/** * Determine if an IP address really is an IP address, and if it is public, * i.e. not RFC 1918 or similar */ function wfIsIPPublic($ip) { $n = wfIP2Unsigned($ip); if (!$n) { return false; } static $privateRanges = false; if (!$privateRanges) { $privateRanges = array(array('10.0.0.0', '10.255.255.255'), array('172.16.0.0', '172.31.255.255'), array('192.168.0.0', '192.168.255.255'), array('0.0.0.0', '0.255.255.255'), array('127.0.0.0', '127.255.255.255')); } foreach ($privateRanges as $r) { $start = wfIP2Unsigned($r[0]); $end = wfIP2Unsigned($r[1]); if ($n >= $start && $n <= $end) { return false; } } return true; }
/** * Convert a network specification in CIDR notation to an integer network and a number of bits */ function wfParseCIDR($range) { $parts = explode('/', $range, 2); if (count($parts) != 2) { return array(false, false); } $network = wfIP2Unsigned($parts[0]); if ($network !== false && is_numeric($parts[1]) && $parts[1] >= 0 && $parts[1] <= 32) { $bits = $parts[1]; } else { $network = false; $bits = false; } return array($network, $bits); }
function normaliseRange($range) { $parts = explode('/', $range); if (count($parts) == 2) { $shift = 32 - $parts[1]; $ipint = wfIP2Unsigned($parts[0]); $ipint = $ipint >> $shift << $shift; $newip = long2ip($ipint); $range = "{$newip}/{$parts[1]}"; } return $range; }