From 020d0ee22d92d536fce5e38e2c6908c7137d3b78 Mon Sep 17 00:00:00 2001
From: Yasen Pramatarov <yasen@lindeas.com>
Date: Fri, 3 Jan 2025 17:49:36 +0200
Subject: [PATCH] Adds known bad IPs and networks

---
 app/classes/ratelimitrer.php | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/app/classes/ratelimitrer.php b/app/classes/ratelimitrer.php
index 0571c08..a1850fd 100644
--- a/app/classes/ratelimitrer.php
+++ b/app/classes/ratelimitrer.php
@@ -65,6 +65,24 @@ class RateLimiter {
         foreach ($defaultIps as $ip) {
             $stmt->execute([$ip[0], $ip[1], $ip[2]]);
         }
+
+        // Insert known malicious networks
+        $defaultBlacklist = [
+            ['0.0.0.0/8', true, 'Reserved address space - RFC 1122'],
+            ['100.64.0.0/10', true, 'Carrier-grade NAT space - RFC 6598'],
+            ['192.0.2.0/24', true, 'TEST-NET-1 Documentation space - RFC 5737'],
+            ['198.51.100.0/24', true, 'TEST-NET-2 Documentation space - RFC 5737'],
+            ['203.0.113.0/24', true, 'TEST-NET-3 Documentation space - RFC 5737']
+        ];
+
+        $stmt = $this->db->prepare("INSERT OR IGNORE INTO {$this->blacklistTable} 
+            (ip_address, is_network, reason, created_by) 
+            VALUES (?, ?, ?, 'system')");
+
+        foreach ($defaultBlacklist as $ip) {
+            $stmt->execute([$ip[0], $ip[1], $ip[2]]);
+        }
+
     }
 
     // Check if IP is whitelisted