Welcome! Log In Create A New Profile

Advanced

deny/allow IP address range new syntax needed

Posted by dbring 
deny/allow IP address range new syntax needed
June 13, 2012 12:40PM
The options for allow/deny IP address range are too cumbersome to effectively implement needed security. There are more than 23,550 IP address ranges in the USA. With the current syntax limitations, creating a document that uses these ranges to allow only USA IP address is far too difficult.

deny and allow should be syntatically extended to include this syntax:
allow 3.0.0.0 - 3.103.8.36;
allow 3.103.8.38 - 4.17.135.31;
allow 4.17.135.64 - 4.17.142.255;
allow 4.17.143.16 - 4.18.32.71;
allow 4.18.32.80 - 4.18.40.135;
....(next 23550 ranges)...
deny all;

This would make security usable for country specific IP address ranges!

nginx IP address range matching using this syntax is only slightly different from the /8 syntax, since all blocks are consecutive a > and < comparison for each block is all that is required.

Please implement this IP range syntax and bring some sanity to this needed level of security.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 79
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready