From d968c0da5cfdee1cd00c9f1ca30cbf9cd2c39190 Mon Sep 17 00:00:00 2001
From: jqtmviyu <jqtmviyu@gmail.com>
Date: Mon, 12 Aug 2024 21:44:23 +0800
Subject: [PATCH] =?UTF-8?q?feat:=20:sparkles:=20=E5=B0=81=E7=A6=81?=
 =?UTF-8?q?=E5=88=B0/24=20/64=20ip=E6=AE=B5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 README.md          | 3 ++-
 allow_whitelist.sh | 7 +++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 834b23a..7bb8f99 100644
--- a/README.md
+++ b/README.md
@@ -21,7 +21,8 @@ openwrt需要安装`iptables ip6tables`模块
 
 * 除了`whitelist_pattern="Transmission|qBittorrent|µTorrent|aria2|BitComet"`, 其余都会被屏蔽
 * 例外情况: `special_pattern="qbittorrent/3\.3\.15|Transmission\ 2\.9|BitComet\ 2\.04"`, 这些也会被屏蔽
-* 当时间的小时数字是12的整数倍时,清空防火墙规则和log (eg:12:00/24:00)
+* 当时间的小时数字是12的整数倍时,清空防火墙规则和log (eg:12:00/24:00). 0禁用
+* 封禁延伸到 `/24` `/64` ip段 
 * 当ip是私有地址时,忽略
 * 加入没什么用的彩色输出
 * `--debug`: 调试模式会打印更多信息,但不会写入log和添加防火墙
diff --git a/allow_whitelist.sh b/allow_whitelist.sh
index f9cb1a9..cac23b3 100755
--- a/allow_whitelist.sh
+++ b/allow_whitelist.sh
@@ -215,6 +215,13 @@ echo "$ips" | while IFS= read -r line; do
     continue
   fi
 
+  # 转化成/64,/24掩码
+  if echo "$ip" | grep -q ":"; then
+    ip=$(echo "$ip" | awk -F: '{printf "%s:%s:%s:%s::/64", $1, $2, $3, $4}')
+  else
+    ip=$(echo "$ip" | cut -d '.' -f 1-3).0/24
+  fi
+
   # 初始化标志
   in_special_cases=0
   in_whitelist=0