tunnckoCore
commented
6 years ago Wee are using micromatch here, doesn't it working? Oor otherwise we can implement it somehow in the ip-filter package?
Open markstos opened 6 years ago
tunnckoCore
commented
6 years ago Wee are using micromatch here, doesn't it working? Oor otherwise we can implement it somehow in the ip-filter package?
tunnckoCore
commented
6 years ago I mean we are using micromatch in the ip-filter
markstos
commented
6 years ago Neither ip-filter docs nor the micromatch docs make any mention of supporting CIDR notation.
tunnckoCore
commented
6 years ago yea but it is glob patterns. it works great for path-like strings, that's why I think it would work.
For example I think 192.0.2.* would match all. or 192.0.2.[0-9] or such. The thing is to learn the supported globbing patterns, ext globs and such. Kinda like regex, there are dozen of ways. In case of 0/24 you can search how to match it withbregex. Yea, probably won't be exactly the same as define it as CIDR but...
Anyway, I think it should be implemented in ip-filter.
Firewall rules are often provided in CIDR notation. Example:
Supporting CIDR ranges directly would be welcome addition.
The module ip-range-check can be used to check whether an incoming IP address within a provided whitelisted CIDR range.