function check_firewall()
{
global $__vp_validate_error;
$stored_cidrs = $this->get_option('service_ips_cidr');
$stored_ext_cidrs = get_option('vaultpress_service_ips_external_cidr');
$one_day_ago = time() - 86400;
if (empty($stored_cidrs) || empty($stored_ext_cidrs) || $stored_cidrs['updated'] < $one_day_ago) {
$cidrs = $this->update_firewall();
}
if (empty($cidrs)) {
$cidrs = array_merge($stored_cidrs['data'], $stored_ext_cidrs['data']);
}
if (empty($cidrs)) {
// No up-to-date info; fall back on the old methods.
if ($this->do_c_block_firewall()) {
return true;
} else {
$__vp_validate_error = array('error' => 'empty_vp_ip_cidr_range');
return false;
}
}
// Figure out possible remote IPs
if ($this->get_option('allow_forwarded_for') && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$remote_ips = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
}
if (!empty($_SERVER['REMOTE_ADDR'])) {
$remote_ips[] = $_SERVER['REMOTE_ADDR'];
}
if (empty($remote_ips)) {
$__vp_validate_error = array('error' => 'no_remote_addr', 'detail' => (int) $this->get_option('allow_forwarded_for'));
// shouldn't happen
return false;
}
foreach ($remote_ips as $ip) {
$ip = preg_replace('#^::(ffff:)?#', '', $ip);
if ($cidr = $this->ip_in_cidrs($ip, $cidrs)) {
return true;
}
}
$__vp_validate_error = array('error' => 'remote_addr_fail', 'detail' => $remote_ips);
return false;
}