diff --git a/src/daemon/command_parser_executor.cpp b/src/daemon/command_parser_executor.cpp index 6695c3ecd..ab1a8881e 100644 --- a/src/daemon/command_parser_executor.cpp +++ b/src/daemon/command_parser_executor.cpp @@ -620,13 +620,19 @@ bool t_command_parser_executor::ban(const std::vector& args) std::ifstream ifs(ban_list_path.string()); for (std::string line; std::getline(ifs, line); ) { - const expect parsed_addr = net::get_network_address(line, 0); - if (!parsed_addr) + auto subnet = net::get_ipv4_subnet_address(line); + if (subnet) { - std::cout << "Invalid IP address: " << line << " - " << parsed_addr.error() << std::endl; + ret &= m_executor.ban(subnet->str(), seconds); continue; } - ret &= m_executor.ban(parsed_addr->host_str(), seconds); + const expect parsed_addr = net::get_network_address(line, 0); + if (parsed_addr) + { + ret &= m_executor.ban(parsed_addr->host_str(), seconds); + continue; + } + std::cout << "Invalid IP address or IPv4 subnet: " << line << std::endl; } return ret; } diff --git a/src/p2p/net_node.inl b/src/p2p/net_node.inl index 128d17155..0bd971f92 100644 --- a/src/p2p/net_node.inl +++ b/src/p2p/net_node.inl @@ -481,13 +481,19 @@ namespace nodetool std::istringstream iss(banned_ips); for (std::string line; std::getline(iss, line); ) { - const expect parsed_addr = net::get_network_address(line, 0); - if (!parsed_addr) + auto subnet = net::get_ipv4_subnet_address(line); + if (subnet) { - MERROR("Invalid IP address: " << line << " - " << parsed_addr.error()); + block_subnet(*subnet, std::numeric_limits::max()); continue; } - block_host(*parsed_addr, std::numeric_limits::max()); + const expect parsed_addr = net::get_network_address(line, 0); + if (parsed_addr) + { + block_host(*parsed_addr, std::numeric_limits::max()); + continue; + } + MERROR("Invalid IP address or IPv4 subnet: " << line); } }