Skip to content
José Novais Web site
  • Home
  • Blog
  • Projects
  • About
    • About me
    • Contact
December 30, 2020 by José Novais
ASP.NET, c#, Projects

JN.IpFilter – Simple IP Filter for ASP.NET Core

JN.IpFilter – Simple IP Filter for ASP.NET Core
December 30, 2020 by José Novais
ASP.NET, c#, Projects

This is as simple IP Filter for ASP.NET Core. Provides an IP Filter for paths exposed by the application using a list of valid (allowed) IP addresses for each path. It is possible to allow access to one or more IP addresses per path and apply the filter to a specific HTTP method (POST, GET,…). If access is not allowed, an HTTP Forbidden (403) status code is returned, but this value can be overridden (see example below).

  

Current version

Current version is 1.0.1

Release notes for current version

  • Changed default return HTTP status code to Forbidden (403)
  • Added override option to return HTTP status code

To do list

Some new features will be added to future releases.

Planned features

  • Deny access based on list of invalid (not allowed) IP addresses

Install

Download the package from NuGet:

Install-Package JN.IpFilter -version [version number]

The package is available here and source code is available here.

Usage

Use the UseIpFilter extension method to add the middleware inside the Configure method on the Startup class. This should be done before others middlewares are added.

The UseIpFilter extension method needs a list of filters and an options object that can be read from configuration.

Example

The following code shows an example of the Configure method.

public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{

    // (...)

    var filters = Configuration.GetIpFilters("IpFilters");
    var options = Configuration.GetIpFilterOptions("IpFilterMiddlewareOptions");

    app.UseIpFilter(filters, options);

    //(...)
}

Options

The filters and options can be read from configuration. The appsettings.json file could be something like the following.

The default HTTP status code is Forbidden (403). It can be overridden in the options object by specifiying a new code in ResponseHttpStatusCode field.

{
  "IpFilterMiddlewareOptions": {
    "ExactPathMatch": false,
    "LogRequests": true,
    "ApplyOnlyToHttpMethod": "",
    "ResponseHttpStatusCode": 401
  },
  "IpFilters": [
    {
      "Path": "/MyController",
      "IpList": "1.1.1.1;::1"
    },
    {
      "Path": "/MyController2",
      "IpList": "*"
    },
    {
      "Path": "/MyController3",
      "IpList": "2.2.2.2"
    }
  ],
}

The available options are as follows:

  • ExactPathMatch – if false, then any filter whose path starts with the path being validated will be used to validate access. For example if path being validated is /MyController4 then filter with path /MyController can be used to validate the request IP. If true, this behaviour is not allowed.
  • LogRequests – log requests using the ILogger provided
  • ApplyOnlyToHttpMethod – apply filter to a specific Http method (POST, GET, …)
  • ResponseHttpStatusCode – HTTP status code to return – optional; if not specified Forbidden (403) will be used.

Share

asp.net core filter ip

Previous articleUFW: allow traffic from a dynamic IP addressNext article JN.Authentication - Simple Authentication implementation for ASP.NET Core

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Categories

Tags

apikey API Key Custom Authentication asp-net-core asp.net core aspnetcore authentication authentication-middleware basic-authentication Basic Authentication Scheme c# configuration consumer Dynamic IP filter firewall ip projects RabbitMQ sender Ubuntu UFW VPS

Recent Posts

  • JN.Authentication – Simple Authentication implementation for ASP.NET Core January 1, 2021
  • JN.IpFilter – Simple IP Filter for ASP.NET Core December 30, 2020
  • UFW: allow traffic from a dynamic IP address December 29, 2020
  • Micro-tutorial: 3 things to do before using a VPS hosting December 29, 2020
  • JN.RabbitMQClient – RabbitMQ consumer and sender December 26, 2020
José Novais - 2020
Privacy Policy