Lightweight C# ASP.NET MVC address filtering library
The library allows validating IP address against:
- Single IP address
- List of multiple IP addresses
- Single IP address range
- Multiple IP address ranges
- Supports CIDR IP address range format as well as IP4 subnets
- Roles+IP list stored in updateable static class
[IPAddressFilter("::1", IPAddressFilteringAction.Allow)]
public ActionResult TestLocal()
{
ViewBag.Message = "Local test page.";
return View();
}
[IPAddressFilter("192.168.0.100", IPAddressFilteringAction.Allow)]
public ActionResult TestRemote()
{
ViewBag.Message = "Remote test page.";
return View();
}First need to fill roles + IP list, do that on app start, use "0.0.0.0" to allow any IP
var rolesWithIpList = new Dictionary<string, List<string>>()
{
{ "admin", new List<string>() {"192.168.10.100"}},
{ "user", new List<string>() {"192.168.10.200", "192.168.10.201", "192.168.10.202"}},
{ "simpleRange",new List<string>() { "8.8.8.7-8.8.8.9" } },
{ "netmask",new List<string>() { "192.168.80.1/255.255.255.0" } },
{ "prefix",new List<string>() { "192.168.9.1/24" } },
};
RolesContainer.UpdateRolesList(rolesWithIpList);In controller mark methods with IPAddressRoleFilter attribute and specify roles that are allowed. Note that there are two predefined roles: "local" ("127.0.0.1", "::1") and "any" ("0.0.0.0")
[IPAddressRoleFilter("admin,local")]
public ActionResult About()
{
ViewBag.Message = "Your application description page.";
return View();
}Also the role named "global" is added by default to all IPAddressRoleFilter attributes This role allows to enable/disable IPs for all IPAddressRoleFilter attributes.
[IPAddressRoleFilter("admin,local")]
// same as
[IPAddressRoleFilter("global,admin,local")]