Access Controls - Edit: Add Node IP addresses (via dig) by domain name in CIDR field.

app/access_controls/access_control_edit.php

@@ -151,13 +151,14 @@
 			$array['access_controls'][0]['access_control_default'] = $access_control_default;
 			$array['access_controls'][0]['access_control_description'] = $access_control_description;
 			$y = 0;
-			if (is_array($access_control_nodes)) {
+			if (!empty($access_control_nodes) && is_array($access_control_nodes)) {
 				foreach ($access_control_nodes as $row) {
 
 					//validate the data
 					if (!is_uuid($row["access_control_node_uuid"])) { continue; }
 					if ($row["node_type"] != 'allow' && $row["node_type"] != 'deny') { continue; }
 					if (isset($row["node_cidr"]) && $row["node_cidr"] != '') {
+
 						$cidr_array = explode("/", str_replace("\\", "/", $row["node_cidr"]));
 						if (filter_var($cidr_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
 							if (isset($cidr_array[1]) && is_numeric($cidr_array[1])) {
@@ -169,23 +170,61 @@
 								$node_cidr = $row["node_cidr"].'/32';
 							}
 						}
-						elseif(filter_var($cidr_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
+						else if(filter_var($cidr_array[0], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
 							//valid IPv6 address
 							$node_cidr = $row["node_cidr"];
 						}
+
+						//build the sub array
+						if (!empty($node_cidr)) {
+							$array['access_controls'][0]['access_control_nodes'][$y]['access_control_node_uuid'] = $row["access_control_node_uuid"];
+							$array['access_controls'][0]['access_control_nodes'][$y]['node_type'] = $row["node_type"];
+							$array['access_controls'][0]['access_control_nodes'][$y]['node_cidr'] = $node_cidr;
+							$array['access_controls'][0]['access_control_nodes'][$y]['node_description'] = $row["node_description"];
+							$y++;
+
+							//unset values
+							unset($cidr_array, $node_cidr);
+						}
+						//digs to attempt
+						else {
+							$digs[] = [
+								'type'=>$row['node_type'],
+								'value'=>$row['node_cidr'],
+								'description'=>$row['node_description'],
+							];
+						}
+
 					}
 
-					//build the sub array
-					$array['access_controls'][0]['access_control_nodes'][$y]['access_control_node_uuid'] = $row["access_control_node_uuid"];
-					$array['access_controls'][0]['access_control_nodes'][$y]['node_type'] = $row["node_type"];
-					$array['access_controls'][0]['access_control_nodes'][$y]['node_cidr'] = $node_cidr;
-					$array['access_controls'][0]['access_control_nodes'][$y]['node_description'] = $row["node_description"];
-					$y++;
-
-					//unset values
-					unset($cidr_array, $node_cidr);
-
 				}
+
+				//attempt digs
+				if (!empty($digs) && is_array($digs)) {
+					foreach ($digs as $dig) {
+						$response = shell_exec("dig +noall +answer ".$dig['value']." | awk '{ print $5 }'");
+						if (!empty($response)) {
+							$lines = explode("\n", $response);
+							foreach ($lines as $l => $line) {
+								if (!empty($line) && filter_var($line, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
+									//check for duplicate
+									if (!empty($array['access_controls'][0]['access_control_nodes']) && is_array($array['access_controls'][0]['access_control_nodes'])) {
+										foreach ($array['access_controls'][0]['access_control_nodes'] as $n => $node) {
+											if ($node['node_cidr'] == $line.'/32') { continue 2; }
+										}
+									}
+									//add to array
+									$array['access_controls'][0]['access_control_nodes'][$y]['access_control_node_uuid'] = uuid();
+									$array['access_controls'][0]['access_control_nodes'][$y]['node_type'] = $dig['type'];
+									$array['access_controls'][0]['access_control_nodes'][$y]['node_cidr'] = $line.'/32';
+									$array['access_controls'][0]['access_control_nodes'][$y]['node_description'] = !empty($dig['description']) ? $dig['description'] : $dig['value'];
+									$y++;
+								}
+							}
+						}
+					}
+				}
+
 			}
 
 		//save the data