version 0.3.6

[fms.git] / src / ipaddressacl.cpp

diff --git a/src/ipaddressacl.cpp b/src/ipaddressacl.cpp
index 0516c1d..2f62955 100644 (file)
--- a/src/ipaddressacl.cpp
+++ b/src/ipaddressacl.cpp
@@ -12,7 +12,7 @@ IPAddressACL::IPAddressACL():m_allowbydefault(true)
 const bool IPAddressACL::Add(const std::string &aclentry)\r
 {\r
        bool allow=m_allowbydefault;\r
-       int maskbits=0;\r
+       int maskbits=32;\r
        std::string::size_type strpos=std::string::npos;\r
        std::string entrystr=aclentry;\r
 \r
@@ -63,18 +63,32 @@ const bool IPAddressACL::Add(const std::string &aclentry)
 \r
 const std::string IPAddressACL::CreateMask(const int maskbits)\r
 {\r
+/*\r
        int bitsleft=maskbits;\r
-       int parts[4]={255,255,255,255};\r
+       int parts[4]={0,0,0,0};\r
        std::ostringstream ipstr;\r
 \r
-       for(int i=3; i>=0; i--)\r
+       for(int i=0; i<4; i++)\r
        {\r
-               for(int b=0; b<8 && bitsleft>0; b++)\r
+               for(int b=7; b>=0 && bitsleft>0; b--)\r
                {\r
-                       parts[i]-=pow((float)2,b);\r
+                       parts[i]+=pow((float)2,b);\r
                        bitsleft--;\r
                }\r
        }\r
+*/\r
+       int bits=maskbits;\r
+       bits>32 ? bits=32 : false;\r
+       bits<0 ? bits=0 : false;\r
+       int parts[4]={0,0,0,0};\r
+       std::ostringstream ipstr;\r
+\r
+       unsigned long maskval=(((unsigned long)pow((float)2,bits)-1) << (32-bits));\r
+\r
+       parts[0]=((maskval >> 24) & 0xff);\r
+       parts[1]=((maskval >> 16) & 0xff);\r
+       parts[2]=((maskval >> 8) & 0xff);\r
+       parts[3]=(maskval & 0xff);\r
 \r
        ipstr << parts[0] << "." << parts[1] << "." << parts[2] << "." << parts[3];\r
 \r
@@ -86,7 +100,7 @@ const bool IPAddressACL::IsAllowed(const Poco::Net::IPAddress &addr)
        bool found=false;\r
        bool rval=m_allowbydefault;\r
 \r
-       for(std::vector<entry>::iterator i=m_entries.begin(); i!=m_entries.end() && found==false; i++)\r
+       for(std::vector<entry>::reverse_iterator i=m_entries.rbegin(); i!=m_entries.rend() && found==false; i++)\r
        {\r
                Poco::Net::IPAddress ip1=addr;\r
                Poco::Net::IPAddress ip2=(*i).m_addr;\r
@@ -94,8 +108,11 @@ const bool IPAddressACL::IsAllowed(const Poco::Net::IPAddress &addr)
                //ip1.mask((*i).m_mask);\r
                //ip2.mask((*i).m_mask);\r
 \r
-               ip1=MaskAddress(ip1,(*i).m_mask);\r
-               ip2=MaskAddress(ip2,(*i).m_mask);\r
+               if(ip1.family()==Poco::Net::IPAddress::IPv4 && ip2.family()==Poco::Net::IPAddress::IPv4)\r
+               {\r
+                       ip1=MaskAddress(ip1,(*i).m_mask);\r
+                       ip2=MaskAddress(ip2,(*i).m_mask);\r
+               }\r
 \r
                if(ip1==ip2)\r
                {\r