George Herbert wrote:
This seems like we should automate something; either a netblock minus exceptions interface tool to autogen the CIDR blocks from a top range plus some exceptions, or adding in an explicit "unblock this IP" override and have any CIDR block range lookup check the unblock override before returning blocked or not.
As I understand it (and _please_ correct me if I'm wrong), single-IP blocks currently override range blocks (and autoblocks). Thus, as a partial workaround, we could place an anon-only block (with account creation permitted) on the specific IP, allowing logged-in users to edit from it.
Ideally, there should perhaps be some way to place a "null block" that would do nothing except override less specific blocks. But in practice, the workaround using an anon-only block seems almost as good to me.
The block message should, of course, say something like "please log in to edit from this IP address".