Author: lucanos
Description:
I realise that IP Addresses can now be blocked using CIDR masks of
between 16 & 32, which is an improvement on single IP Addresses.
For my application, I am wanting to have a restricted number of
terminals that can access the Wiki.
My suggestions are two-fold:
- Add Full CIDR Support, allowing blocking of any and all ranges of
addresses.
- Add An "Allow" Option, permitting overidding of the Blocks, and
thereby providing a good tool for very restrictive access.
The idea here being that a large range of addresses can be blocked
(eg 172.136.0.0/16) but by processing the "Allow" list after
the "Block" list (and only if the accessing IP is within a Blocked
range), I could specify that 172.136.5.0/24 be allowed to access the
system.
See also:
- T121098: Allow to locally whitelist subsets of globally blocked IP ranges (to locally whitelist IP from global blocks)
Version: 1.5.x
Severity: enhancement