envoyproxy / envoy

Cloud-native high-performance edge/middle/service proxy
https://www.envoyproxy.io
Apache License 2.0
24.95k stars 4.8k forks source link

network/http filter for ip restriction #23269

Open wbpcode opened 2 years ago

wbpcode commented 2 years ago

Title: network/http filter for ip restriction

Description:

Could we add a simple network/http filter for ip restriction? It's a common feature. But seems that we still don't have it for now.

kyessenov commented 2 years ago

Would network RBAC satisfy the requirement? It supports a list of CIDR ranges or the unified matcher with LcTrie CIDR matcher.

wbpcode commented 2 years ago

I will check it. Thanks. Although it's a little weird that using rbac to achieve ip restriction 🤣

github-actions[bot] commented 2 years ago

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.

github-actions[bot] commented 1 year ago

This issue has been automatically closed because it has not had activity in the last 37 days. If this issue is still valid, please ping a maintainer and ask them to label it as "help wanted" or "no stalebot". Thank you for your contributions.

Xunzhuo commented 3 months ago

During implementing IP white/black listing in Envoy Gateway, it feels a little bit heavy to use rbac filter to achieve its goal. Like basic auth, we have an individual filter for it now, which is a very common filter too.

So can we reactivate this issue, if it's reasonable, if so I would like to help implement this filter: )

/cc @kyessenov

Xunzhuo commented 3 months ago

/reopen

github-actions[bot] commented 2 months ago

This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.