search

matomo-org / matomo

Empowering People Ethically with the leading open source alternative to Google Analytics that gives you full control over your data. Matomo lets you easily collect data from websites & apps and visualise this data and extract insights. Privacy is built-in. Liberating Web Analytics. Star us on Github? +1. And we love Pull Requests!
https://matomo.org/
GNU General Public License v3.0
19.94k stars 2.66k forks source link

IPv6 excluded IPs: allow wildcards in any segment, not just the last ones #12639

Open endrep0 opened 6 years ago

endrep0 commented 6 years ago

Excluded IPs list only accepts IPv6 wildcards if they are in this format: aaaa:aaaa:aaaa:aaaa:aaaa:aaaa:aaaa:* aaaa:aaaa:aaaa:aaaa:aaaa:aaaa:*:*

You currently cannot put wildcards in the beginning or middle. These are not accepted aaaa:aaaa:aaaa:*:aaaa:aaaa:aaaa:aaaa *:aaaa:aaaa:aaaa:aaaa:aaaa:aaaa:aaaa

I need this feature because a referrer spammer's IPv6 address has a pattern in the middle. (They could be spoofed IPv6s, not sure.)

IPv6 like the above cannot be added because the form on the "Global websites settings" rejects them with what I think is client side validation. The messages look like this: "The IP to exclude "aaaa:aaaa:aaaa::aaaa:aaaa:aaaa:aaaa" does not have a valid IP format (eg. 1.2.3.4, 1.2.3., or 1.2.3.4/5).

It is possible that the backend could handle them already - no idea.

aloxe commented 4 years ago

@endrep0 which section is changed by the spammer? I guess if this is one of the 4 last hextets you can exclude the whole block. aaaa:aaaa:aaaa:aaaa/64 this is a common size for an IPv6 allocation.