|
|
|
|
|
|
by strenholme
2394 days ago
|
|
|
Exactly. If I were to update this code, for IPv4 blocking, I would allow it to block /32 (single IP) and /24 networks. For IPv6 blocking, I would allow blocking a single IPv6 address, a /64 range, and (for extreme offenders) a /48 range. One way to do this is to have multiple hash tables: One for single IPv4 addresses, one for IPv4 /24 ranges, one for single IPv6 addresses, one for /64 IPv6 ranges, and one for /48 IPv6 ranges. Note that while the hashes have (generally speaking) a “big O” of 1, we need to perform one additional operation per range size. IPv4 /32 and /24 blocking requires two lookups, and IPv6 /128, /64, and /48 blocking requires three lookups. |
|
|