+ /* unsigned char s6_addr[16]; */
+ struct in6_addr v6;
+ int i, bytestozero, extrabits;
+ char buffer[40];
+
+ if(range > 128)
+ throw "CIDR mask width greater than address width (IPv6, 128 bit)";
+
+ /* To create the CIDR mask we want to set all the bits after 'range' bits of the address
+ * to zero. This means the last (128 - range) bits of the address must be set to zero.
+ * Hence this number divided by 8 is the number of whole bytes from the end of the address
+ * which must be set to zero.
+ */
+ bytestozero = (128 - range) / 8;
+
+ /* Some of the least significant bits of the next most significant byte may also have to
+ * be zeroed. The number of bits is the remainder of the above division.
+ */
+ extrabits = (128 - range) % 8;
+
+ /* Populate our working struct with the parts of the user's IP which are required in the
+ * final CIDR mask. Set all the subsequent bytes to zero.
+ * (16 - bytestozero) is the number of bytes which must be populated with actual IP data.
+ */
+ for(i = 0; i < (16 - bytestozero); i++)
+ {
+ v6.s6_addr[i] = client_sa.in6.sin6_addr.s6_addr[i];
+ }
+
+ /* And zero all the remaining bytes in the IP. */
+ for(; i < 16; i++)
+ {
+ v6.s6_addr[i] = 0;
+ }
+
+ /* And finally, zero the extra bits required. */
+ v6.s6_addr[15 - bytestozero] = (v6.s6_addr[15 - bytestozero] >> extrabits) << extrabits;
+
+ snprintf(buf, 44, "%s/%d", inet_ntop(AF_INET6, &v6, buffer, 40), range);
+ return buf;