Jonathan Matthews<p>Here's a <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Linux</span></a> <a href="https://fosstodon.org/tags/networking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>networking</span></a> question for you: what's a lightweight way to allow an HTTP request to an arbitrary *user*-provided FQDN, but to prevent the connection being made if the FQDN maps to an RFC1918/private IP address?</p><p>(The relevant command here is <a href="https://fosstodon.org/tags/curl" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>curl</span></a>, but I don't think that matters as it doesn't appear to have a flag to say "only connect if the IP is /not/ inside these subnets".) <a href="https://fosstodon.org/tags/sysadmin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sysadmin</span></a> <a href="https://fosstodon.org/tags/devops" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>devops</span></a> <a href="https://fosstodon.org/tags/network" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>network</span></a> <a href="https://fosstodon.org/tags/hostnetworking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hostnetworking</span></a> <a href="https://fosstodon.org/tags/sre" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sre</span></a> <a href="https://fosstodon.org/tags/systems" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>systems</span></a> <a href="https://fosstodon.org/tags/platformengineering" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>platformengineering</span></a></p>