From fff47a5651778018c6b437519b9ab1a535aa3e1d Mon Sep 17 00:00:00 2001
From: David Flatz
Date: Mon, 20 Jun 2022 15:34:58 +0200
Subject: add function to check whether an ip is from a private range which
 should be useful for security checks of user provided ip-addresses

---
 it.class | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)

(limited to 'it.class')

diff --git a/it.class b/it.class
index 886ae06..87ceb9b 100644
--- a/it.class
+++ b/it.class
@@ -429,6 +429,32 @@ static function cidr_match($ip, $cidrs)
 }
 
 
+/**
+ * check whether an IP address is a private, loopback or link-local address.
+ * Supports IPv6 and IPv6
+ * @param $ip IP address as string (192.168.42.123,
+ *        2a02:169:200:d:0:1337:babe:d00d)
+ * @return true if $ip is in a private, loopback or link-local network block
+ */
+static function is_private_ip($ip)
+{
+	$private_cidrs = [
+		'10.0.0.0/8',
+		'127.0.0.0/8',
+		'169.254.0.0/16',
+		'172.16.0.0/12',
+		'192.0.0.0/24',
+		'192.168.0.0/16',
+		'198.18.0.0/15',
+		'::1/128',
+		'fc00::/7',
+		'fe80::/64',
+	];
+
+	return it::cidr_match($ip, $private_cidrs);
+}
+
+
 /**
  * Convert regex for preg (adds and escapes delimiter, adds modifiers)
  * @param $pattern Regex to convert
-- 
cgit v1.2.3