IP Filtering

With this interceptor, you can define a list of IP addresses whose requests will be blocked by the gateway or a list of the only IPs that will be allowed to make incoming requests.

How it works

As IP Filtering is used to block or allow requests from specific IP addresses, it can only be added to an API’s request flow.

When configuring the interceptor, the user chooses whether it will be used to bar all requests coming from the specified IPs or whether it should only allow requests coming from these IPs and deny the requests from any other IP. It’s possible to include more than one IP at a time, either by entering each one individually or by including an IP range.

It’s also possible to make a combination of interceptors for allowing and blocking requests at the same time. As an example, imagine the configuration described below.

Example

In the request flow, the user inserts, in this order:

  • an IP Filtering to allow only the requests coming from the IP range 192.168.0.0/32;

  • an IP Filtering to block incoming requests from the IP 192.168.0.10.

The request flow will then contain the two interceptors:

ip filtering ex

This is how the requests will be handled:

  • Upon the execution of the first IP Filtering:

    • If a request comes from any IP outside the 192.168.0.0/32 range, it will be blocked by the first IP Filtering and the call will be aborted.

    • If a request comes from any IP within the 192.168.0.0/32 range, the first IP Filtering will allow the request and the call will continue.

  • Upon the execution of the second IP Filtering:

    • If a request comes from the IP 192.168.0.10, it will be blocked by the second IP Filtering and the call will be aborted.

    • If a request comes from any IP within the range 192.168.0.0/32, except 192.168.0.10, it will be allowed by the second IP Filtering and the call will continue.

How to configure it

To configure it, you must choose the type of control. If it’s a BLOCK_LIST, you need to insert the IPs whose requests will be blocked in the IP List field. If you choose the type ALLOW_LIST instead, you must insert the IPs whose requests will be permitted. In the latter case, any IP which is not on the list will be blocked by the gateway.

You may include:

  • an individual IP (e.g., 192.168.1.10);

  • a range of IPs (e.g. 192.168.0.0/32);

  • a list of individual IPs, IP ranges, or a mixed list — inserting one element per line, with no other separator. Example:

192.168.1.10
192.168.0.0/37

The image below shows an example of a BLOCK_LIST in which an individual IP and an IP range will be prevented from sending requests.

ip filtering
Thanks for your feedback!
EDIT

Share your suggestions with us!
Click here and then [+ Submit idea]