Skip to content

anuragithub/Firewall

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits

Entry

Entry

 
 

Lists

Lists

 
 

Tests

Tests

 
 

.gitignore

.gitignore

 
 

.travis.yml

.travis.yml

 
 

Firewall.php

Firewall.php

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

composer.json

composer.json

 
 

Repository files navigation

Firewall Build Status

This PHP 5.4+ library provides IP filtering features.
A lot of filters can be used.
It is also possible to customize the error handling.

Installation

Add this line in your composer.json :

{
    "require": {
        "m6web/firewall": "dev-master"
    }
}

Update your vendors :

$ composer update m6web/firewall

Usage

Basic usage

use M6Web\Component\Firewall\Firewall;

$whiteList = array(
    '127.0.0.1',
    '198.168.0.*',
);

$blackList = array(
    '192.168.0.50',
);

$firewall = new Firewall();

$connAllowed = $firewall
    ->setDefaultState(false)
    ->addList($whiteList, 'local', true)
    ->addList($blackList, 'localBad', false)
    ->setIpAddress('195.88.195.146')
    ->handle()
;

if (!$connAllowed) {
    header($_SERVER["SERVER_PROTOCOL"]." 403 Forbiden");
    exit();
}

In this example, only IPs starting with 192.168.0 (but not 192.168.0.50) and 127.0.0.1 will be allowed by the firewall.
In all other case handle() return false.

  • setDefaultState(false) defines default firewall response (Optional - Default false),
  • addList($whiteList, 'local', true) defines $whiteList list, called local as allowed (true),
  • addList($blackList, 'localBad', false); defines $blackList list, called localBad as rejected (false).

Entries Formats

Type Syntax Details
IPV6 ::1 Short notation
IPV4 192.168.0.1
Range 192.168.0.0-192.168.1.60 Includes all IPs from 192.168.0.0 to 192.168.0.255
and from 192.168.1.0 to 198.168.1.60
Wild card 192.168.0.* IPs starting with 192.168.0
Same as IP Range 192.168.0.0-192.168.0.255
Subnet mask 192.168.0.0/255.255.255.0 IPs starting with 192.168.0
Same as 192.168.0.0-192.168.0.255 and 192.168.0.*
CIDR Mask 192.168.0.0/24 IPs starting with 192.168.0
Same as 192.168.0.0-192.168.0.255 and 192.168.0.*
and 192.168.0.0/255.255.255.0

Custom error handling

use M6Web\Component\Firewall\Firewall;

function handleFirewallReturn(Firewall $firewall, $response) {
    if (false === $response) {
        header($_SERVER["SERVER_PROTOCOL"]." 403 Forbiden");
        exit();
    }

    return $response;
}

$whiteList = array(
    '127.0.0.1',
    '198.168.0.*',
);

$blackList = array(
    '192.168.0.50',
);

$firewall = new Firewall();
$firewall
    ->setDefaultState(true)
    ->addList($whiteList, 'local', true)
    ->addList($blackList, 'localBad', false)
    ->setIpAddress('195.88.195.146')
    ->handle('handleFirewallReturn')
;

handle('handleFirewallReturn') calls handleFirewallReturn with Firewall object and response as arguments (true or false).

Running the tests

$ php composer.phar install --dev
$ ./vendor/bin/atoum -d Tests

Credits

Developped by the Cytron Team of M6 Web.
Tested with atoum.

License

Firewall is licensed under the MIT license.

About

Library providing IP filtering features

packagist.org/packages/m6web/firewall

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

5 tags

Packages

No packages published

Languages

  • PHP 100.0%