有些老接口要限制内网访问,选择最简单的方式,由PHP执行时进行判断
根据ip段判断
判断常规的192、172、10、127 IP段1
2
3
4
5
6
7
8
9
10
11
12
13
14
15function is_internal_ip(string $ip = '') {
if ($ip == '') {
return false;
}
$ip = ip2long($ip);
// 0xc0a80000 192.168.0.0/16
// 0xac100000 172.16.0.0/12
// 0xa0000000 10.0.0.0/8
// 0x7f000000 127.0.0.0/8
return ($ip & 0xffff0000) == 0xc0a80000
|| ($ip & 0xfff00000) == 0xac100000
|| ($ip & 0xff000000) == 0xa0000000
|| ($ip & 0xff000000) == 0x7f000000;
}
使用PHP内置方法
filter_var是个很棒的方法,能完成各种类型(url、email等)的判断
此处用到的两个flag如下,其余flag请点击参考链接
此方法会将保留ip也识别为内网ip
FILTER_FLAG_NO_PRIV_RANGE (非私有ip,即非专有网络)
Fails validation for the following private IPv4 ranges: 10.0.0.0/8, 172.16.0.0/12 and 192.168.0.0/16.
Fails validation for the IPv6 addresses starting with FD or FC.
FILTER_FLAG_NO_RES_RANGE (非保留ip)
Fails validation for the following reserved IPv4 ranges: 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8 and 240.0.0.0/4.
Fails validation for the following reserved IPv6 ranges: ::1/128, ::/128, ::ffff:0:0/96 and fe80::/10.
1 | function is_internal_ip(string $ip = '') { |