Why are IP Access Rules Limited to /16 and /24 Ranges?

Could someone explain why the IP Access rules restrict CIDR ranges to /16 and /14, this restriction feels artificial, is very frustrating and doesn’t make any sense to me.

That’s the last one or two octets. Those are easy to calculate without screwing up. It’s probably some internal limitation only they can explain.

You could use the new firewall. There’s no such limitation on subnets and rules can be more complex but therefore more granular.

(not ip.src in { 2400:cb00::/32 2405:b500::/32 2606:4700::/32 2803:f800::/32 2c0f:f248::/32 2a06:98c0::/29 .....)


This topic was automatically closed after 30 days. New replies are no longer allowed.