最簡單的方法來檢查用戶是否來自給定的IP塊並重定向？

Question

以下是我在應用程序控制器寫的代碼：

class ApplicationController < ActionController::Base 
    protect_from_forgery 

    before_filter :redirect_if_bolivia 

    private 

    def redirect_if_bolivia 
    if (bolivia_ip_block).includes? request.remote_ip 
     #redirect user to www.foo.com 
    end 
    end 

    def bolivia_ip_block 
    %w { 
     12.144.86.0 - 12.144.87.255 
31.201.1.176 - 31.201.1.179 
46.36.198.101 - 46.36.198.105 
46.136.172.0 - 46.136.172.255 
63.65.11.0 - 63.65.12.254 
65.173.56.0 - 65.173.63.255 
67.23.241.179 - 67.23.241.198 
72.32.164.56 - 72.32.164.63 
72.46.244.32 - 72.46.244.47 
74.91.16.48 - 74.91.16.55 
74.91.16.208 - 74.91.16.215 
74.91.20.48 - 74.91.20.71 
74.112.134.120 - 74.112.134.127 
74.112.135.104 - 74.112.135.111 
74.205.37.16 - 74.205.37.23 
78.24.205.32 - 78.24.205.47 
98.129.27.88 - 98.129.27.95 
98.129.91.40 - 98.129.91.47 
166.114.0.0 - 166.114.255.255 
167.157.0.0 - 167.157.255.255 
174.143.165.80 - 174.143.165.87 
186.0.156.0 - 186.0.159.255 
186.2.0.0 - 186.2.127.255 
186.27.0.0 - 186.27.127.255 
190.0.248.0 - 190.0.255.255 
190.3.184.0 - 190.3.191.255 
    } 
    end 
end 

所以基本上，什麼是檢查是否request.remote_ip屬於玻利維亞IP塊最簡單的方法？

我不認爲迭代每個塊並吐出相應的IP，將它添加到數組是有效的。事實上，這將導致我爲每個請求創建數千個條目的數組。

我敢肯定，這不是一個新問題，所以我很樂意有一個經過驗證的解決方案。

也許我可以檢查前三個八位字節是否匹配，然後它屬於該塊？我如何在Ruby中做簡單的字符串比較？

Answer 1

由於塊不是任意的，因此可以將子網轉換爲CIDR表示法。然後，你可以利用IPAddr#include

require 'ipaddr' 

class ApplicationController < ActionController::Base 
    protect_from_forgery 

    before_filter :redirect_if_bolivia 

    private 

    def redirect_if_bolivia 
    if bolivian_blocks.any? { |block| block.include?(request.remote_ip) } 
     #redirect user to www.foo.com 
    end 
    end 

    def bolivian_blocks 
    %w{ 
     12.144.86.0/23 
     31.201.1.176/30 
    }.map { |subnet| IPAddr.new subnet } 
    end 
end