ns_ip - Determine properties of IP addresses in the current configuration
The command ns_ip is used to determine certain properties of IP addresses. It accepts as input IPv4 or IPv6 addresses and checks, for example, whether the address is valid, whether the IP is a public or trusted IP address, or whether it is in the range of a subnet specification in CIDR notation. https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing
The command validates the provided subnet specification (IPv4 or IPv6 address followed by slash and number of significant bits) and the provided ipaddr and tests whether the IP address is in the implied range. The command returns a boolean value as the result. When comparing an IPv4 and IPv6 address/CIDR specification or vice versa, the result is always false.
The command returns a dict with the members "trusted", "public", and "type" for the provided ipaddr.
The command tests if the provided ipaddr is a public IP address, i.e., reachable from the public Internet. This excludes e.g. loopback, private, link-local addresses and networks.
The command tests if the provided ipaddr was defined as a trusted IP address in the used configuration file. This is important for dealing with reverse proxy servers.
The command tests if the provided ipaddr is a valid IP address. With the optional ?-type? argument the result can be constraint further to check, if the address is an IPv4 or an IPv6 address.
% ns_ip match 137.208.0.0/16 137.208.116.31 1 % ns_ip match 137.208.0.0/16 112.207.16.33 0 % ns_ip match 2001:628:404:74::31/64 [ns_conn peeraddr] ... # Is IP address a valid IPv6 address? % set ip [ns_conn peeraddr] % ns_ip valid -type IPv6 $ip % ns_ip match ::/0 $ip % string equal IPv6 [dict get [ns_ip properties $ip] type] # Is IP address a valid IPv4 address? % ns_ip valid -type IPv4 $ip % ns_ip match 0.0.0.0/0 $ip % string equal IPv4 [dict get [ns_ip properties $ip] type]