...
- single IP address: same as in the current version
- IP address range: start and end address separated by a minus sign (for example: 10.0.0.1-10.0.0.10 or 192.168.0.1-192.168.10.255)
- Subnet in CIDR notation: see wikipedia (for example: 10.0.0.0/24)
The same options will be accepted for IPv6 deployments:
- single IP address: same as IPv4, a single address (for example: fd7d:4b9e:a5ce:ffff::100)
- IP address range: start and end address separated by a minus sign (for example: fd7d:4b9e:a5ce:ffff::100-fd7d:4b9e:a5ce:ffff::200)
- Network Range: An IPv6 range specification - see wikipedia (for example: fd7d:4b9e:a5ce::/48)
The kafka-acl tool will accept a comma separated list containing any combination of the above, which allows for flexible specification of multiple ranges, if necessary. So for example the following would be possible: 10.0.0.1,192.168.0.0/24,10.10.0.1-10.10.0.150.150
Mixing IPv4 and IPv6 addresses will also be acceptable.
To ensure backwards compatibility, it will remain possible to specify multiple --allow-host or --deny-host options on the command line, internally all of these would be concatenated together with a comma as separating character and then be treated just like a single parameter. So the following two calls are functionally identical:
...