Add IP validation to live-attack-monitor blocking functions

SECURITY ENHANCEMENT:
Added IP format validation before calling CSF firewall commands to prevent
potential command injection or invalid IP blocking attempts.

CHANGES:
- block_ip_temporary() - Added is_valid_ip() check before csf -td
- block_ip_permanent() - Added is_valid_ip() check before csf -d
- Both functions now return error if IP format is invalid

IMPACT:
Prevents invalid or malformed IPs from being passed to CSF commands,
improving security and preventing potential firewall corruption.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>

modules/security/live-attack-monitor.sh

@@ -703,6 +703,12 @@ block_ip_temporary() {
     local reason="${3:-Auto-block by live monitor}"
     local seconds=$((hours * 3600))
 
+    # Validate IP format before blocking
+    if ! is_valid_ip "$ip"; then
+        echo "✗ Error: Invalid IP format: $ip"
+        return 1
+    fi
+
     if command -v csf &>/dev/null; then
         echo "Blocking $ip for ${hours}h: $reason"
         csf -td "$ip" "$seconds" "$reason" >/dev/null 2>&1
@@ -767,6 +773,12 @@ block_ip_permanent() {
     local ip="$1"
     local reason="${2:-Permanent block by live monitor}"
 
+    # Validate IP format before blocking
+    if ! is_valid_ip "$ip"; then
+        echo "✗ Error: Invalid IP format: $ip"
+        return 1
+    fi
+
     if command -v csf &>/dev/null; then
         echo "Permanently blocking $ip: $reason"
         csf -d "$ip" "$reason" >/dev/null 2>&1