request-filtering-agent icon indicating copy to clipboard operation
request-filtering-agent copied to clipboard
verified publisher icon azu

Accept CIDR notations in `allowIPAddressList` and `denyIPAddressList`

Open yanghanlin opened this issue 5 months ago • 3 comments

I would appreciate it (and am happy to propose a PR) if this library could accept CIDR notation in allowIPAddressList and denyIPAddressList. Currently, these fields require enumerating every address in a range, which is impractical for large network ranges that we want to allow/deny (e.g., 10.0.0.0/8). Supporting IPv4 and IPv6 CIDR blocks would simplify configuration, reduce errors, and improve maintainability. Thanks!

yanghanlin avatar Aug 10 '25 11:08 yanghanlin

I think supporting CIDR is a good idea. However, it is better to avoid doing own parsing, so I would like to implement it based on the ipaddr and Node.js APIs that are already in use.

  • https://nodejs.org/api/net.html#class-netblocklist
  • https://github.com/whitequark/ipaddr.js

azu avatar Aug 10 '25 12:08 azu

我认为支持 CIDR 是一个好主意。但是,最好避免自己进行解析,因此我想基于已经在使用的 ipaddr 和 Node.js API 来实现它。

  • https://nodejs.org/api/net.html#class-netblocklist
  • https://github.com/whitequark/ipaddr.js

This is a great proposal, and I hope this feature can be implemented as soon as possible. Thanks!

weinull avatar Sep 19 '25 03:09 weinull

This would be perfect for kubernetes environments with ephemeral private addresses

sircthulhu avatar Nov 06 '25 05:11 sircthulhu