From ec86a2f7a3905c888b8c953255a98a50be70d5db Mon Sep 17 00:00:00 2001 From: Francis Lavoie Date: Wed, 4 May 2022 14:42:37 -0400 Subject: caddyfile: Shortcut for `remote_ip` for private IP ranges (#4753) --- .../integration/caddyfile_adapt/matcher_syntax.txt | 25 ++++++++++++++++++++++ modules/caddyhttp/matchers.go | 11 ++++++++++ 2 files changed, 36 insertions(+) diff --git a/caddytest/integration/caddyfile_adapt/matcher_syntax.txt b/caddytest/integration/caddyfile_adapt/matcher_syntax.txt index cb521aa..a3e0a50 100644 --- a/caddytest/integration/caddyfile_adapt/matcher_syntax.txt +++ b/caddytest/integration/caddyfile_adapt/matcher_syntax.txt @@ -37,6 +37,9 @@ header Bar foo } respond @matcher9 "header matcher with null field matcher" + + @matcher10 remote_ip private_ranges + respond @matcher10 "remote_ip matcher with private ranges" } ---------- { @@ -209,6 +212,28 @@ "handler": "static_response" } ] + }, + { + "match": [ + { + "remote_ip": { + "ranges": [ + "192.168.0.0/16", + "172.16.0.0/12", + "10.0.0.0/8", + "127.0.0.1/8", + "fd00::/8", + "::1" + ] + } + } + ], + "handle": [ + { + "body": "remote_ip matcher with private ranges", + "handler": "static_response" + } + ] } ] } diff --git a/modules/caddyhttp/matchers.go b/modules/caddyhttp/matchers.go index 9f10e2c..f8953ef 100644 --- a/modules/caddyhttp/matchers.go +++ b/modules/caddyhttp/matchers.go @@ -867,6 +867,17 @@ func (m *MatchRemoteIP) UnmarshalCaddyfile(d *caddyfile.Dispenser) error { m.Forwarded = true continue } + if d.Val() == "private_ranges" { + m.Ranges = append(m.Ranges, []string{ + "192.168.0.0/16", + "172.16.0.0/12", + "10.0.0.0/8", + "127.0.0.1/8", + "fd00::/8", + "::1", + }...) + continue + } m.Ranges = append(m.Ranges, d.Val()) } if d.NextBlock(0) { -- cgit v1.2.3