[Feature Suggestion] Blocking Invalid IPs

Posted: Mon Apr 03, 2006 11:52 am

I kept having hack attempts that were being attempted by people using either proxies or software to hide their IPs with invalid ones. So I came up with a way to block all the IPs that would not be valid on the Internet. Its not a surefire way to block bad ips, but it should add another layer of protection.

Open includes/nukesentinel.php

Find:

Code:

if($nsnst_const['remote_ip']=="none") { die(_AB_INVALIDIP); }

Before add:

Code:

function valid_ips () {


    global $nsnst_const;


    $bad_list[] = array('start'=>'0', 'end'=>'33554431'); /*0.0.0.0 - 1.255.255.255*/


    $bad_list[] = array('start'=>'33554432', 'end'=>'50331647'); /*2.0.0.0 - 2.255.255.255*/


    $bad_list[] = array('start'=>'83886080', 'end'=>'100663295'); /*5.0.0.0 - 5.255.255.255*/


    $bad_list[] = array('start'=>'117440512', 'end'=>'134217727'); /*7.0.0.0 - 7.255.255.255*/


    $bad_list[] = array('start'=>'167772160', 'end'=>'184549375'); /*10.0.0.0 - 10.255.255.255*/


    $bad_list[] = array('start'=>'385875968', 'end'=>'402653183'); /*23.0.0.0 - 23.255.255.255*/


    $bad_list[] = array('start'=>'452984832', 'end'=>'469762047'); /*27.0.0.0 - 27.255.255.255*/


    $bad_list[] = array('start'=>'520093696', 'end'=>'536870911'); /*31.0.0.0 - 31.255.255.255*/


    $bad_list[] = array('start'=>'603979776', 'end'=>'637534207'); /*36.0.0.0 - 37.255.255.255*/


    $bad_list[] = array('start'=>'654311424', 'end'=>'671088639'); /*39.0.0.0 - 39.255.255.255*/


    $bad_list[] = array('start'=>'704643072', 'end'=>'721420287'); /*42.0.0.0 - 42.255.255.255*/


    $bad_list[] = array('start'=>'822083584', 'end'=>'838860799'); /*49.0.0.0 - 49.255.255.255*/


    $bad_list[] = array('start'=>'838860800', 'end'=>'855638015'); /*50.0.0.0 - 50.255.255.255*/


    $bad_list[] = array('start'=>'1291845632', 'end'=>'1308622847'); /*77.0.0.0 - 77.255.255.255*/


    $bad_list[] = array('start'=>'1308622848', 'end'=>'1342177279'); /*78.0.0.0 - 79.255.255.255*/


    $bad_list[] = array('start'=>'1543503872', 'end'=>'1610612735'); /*92.0.0.0 - 95.255.255.255*/


    $bad_list[] = array('start'=>'1610612736', 'end'=>'1879048191'); /*96.0.0.0 - 111.255.255.255*/


    $bad_list[] = array('start'=>'1879048192', 'end'=>'2013265919'); /*112.0.0.0 - 119.255.255.255*/


    $bad_list[] = array('start'=>'2013265920', 'end'=>'2030043135'); /*120.0.0.0 - 120.255.255.255*/


    $bad_list[] = array('start'=>'2130706432', 'end'=>'2147483647'); /*127.0.0.0 - 127.255.255.255*/


    $bad_list[] = array('start'=>'-1442971648', 'end'=>'-1442906113'); /*169.254.0.0 - 169.254.255.255*/


    $bad_list[] = array('start'=>'-1408237568', 'end'=>'-1407188993'); /*172.16.0.0 - 172.31.255.255*/


    $bad_list[] = array('start'=>'-1392508928', 'end'=>'-1375731713'); /*173.0.0.0 - 173.255.255.255*/


    $bad_list[] = array('start'=>'-1375731712', 'end'=>'-1342177281'); /*174.0.0.0 - 175.255.255.255*/


    $bad_list[] = array('start'=>'-1342177280', 'end'=>'-1207959553'); /*176.0.0.0 - 183.255.255.255*/


    $bad_list[] = array('start'=>'-1207959552', 'end'=>'-1140850689'); /*184.0.0.0 - 187.255.255.255*/


    $bad_list[] = array('start'=>'-1073741312', 'end'=>'-1073741057'); /*192.0.2.0 - 192.0.2.255*/


    $bad_list[] = array('start'=>'-1062731776', 'end'=>'-1062666241'); /*192.168.0.0 - 192.168.255.255*/


    $bad_list[] = array('start'=>'-989855744', 'end'=>'-973078529'); /*197.0.0.0 - 197.255.255.255*/


    $bad_list[] = array('start'=>'-971898880', 'end'=>'-971767809'); /*198.18.0.0 - 198.19.255.255*/


    $bad_list[] = array('start'=>'-553648128', 'end'=>'-536870913'); /*223.0.0.0 - 223.255.255.255*/


    $bad_list[] = array('start'=>'-536870912', 'end'=>'-1'); /*224.0.0.0 - 255.255.255.255*/


    $ip = ip2long($nsnst_const['remote_ip']);


    foreach ($bad_list as $range) {


        if($ip > $range['start'] && $ip < $range['end']) {


            die(_AB_INVALIDIP);


        }


    }


    


}


valid_ips();

Site Admin Joined: Jun 04, 2004 Posts: 6433

Interesting. Do you block these invalid IPs permanently? Why not just put them in the banned IP file?

Posted: Mon Apr 03, 2006 10:20 pm

My thought was why make it so people could remove them by mistake. I mean yeah sure you can still, but it is less likely this way. There is should be little reason for these IPs anyways, and if you need to just comment out the function call.

Posted: Tue Apr 04, 2006 4:26 am

Good point. Not sure why anyone would need to comment it out, but it's usually better if people don't need to touch the code. Still, there is no need since there is no reason to use those. It could have an option to determine whether or not to ban invalid IPs.

Posted: Tue Apr 04, 2006 7:47 am

True, I will rewrite it to do so.