What does the IPv4 Private Address Ranges regex match?

Matches only RFC 1918 private IPv4 addresses: 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16.

Is the IPv4 Private Address Ranges regex ReDoS-safe?

Yes. Manually audited and tested against ReDoS attack strings. Anchors and possessive-style constraints prevent runaway backtracking paths.

Web & Network/IPv4

Verified Safe

IPv4 Private Address Ranges Regex for Java

/^(?:10\.(?:(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\.){2}(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])|172\.(?:1[6-9]|2[0-9]|3[01])\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])|192\.168\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9]))$/

What this pattern does

This page provides a comprehensive, battle-tested regular expression for matching ipv4 private address ranges, ported and verified for Java. A rigorously tested regex reduces debugging time and protects your application from edge-case failures. The snippet below is ready to drop into your Java project — whether you're validating in a Spring Boot controller, a Jakarta EE service, or a standalone utility class.

Java Implementation

Java

// IPv4 Private Address Ranges
// ReDoS-safe | RegexVault — Web & Network > IPv4

import java.util.regex.Pattern;

public class Ipv4PrivateAddressRangesValidator {
    private static final Pattern PATTERN =
        Pattern.compile("^(?:10\\.(?:(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\\.){2}(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])|172\\.(?:1[6-9]|2[0-9]|3[01])\\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])|192\\.168\\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9])\\.(?:25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9][0-9]|[0-9]))$");

    public static boolean validate(String input) {
        return PATTERN.matcher(input).matches();
    }

    // Example
    public static void main(String[] args) {
        System.out.println(validate("10.0.0.1")); // true
    }
}

Test Cases

Matches (Valid)	Rejects (Invalid)
`10.0.0.1`	`11.0.0.1`
`10.255.255.255`	`172.15.0.1`
`172.16.0.1`	`172.32.0.1`
`172.31.255.255`	`192.169.0.1`
`192.168.0.1`	`8.8.8.8`

When to use this pattern

This pattern is drawn from the Web & Network > IPv4 category and carries a ReDoS-safe certification. That matters for Java developers because critical in Java applications since the JVM regex engine uses backtracking and is susceptible to ReDoS without careful pattern design. RegexVault audits patterns against known backtracking attack vectors, ensuring you have the necessary context before using this regex in a high-stakes production environment.

Common Pitfalls

172.16–31 is commonly written incorrectly as 172.(16-31) or 172.1[6-9|2[0-9]|31 — missing the 30 or mishandling the range.

Technical Notes

172.x range uses 1[6-9]|2[0-9]|3[01] to cover exactly 16–31. Three distinct top-level alternations for each private block — no shared suffix, which prevents backtracking.

Have a pattern that belongs in the vault?

Submit it for review — community-verified patterns get credited to your GitHub handle. Free submissions join the queue. Priority review available for $15.

Submit a Pattern