Okay, I really hope I’m not missing something silly here, but before I start writing out swarm filters for 192.168.{0…255}.0/24, I figured I’d better ask if there’s a better way.
I know that Swarm filters are deny-only, so there isn’t a way to say “deny this range except another range”. I’m just having trouble figuring out how to efficiently make a group of deny ranges that still allows a /24 within the larger /16 range.
So, for example, I’m trying to exclude 192.168.0.0/16, while including 192.168.5.0/24. I could imagine carving out a good chunk of that with a bitmask such as 255.255.7.0, but that doesn’t translate to CIDR. Does multiaddr have a way to use a bitmask instead of a CIDR, and is it supported in IPFS?
So far, the closest workaround I can come by is to go bit-by-bit in the third octet like this:
192.168.128.0/17
192.168.64.0/18
192.168.32.0/19
192.168.16.0/20
192.168.8.0/21
After that my binary gets a bit fuzzy:
192.168.0.0/22
192.168.2.0/23
192.168.0.0/24
(Edit: Update: The above didn’t work as I was still able to (attempt) to connect to 192.168.6.0/24)
Alternatively I could just put in entries for anything smaller than /21:
192.168.0.0/24
192.168.1.0/24
192.168.2.0/24
192.168.3.0/24
192.168.4.0/24
192.168.6.0/24
192.168.7.0/24
(Edit: Update: After testing, the above did work.
I realize looking through the issues in ipfs/go-ipfs on github that there is a technical hurdle to adding allow-list functionality to swarm filters. Instead, is there a way to use a bitmask instead of CIDR?
Thanks in advance for any clues