diff --git a/server/filter.py b/server/filter.py index 840c5316..0e5f9ecb 100644 --- a/server/filter.py +++ b/server/filter.py @@ -288,6 +288,9 @@ class Filter(JailThread): # IP address without CIDR mask if len(s) == 1: s.insert(1, '32') + elif "." in s[1]: # 255.255.255.0 style mask + s[1] = len(re.search( + "(?<=b)1+", bin(DNSUtils.addr2bin(s[1]))).group()) s[1] = long(s[1]) try: a = DNSUtils.cidr(s[0], s[1]) diff --git a/testcases/filtertestcase.py b/testcases/filtertestcase.py index 30397d67..f1a9bcd2 100644 --- a/testcases/filtertestcase.py +++ b/testcases/filtertestcase.py @@ -188,6 +188,15 @@ class IgnoreIP(LogCaptureTestCase): self.assertFalse(self.filter.inIgnoreIPList('192.168.1.255')) self.assertFalse(self.filter.inIgnoreIPList('192.168.0.255')) + def testIgnoreIPMask(self): + self.filter.addIgnoreIP('192.168.1.0/255.255.255.128') + self.assertTrue(self.filter.inIgnoreIPList('192.168.1.0')) + self.assertTrue(self.filter.inIgnoreIPList('192.168.1.1')) + self.assertTrue(self.filter.inIgnoreIPList('192.168.1.127')) + self.assertFalse(self.filter.inIgnoreIPList('192.168.1.128')) + self.assertFalse(self.filter.inIgnoreIPList('192.168.1.255')) + self.assertFalse(self.filter.inIgnoreIPList('192.168.0.255')) + def testIgnoreInProcessLine(self): self.filter.addIgnoreIP('192.168.1.0/25') self.filter.addFailRegex('')