prosody-modules: mod_firewall/mod_firewall.lua comparison

mod_firewall: Add FROM COUNTRY condition based on GeoIP DB

comparison

equal deleted inserted replaced

-:0ac4545cb4f9
+:ad5c77793750
 			return code, { "search:"..search_name, "pattern:"..pattern_name };
 		end;
 	};
 	scan_list = {
 		global_code = [[local function scan_list(list, items) for item in pairs(items) do if list:contains(item) then return true; end end end]];
-	}
+	};
+	iplib = {
+		global_code = [[local iplib = require "util.ip";]];
+	};
+	geoip_country = {
+		global_code = [[
+local geoip_country = require "geoip.country";
+local geov4 = geoip_country.open(module:get_option_string("geoip_ipv4_country", "/usr/share/GeoIP/GeoIP.dat"));
+local geov6 = geoip_country.open(module:get_option_string("geoip_ipv6_country", "/usr/share/GeoIP/GeoIPv6.dat"));
+local function get_geoip(ips, what)
+	if not ips then
+		return "--";
+	end
+	local ip = iplib.new_ip(ips);
+	if not ip then
+		return "--";
+	end
+	if ip.proto == "IPv6" and geov6 then
+		local geoinfo = geoinfo:query_by_addr6(ip.addr);
+		if geoinfo then
+			return geoinfo[what or "code"];
+		end
+	elseif ip.proto == "IPv4" and geov4 then
+		local geoinfo = geoinfo:query_by_addr(ip.addr);
+		if geoinfo then
+			return geoinfo[what or "code"];
+		end
+	end
+	return "--";
+end
+		]];
+		depends = {
+			"iplib"
+		}
+	};
 };
 local function include_dep(dependency, code)
 	local dep, dep_param = dependency:match("^([^:]+):?(.*)$");
 	local dep_info = available_deps[dep];

Mercurial > prosody-modules