Re: [mod-security-users] Does REMOTE_ADDR directive can handle CIDR notation?
Brought to you by:
victorhora,
zimmerletw
From: Josh Amishav-Z. <ja...@ow...> - 2013-08-27 19:28:26
|
On Tue, Aug 27, 2013 at 10:14 PM, Sergio <se...@gm...> wrote: > Hi all, > I have a doubt, Does the REMOTE_ADDR can use CIDR notation or is it only > for exact matches as the example in the reference manual? > > Example: > SecRule REMOTE_ADDR "@ipMatch 192.168.1.101" "id:35" > > I will like to use a rule that can block a range of /16's IPs. > > Hi Sergio, The REMOTE_ADDR variable simply holds the remote address of the client. The ipMatch operator does support CIDR notation. For example the following rule blocks a /16 address range: SecRule REMOTE_ADDR "@ipMatch 10.0.0.0/16" "phase:1,id:1,block,msg:'Blocked request due to source IP'" -- - Josh Thanks in advace. > > Regards, > > Sergio > > > ------------------------------------------------------------------------------ > Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more! > Discover the easy way to master current and previous Microsoft technologies > and advance your career. Get an incredible 1,500+ hours of step-by-step > tutorial videos with LearnDevNow. Subscribe today and save! > http://pubads.g.doubleclick.net/gampad/clk?id=58040911&iu=/4140/ostg.clktrk > _______________________________________________ > mod-security-users mailing list > mod...@li... > https://lists.sourceforge.net/lists/listinfo/mod-security-users > Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs: > http://www.modsecurity.org/projects/commercial/rules/ > http://www.modsecurity.org/projects/commercial/support/ > > |