Ex: Blocking a CIDR Range

You may have a set of IP ranges (IPv4 or IPv6) that you want to exclude from your environment. You can build a Workflow to block a CIDR range as follows:

1. Click (+) on the Workflows page.

2. Enter a name and optional description for the Workflow, and set the Default Action to DENY.

3. Click Add Rule.

4. Select the DENY Action.

5. Select the <> Custom Filter. The following is a custom expression to block an IP range.

   

6. In the Expression box, add the identifiers.ip.isInRange identifier and enter the values that should be restricted. Enter a Reason for the Action if the conditions of the rule are met.

7. Click Evaluate, to verify the range. Enter a value inside and outside of the range to test the rule.

   

8. Save the Workflow.