Edit report at http://bugs.php.net/bug.php?id=47435&edit=1
ID: 47435 Comment by: mikeg at bsd-box dot net Reported by: valli at icsurselva dot ch Summary: FILTER_FLAG_NO_PRIV_RANGE and FILTER_FLAG_NO_RES_RANGE don't work with ipv6 Status: Open Type: Bug Package: Filter related Operating System: linux PHP Version: 5.*, 6CVS (2009-02-18) New Comment: Valli's comment seems to be the right solution: It correctly identifies & differentiates the RFC-listed private & reserved space. I would propose an additional "FILTER_FLAG_NO_SPECIAL_RANGE" that captures the union of the other sets as a convenient shortcut, but that's just laziness on my part. Previous Comments: ------------------------------------------------------------------------ [2009-03-03 06:42:20] valli at icsurselva dot ch Yes, fc00::/7 is the one and only IPv6 private range. But there are also a lot of reserved ranges. FILTER_FLAG_NO_PRIV_RANGE (IP not from private ranges) fc00::/7 // unique-local addresses (rfc4193) FILTER_FLAG_NO_RES_RANGE (IP not from reserved ranges) ::/128 // unspecified address (rfc4291) ::1/128 // loopback address (rfc4291) fe80::/10 // link local unicast (rfc4291) 2001:db8::/32 // documentation addresses (rfc3849) 5f00::/8 // 6Bone 3ffe::/16 // 6Bone ::ffff:0:0/96 // IPv4-Mapped addresses (rfc4291) 2001:10::/28 // ORCHID addresses (rfc4843) ::/0 // default unicast route address FYI the following ranges are implemented for IPv4 in logical_filters.c FILTER_FLAG_NO_PRIV_RANGE (IP not from private ranges) 10.0.0.0/8 // private use network (rfc1918) 172.16.0.0/12 // private use network (rfc1918) 192.168.0.0/16 // private use network (rfc1918) FILTER_FLAG_NO_RES_RANGE (IP not from reserved ranges) 0.0.0.0/8 // "this" network (rfc1700) 169.254.0.0/16 // link local network (rfc3927) 192.0.2.0/24 // test net (rfc3330) 224.0.0.0/4 // Multicast (rfc3171) 240.0.0.0/4 // Reserved for Future Use (rfc1700) ------------------------------------------------------------------------ [2009-03-03 01:20:16] il...@php.net According to the RFC I saw, the indicated ranges are the only ones identified as private. ------------------------------------------------------------------------ [2009-02-26 11:17:20] valli at icsurselva dot ch Sorry, I've checked the wrong file when I wrote the last comment. Now I've seen your fixes. But there are a lot more ranges to check (not only fc00::/7) At least the following IPv6 ranges should match when FILTER_FLAG_NO_RES_RANGE is set (rfc5156): ::/128 // unspecified address (rfc4291) fe80::/10 // link local unicast (rfc4291) 2001:db8::/32 // documentation addresses (rfc3849) 5f00::/8 // 6Bone 3ffe::/16 // 6Bone ------------------------------------------------------------------------ [2009-02-24 07:55:51] valli at icsurselva dot ch Can't find any code in the snapshots regarding this issue. Will this be fixed in php-5.3? ------------------------------------------------------------------------ [2009-02-23 16:52:50] il...@php.net This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/bug.php?id=47435 -- Edit this bug report at http://bugs.php.net/bug.php?id=47435&edit=1