How to Whitelist a range of IP's


#1

Hello,

I am looking to whitelist an IP range of:
69.162.124.226 - 69.162.124.237
and
63.143.42.242 - 63.143.42.253

But I don’t properly understand CIDR formatting. Any help would be most appreciated.
Regards


#2

The firewall ranges only allow /16 (all of Class B: A.B.x.x) or /25 (All of Class C (A.B.C.x).

Since you have such small ranges, you’re better off just entering all those individual IP addresses.


#3

Agree with @sdayman

And since your ranges don’t fit in any smaller notations, you will end up having four cidr notations just to cover the first set of 12 addresses (/30 and /31).


#4

You can use the cloudflare firewall API if you are talking about whitelisting at cloudflare firewall account level https://api.cloudflare.com/#account-level-firewall-access-rule-create-access-rule

so for 69.162.124.226 - 69.162.124.237 would be something like

for i in {226..237}; do
  echo "curl -s -X POST \"https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules\" -H \"X-Auth-Email: <cfuser>\" -H \"X-Auth-Key: <cftoken>\" -H \"Content-Type: application/json\" \\
            --data '{\"mode\":\"whitelist\",\"configuration\":{\"target\":\"ip\",\"value\":\"69.162.124.${i}\"},\"notes\":\"whitelist\"}'"
done

which would spit out the 12x cloudflare API curl commands to add those IPs o cloudflare firewall just need to replace and with your credentials

curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.226"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.227"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.228"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.229"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.230"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.231"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.232"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.233"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.234"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.235"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.236"},"notes":"whitelist"}'
curl -s -X POST "https://api.cloudflare.com/client/v4/user/firewall/access_rules/rules" -H "X-Auth-Email: <cfuser>" -H "X-Auth-Key: <cftoken>" -H "Content-Type: application/json" \
            --data '{"mode":"whitelist","configuration":{"target":"ip","value":"69.162.124.237"},"notes":"whitelist"}'

#5

@sdayman & @martin2 Thanks a million lads. I was just trying to make certain I was entering them the most efficient way. Sure best to enter them individually then.
Kind regards


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.