workshops:nanopi_m4_iptables_geoblocking
| workshops:nanopi_m4_iptables_geoblocking [2019/03/06 19:01] – created admin | workshops:nanopi_m4_iptables_geoblocking [2019/03/06 19:07] (current) – admin | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| |NanoPI M4|Michael Pope|{{ : | |NanoPI M4|Michael Pope|{{ : | ||
| |IP validation, IPtables, and GeoBlocking|Timothy Rice|| | |IP validation, IPtables, and GeoBlocking|Timothy Rice|| | ||
| + | |||
| + | ===== IP Validation Notes ===== | ||
| + | A couple of people asked to have a closer look at Cider, you can find it | ||
| + | at: | ||
| + | |||
| + | https:// | ||
| + | |||
| + | If you're interested in the Hacker News article which opened my eyes to the | ||
| + | craziness of IP address parsing, you can find it here: | ||
| + | |||
| + | https:// | ||
| + | |||
| + | Note that the IPv4 spec acknowledges IP addresses in either octet-dot or | ||
| + | unsigned 32-bit integer form: | ||
| + | |||
| + | https:// | ||
| + | |||
| + | Thus, the abbreviations from that Hacker News article were not anticipated | ||
| + | and are completely implementation dependent. You can inspect how | ||
| + | implementations can differ by comparing the respective iptables and ipset | ||
| + | interpretations of 127.1/32 | ||
| + | |||
| + | For a more recent example illustrating IP addresses in a form that seems | ||
| + | unconventional, | ||
| + | |||
| + | http:// | ||
| + | http:// | ||
| + | http:// | ||
| + | |||
| + | To get started with ipset, this is the Arch Linux wiki article I referred | ||
| + | to: | ||
| + | |||
| + | https:// | ||
workshops/nanopi_m4_iptables_geoblocking.1551859284.txt.gz · Last modified: 2019/03/06 19:01 by admin