| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110 |
- package prouter
- import (
- "bytes"
- "net"
- "net/http"
- "strings"
- )
- type ipRange struct {
- start net.IP
- end net.IP
- }
- var privateRanges = []ipRange{
- ipRange{
- start: net.ParseIP("10.0.0.0"),
- end: net.ParseIP("10.255.255.255"),
- },
- ipRange{
- start: net.ParseIP("100.64.0.0"),
- end: net.ParseIP("100.127.255.255"),
- },
- ipRange{
- start: net.ParseIP("172.16.0.0"),
- end: net.ParseIP("172.31.255.255"),
- },
- ipRange{
- start: net.ParseIP("192.0.0.0"),
- end: net.ParseIP("192.0.0.255"),
- },
- ipRange{
- start: net.ParseIP("192.168.0.0"),
- end: net.ParseIP("192.168.255.255"),
- },
- ipRange{
- start: net.ParseIP("198.18.0.0"),
- end: net.ParseIP("198.19.255.255"),
- },
- ipRange{
- start: net.ParseIP("198.18.0.0"),
- end: net.ParseIP("198.19.255.255"),
- },
- }
- func checkIfLAN(r *http.Request) bool {
- PredictedClientIP := []net.IP{}
- forwarded := r.Header.Get("X-FORWARDED-FOR")
- rip := r.Header.Get("X-Real-Ip") //Not that kind of RIP
- if forwarded != "" {
- ips := strings.Split(forwarded, ", ")
- for _, ip := range ips {
- PredictedClientIP = append(PredictedClientIP, net.ParseIP(strings.TrimSpace(ip)))
- }
- } else if rip != "" {
- PredictedClientIP = append(PredictedClientIP, net.ParseIP(strings.TrimSpace(rip)))
- } else {
- ip, _, err := net.SplitHostPort(r.RemoteAddr)
- if err != nil {
- } else {
- userIP := net.ParseIP(ip)
- PredictedClientIP = append(PredictedClientIP, userIP)
- }
- }
- //Check if localhost loopback
- if len(PredictedClientIP) == 1 {
- onlyAddr := PredictedClientIP[0].String()
- if onlyAddr == "127.0.0.1" {
- return true
- } else if onlyAddr == "::1" {
- return true
- } else if onlyAddr == "localhost" {
- return true
- }
- }
- IsLocal := true
- for _, thisIP := range PredictedClientIP {
- thisIpIsPrivate := isPrivateSubnet(thisIP)
- if thisIpIsPrivate == false {
- IsLocal = false
- }
- }
- return IsLocal
- }
- func isPrivateSubnet(ipAddress net.IP) bool {
- // my use case is only concerned with ipv4 atm
- if ipCheck := ipAddress.To4(); ipCheck != nil {
- // iterate over all our ranges
- for _, r := range privateRanges {
- // check if this ip is in a private range
- if inRange(r, ipAddress) {
- return true
- }
- }
- }
- return false
- }
- func inRange(r ipRange, ipAddress net.IP) bool {
- // strcmp type byte comparison
- if bytes.Compare(ipAddress, r.start) >= 0 && bytes.Compare(ipAddress, r.end) < 0 {
- return true
- }
- return false
- }
|
