jerreyez Posted August 18, 2009 Share Posted August 18, 2009 Hi, I know how to block a single IP address, but I am trying to block 2 IP ranges but am clueless on how to do it. So, lets say I have an IP "100.111.222.333" and "200.111.222.333". I need to block the ranges in both IP's between "222" and "333". Make sense? What may be easier is to just block any IP that starts with "100.111" or "200.111", but I guess this will block users that should not be blocked. However, I don't think it will block TOO many people will it? If not, then this route will be ok for now too as it may be easier for me to read the code! . Here is my code I am using...as you can see, I am simply blocking any IP that starts with "100" OR starts with "200" (cause this is all I know how to do ). can anyone help me to convert this into what I need? =========================== <?php if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } endifelse; ?> <?php $myIPSplit = explode(".", $ip); ?> <?php if ($myIPSplit[0] == 100 || $myIPSplit[0] == 200) { echo "BLOCKED"; } else { ?> [run my javascript code]; <?php } ?> =========================== Much appreciated! Quote Link to comment Share on other sites More sharing options...
mikesta707 Posted August 18, 2009 Share Posted August 18, 2009 um.. no that is a horrible idea... I would use a regex expression. someone here could probably give you a better example than I could, but a regex expression could be used to do exactly what you need. Quote Link to comment Share on other sites More sharing options...
jerreyez Posted August 18, 2009 Author Share Posted August 18, 2009 um.. no that is a horrible idea... I would use a regex expression. someone here could probably give you a better example than I could, but a regex expression could be used to do exactly what you need. Hey Mike, yeah, I agree with you, but I have no idea what a regex expression is Quote Link to comment Share on other sites More sharing options...
ignace Posted August 18, 2009 Share Posted August 18, 2009 If you block 100.111.0.0-200.111.255.255 you would be blocking: from: 100.111.0.0->01100100.01101111.00000000.00000000 to: 200.111.255.255->11001000.0110111.11111111.11111111 So you will be blocking roughly: 3,604,481 users. Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted August 18, 2009 Share Posted August 18, 2009 If you want to block an IP address interval, just do like this (we'll assume the user IP address is in $userIpAddress): $lowerBound = '100.111.222.333'; $upperBound = '200.111.222.333'; $userIpAddressInt = ip2long($userIpAddress); if (ip2long($lowerBound) >= $userIpAddressInt && ip2long($upperBound) <= $userIpAddressInt) { echo 'go away'; } Quote Link to comment Share on other sites More sharing options...
jerreyez Posted August 18, 2009 Author Share Posted August 18, 2009 If you block 100.111.0.0-200.111.255.255 you would be blocking: from: 100.111.0.0->01100100.01101111.00000000.00000000 to: 200.111.255.255->11001000.0110111.11111111.11111111 So you will be blocking roughly: 3,604,481 users. I'm not blocking the entire range from 0-200. I just used the IP's in my original post as an example. Quote Link to comment Share on other sites More sharing options...
ignace Posted August 18, 2009 Share Posted August 18, 2009 If you block 100.111.0.0-200.111.255.255 you would be blocking: from: 100.111.0.0->01100100.01101111.00000000.00000000 to: 200.111.255.255->11001000.0110111.11111111.11111111 So you will be blocking roughly: 3,604,481 users. I'm not blocking the entire range from 0-200. I just used the IP's in my original post as an example. Not 0-200, 100.111.0.0-200.111.255.255 and Daniel now gave you code to block ip's in the range: 100.111.222.333-200.111.222.333 but even that still blocks a million or more users from visiting your website. Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted August 18, 2009 Share Posted August 18, 2009 I believe they are just sample IP addresses, ignace Quote Link to comment Share on other sites More sharing options...
ignace Posted August 18, 2009 Share Posted August 18, 2009 I believe they are just sample IP addresses, ignace I hope so altough his code says otherwise. if ($myIPSplit[0] == 100 || $myIPSplit[0] == 200) { Quote Link to comment Share on other sites More sharing options...
