finding the LUA bug

2021-04-13 17:01:27 +02:00 · 2021-04-13 17:01:27 +02:00 · b55aafb997
parent deeb7a76a2
commit b55aafb997
2 changed files with 41 additions and 33 deletions
--- a/lua/blacklist.lua
+++ b/lua/blacklist.lua
@ -22,24 +22,28 @@ function M.reverse_cached ()
 end

 function M.check_ip ()
-	local blacklist = iputils.parse_cidrs(ip_list)
-	if iputils.ip_in_cidrs(ip, blacklist) then
-		ngx.shared.blacklist_ip_cache:set(ip, "ko", 86400)
-		ngx.log(ngx.WARN, "ip " .. ip .. " is in blacklist")
-		return true
+	if #ip_list > 0 then
+		local blacklist = iputils.parse_cidrs(ip_list)
+		if iputils.ip_in_cidrs(ip, blacklist) then
+			ngx.shared.blacklist_ip_cache:set(ip, "ko", 86400)
+			ngx.log(ngx.WARN, "ip " .. ip .. " is in blacklist")
+			return true
+		end
 	end
 	ngx.shared.blacklist_ip_cache:set(ip, "ok", 86400)
 	return false
 end

 function M.check_reverse ()
-	local rdns = dns.get_reverse()
-	if rdns ~= "" then
-		for k, v in ipairs(reverse_list) do
-			if rdns:sub(-#v) == v then
-				ngx.shared.blacklist_reverse_cache:set(ip, "ko", 86400)
-				ngx.log(ngx.WARN, "reverse " .. rdns .. " is in blacklist")
-				return true
+	if #reverse_list > 0 then
+		local rdns = dns.get_reverse()
+		if rdns ~= "" then
+			for k, v in ipairs(reverse_list) do
+				if rdns:sub(-#v) == v then
+					ngx.shared.blacklist_reverse_cache:set(ip, "ko", 86400)
+					ngx.log(ngx.WARN, "reverse " .. rdns .. " is in blacklist")
+					return true
+				end
 			end
 		end
 	end
--- a/lua/whitelist.lua
+++ b/lua/whitelist.lua
@ -22,33 +22,37 @@ function M.reverse_cached ()
 end

 function M.check_ip ()
-	local whitelist = iputils.parse_cidrs(ip_list)
-	if iputils.ip_in_cidrs(ip, whitelist) then
-		ngx.shared.whitelist_ip_cache:set(ip, "ok", 86400)
-		ngx.log(ngx.WARN, "ip " .. ip .. " is in whitelist")
-		return true
-	end 
+	if #ip_list > 0 then
+		local whitelist = iputils.parse_cidrs(ip_list)
+		if iputils.ip_in_cidrs(ip, whitelist) then
+			ngx.shared.whitelist_ip_cache:set(ip, "ok", 86400)
+			ngx.log(ngx.WARN, "ip " .. ip .. " is in whitelist")
+			return true
+		end
+	end
 	ngx.shared.whitelist_ip_cache:set(ip, "ko", 86400)
 	return false
 end

 function M.check_reverse ()
-	local rdns = dns.get_reverse()
-	if rdns ~= "" then
-		local whitelisted = false
-		for k, v in ipairs(reverse_list) do
-			if rdns:sub(-#v) == v then
-				whitelisted = true
-				break
+	if #reverse_list > 0 then
+		local rdns = dns.get_reverse()
+		if rdns ~= "" then
+			local whitelisted = false
+			for k, v in ipairs(reverse_list) do
+				if rdns:sub(-#v) == v then
+					whitelisted = true
+					break
+				end
 			end
-		end
-		if whitelisted then
-			local ips = dns.get_ips(rdns)
-			for k, v in ipairs(ips) do
-				if v == ip then
-					ngx.shared.whitelist_reverse_cache:set(ip, "ok", 86400)
-					ngx.log(ngx.WARN, "reverse " .. rdns .. " is in whitelist")
-					return true
+			if whitelisted then
+				local ips = dns.get_ips(rdns)
+				for k, v in ipairs(ips) do
+					if v == ip then
+						ngx.shared.whitelist_reverse_cache:set(ip, "ok", 86400)
+						ngx.log(ngx.WARN, "reverse " .. rdns .. " is in whitelist")
+						return true
+					end
 				end
 			end
 		end