jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix blocklist setting when source and list have mixed ip versions

Browse Source
This commit is contained in:
Johannes Zellner
2021-04-07 17:31:04 +02:00
parent 114a5ee2b1
commit 5ae5566ce8
2 changed files with 200 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/network.js
View File

@@ -21,7 +21,7 @@ function getBlocklist(callback) {
assert.strictEqual(typeof callback, 'function');
const data = safe.fs.readFileSync(paths.FIREWALL_BLOCKLIST_FILE, 'utf8');
callback(null, data);
callback(null, data || '');
}
function setBlocklist(blocklist, auditSource, callback) {
@@ -39,8 +39,8 @@ function setBlocklist(blocklist, auditSource, callback) {
if (rangeOrIP.indexOf('/') === -1) {
if (auditSource.ip === rangeOrIP) return callback(new BoxError(BoxError.BAD_FIELD, `${rangeOrIP} includes client IP. Cannot block yourself`));
} else {
const parsedRange = ipaddr.parseCIDR(rangeOrIP);
if (parsedIp.match(parsedRange)) return callback(new BoxError(BoxError.BAD_FIELD, `${rangeOrIP} includes client IP. Cannot block yourself`));
const parsedRange = ipaddr.parseCIDR(rangeOrIP); // returns [addr, range]
if (parsedRange[0].kind() === parsedIp.kind() && parsedIp.match(parsedRange)) return callback(new BoxError(BoxError.BAD_FIELD, `${rangeOrIP} includes client IP. Cannot block yourself`));
}
}
@@ -51,6 +51,6 @@ function setBlocklist(blocklist, auditSource, callback) {
shell.sudo('setBlocklist', [ SET_BLOCKLIST_CMD ], {}, function (error) {
if (error) return callback(new BoxError(BoxError.IPTABLES_ERROR, `Error setting blocklist: ${error.message}`));
callback();
callback(null);
});
}