diff --git a/libretroshare/src/retroshare/rsbanlist.h b/libretroshare/src/retroshare/rsbanlist.h
index e465c35f0..6d752bce0 100644
--- a/libretroshare/src/retroshare/rsbanlist.h
+++ b/libretroshare/src/retroshare/rsbanlist.h
@@ -80,10 +80,25 @@ public:
     virtual void enableIPFiltering(bool b) =0;
     virtual bool ipFilteringEnabled() =0;
 
-    virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,const std::string& comment) =0;
+    // addIpRange()/removeIpRange()
+    // 	addr: 		full IPv4 address. Port is ignored.
+    // 	masked_bytes: 	0=full IP, 1="/24", 2="/16"
+    // 	list_type: 	RSBANLIST_CHECKING_FLAGS_BLACKLIST or RSBANLIST_CHECKING_FLAGS_WHITELIST
+    // 	comment: 	anything, user-based.
+
+    virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type,const std::string& comment) =0;
+    virtual void removeIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type) =0;
+
+    // isAddressAccepted()
+    // 	addr: 		full IPv4 address. Port is ignored.
+    // 	checking flags: any combination of  RSBANLIST_CHECKING_FLAGS_BLACKLIST and RSBANLIST_CHECKING_FLAGS_WHITELIST
+    // 	check_result: 	returned result of the check in RSBANLIST_CHECK_RESULT_*
+    // 	returned value: true=address is accepted, false=address is rejected.
 
     virtual bool isAddressAccepted(const struct sockaddr_storage& addr,uint32_t checking_flags,uint32_t& check_result) =0;
-    virtual void getListOfBannedIps(std::list<BanListPeer>& list) =0;
+
+    virtual void getBannedIps(std::list<BanListPeer>& list) =0;
+    virtual void getWhiteListedIps(std::list<BanListPeer>& list) =0;
 
     virtual bool autoRangeEnabled() =0;
     virtual void enableAutoRange(bool b) =0 ;
diff --git a/libretroshare/src/services/p3banlist.cc b/libretroshare/src/services/p3banlist.cc
index 5f6b476e7..2bd8929f1 100644
--- a/libretroshare/src/services/p3banlist.cc
+++ b/libretroshare/src/services/p3banlist.cc
@@ -238,36 +238,38 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
     if(!mIPFilteringEnabled)
         return true ;
 
+    std::cerr << "isAddressAccepted(): tested addr=" << sockaddr_storage_iptostring(addr) << ", checking flags=" << checking_flags ;
+
     // we should normally work this including entire ranges of IPs. For now, just check the exact IPs.
 
     sockaddr_storage addr_24 = makeBitsRange(addr,1) ;
     sockaddr_storage addr_16 = makeBitsRange(addr,2) ;
 
-    if(checking_flags & RSBANLIST_CHECKING_FLAGS_WHITELIST)
+    bool white_list_found = false ;
+
+    white_list_found = white_list_found || (mWhiteListedRanges.find(addr_16) != mWhiteListedRanges.end()) ;
+    white_list_found = white_list_found || (mWhiteListedRanges.find(addr_24) != mWhiteListedRanges.end()) ;
+    white_list_found = white_list_found || (mWhiteListedRanges.find(addr   ) != mWhiteListedRanges.end()) ;
+
+    if(white_list_found)
     {
-        bool found = false ;
-
-        found = found || (mWhiteListedRanges.find(addr   ) != mWhiteListedRanges.end()) ;
-        found = found || (mWhiteListedRanges.find(addr_16) != mWhiteListedRanges.end()) ;
-        found = found || (mWhiteListedRanges.find(addr_24) != mWhiteListedRanges.end()) ;
-
-        if(found)
-        {
-            check_result = RSBANLIST_CHECK_RESULT_ACCEPTED ;
-            return true ;
-        }
-        else
-        {
-            check_result = RSBANLIST_CHECK_RESULT_NOT_WHITELISTED ;
-            return false ;
-        }
+        check_result = RSBANLIST_CHECK_RESULT_ACCEPTED ;
+    std::cerr << ". Address is in whitelist. Accepting" << std::endl;
+        return true ;
+    }
+
+    if(checking_flags & RSBANLIST_CHECKING_FLAGS_WHITELIST)
+    {
+        check_result = RSBANLIST_CHECK_RESULT_NOT_WHITELISTED ;
+    std::cerr << ". Address is not whitelist, and whitelist is required. Rejecting" << std::endl;
+        return false ;
     }
 
