Re: Restrict IP access to a Perl application

From: barramundi9 <barramundi9@xxxxxxxxxxx>
Date: Wed, 30 Jan 2008 01:57:34 -0800 (PST)

On 1月30日, 下午5時20分, Abigail <abig...@xxxxxxxxxx> wrote:

_
barramundi9 (barramun...@xxxxxxxxxxx) wrote on VCCLXV September MCMXCIII
in <URL:news:210eef7f-8725-4418-a5eb-f7947470d6cc@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>:
)) Dear all:
))
)) I am a newbie to Perl and have an application written in Perl. I put
)) IPs that are "allowed" to access the application into a file called
)) "ip.allow".
))
)) I then tried to compare the $ENV{REMOTE_ADDRESS} to the IPs in
)) "ip.allow" to determine the access right which looks like the
)) following:
))
)) 10.0.0.1
)) 10.0.0.2
)) 10.0.0.3
))
)) And the code is:
))
)) $address=$ENV{'REMOTE_ADDR'};
))
)) open(FILE,"/path/to/ip.allow") or die ("Cannot open file!");
)) flock(FILE,2);
)) while ($line=<FILE>) {
)) $line=~s/\./\\\./g;
)) if ($line =~ /$address/) {
)) print "IP matched!!\n";
)) last;
)) }
)) }
)) flock(FILE,8);
)) close(FILE);
))
)) But it doesn't seem to work because when I take out 10.0.0.1 from the
)) ip.allow file, 10.0.0.1 can still access the application.

That seems odd. In fact, I find it odd that, assuming $ENV {REMOTE_ADDR}
actually contains an IP address, anything matches at all. Say, for instance
$ENV {REMOTE_ADDR} contains "10.0.0.1", and ip.allow contains the three
addresses listed above. Then you do the following tests:

"10\\.0\\.0\\.1\n" =~ /10.0.0.1/
"10\\.0\\.0\\.2\n" =~ /10.0.0.1/
"10\\.0\\.0\\.3\n" =~ /10.0.0.1/

There's no way this is going to match.

*Unless* $ENV {REMOTE_ADDR} is empty, then you'd be comparing the addresses
in ip.allow to //, which will always match.

)) Any suggestions are appreciated, thanks.

Why are you rolling your own security? This is a task that should be done
by the webserver.

Abigail
--
perl -wle 'print "Prime" if (0 x shift) !~ m 0^\0?$|^(\0\0+?)\1+$0'

Thanks for all your replies.

John, you are right, it can be done without regex.

Thanks again.

barramundi9
.

References:
- Restrict IP access to a Perl application
  - From: barramundi9
- Re: Restrict IP access to a Perl application
  - From: Abigail

Prev by Date: Re: Restrict IP access to a Perl application
Next by Date: C's gotoxy() equivalent in Perl
Previous by thread: Re: Restrict IP access to a Perl application
Next by thread: FAQ 9.18 How do I decode a MIME/BASE64 string?
Index(es):
- Date
- Thread

Relevant Pages

Re: Restrict IP access to a Perl application
... I am a newbie to Perl and have an application written in Perl. ... IPs that are "allowed" to access the application into a file called ... That seems odd. ... In fact, I find it odd that, assuming $ENV ...
(comp.lang.perl.misc)
Restrict IP access to a Perl application
... I am a newbie to Perl and have an application written in Perl. ... IPs that are "allowed" to access the application into a file called ...
(comp.lang.perl.misc)
Re: LWP::UserAgent and non-default outgoing IP
... Quoth Tomek: ... My box on which Perl runs has several IPs, ... "Awww, ...
(comp.lang.perl.misc)
Re: Restrict IP access to a Perl application
... I am a newbie to Perl and have an application written in Perl. ... IPs that are "allowed" to access the application into a file called ... You can just compare strings, no need for the regexp ...
(comp.lang.perl.misc)
Re: Restrict IP access to a Perl application
... barramundi9 wrote: ... IPs that are "allowed" to access the application into a file called ... I then tried to compare the $ENVto the IPs in ... can special-order certain sorts of tools at low cost and ...
(comp.lang.perl.misc)