Hi,
I am looking for the solution to provide a conditional check on the first octet of an ip address, to see if it is an internal network address starting with 10. That is, a 10.x.x.x network address.
Any suggestions?
Thanks in advance,
Craig
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Depends what you are wanting, a step, or just a filter.
The most robust method would be to simply use the Utility "Is IP in CIDR". You can pass it a single IP, or an array of IPs, and then define the subnet you want it to match. The nice advantage of that, is that it splits out the results into matched results and not matched results.
Filter method? Plenty of options. You can start with the ipv4 filter:
{{ vars.ip | ipv4 | regex_search("^10\.\d+\.\d+\.\d+") }}
The ipv4 filter will filter out any non IPv4 addresses. The regex pattern will match anything starting with "10.". Because we've already filtered out whether its a private IP address, we shouldn't need to be that precise with the regex pattern.
Example:
You can also specify 'private' in the ipv4 filter, which would read as {{ "10.1.1.1" | ipv4('private') }}, to return only private IPv4 address. However, when it hits the regex_search it will error out for non-private addresses as it returns "null". You can fix that by going with an if statement:
{% if "10.1.1.1" | ipv4('private') %}{{ "10.1.1.1" | regex_search("^10\.\d+\.\d+\.\d+") }}{% endif %}
There's also other things that we can do with filters such as ipsubnet, example:
{{ "10.1.1.1" | ipsubnet('8') }}
which will return "10.0.0.0/8" and you can match on that.
Or you can do a simple string split on the period, return the first element of the split list, and then match on the number, example:
{{ "10.1.1.1".split('.')[0] }} will return the 10, so:
{% if "10.1.1.1".split('.')[0] == "10" %}True{% else %}False{% endif %} will return True
Some methods are obviously faster than others, and work better with lists of IPs, so choose the method that works for you.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.