Blog |Follow Nick on Twitter| About
 

I've recently started installed the firefox add-on NoScriptto improve my online security.

One of the things that's been a little frustrating has been having to manually accept/white list internal 192.168.1.1 type addresses. After a fruitless google, I've managed to find the answer here in the NoScript Forum.

There is one major limitation and that is the NoScript white list only accepts entries of more than one byte, this means that you cannot whitelist the whole of 10.*.*.* (10/8) as inputting 10. is only one byte. On the upside you can however whitelist a whole /16 (255.255.0.0) subnet, which works out nicely for the 192.168.0.0/16 set off addresses but for the 10's & 172's you're a bit stuffed.

Now you may find that when you try to white list 10.123.0.0/16 that you have issues, I know I did! The trick is to read the forum post carefully. If you want to white list 10.123.0.0 through 10.123.255.255 then add the following:

http://10.123 https://10.123

That should allow both http & ssl traffic to all those internal addresses to be permitted by NoScript!

Dear googler, I hope this was of some help :)

rgds,

Nick

 
Nick Bettison ©