Re: New feature suggestion: ip_category for ip_allow.yaml

Thank you all for the good feedback on this feature suggestion. In particular, thank you Leif for your ideas. Just to restate the goal of this feature: it would be helpful to specify IP allow rules using IP category names that reference sets of IP ranges. This allows for a human readable and manag

Re: New feature suggestion: ip_category for ip_allow.yaml

How is this going to deal with changes to the data source? The plugin has to reload the e tire data set, and we do an atomic swap or something? This seems particularly unmanageable when the data source is large, and/or it changes frequently. This also implies that one IP range can have just one

Re: New feature suggestion: ip_category for ip_allow.yaml

After considering the feedback on this list and some offline feedback, I've re-implemented this feature quite differently. From the user's configuration perspective of ip_allow.yaml and the category specification in remap.config, the proposal does not change. That is, the user can still provide cat

Re: New feature suggestion: ip_category for ip_allow.yaml

So for each request, the plugin will be called into action X number of times for X number of categories found? More specifically, If there is a match in a category, it will not call the remaining number of categories to try? (Since I assume the first match will take precedence over the rest?) If t

Re: New feature suggestion: ip_category for ip_allow.yaml

A quick update: This morning I realized that remap ACLs should to be updated for this too. I updated the draft PR to include adding @src_ip_category that takes a category to apply to remap rules. T