LostS has asked for the wisdom of the Perl Monks concerning the following question:

Hey guys,

Umm here is what I am trying to accomplish. I need to develope a perl module that when called it will check the users IP address compare it to the valid list and if they are withen the correct IP range they are granted access.

Now some how this should be setup to open a flat file or something to get the valid IP list look at each one and understand 128.10.*.* means 128.10.2.1 is valid. You all know what I mean... So is there a module out there like this? If not where do you suggest I begin??

Thank you all for all your help... I really appricate everyone helping me with my little perl problems... Thanks :)
Billy S.

Replies are listed 'Best First'.
Re: IP Verification Check System
by RatArsed (Monk) on Aug 08, 2001 at 18:19 UTC
    You could be even cleverer, and use the response to my node on boolean logic with IP addresses -- I found busunsl's response the most helpful.

    Once you have INTs, and you mask them against the relevent netmask, you can merely do an AND to determine if they're in the same subnet. This also allows non-octet aligned subnets (for example, 10.53.80.0/24)

    --
    RatArsed

[reply]
Re: IP Verification Check System
by trantor (Chaplain) on Aug 08, 2001 at 18:01 UTC

    First of all, you should check that the addresses you want to match are valid. This has already been discussed recently in Matching an IP address. It's a bit more specific to check if one of your file entries is valid because it depends on the format you've chosen. For example, are 3 dots always needed? How many * signs are allowed, and where? Would *.*.*.255 be valid? And so on. However, with pattern matching and split you should be able to sort it out. Watch out if you split using . as a separator! It's a special character so you'll need to escape it.

    Then it's a matter of a simple (internal) transformation on your file's contents: 128.10.*.* is almost a regular expression. All you need to do is escaping each dot with a backslash and substituting each * with [0-9]{1,3}

    Then you should be able to match directly your transformed file entries with your addresses.

    -- TMTOWTDI

[reply]
[d/l]
[select]
Re: IP Verification Check System
by rob_au (Abbot) on Aug 09, 2001 at 02:24 UTC
    There is a module call Net:Patricia which allows you to perform such IP class matches very quickly using the Patricia Trie structure. The methods provided by this module are very friendly and very easy to use. An example of using this module can be seen in my post IP restricted mail delivery.
     

     
    Ooohhh, Rob no beer function well without!
[reply]

Back to Seekers of Perl Wisdom