Remove cache from switch.blocked.
Since the IP address is blocked don't need to cache it.
This commit is contained in:
FusionPBX
GitHub
parent
854f2bf1f0
commit
73ded9bf60
|
|
@ -196,15 +196,6 @@
|
|||
return false;
|
||||
}
|
||||
|
||||
//create the cache object
|
||||
$cache = new cache;
|
||||
|
||||
if (!is_blocked($ip_address)) {
|
||||
|
||||
|
||||
//add the blocked ip address to the cache
|
||||
$cache->set("switch:blocked:".$ip_address, 'true');
|
||||
|
||||
//run the block command for iptables
|
||||
if ($firewall == 'iptables') {
|
||||
//example: iptables -I INPUT -s 127.0.0.1 -j DROP
|
||||
|
|
@ -247,7 +238,7 @@
|
|||
|
||||
//unset the array
|
||||
unset($array);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
//unblock the ip address
|
||||
|
|
@ -260,12 +251,6 @@
|
|||
return false;
|
||||
}
|
||||
|
||||
//create the cache object
|
||||
$cache = new cache;
|
||||
|
||||
//delete the blocked ip address from the cache
|
||||
$cache->delete("switch:blocked:".$ip_address);
|
||||
|
||||
//unblock the address
|
||||
if ($firewall == 'iptables') {
|
||||
$command = 'iptables -L -n --line-numbers | grep '.$ip_address;
|
||||
|
|
@ -305,48 +290,26 @@
|
|||
return false;
|
||||
}
|
||||
|
||||
//create the cache object
|
||||
$cache = new cache;
|
||||
|
||||
//set blocked to false by default
|
||||
$blocked = false;
|
||||
|
||||
//check the cache to see if the address is blocked
|
||||
if ($cache->get("switch:blocked:".$ip_address) === 'true') {
|
||||
$blocked = true;
|
||||
}
|
||||
else {
|
||||
//run command to see if address is blocked
|
||||
//determine whether to return true or false
|
||||
if ($firewall == 'iptables') {
|
||||
//check to see if the address is blocked
|
||||
$command = 'iptables -L -n --line-numbers | grep '.$ip_address;
|
||||
//echo $command."\n";
|
||||
$result = shell($command);
|
||||
if (strlen($result) > 3) {
|
||||
//address is blocked but not cached add it to the cache
|
||||
$cache->set("switch:blocked:".$ip_address, 'true');
|
||||
|
||||
//set blocked to true
|
||||
$blocked = true;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
//run command to see if address is blocked
|
||||
if ($firewall == 'pf') {
|
||||
elseif ($firewall == 'pf') {
|
||||
//check to see if the address is blocked
|
||||
$command = 'pfctl -t ".$filter." -Ts | grep '.$ip_address;
|
||||
//echo $command."\n";
|
||||
$result = shell($command);
|
||||
if (strlen($result) > 3) {
|
||||
//address is blocked but not cached add it to the cache
|
||||
$cache->set("switch:blocked:".$ip_address, 'true');
|
||||
|
||||
//set blocked to true
|
||||
$blocked = true;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
else {
|
||||
return false;
|
||||
}
|
||||
return $blocked;
|
||||
}
|
||||
|
||||
//is the ip address registered
|
||||
|
|
@ -374,6 +337,11 @@
|
|||
//define global variables
|
||||
global $debug;
|
||||
|
||||
//invalid ip address
|
||||
if (!filter_var($ip_address, FILTER_VALIDATE_IP)) {
|
||||
return false;
|
||||
}
|
||||
|
||||
//check the cache to see if the address is allowed
|
||||
$cache = new cache;
|
||||
if ($cache->get("switch:allowed:".$ip_address) === 'true') {
|
||||
|
|
|
|||
Loading…
Reference in New Issue