search tag # rextended definitive ip posix regex
remember than this are wroten for be put directly on script,
if tested on terminal you must add \ before the ?
if tested on regex101 must be removed \ before . and /
The used regexp
[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}
match from 0.0.0.0 to 999.999.999.999
My POSIX regex is better, also match subnet mask, if present:
([0-2]{0,1}[0-9]{1,2}\\.){3}[0-2]{0,1}[0-9]{1,2}(\\/[0-3]{0,1}[0-9]{1,1}){0,1}
0.0.0.0 to 299.299.299.299
000.000.000.000 to 299.299.299.299
xxxx/0 to /39
xxxx/00 to /39
Correct regex to match exactly from 0.0.0.0/0 (or 000.000.000.000/00) to 255.255.255.255/32
is too much complicated and the CPU go 100% until all lists are parsed…
with mandatory subnet mask
((25[0-5]|(2[0-4]|[01]?[0-9]?)[0-9])\\.){3}(25[0-5]|(2[0-4]|[01]?[0-9]?)[0-9])\\/(3[0-2]|[0-2]?[0-9])
with optional subnet mask
((25[0-5]|(2[0-4]|[01]?[0-9]?)[0-9])\\.){3}(25[0-5]|(2[0-4]|[01]?[0-9]?)[0-9])(\\/(3[0-2]|[0-2]?[0-9])){0,1}
without subnet mask
((25[0-5]|(2[0-4]|[01]?[0-9]?)[0-9])\\.){3}(25[0-5]|(2[0-4]|[01]?[0-9]?)[0-9])
can be checked using :toip, if the result checked from :typeof is not “ip” or “ip-prefix”, is not a valid IP or IP/Prefix
also must be skipped some IPs for not self-block all own networks if for errors (or not) own LAN IP or WAN IP go on blacklist…