0xFE /* 11111110 - 7 bits */
};
+/* Match raw bytes using CIDR bit matching, used by higher level MatchCIDR() */
bool MatchCIDRBits(unsigned char* address, unsigned char* mask, unsigned int mask_bits)
{
unsigned int modulus = mask_bits % 8; /* Number of whole bytes in the mask */
unsigned int divisor = mask_bits / 8; /* Remaining bits in the mask after whole bytes are dealt with */
+ /* We shouldnt match anything, /0 is always valid */
+ if (!mask_bits)
+ return true;
+
/* First compare the whole bytes, if they dont match, return false */
if (memcmp(address, mask, divisor))
return false;
return true;
}
+/* Match CIDR strings, e.g. 127.0.0.1 to 127.0.0.0/8 or 3ffe:1:5:6::8 to 3ffe:1::0/32
+ * If you have a lot of hosts to match, youre probably better off building your mask once
+ * and then using the lower level MatchCIDRBits directly.
+ */
bool MatchCIDR(const char* address, const char* cidr_mask)
{
unsigned char addr_raw[16];
bits = atoi(bits_chars + 1);
*bits_chars = 0;
}
+ else
+ {
+ /* No 'number of bits' field! */
+ return false;
+ }
#ifdef SUPPORT_IP6LINKS
in6_addr address_in6;
{
memcpy(&addr_raw, &address_in6.s6_addr, 16);
memcpy(&mask_raw, &mask_in6.s6_addr, 16);
+
+ if (bits > 128)
+ bits = 128;
}
else
{
{
memcpy(&addr_raw, &address_in4.s_addr, 4);
memcpy(&mask_raw, &mask_in4.s_addr, 4);
+
+ if (bits > 32)
+ bits = 32;
}
else
{