diff --git a/config.lua b/config.lua
index d555456..31df366 100644
--- a/config.lua
+++ b/config.lua
@@ -4,10 +4,10 @@ logdir = "/usr/local/nginx/logs/hack/"
 UrlDeny="on"
 Redirect="on"
 CookieMatch="on"
-postMatch="on" 
-whiteModule="on" 
-ipWhitelist={"127.0.0.1"}
-ipBlocklist={"1.0.0.1"}
+postMatch="on"
+whiteModule="on"
+ipWhitelist={"127.0.0.1","192.168.1.0-192.168.255.255"}
+ipBlocklist={"1.0.0.1","2.0.0.0-2.0.0.255"}
 CCDeny="off"
 CCrate="100/60"
 html=[[Please go away~~ ]]
diff --git a/init.lua b/init.lua
index d7970e9..ec471e2 100644
--- a/init.lua
+++ b/init.lua
@@ -4,7 +4,7 @@ local ngxmatch=ngx.re.match
 local unescape=ngx.unescape_uri
 local get_headers = ngx.req.get_headers
 local optionIsOn = function (options) return options == "on" and true or false end
-logpath = logdir 
+logpath = logdir
 rulepath = RulePath
 UrlDeny = optionIsOn(UrlDeny)
 PostCheck = optionIsOn(postMatch)
@@ -17,13 +17,25 @@ Redirect=optionIsOn(Redirect)
 function getClientIp()
         IP = ngx.req.get_headers()["X-Real-IP"]
         if IP == nil then
-                IP  = ngx.var.remote_addr 
+                IP  = ngx.var.remote_addr
         end
         if IP == nil then
                 IP  = "unknown"
         end
         return IP
 end
+function ipToDecimal(ckip)
+    local n = 4
+    local decimalNum = 0
+    local pos = 0
+    for s, e in function() return string.find(ckip, '.', pos, true) end do
+        n = n - 1
+        decimalNum = decimalNum + string.sub(ckip, pos, s-1) * (256 ^ n)
+        pos = e + 1
+        if n == 1 then decimalNum = decimalNum + string.sub(ckip, pos, string.len(ckip)) end
+    end
+    return decimalNum
+end
 function write(logfile,msg)
     local fd = io.open(logfile,"ab")
     if fd == nil then return end
@@ -81,7 +93,7 @@ function whiteurl()
         if wturlrules ~=nil then
             for _,rule in pairs(wturlrules) do
                 if ngxmatch(ngx.var.request_uri,rule,"imjo") then
-                    return true 
+                    return true
                  end
             end
         end
@@ -203,23 +215,44 @@ end
 
 function whiteip()
     if next(ipWhitelist) ~= nil then
+        local cIP = getClientIp()
+        local numIP = 0
+        if cIP ~= "unknown" then numIP = tonumber(ipToDecimal(cIP))  end
         for _,ip in pairs(ipWhitelist) do
-            if getClientIp()==ip then
+            local s, e = string.find(ip, '-', 0, true)
+            if s == nil and cIP == ip then
                 return true
+            elseif s ~= nil then
+                sIP = tonumber(ipToDecimal(string.sub(ip, 0, s - 1)))
+                eIP = tonumber(ipToDecimal(string.sub(ip, e + 1, string.len(ip))))
+                if numIP >= sIP and numIP <= eIP then
+                   return true
+                end
             end
         end
     end
-        return false
+    return false
 end
 
 function blockip()
-     if next(ipBlocklist) ~= nil then
-         for _,ip in pairs(ipBlocklist) do
-             if getClientIp()==ip then
-                 ngx.exit(403)
-                 return true
-             end
-         end
-     end
-         return false
+    if next(ipBlocklist) ~= nil then
+        local cIP = getClientIp()
+        local numIP = 0
+        if cIP ~= "unknown" then numIP = tonumber(ipToDecimal(cIP)) end
+        for _,ip in pairs(ipBlocklist) do
+            local s, e = string.find(ip, '-', 0, true)
+            if s == nil and cIP == ip then
+                ngx.exit(403)
+                return true
+            elseif s ~= nil then
+                sIP = tonumber(ipToDecimal(string.sub(ip, 0, s - 1)))
+                eIP = tonumber(ipToDecimal(string.sub(ip, e + 1, string.len(ip))))
+                if numIP >= sIP and numIP <= eIP then
+                    ngx.exit(403)
+                    return true
+                end
+            end
+        end
+    end
+    return false
 end