Skip to content


Create a new CIDR map, optionally seeded with an initial set of key/value pairs.

A CIDR map is a dictionary type that allows resolving the value associated with an IP address key, supporting matches based on CIDR blocks in the mapping.

For simple inputs, the mapping behaves as you might expect for a dictionary type:

local cmap = kumo.cidr.make_map()
cmap[''] = 'bar'
assert(cmap[''] == 'bar')
assert(cmap['not.set'] == nil)

you can define keys based on net blocks using CIDR notation:

local cmap = kumo.cidr.make_map()

cmap[''] = '10. block'

-- any address in that /24 will return the mapped value
assert(cmap[''] == '10. block')
assert(cmap[''] == '10. block')

-- other addresses won't
assert(cmap[''] == nil)

You may seed an initial value from a pre-existing lua table:

local cmap = kumo.cidr.make_map {
  [''] = 'loopback',
  [''] = 'lan',

-- and mutate the table after is has been constructed:
cmap[''] = 4242

Keys to the map are IPv4 or IPv6 addresses, but for convenience, domain literals and IP and port number combinations such as "", "[]" "[::1]:25" are understood to facilitate more ergonomic use in policy:

local SOURCE_CLASSIFICATION = kumo.cidr.make_map {
  [''] = 'loopback',
  [''] = 'lan',

kumo.on('smtp_server_message_received', function(msg)
  local source_type = SOURCE_CLASSIFICATION[msg:get_meta 'received_from']

Last update: 2023-08-11
Created: 2023-08-11