[thelist] CFMX: IP Address Ban/Prevent
Matt Shooks
shooksm at hotmail.com
Wed Feb 25 14:47:19 CST 2004
Hello Russ,
You could create a table similar to this:
CREATE TABLE [dbo].[BannedIPs] (
[Octet1] [tinyint] ,
[Octet2] [tinyint] NULL ,
[Octet3] [tinyint] NULL ,
[Octet4] [tinyint] NULL
)
The allowed NULL values can then be used as your * wildcard by using
something like this for the query:
<cfquery name="IPCheck">
SELECT 1
FROM BannedIPs A, (Select 192 AS Octet1, 168 AS Octet2, 2 AS Octet3, 255 AS
Octet4) B
WHERE (
A.Octet1 = B.Octet1
AND A.Octet2 = B.Octet2
AND A.Octet3 = B.Octet3
AND A.Octet4 = B.Octet4
)OR (
A.Octet1 = B.Octet1
AND A.Octet2 = B.Octet2
AND A.Octet3 = B.Octet3
AND A.Octet4 IS NULL
) OR (
A.Octet1 = B.Octet1
AND A.Octet2 = B.Octet2
AND A.Octet3 IS NULL
AND A.Octet4 IS NULL
) OR (
A.Octet1 = B.Octet1
AND A.Octet2 IS NULL
AND A.Octet3 IS NULL
AND A.Octet4 IS NULL
)
</cfquery>
<cfif IPCheck.RecordCount EQ 0>
<p>You have been BANNED!!!</p>
<cfabort>
</cfif>
Not totally sure, but I would tend to say this method would be quicker too
as you are making numeric comparisons of an integer field vs a text field.
Plus it adds the flexibility of blocking large ranges. Of course I left the
first octet non nullable because you would never have that null because that
would effectivly ban everyone. Hope this helps.
-Matt
>One of the things that's started to happen is that a certain IP address
>at the D class level (I hope I'm stating that correctly), and I'm
>wondering if there's a catch-all to basically say to block:
>
>192.168.1.*
>
>In CFMX on RedHat.
>
>Thanks,
>
>Russ
_________________________________________________________________
Get a FREE online computer virus scan from McAfee when you click here.
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
More information about the thelist
mailing list