bw - fix black/grey/whitelist rdns check and country check

2023-04-25 12:07:24 +02:00 · 2023-04-25 12:07:24 +02:00 · 95e64d6c87
parent 9f1405d69e
commit 95e64d6c87
4 changed files with 15 additions and 29 deletions
--- a/src/common/core/blacklist/blacklist.lua
+++ b/src/common/core/blacklist/blacklist.lua
@ -220,27 +220,19 @@ function blacklist:is_blacklisted_ip()
 	end
 	if check_rdns then
 		-- Get rDNS
-		local rdns_list, err = utils.get_rdns(ngx.ctx.bw.remote_addr)
-		if not rdns_list then
-			return false, err
-		end
-		-- Check if rDNS is in ignore list
-		local ignore = false
-		for i, ignore_suffix in ipairs(self.lists["IGNORE_RDNS"]) do
-			for j, rdns in ipairs(rdns_list) do
+		local rdns, err = utils.get_rdns(ngx.ctx.bw.remote_addr)
+		if rdns then
+			-- Check if rDNS is in ignore list
+			local ignore = false
+			for i, ignore_suffix in ipairs(self.lists["IGNORE_RDNS"]) do
 				if rdns:sub(-#ignore_suffix) == ignore_suffix then
 					ignore = true
 					break
 				end
 			end
-			if ignore then
-				break
-			end
-		end
-		-- Check if rDNS is in blacklist
-		if not ignore then
-			for i, suffix in ipairs(self.lists["RDNS"]) do
-				for j, rdns in ipairs(rdns_list) do
+			-- Check if rDNS is in blacklist
+			if not ignore then
+				for i, suffix in ipairs(self.lists["RDNS"]) do
 					if rdns:sub(-#suffix) == suffix then
 						return true, "rDNS " .. suffix
 					end
--- a/src/common/core/country/country.lua
+++ b/src/common/core/country/country.lua
@ -24,7 +24,7 @@ function country:access()
 		return self:ret(true, "country not activated")
 	end
 	-- Check if IP is in cache
-	local data, err = self:is_in_cache(ngx.ctx.bw.remote_addr)
+	local ok, data = self:is_in_cache(ngx.ctx.bw.remote_addr)
 	if data then
 		if data.result == "ok" then
 			return self:ret(true, "client IP " .. ngx.ctx.bw.remote_addr .. " is in country cache (not blacklisted, country = " .. data.country .. ")")
--- a/src/common/core/greylist/greylist.lua
+++ b/src/common/core/greylist/greylist.lua
@ -180,13 +180,10 @@ function greylist:is_greylisted_ip()
 	end
 	if check_rdns then
 		-- Get rDNS
-		local rdns_list, err = utils.get_rdns(ngx.ctx.bw.remote_addr)
-		if not rdns_list then
-			return nil, err
-		end
+		local rdns, err = utils.get_rdns(ngx.ctx.bw.remote_addr)
 		-- Check if rDNS is in greylist
-		for i, suffix in ipairs(self.lists["RDNS"]) do
-			for j, rdns in ipairs(rdns_list) do
+		if rdns then
+			for i, suffix in ipairs(self.lists["RDNS"]) do
 				if rdns:sub(-#suffix) == suffix then
 					return true, "rDNS " .. suffix
 				end
--- a/src/common/core/whitelist/whitelist.lua
+++ b/src/common/core/whitelist/whitelist.lua
@ -237,13 +237,10 @@ function whitelist:is_whitelisted_ip()
 	end
 	if check_rdns then
 		-- Get rDNS
-		local rdns_list, err = utils.get_rdns(ngx.ctx.bw.remote_addr)
-		if not rdns_list then
-			return nil, err
-		end
+		local rdns, err = utils.get_rdns(ngx.ctx.bw.remote_addr)
 		-- Check if rDNS is in whitelist
-		for i, suffix in ipairs(self.lists["RDNS"]) do
-			for j, rdns in ipairs(rdns_list) do
+		if rdns then
+			for i, suffix in ipairs(self.lists["RDNS"]) do
 				if rdns:sub(-#suffix) == suffix then
 					return true, "rDNS " .. suffix
 				end