Committer: gariev
LJSUP-8602: IP sysban conflict w/ whitelistU trunk/bin/ljsysban.pl U trunk/cgi-bin/sysban.pl
Modified: trunk/bin/ljsysban.pl
===================================================================
--- trunk/bin/ljsysban.pl 2011-04-18 02:47:36 UTC (rev 18890)
+++ trunk/bin/ljsysban.pl 2011-04-18 02:53:11 UTC (rev 18891)
@@ -145,7 +145,7 @@
die $dbh->errstr if $dbh->err;
if ($what || $value) {
- my $err = LJ::sysban_validate($what || $ban->{'what'}, $value || $ban->{'value'});
+ my $err = LJ::sysban_validate($what || $ban->{'what'}, $value || $ban->{'value'}, {skipexisting => 1});
die $err if $err;
}
Modified: trunk/cgi-bin/sysban.pl
===================================================================
--- trunk/cgi-bin/sysban.pl 2011-04-18 02:47:36 UTC (rev 18890)
+++ trunk/cgi-bin/sysban.pl 2011-04-18 02:53:11 UTC (rev 18891)
@@ -425,44 +425,48 @@
",
{Slice => {}}
);
-
- my $matched_wl;
- foreach my $wl (@$whitelist) {
- my $mask = $wl->{value}; ## see ip_whitelist below for possible formats
- if ($mask =~ /^$ip_regexp$/) {
- if ($mask eq $ip) {
- $matched_wl = $wl;
- last;
- }
- } elsif (my ($start_ip, $end_ip) = $mask =~ /^($ip_regexp)-($ip_regexp)$/) {
- if ( $ip_to_str->($start_ip) le $ip_to_str->($ip) &&
- $ip_to_str->($ip) le $ip_to_str->($end_ip))
- {
- $matched_wl = $wl;
- last;
+
+ ## if creting a new ban, check IP whitelist
+ ## TODO: when modifying an existing ban, give a warning
+ if (!$opts->{'skipexisting'}) {
+ my $matched_wl;
+ foreach my $wl (@$whitelist) {
+ my $mask = $wl->{value}; ## see ip_whitelist below for possible formats
+ if ($mask =~ /^$ip_regexp$/) {
+ if ($mask eq $ip) {
+ $matched_wl = $wl;
+ last;
+ }
+ } elsif (my ($start_ip, $end_ip) = $mask =~ /^($ip_regexp)-($ip_regexp)$/) {
+ if ( $ip_to_str->($start_ip) le $ip_to_str->($ip) &&
+ $ip_to_str->($ip) le $ip_to_str->($end_ip))
+ {
+ $matched_wl = $wl;
+ last;
+ }
+ } elsif ($mask =~ m!^$ip_regexp/(\d+)!) {
+ my $netmask = Net::Netmask->new($mask);
+ if ($netmask->match($ip)) {
+ $matched_wl = $wl;
+ last;
+ }
+ } elsif ($mask =~ /^(\d+\.){1,3}\*$/) {
+ $mask =~ s/\./\\./g;
+ $mask =~ s/\*/\.\*/;
+ if ($ip =~ /^$mask$/) {
+ $matched_wl = $wl;
+ last;
+ }
+ } else {
+ # hm...
}
- } elsif ($mask =~ m!^$ip_regexp/(\d+)!) {
- my $netmask = Net::Netmask->new($mask);
- if ($netmask->match($ip)) {
- $matched_wl = $wl;
- last;
- }
- } elsif ($mask =~ /^(\d+\.){1,3}\*$/) {
- $mask =~ s/\./\\./g;
- $mask =~ s/\*/\.\*/;
- if ($ip =~ /^$mask$/) {
- $matched_wl = $wl;
- last;
- }
- } else {
- # hm...
}
- }
- if ($matched_wl) {
- return "Can't bap ip address $ip: ip_whitelist #$matched_wl->{banid} matched ($matched_wl->{note})";
+ if ($matched_wl) {
+ return "Can't ban ip address $ip: ip_whitelist #$matched_wl->{banid} matched ($matched_wl->{note})";
+ }
}
-
+
## everything is ok
return 0;
},