Security suite class C subnet

[keat]

I have dynamic IP's at home.

Is there a way to add a trusted subnet in Security suite.

 

ie something like xxx.xxx.xxx.0/255.255.255.0

[bsmither]

We can try to change the comparison of the current IP against any of the trusted IP addresses to a comparison of the current IP is within any of the trusted CIDR-notatations, as explained here: http://php.net/manual/en/ref.network.php#74656

Your CIDR notation as compared to your mask above, would be: 123.456.789.000/24

Try this:

In the module's ccss.class.php, near line 60 (this is version 1.0.0), find:
if((string)$this->_current_ip == (string)$value['ip_address']) {

Change to:
if($this->_ipCIDRCheck((string)$this->_current_ip, (string)$value['ip_address'])) { // if((string)$this->_current_ip == (string)$value['ip_address']) {


There are variants of the above statement at lines 28 and 44.


At the bottom of the file, find:
		return false;
	}
}
?>

Change to:
		return false;
	}

	private function _ipCIDRCheck ($IP, $CIDR) {
    list ($net, $mask) = split ("/", $CIDR); // $mask is empty if not in CIDR notation

    $ip_net = ip2long ($net);

	$mask = (!empty($mask)) ? $mask : 32; // force CIDR /32 if empty $mask

	$ip_mask = ~((1 << (32 - $mask)) - 1);

    $ip_ip = ip2long ($IP);

    $ip_ip_net = $ip_ip & $ip_mask;

    return ($ip_ip_net == $ip_net);
  }
}
?>

Of course, keep a backup copy of this file in case the function does not work as planned.

 

[keat]

Will take a peek at the weekend and come back to you.

Thanks

[keat]

 

I spent 20 minutes looking for the file on my PC only to realise it's a plugin and was installed with the key method.

I added the code and then added my IP with a  /16.

It seems to have accepted it, and doesn't complain that my IP is not in the list, so maybe time will tell, when my IP changes.

It might be worth recommending this as a product improvement. ??

 

I did post the completed file, but considering it's related to site security i thought otherwise and removed it.