Example: Blocking a CIDR Range
You may have a set of IP ranges (IPv4 or IPv6) that you want to exclude from your environment. You can build a Workflow to block a CIDR range as follows:
-
Click (+) on the Workflows page.
-
Enter a name and optional description for the Workflow, and set the Default Action to DENY.
-
Click Add Rule.
-
Select the DENY Action.
-
Select the <> Custom Filter. The following is a custom expression to block an IP range.
-
In the Expression box, add the
identifiers.ip.isInRange
identifier and enter the values that should be restricted. Enter a Reason for the Action if the conditions of the rule are met. -
Click Evaluate, to verify the range. Enter a value inside and outside of the range to test the rule.
-
Save the Workflow.
Updated 4 months ago