When adding IPv6 address ranges to the "Global list of Excluded IPs", I initially assumed that ranges must be represented using * in place of variable octets/groups, since this is the only syntax specified in the adjacent helptext. Unfortunately, for IPv6 addresses this results in matching against the first 4 - count('*') octets, rather than 16 - 2*count('*') octets, since sanitizeIpRange assumes addresses with '*' are IPv4. For a /64 this results in excluding all IPv6 addresses.

It would be great if the helptext could be updated to mention the option of using CIDR notation (for IPv4 and IPv6) and/or if sanitizeIpRange supported wildcards in IPv6 addresses. Additionally, if an invalid address range (e.g. wildcard in IPv6) is specified, displaying and/or logging an error would be very helpful for troubleshooting.

Thanks for considering,
Kevin