[thelist] CFMX: IP Address Ban/Prevent

[Matt Shooks]

Hello Russ,

You could create a table similar to this:

CREATE TABLE [dbo].[BannedIPs] (
	[Octet1] [tinyint] ,
	[Octet2] [tinyint] NULL ,
	[Octet3] [tinyint] NULL ,
	[Octet4] [tinyint] NULL
)

The allowed NULL values can then be used as your * wildcard by using 
something like this for the query:

<cfquery name="IPCheck">
SELECT 1
FROM BannedIPs A, (Select 192 AS Octet1, 168 AS Octet2, 2 AS Octet3, 255 AS 
Octet4) B
WHERE (
	A.Octet1 = B.Octet1
		AND A.Octet2 = B.Octet2
		AND A.Octet3 = B.Octet3
		AND A.Octet4 = B.Octet4
)OR (
	A.Octet1 = B.Octet1
		AND A.Octet2 = B.Octet2
		AND A.Octet3 = B.Octet3
		AND A.Octet4 IS NULL
) OR (
	A.Octet1 = B.Octet1
		AND A.Octet2 = B.Octet2
		AND A.Octet3 IS NULL
		AND A.Octet4 IS NULL
) OR (
	A.Octet1 = B.Octet1
		AND A.Octet2 IS NULL
		AND A.Octet3 IS NULL
		AND A.Octet4 IS NULL
)
</cfquery>

<cfif IPCheck.RecordCount EQ 0>
<p>You have been BANNED!!!</p>
<cfabort>
</cfif>

Not totally sure, but I would tend to say this method would be quicker too 
as you are making numeric comparisons of an integer field vs a text field.  
Plus it adds the flexibility of blocking large ranges.  Of course I left the 
first octet non nullable because you would never have that null because that 
would effectivly ban everyone.  Hope this helps.

-Matt

>One of the things that's started to happen is that a certain IP address
>at the D class level (I hope I'm stating that correctly), and I'm
>wondering if there's a catch-all to basically say to block:
>
>192.168.1.*
>
>In CFMX on RedHat.
>
>Thanks,
>
>Russ

_________________________________________________________________
Get a FREE online computer virus scan from McAfee when you click here. 
http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963