NetBox version

v3.4.3

Feature type

New Model to plugin

Proposed functionality

I had a look on this plugin for our use case and one thing I noticed (except that as already mentioned ACLs are bound to devices) is that if you want to use a source or destination range it has to be part of "prefixes". I did not find a way to use an aggregate or a host or any IP range not defined in Netbox.

The only way I found to forbid e.g. a bogus IP range like 192.0.2.0/24 was to add a prefix for this in Netbox.

Also with hosts: if I want to create a rule for example to allow access to a single host it is not possible except I create an additional prefix for this.

Is there a special reason why every source or destination range has to be an exsting prefix?

Use case

You could setup source and destinations with any IP range regardless whether they exist in Netbox or not.

External dependencies

don't know about dependencies for this