaddr=inet_aton($ip); |
($name)=gethostbyaddr($netaddr,AF_INET); |
($name)=gethostbyaddr($netaddr,AF_INET); |
} |
} |
if ($name =~ /\Q$pattern\E$/i) { $allowed=1; } |
if ($name =~ /\Q$pattern\E$/i) { $allowed=$access{$acctype}; } |
} elsif ($pattern =~ /\d+\.\d+\.\d+\.\d+/) { |
} elsif ($pattern =~ /\d+\.\d+\.\d+\.\d+/) { |
#127.0.0.1 |
#127.0.0.1 |
if ($ip =~ /^\Q$pattern\E/) { $allowed=1; } |
if ($ip =~ /^\Q$pattern\E/) { $allowed=$access{$acctype}; } |
} else { |
} else { |
#some.name.com |
#some.name.com |
if (!defined($name)) { |
if (!defined($name)) { |
Line 4985 sub check_ip_acc {
|
Line 5006 sub check_ip_acc {
|
my $netaddr=inet_aton($ip); |
my $netaddr=inet_aton($ip); |
($name)=gethostbyaddr($netaddr,AF_INET); |
($name)=gethostbyaddr($netaddr,AF_INET); |
} |
} |
if ($name =~ /\Q$pattern\E$/i) { $allowed=1; } |
if ($name =~ /\Q$pattern\E$/i) { $allowed=$access{$acctype}; } |
|
} |
|
if ($allowed =~ /^(0|1)$/) { last; } |
|
} |
|
if ($allowed eq '') { |
|
if ($numdenies && !$numallows) { |
|
$allowed = 1; |
|
} else { |
|
$allowed = 0; |
} |
} |
if ($allowed) { last; } |
|
} |
} |
return $allowed; |
return $allowed; |
} |
} |