Separate Allow Deny Directives

15 August 2018, 01:27
Hello. I am wondering if you can add this feature to new releases while slowly removing the existing directives that have an allow/deny option.

Reason I am asking this is because it seems easy to configure variables which list a range of ips for deny/allow directives but variables does not work as it does not parse more than one ip.

Also for some variables like BanlistMask. I'm not sure why one would need to use allow since all ips are banned by default. However inputing deny <ip> separated by commas is a tedious affair that need to syntax errors when the list is larger than normal.
16 August 2018, 19:48
Lol. Ok. I realized what the allow is useful to have when having a large deny subnet. Anyway. basically change for example banlistmask to banlistmaskallow and banlistmaskdeny would be better than specifying allow/deny per ip. Thanks for reading.
Hugo Leisink
21 August 2018, 20:28
I think I don't completely understand what you want. Options like BanlistMask and AccessList do accept IP ranges.
24 August 2018, 22:17
It's just to make things neat. so say I have 2 vps with ipv4,ipv6. let me make a variable

set myip =, 1a:2a:3a:4a::/64,, 1b:2b:3b:4b::/64

well there are several deny/allow directives and using something like

banlistmask = deny myip

will have an error. I figured out however you can set ip as

set myip = deny, deny 1a:2a:3a:4a::/64, deny, deny 1b:2b:3b:4b::/64

It's not as neat though. It's just a feature request to make things more simple with a larger number of ips that need to be tracked.
This topic has been closed.