Add check to see if a host/netmask is matched from banned IPs

These can't be entered through the Django admin as it is total shit, but
we can at least do this manually and then respect the entries in the
database. This will cover a lot of the frequent spam we've been getting
lately.

Signed-off-by: Dan McGee <dpmcgee@gmail.com>

1 files changed, 5 insertions, 2 deletions

diff --git a/mycomments/signals.py b/mycomments/signals.py
index b407dad..99d2267 100644
--- a/mycomments/signals.py
+++ b/mycomments/signals.py
@@ -56,8 +56,11 @@ def check_spam_comment(sender, **kwargs):
         return True
     ip_addr = rewrite_ip_address(comment.ip_address)
     ip_exists = BannedIP.objects.filter(ip_address=ip_addr).exists()
-    un_exists = BannedUserName.objects.filter(user_name=comment.user_name).exists()
-    if ip_exists or un_exists:
+    ip_net_exists = BannedIP.objects.extra(where=['%s << ip_address'],
+            params=[ip_addr]).exists()
+    un_exists = BannedUserName.objects.filter(
+            user_name=comment.user_name).exists()
+    if ip_exists or ip_net_exists or un_exists:
         # If we found the IP or name in the ban table, this comment is bogus.
         # Returning 'False' will throw a 403 and comment is discarded.
         return False