Check IP in gl-pre-git hook
This commit is contained in:
Mercier Pierre-Olivier
parent
8f5cd9a6be
commit
d7686f68c0
3 changed files with 77 additions and 59 deletions
38
hooks/gl-pre-git
Executable file
38
hooks/gl-pre-git
Executable file
|
|
@ -0,0 +1,38 @@
|
|||
#!/usr/bin/env perl
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
use v5.10;
|
||||
use File::Basename;
|
||||
use Net::IP;
|
||||
|
||||
use ACU::Log;
|
||||
$ACU::Log::log_file = "/var/log/hooks/" . basename($0) . ".log";
|
||||
|
||||
# First, check if the repository is in the YYYY/ directory
|
||||
exit 0 if ($ENV{GL_REPO} !~ /^2[0-9]{3}\/.+\/.+/);
|
||||
|
||||
|
||||
my $ip = $1 if ($ENV{'SSH_CLIENT'} =~ m/([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}).*/);
|
||||
say "Votre IP est : $ip.";
|
||||
|
||||
$ip = Net::IP->new($ip) or die ("IP invalide");
|
||||
|
||||
my $schoolnetwork = Net::IP->new('192.168.0.0/16');
|
||||
|
||||
if ($ip->overlaps($schoolnetwork) != $IP_A_IN_B_OVERLAP)
|
||||
{
|
||||
log ERROR, "Vous n'êtes pas autorisé à envoyer vos modifications depuis cette IP.";
|
||||
exit 1;
|
||||
}
|
||||
|
||||
my $sshnetwork = Net::IP->new('10.41.253.0/24');
|
||||
|
||||
if ($ip->overlaps($sshnetwork) == $IP_A_IN_B_OVERLAP)
|
||||
{
|
||||
log ERROR, "Vous n'êtes pas autorisé à envoyer vos modifications depuis cette IP.";
|
||||
exit 1;
|
||||
}
|
||||
|
||||
|
||||
exit 0;
|
||||
Reference in a new issue