Describe the bug
By default, the admin tag safelist contains filtering out private IPv4s given as:
network.dynamic.ip:
- (?:127\.|10\.|192\.168|172\.1[6-9]\.|172\.2[0-9]\.|172\.3[01]\.).*
And the same for static IPs. This regex has a few issues, originating from not checking the beginning of the tag, causing matching non-private IPv4 addresses.
To Reproduce
Steps to reproduce the behavior:
- Upload file causing generating IP tags with values like:
88.127.12.22, 110.17.16.15
- Observe tags being automatically safelisted.
- Compare with https://ipinfo.io/88.127.12.22 and https://ipinfo.io/110.17.16.15
Expected behavior
Only really local IPs are safelisted.
Screenshots
See the screenshot from online regex evaluation:
The current regex matches any part of the IP containing local-like numbers. The solution seems to be to just add ^, so we match from the beginning.
Environment (please complete the following information if pertinent):
- Assemblyline Version: 4.7.2.4
- Browser: [e.g. chrome, safari]
Additional context
Add any other context about the problem here.
Describe the bug
By default, the admin tag safelist contains filtering out private IPv4s given as:
And the same for static IPs. This regex has a few issues, originating from not checking the beginning of the tag, causing matching non-private IPv4 addresses.
To Reproduce
Steps to reproduce the behavior:
88.127.12.22,110.17.16.15Expected behavior
Only really local IPs are safelisted.
Screenshots
See the screenshot from online regex evaluation:
The current regex matches any part of the IP containing local-like numbers. The solution seems to be to just add
^, so we match from the beginning.Environment (please complete the following information if pertinent):
Additional context
Add any other context about the problem here.