access_restriction.ignored_ip_ranges
Configures any ranges which should be considered 'internal' and hence ignored in X-Forwarded-For
processing.
Key: access_restriction.ignored_ip_ranges
Type: List<String>
Can be set in: profile.cfg, collection.cfg
Description
Defines all IP address ranges in the X-Forwarded-For
header to be ignored by Funnelback when applying access
restrictions. The IP address ranges are specified in CIDR notation.
Default Value
access_restriction.ignored_ip_ranges=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,127.0.0.0/8
Examples
A request goes through two reverse proxies the first having an IP address of 1.2.3.4. The X-Forwarded-For
header that Funnelback sees will contain
client IP, 1.2.3.4
We would like to ignore the IP address 1.2.3.4, so access restrictions are applied on the client IP address, we thus set
access_restriction.ignored_ip_ranges=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,1.2.3.4/32