The wise old elf was taking a breather from all the busy preparations and was just looking forward to a richly deserved hot toddy when he heard a familiar knock at the door. He allowed himself the briefest of sighs.

"Come in, Wispy!"

In scuttled Wispy Crinkletops wearing a worried expression.

"You know the wonderful new web portal we set up so that people could write to us directly with their wishes? Well, not all the messages received have been about that. Lots are from people looking to sell us things - and mostly useless things at that! And there are some others which are just so ... rude. How could anyone be so mean?"

"Now, now. Don't get all flustered. You know that this sort of thing is why the boss keeps a Naughty List as well as a Nice List.". The wise old elf thought for a moment and then asked, "Did you look to see if these all came from the same IP address?".

Wispy composed herself and then nodded. "I did check but they were from quite a big number of different addresses so it would take forever to try to deal with them all.".

"Hmmm. Can you show me the list?"

Again Wispy nodded and produced a sizeable sheaf of 11 by 14 fanfold. The wise old elf smiled kindly and ran his eyes down the list. Some definite patterns were detectable and he hit upon an idea.

"Even though there are a lot of different addresses, it looks like only a dozen or so netblocks are involved. We can use Net::CIDR::Lite to filter those.". He turned to his terminal and quickly constructed some code. Wispy peered over his shoulder to see.

use CGI::Fast;
use Net::CIDR::Lite;

# Build list of netblocks
my $naughty = Net::CIDR::Lite->new;
$naughty->add ($_) for qw{10.52.192.0/18 172.26.64.0/20 192.168.188.0/23};

while (my $fcgi = CGI::Fast->new) {

    # Test for presence in the list
    if ($naughty->find ($ENV{REMOTE_ADDR})) {
        triage ($fcgi);
        next;
    }

    warn "DEBUG: $ENV{REMOTE_ADDR} is not from a known naughty netblock.\n";
    process_form ($fcgi);
}

sub triage {
	# Push the message onto the moderation queue
	...
}

sub process_form {
	# Not from a known naughty netblock, so assume to be nice
	...
}

The wise old elf explained, "This allows any number of ranges to be combined into a single list for comparison against the client address. You don't need to store every single address in the naughty blocks."

Wispy was impressed but could see one or two problems. "We don't use FCGI for the web form - it's all PSGI now."

"It's only an illustration, Wispy - you can use this method with any handler."

"There were IPv6 addresses in the list too. Can we add those?"

"You would need 2 separate objects to hold v4 and v6 addresses but the principle is the same."

"I can never remember the netmasks, though." moaned Wispy, crestfallen.

The wise old elf smiled. "You don't have to use netmasks, just a simple range will do. You can even mix and match, like this:"

$naughty->add_any ($_) for qw{10.52.192.0/18 172.26.64.0-172.26.79.255 192.168.188.0/23};

Wispy brightened as she could see that this would save time and effort and keep all those naughty girls and boys where they deserved to be. She thanked the wise old elf and headed off to implement the filter, leaving him to enjoy his hot toddy in peace.