From 41dab440265237144de1369ef283b883d2fab058 Mon Sep 17 00:00:00 2001
From: Daniel Berteaud <daniel@firewall-services.com>
Date: Thu, 2 May 2013 03:58:34 +0200
Subject: [PATCH] Convert networks addresses to CIDR

---
 .../e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP   | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP
index c954b15..22b153a 100644
--- a/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP
+++ b/root/etc/e-smith/templates/etc/fail2ban/jail.conf/05IgnoreIP
@@ -1,24 +1,33 @@
 {
 
 use esmith::NetworksDB;
+use Net::IPv4Addr;
+
 my $n = esmith::NetworksDB->open_ro() ||
   die "Couldn't open networks DB\n";
 
 my @ip = ("127.0.0.0/8");
 
 # Add hosts which can access the server-manager to the whitelist
-push @ip, $_ foreach (split /[,;]/, (${'httpd-admin'}{'ValidFrom'} || ''));
+foreach (split /[,;]/, (${'httpd-admin'}{'ValidFrom'} || '')){
+    my ($ip,$bits) = Net::IPv4Addr::ipv4_parse("$_");
+    push @ip, "$ip/$bits";
+}
 
 unless (($fail2ban{FilterLocalNetworks} || 'disabled') eq 'enabled'){
   foreach my $net ($n->networks){
     my $key = $net->key;
     my $mask = $net->prop('Mask');
-    push @ip, "$key/$mask";
+    my ($ip,$bits) = Net::IPv4Addr::ipv4_parse("$key/$mask");
+    push @ip, "$ip/$bits";
   }
 }
 
 # Add a local whitelist
-push @ip, $_ foreach (split /[,;]/, ($fail2ban{'IgnoreIP'} || ''));
+foreach (split /[,;]/, ($fail2ban{'IgnoreIP'} || '')){
+    my ($ip,$bits) = Net::IPv4Addr::ipv4_parse("$_");
+    push @ip, "$ip/$bits";
+}
 
 $OUT .= "ignoreip = " . join(" ", @ip);