finding the LUA bug
This commit is contained in:
bunkerity
parent
deeb7a76a2
commit
b55aafb997
@ -22,24 +22,28 @@ function M.reverse_cached ()
|
|||||||
end
|
end
|
||||||
|
|
||||||
function M.check_ip ()
|
function M.check_ip ()
|
||||||
local blacklist = iputils.parse_cidrs(ip_list)
|
if #ip_list > 0 then
|
||||||
if iputils.ip_in_cidrs(ip, blacklist) then
|
local blacklist = iputils.parse_cidrs(ip_list)
|
||||||
ngx.shared.blacklist_ip_cache:set(ip, "ko", 86400)
|
if iputils.ip_in_cidrs(ip, blacklist) then
|
||||||
ngx.log(ngx.WARN, "ip " .. ip .. " is in blacklist")
|
ngx.shared.blacklist_ip_cache:set(ip, "ko", 86400)
|
||||||
return true
|
ngx.log(ngx.WARN, "ip " .. ip .. " is in blacklist")
|
||||||
|
return true
|
||||||
|
end
|
||||||
end
|
end
|
||||||
ngx.shared.blacklist_ip_cache:set(ip, "ok", 86400)
|
ngx.shared.blacklist_ip_cache:set(ip, "ok", 86400)
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
|
|
||||||
function M.check_reverse ()
|
function M.check_reverse ()
|
||||||
local rdns = dns.get_reverse()
|
if #reverse_list > 0 then
|
||||||
if rdns ~= "" then
|
local rdns = dns.get_reverse()
|
||||||
for k, v in ipairs(reverse_list) do
|
if rdns ~= "" then
|
||||||
if rdns:sub(-#v) == v then
|
for k, v in ipairs(reverse_list) do
|
||||||
ngx.shared.blacklist_reverse_cache:set(ip, "ko", 86400)
|
if rdns:sub(-#v) == v then
|
||||||
ngx.log(ngx.WARN, "reverse " .. rdns .. " is in blacklist")
|
ngx.shared.blacklist_reverse_cache:set(ip, "ko", 86400)
|
||||||
return true
|
ngx.log(ngx.WARN, "reverse " .. rdns .. " is in blacklist")
|
||||||
|
return true
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@ -22,33 +22,37 @@ function M.reverse_cached ()
|
|||||||
end
|
end
|
||||||
|
|
||||||
function M.check_ip ()
|
function M.check_ip ()
|
||||||
local whitelist = iputils.parse_cidrs(ip_list)
|
if #ip_list > 0 then
|
||||||
if iputils.ip_in_cidrs(ip, whitelist) then
|
local whitelist = iputils.parse_cidrs(ip_list)
|
||||||
ngx.shared.whitelist_ip_cache:set(ip, "ok", 86400)
|
if iputils.ip_in_cidrs(ip, whitelist) then
|
||||||
ngx.log(ngx.WARN, "ip " .. ip .. " is in whitelist")
|
ngx.shared.whitelist_ip_cache:set(ip, "ok", 86400)
|
||||||
return true
|
ngx.log(ngx.WARN, "ip " .. ip .. " is in whitelist")
|
||||||
end
|
return true
|
||||||
|
end
|
||||||
|
end
|
||||||
ngx.shared.whitelist_ip_cache:set(ip, "ko", 86400)
|
ngx.shared.whitelist_ip_cache:set(ip, "ko", 86400)
|
||||||
return false
|
return false
|
||||||
end
|
end
|
||||||
|
|
||||||
function M.check_reverse ()
|
function M.check_reverse ()
|
||||||
local rdns = dns.get_reverse()
|
if #reverse_list > 0 then
|
||||||
if rdns ~= "" then
|
local rdns = dns.get_reverse()
|
||||||
local whitelisted = false
|
if rdns ~= "" then
|
||||||
for k, v in ipairs(reverse_list) do
|
local whitelisted = false
|
||||||
if rdns:sub(-#v) == v then
|
for k, v in ipairs(reverse_list) do
|
||||||
whitelisted = true
|
if rdns:sub(-#v) == v then
|
||||||
break
|
whitelisted = true
|
||||||
|
break
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
if whitelisted then
|
||||||
if whitelisted then
|
local ips = dns.get_ips(rdns)
|
||||||
local ips = dns.get_ips(rdns)
|
for k, v in ipairs(ips) do
|
||||||
for k, v in ipairs(ips) do
|
if v == ip then
|
||||||
if v == ip then
|
ngx.shared.whitelist_reverse_cache:set(ip, "ok", 86400)
|
||||||
ngx.shared.whitelist_reverse_cache:set(ip, "ok", 86400)
|
ngx.log(ngx.WARN, "reverse " .. rdns .. " is in whitelist")
|
||||||
ngx.log(ngx.WARN, "reverse " .. rdns .. " is in whitelist")
|
return true
|
||||||
return true
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user