From d6bfe637dad3ddddf980127646cecc4d3e6b7db3 Mon Sep 17 00:00:00 2001
From: kulikov-a <36099472+kulikov-a@users.noreply.github.com>
Date: Thu, 3 Sep 2020 22:59:17 +0300
Subject: [PATCH] find_table_references.py: use pfctl for IP check (#4320)

---
 src/opnsense/scripts/filter/find_table_references.py | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/src/opnsense/scripts/filter/find_table_references.py b/src/opnsense/scripts/filter/find_table_references.py
index 68d1e42f4..60d6d2234 100755
--- a/src/opnsense/scripts/filter/find_table_references.py
+++ b/src/opnsense/scripts/filter/find_table_references.py
@@ -49,13 +49,12 @@ if __name__ == '__main__':
             for line in sp.stdout.strip().split('\n'):
                 tables.append(line.strip())
 
-            # Fetch IP ranges in this table and check if they match
+            # Test given address against tables
             for table in tables:
-                sp = subprocess.run(['/sbin/pfctl', '-t', table, '-T', 'show'], capture_output=True, text=True)
-                for line in sp.stdout.strip().split('\n'):
-                    if line.strip() != "":
-                        if ip in IPNetwork(line.strip()):
-                            result['matches'].append(table)
+                sp = subprocess.run(['/sbin/pfctl', '-t', table, '-Ttest', sys.argv[1]], capture_output=True, text=True)
+                line = sp.stderr.strip()
+                if line.find("1/1") == 0:
+                   result['matches'].append(table)
             print(ujson.dumps(result))
 
         except AddrFormatError: