Submenu – IP Address Lists

IP Address Lists

IP address lists are named sets of IP addresses which can be referenced in different parts of Airlock Gateway configuration:

  • mapping - Tab "IP rules" - configure threat categories, allowlists and denylists.
  • mapping - Tab "Advanced" for DoS Attack Prevention
  • Session - Session Denial-of-Service Mitigation

Manually created IP Address lists may be used for both deny- and allowlisting purposes.

IP Address Lists from the Threat Intelligence subscription (see Submenu – Threat Intelligence) are populated automatically and they may only be used for denylisting purposes.

Managing IP Address List

It is possible to maintain an unlimited number of different IP Address Lists and each list may contain one or more IP addresses in CIDR format.

IP Address List Detail

Section – Name

Define a unique name for the list. This name will be used to select the IP Address List in other parts of the WAF.

Section – IP Addresses

Define a list of CIDR formatted IP Addresses. Comments start with the hash character, #, and extend to the end of the line.

Note: an empty IP Address List will never match.

Examples:

# internal network 10.0.0.0/8
172.16.33.0/24
192.168.0.100 # guest workstation

There is no validation regarding IP addresses and the same address or address range may be defined multiple times and in multiple lists.