ipblocklist-functions.pl: Add parser of dshield.

This vendor has a different list format and therefore requires an own parser. Signed-off-by: Tim FitzGeorge <ipfr@tfitzgeorge.me.uk> Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
2026-04-28 03:33:25 +02:00 · 2022-03-04 22:10:29 +01:00
parent ab0179617d
commit ac9b5d8e6b
1 changed files with 36 additions and 0 deletions
--- a/config/cfgroot/ipblocklist-functions.pl
+++ b/config/cfgroot/ipblocklist-functions.pl
@@ -278,4 +278,40 @@ sub parse_ip_or_net_list( $ ) {
 	# Return the grabbed address.
 	return $1;
 }
+
+#
+## sub parse_dshield( line )
+##
+## Parses an input line removing comments.
+##
+## The format is:
+## Start Addrs   End Addrs   Netmask   Nb Attacks   Network Name   Country   email
+## We're only interested in the start address and netmask.
+##
+## Parameters:
+##   line  The line to parse
+##
+## Returns:
+##   Either and IP Address or a null string
+#
+sub parse_dshield( $ ) {
+	my ($line) = @_;
+
+	# Skip coments.
+	return "" if ($line =~ m/^\s*#/);
+
+	$line =~ s/#.*$//;
+
+	#          |Start addrs                |   |End Addrs                |   |Mask
+	$line =~ m|(\d+\.\d+\.\d+\.\d+(?:/\d+)?)\s+\d+\.\d+\.\d+\.\d+(?:/\d+)?\s+(\d+)|;
+
+	# Return nothing if no start address could be grabbed.
+	return unless ($1);
+
+	# Add /32 as prefix for single addresses and return it.
+	return "$1/32" unless ($2);
+
+	# Return the obtained network.
+	return "$1/$2";
+}
 1;