function ip_addr_in_network($ip, $networkDef) { if (preg_match("/[a-zA-Z]/", $networkDef) == 1) { $networkDef = getAddrByHost($networkDef, '3'); } $ipDec = ip_addr_dec($ip); if ($ipDec < 1) { return false; } $ipBin = ip_addr_decbin($ipDec); //echo "ip : $ipBin\n"; $nDef = explode('/', $networkDef, 2); if (count($nDef) < 2) { $nDef[1] = '32'; } // 255.255.255.255 $nIpDec = ip_addr_dec($nDef[0]); //if ($nIpDec < 1) return false; $nIpBin = ip_addr_decbin($nIpDec); //echo "netip : $nIpBin\n"; $nMaskDec = ip_addr_dec($nDef[1]); $nMaskBin = $nMaskDec > 1 ? ip_addr_decbin($nMaskDec) : str_repeat('1', (int) $nDef[1]) . str_repeat('0', 32 - (int) $nDef[1]); //echo "netmask: $nMaskBin\n"; for ($i = 0; $i < 32; ++$i) { if ($nMaskBin[$i] == '1' && $ipBin[$i] != $nIpBin[$i]) { return false; } } return true; }
function BanIPHostDNSBLCheck($IP, $HOST, &$baninfo) { if (!BAN_CHECK) { return false; } // Disabled global $BANPATTERN, $DNSBLservers, $DNSBLWHlist, $PMS; // IP/Hostname Check $HOST = strtolower($HOST); $checkTwice = $IP != $HOST; // 是否需檢查第二次 $IsBanned = false; foreach ($BANPATTERN as $pattern) { $slash = substr_count($pattern, '/'); if ($slash == 2) { // RegExp $pattern .= 'i'; } elseif ($slash == 1) { // CIDR Notation if (matchCIDR($IP, $pattern)) { $IsBanned = true; break; } continue; } elseif (strpos($pattern, '*') !== false || strpos($pattern, '?') !== false) { // Wildcard $pattern = '/^' . str_replace(array('.', '*', '?'), array('\\.', '.*', '.?'), $pattern) . '$/i'; } else { // Full-text if ($IP == $pattern || $checkTwice && $HOST == strtolower($pattern)) { $IsBanned = true; break; } continue; } if (preg_match($pattern, $HOST) || $checkTwice && preg_match($pattern, $IP)) { $IsBanned = true; break; } } if ($IsBanned) { $baninfo = _T('ip_banned'); return true; } // DNS-based Blackhole List(DNSBL) 黑名單 if (!$DNSBLservers[0]) { return false; } // Skip check foreach (@$DNSBLWHlist as $w) { $slash = substr_count($w, '/'); if ($slash == 1) { // CIDR Notation if (matchCIDR($IP, $w)) { return false; } } else { // Full-text if ($IP == $w) { return false; } } } //if(array_search($IP, $DNSBLWHlist)!==false) return false; // IP位置在白名單內 $rev = implode('.', array_reverse(explode('.', $IP))); $lastPoint = count($DNSBLservers) - 1; if ($DNSBLservers[0] < $lastPoint) { $lastPoint = $DNSBLservers[0]; } $isListed = false; for ($i = 1; $i <= $lastPoint; $i++) { if (strstr($DNSBLservers[$i], '%s')) { $query = sprintf($DNSBLservers[$i], $rev) . '.'; } else { $query = $rev . '.' . $DNSBLservers[$i] . '.'; } // FQDN $result = getAddrByHost($query); if ($result && $result != $query) { if (strpos($DNSBLservers[$i], 'httpbl') === false) { $isListed = preg_replace('/^.*\\%s\\./', '', $DNSBLservers[$i]); break; } else { $tmpval = explode('.', $result); // 127.[days-since-last-catch].[threat-score(higher=worse)].[type] /* Types: * 0=Search Engine * 1=Suspicious(mail server, dic-attackers, etc) * 2=Harvester * 4=Comment Spammer */ if ($tmpval[1] < 15) { $isListed = preg_replace('/^.*\\%s\\./', '', $DNSBLservers[$i]); break; } } } } if ($isListed) { $baninfo = _T('ip_dnsbl_banned', $isListed); $PMS->callCHP('mod_adminenhance_DNSBL_listed', array($isListed, $result)); return true; } return false; }