2""".. _botdetection.ip_lists:
7The ``ip_lists`` method implements IP :py:obj:`block- <block_ip>` and
8:py:obj:`pass-lists <pass_ip>`.
12 [botdetection.ip_lists]
15 '167.235.158.251', # IPv4 of check.searx.space
16 '192.168.0.0/16', # IPv4 private network
17 'fe80::/10' # IPv6 linklocal
20 '93.184.216.34', # IPv4 of example.org
21 '257.1.1.1', # invalid IP --> will be ignored, logged in ERROR class
27from __future__
import annotations
28from typing
import Tuple
29from ipaddress
import (
36from ._helpers
import logger
38logger = logger.getChild(
'ip_limit')
43 '2a01:04f8:1c1c:8fc2::/64',
45"""Passlist of IPs from the SearXNG organization, e.g. `check.searx.space`."""
49 """Checks if the IP on the subnet is in one of the members of the
50 ``botdetection.ip_lists.pass_ip`` list.
53 if cfg.get(
'botdetection.ip_lists.pass_searxng_org', default=
True):
54 for net
in SEARXNG_ORG:
55 net = ip_network(net, strict=
False)
56 if real_ip.version == net.version
and real_ip
in net:
57 return True, f
"IP matches {net.compressed} in SEARXNG_ORG list."
62 """Checks if the IP on the subnet is in one of the members of the
63 ``botdetection.ip_lists.block_ip`` list.
68 msg +=
" To remove IP from list, please contact the maintainer of the service."
73 real_ip: IPv4Address | IPv6Address, list_name: str, cfg:
config.Config
76 for net
in cfg.get(list_name, default=[]):
78 net = ip_network(net, strict=
False)
80 logger.error(
"invalid IP %s in %s", net, list_name)
82 if real_ip.version == net.version
and real_ip
in net:
83 return True, f
"IP matches {net.compressed} in {list_name}."
84 return False, f
"IP is not a member of an item in the f{list_name} list"
Tuple[bool, str] block_ip(IPv4Address|IPv6Address real_ip, config.Config cfg)
Tuple[bool, str] ip_is_subnet_of_member_in_list(IPv4Address|IPv6Address real_ip, str list_name, config.Config cfg)
Tuple[bool, str] pass_ip(IPv4Address|IPv6Address real_ip, config.Config cfg)
1.10.0