jerreyez Posted August 18, 2009 Author Share Posted August 18, 2009 If you want to block an IP address interval, just do like this (we'll assume the user IP address is in $userIpAddress): $lowerBound = '100.111.222.333'; $upperBound = '200.111.222.333'; $userIpAddressInt = ip2long($userIpAddress); if (ip2long($lowerBound) >= $userIpAddressInt && ip2long($upperBound) <= $userIpAddressInt) { echo 'go away'; } Hi Danielo, thanks for the reply! However, since I'm not experienced with PHP, I have a hard time reading that code. I don't understand how that will block the two ranges I talked about. It looks like this code will block anyone between the two IP's entirely, not just between "222" and "333" in both. Here is what I am needing in "logic" (note the green/blue text): (I know this code is crappy, but hey, I'm not a programmer! :-\) Note: I'm using the explode() function to separate the usersIP into 4 numbers... ================== <?php if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } endifelse; ?> <?php $myIPSplit = explode(".", $ip); ?> <?php if ( ($myIPSplit[0] == 100 && $myIPSplit[1] == 111 && $myIPSplit[2] >= 222 && $myIPSplit[3] <= 333) || ($myIPSplit[0] == 200 && $myIPSplit[1] == 111 && $myIPSplit[2] >= 222 && $myIPSplit[3] <= 333) ) { echo "BLOCKED"; } else { ?> echo "PASS"; <?php } ?> ================== Quote Link to comment Share on other sites More sharing options...
jerreyez Posted August 18, 2009 Author Share Posted August 18, 2009 I believe they are just sample IP addresses, ignace I hope so altough his code says otherwise. if ($myIPSplit[0] == 100 || $myIPSplit[0] == 200) { Hey Ignace, that portion of my code is just what I have now, which is what I need changed. It was just a quick fix until I get the proper code Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted August 18, 2009 Share Posted August 18, 2009 You need to remember that an IP address is ONE unsigned integer, not four. The dotted representation is only for humans, not for computers. Represented as an unsigned integer in base 10, the IP address of phpfreaks.com (66.97.171.5) is: 1113697029 So imagine we want to ban 66.0.0.0/8 we are blocking the range 1107296256 (66.0.0.0) to 1124073471 (66.255.255.255). It is clear that 1107296256 <= 1113697029 <= 1124073471. Thus the PHP Freaks IP address is within the range and is banned. Assuming you have the four octets in variables $oc1, $oc2, $oc3, $oc4, the numeric representation of the IP address is given by: In case you're wondering, assuming $on are the four octets of a dotted IP address, the numeric representation is given by: $ip = ($o1 << 24) + ($o2 << 16) + ($o3 << + $o4; Quote Link to comment Share on other sites More sharing options...
jerreyez Posted August 18, 2009 Author Share Posted August 18, 2009 You need to remember that an IP address is ONE unsigned integer, not four. The dotted representation is only for humans, not for computers. Represented as an unsigned integer in base 10, the IP address of phpfreaks.com (66.97.171.5) is: 1113697029 So imagine we want to ban 66.0.0.0/8 we are blocking the range 1107296256 (66.0.0.0) to 1124073471 (66.255.255.255). It is clear that 1107296256 <= 1113697029 <= 1124073471. Thus the PHP Freaks IP address is within the range and is banned. Assuming you have the four octets in variables $oc1, $oc2, $oc3, $oc4, the numeric representation of the IP address is given by: In case you're wondering, assuming $on are the four octets of a dotted IP address, the numeric representation is given by: $ip = ($o1 << 24) + ($o2 << 16) + ($o3 << + $o4; haha, I think my head just spun around like 7 times there So, if I knew that the NetRange was: 208.130.32.0 - 208.130.63.200 If the A-B quadrants == 208.130 && C quadrant is >= 32 and <= 63, then block. Could I not do this? Quote Link to comment Share on other sites More sharing options...
Daniel0 Posted August 18, 2009 Share Posted August 18, 2009 No, because that would also block 208.130.63.201, which is not part of that interval. Surely treating the IP address as a single unsigned integer (like it already is) would be easier. By the way, it's called an octet, not a quadrant. Quote Link to comment Share on other sites More sharing options...
ignace Posted August 18, 2009 Share Posted August 18, 2009 I'm not a programmer! :-\ A programmer is someone who writes computer software. So you are by definition a programmer. Quote Link to comment Share on other sites More sharing options...
jerreyez Posted August 18, 2009 Author Share Posted August 18, 2009 I'm not a programmer! :-\ A programmer is someone who writes computer software. So you are by definition a programmer. Thanks for clarifying that, Ignace. "I'm not a GOOD programmer" or a "programmer by trade". Is that better? Quote Link to comment Share on other sites More sharing options...
jerreyez Posted August 18, 2009 Author Share Posted August 18, 2009 No, because that would also block 208.130.63.201, which is not part of that interval. Surely treating the IP address as a single unsigned integer (like it already is) would be easier. By the way, it's called an octet, not a quadrant. Gotchya...Thanks Danielo. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.