@kevinoid opened this Issue on December 18th 2015

When adding IPv6 address ranges to the "Global list of Excluded IPs", I initially assumed that ranges must be represented using * in place of variable octets/groups, since this is the only syntax specified in the adjacent helptext. Unfortunately, for IPv6 addresses this results in matching against the first 4 - count('*') octets, rather than 16 - 2*count('*') octets, since sanitizeIpRange assumes addresses with '*' are IPv4. For a /64 this results in excluding all IPv6 addresses.

It would be great if the helptext could be updated to mention the option of using CIDR notation (for IPv4 and IPv6) and/or if sanitizeIpRange supported wildcards in IPv6 addresses. Additionally, if an invalid address range (e.g. wildcard in IPv6) is specified, displaying and/or logging an error would be very helpful for troubleshooting.

Thanks for considering,
Kevin

@mattab commented on December 23rd 2015 Member

Hi @kevinoid
could you please write the steps to reproduce the issue? if you are familiar with PHP, we would appreciate a pull request (with a unit test) to improve the ipv6 handling in Piwik :+1:

@kevinoid commented on December 23rd 2015

Hi @mattab,
Thanks for the feedback. One set of steps to reproduce the issue would be:

  1. Add 1:2:3:4:*:*:*:* to the "Global list of Excluded IPs". Note that no warning or error is issued.
  2. Visit the site from any IPv6 address and note that no visit is recorded nor warning nor error logged.

Would you prefer that the pull request support * for IPv6 addresses or should * in IPv6 be flagged as an error? (Is there error checking of the "Excluded IPs" on save? I can look.) Should I submit a separate PR to update the helptext adjacent to the "Excluded IPs" textarea to mention CIDR notation support?

Thanks,
Kevin

@mattab commented on December 23rd 2015 Member

Hi @kevinoid - ideally the PR would add support for IPv6 exclusion using * wild card, which would make it a new useful feature. Users will expect like you that this works already... :+1:

Also +1 to create separate PR to improve help text to mention CIDR notation

@Apoulit commented on May 20th 2016

hi that must be done to exclude an IP that starts with "2A01:cb1d ..."? thx

@kevinoid commented on May 20th 2016

@Apoulit You can currently exclude IPv6 addresses starting with "2a01:cb1d" using the CIDR notation: 2a01:cb1d::/32. Once this issue is fixed, the wildcard notation would work too.

Sorry about the long delay. This issue fell off my radar. I'll try to carve out some time this weekend to work up a fix.

@mattab commented on July 18th 2016 Member

I've tested IPv6 range exclusion and it works for me.

Kuddos @kevinoid for your PR https://github.com/piwik/component-network/pull/3 !

@kevinoid commented on July 18th 2016

Great, thanks for testing and merging @mattab!

@MatomoForumNotifications commented on August 19th 2022

This issue has been mentioned on Matomo forums. There might be relevant details there:

https://forum.matomo.org/t/how-do-i-exclude-traffic-from-a-range-of-ipv6-addresses/46888/2

This Issue was closed on July 18th 2016
Powered by GitHub Issue Mirror