Skip to content

Don't scan link-local, loopback, or private netblocks

Kez requested to merge i3-reserved-netblocks into main

Allowing those netblocks to be scanned presents a security risk, and can also be confusing to an end-user who's trying to scan an IP on their local network without realizing it.

I also ran gofmt.

Closes #3 (closed)

The specific netblocks that are rejected are RFC 1918 and RFC 4193 private addresses, IPv4/6 loopback addresses, and IPv4/6 link-local unicast, and IPv4/6 link-local multicast.

When an IP from one of the above netblocks is used, the new error message is "IP address "+address+" is private. If you're trying to scan an address on your local network, you'll need to scan the public IP of your bridge."

Edited by Kez

Merge request reports