Estimated Reading time: 2 minutes | Last modified: 2024-08-23, 6:04:07 pm

Application IP Lists

Directory Structure

|-- ip_lists/
  |-- ip_lists.yaml

The YAML file can contain one or more application IP lists.

Configuration Description

Each IP list is an object containing the following parameters:

ParameterData TypeRequiredDescription
namestringYesThe name of the IP list, which is also its unique identifier
typestringYesIP address type, currently only supports “ipv4”
itemsarrayYesList of IP addresses

items Configuration

ParameterData TypeRequiredDescription
ipstringYesIP address

Configuration Example

- name: app-ip-list1
  type: ipv4
  items:
  - ip: 1.1.1.1
  - ip: 1.1.1.11
- name: app-ip-list2
  type: ipv4
  items:
  - ip: 1.1.1.1
  - ip: 1.1.1.2

This configuration defines five IP lists, each containing two IPv4 addresses.

Usage Example

Update configuration to OpenResty Edge:

edge-config https://192.168.1.1 -s -t 2051e780-1897-4ea0-92b4-2c2f0169aa94 -l ip_lists -i /root/oredge-configs -d test.com

Export configuration from OpenResty Edge:

edge-config -u https://192.168.1.1 -s -t 2051e780-1897-4ea0-92b4-2c2f0169aa94 -E -l ip_lists -d test.com

Cleanup IP Lists from OpenResty Edge:

edge-config -u https://192.168.1.1 -s -t 2051e780-1897-4ea0-92b4-2c2f0169aa94 -c -l ip_lists -d test.com

The above examples all use -l ip_lists to specify that only configurations related to the application IP list will be operated.

Notes

  1. Each IP list must have a unique name.

  2. Currently, only IPv4 address types are supported.

  3. When adding or updating IP lists, the tool will check the validity of IP addresses.

  4. When updating configurations, the tool will compare new and old configurations to determine if an update is necessary.

  5. When importing configurations, the tool will first check the validity of the configuration before performing add or update operations.

  6. If an IP list is deleted from the configuration, the tool will automatically remove it from the application.

  7. the tool will format the YAML content to include only the necessary information (name, type, and IP addresses) when exporting configurations.

  8. other features, such as WAF rules, access control, etc can reference IP lists.

  9. If an error occurs during configuration processing, the tool will automatically clear any changes made to maintain configuration consistency.

  10. When exporting configurations, if the application does not exist, the tool will provide a warning message.