Open ximon18 opened 1 month ago
You might want to consider using inetnum rather than ipnetwork
– and add things that are potentially missing.
You might want to consider using inetnum rather than
ipnetwork
– and add things that are potentially missing.
Nice idea, but inetnum seems to lack all of the needed functionality.
You might want to consider using inetnum rather than
ipnetwork
– and add things that are potentially missing.Nice idea, but inetnum seems to lack all of the needed functionality.
My apoloiges @partim, of course it has what is needed, I just didn't see it as it is called Prefix
rather than network or netblock etc.
I have updated this PR to use inetnum
. I did note one regression compared to using ipnetwork
which is that FromStr
for Prefix
is less accepting than that of ipnetwork
as it will reject 127.0.0.1/24 as it has non-zero host bits. For end users however while stricter it still provides the functionality that's actually needed.
You might want to consider using inetnum rather than
ipnetwork
– and add things that are potentially missing.Nice idea, but inetnum seems to lack all of the needed functionality.
My apoloiges @partim, of course it has what is needed, I just didn't see it as it is called
Prefix
rather than network or netblock etc.I have updated this PR to use
inetnum
. I did note one regression compared to usingipnetwork
which is thatFromStr
forPrefix
is less accepting than that ofipnetwork
as it will reject 127.0.0.1/24 as it has non-zero host bits. For end users however while stricter it still provides the functionality that's actually needed.
I've updated the PR again to use its own FromStr
impl that handles the bare IP address case which FromStr
in inetnum
rejects as lacking a prefix len. @partim and I briefly discussed extending the support in inetnum
but that snowballed into a larger discussion which is parked for the moment, instead this is the pragmatic step forward for now.
This PR adds support (via new dependency
ipnetwork
) for net blocks in the deny list of the cookie middleware processor, ala Unbound, otherwise the deny list is difficult to use beyond a few IP addresses.