RemoteCIDRFilter looks to just filter on the incoming IP. RemoteIpFilter also checks for X-Forwarded-For
Usability wise ... My end user pref would be - Require one or the other, not both - If CIDR and regex set - Throw error (eliminate any confusion) - If you need both - Use 2 instances One functional equivalent (I think, then just do nothing) is to use RemoteIpFilter with .+ (allow all) and then use RemoteCIDRFilter next in the pipeline -Tim On Mon, Sep 29, 2025 at 7:12 AM Rémy Maucherat <[email protected]> wrote: > On Mon, Sep 29, 2025 at 11:51 AM Mark Thomas <[email protected]> wrote: > > > > There's also RemoteCIDRFilter/Valve, is there any real difference ? It > has allow/deny and uses the same NetMask utility class. > >
