Skip to content
Stoma

ipFilter

ipFilter(config): Policy

Defined in: src/policies/traffic/ip-filter.ts:42

Block or allow requests based on client IP address or CIDR range.

Supports both allowlist and denylist modes. Client IP is extracted from CF-Connecting-IP (Cloudflare) or X-Forwarded-For. Accepts individual IPs (192.168.1.1) and CIDR notation (10.0.0.0/8).

Parameters

Section titled “Parameters”

config

Section titled “config”

IpFilterConfig

IP filter rules and mode selection.

Returns

Section titled “Returns”

Policy

A Policy at priority 1 (runs before everything else).

Example

Section titled “Example”
// Allow only internal IPs
ipFilter({ mode: "allow", allow: ["10.0.0.0/8", "172.16.0.0/12"] });


// Block known bad actors
ipFilter({ deny: ["203.0.113.0/24", "198.51.100.42"] });