-#ifdef DEBUG_BANLIST
-    std::cerr << "p3BanList::isAddressAccepted() testing " << sockaddr_storage_iptostring(addr) << " and range " << sockaddr_storage_iptostring(addr_24) ;
-#endif
     if(!(checking_flags & RSBANLIST_CHECKING_FLAGS_BLACKLIST))
+    {
+        std::cerr << ". No blacklisting required. Accepting." << std::endl;
         return true;
+    }
 
     std::map<sockaddr_storage,BanListPeer>::iterator it ;
 
@@ -275,7 +277,7 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
     {
         ++it->second.connect_attempts;
 #ifdef DEBUG_BANLIST
-        std::cerr << " returning false. attempts=" << it->second.connect_attempts << std::endl;
+        std::cerr << " found in blacklisted range " << sockaddr_storage_iptostring(it->first) << "/16. returning false. attempts=" << it->second.connect_attempts << std::endl;
 #endif
     check_result = RSBANLIST_CHECK_RESULT_BLACKLISTED ;
         return false ;
@@ -285,7 +287,7 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
     {
         ++it->second.connect_attempts;
 #ifdef DEBUG_BANLIST
-        std::cerr << " returning false. attempts=" << it->second.connect_attempts << std::endl;
+        std::cerr << "found in blacklisted range " << sockaddr_storage_iptostring(it->first) << "/24.  returning false. attempts=" << it->second.connect_attempts << std::endl;
 #endif
     check_result = RSBANLIST_CHECK_RESULT_BLACKLISTED ;
         return false ;
@@ -295,23 +297,31 @@ bool p3BanList::isAddressAccepted(const sockaddr_storage &addr, uint32_t checkin
     {
         ++it->second.connect_attempts;
 #ifdef DEBUG_BANLIST
-        std::cerr << " returning false. attempts=" << it->second.connect_attempts << std::endl;
+        std::cerr << "found as blacklisted address " << sockaddr_storage_iptostring(it->first) << ".  returning false. attempts=" << it->second.connect_attempts << std::endl;
 #endif
     check_result = RSBANLIST_CHECK_RESULT_BLACKLISTED ;
         return false ;
     }
 
 #ifdef DEBUG_BANLIST
-    std::cerr << " returning true " << std::endl;
+    std::cerr << " not blacklisted. Accepting." << std::endl;
 #endif
     check_result = RSBANLIST_CHECK_RESULT_ACCEPTED ;
     return true ;
 }
-
-void p3BanList::getListOfBannedIps(std::list<BanListPeer> &lst)
+void p3BanList::getWhiteListedIps(std::list<BanListPeer> &lst)
 {
     RS_STACK_MUTEX(mBanMtx) ;
 
+    lst.clear() ;
+    for(std::map<sockaddr_storage,BanListPeer>::const_iterator it(mWhiteListedRanges.begin());it!=mWhiteListedRanges.end();++it)
+        lst.push_back(it->second) ;
+}
+void p3BanList::getBannedIps(std::list<BanListPeer> &lst)
+{
+    RS_STACK_MUTEX(mBanMtx) ;
+
+    lst.clear() ;
     for(std::map<sockaddr_storage,BanListPeer>::const_iterator it(mBanSet.begin());it!=mBanSet.end();++it)
         if(mBanRanges.find(makeBitsRange(it->first,1)) == mBanRanges.end()
                     && mBanRanges.find(makeBitsRange(it->first,2)) == mBanRanges.end())
@@ -321,7 +331,12 @@ void p3BanList::getListOfBannedIps(std::list<BanListPeer> &lst)
         lst.push_back(it->second) ;
 }
 
-void p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,const std::string& comment)
+void p3BanList::removeIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type)
+{
+#warning NOT IMPLEMENTED YET
+}
+
+void p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,uint32_t list_type,const std::string& comment)
 {
     RS_STACK_MUTEX(mBanMtx) ;
 
@@ -342,10 +357,15 @@ void p3BanList::addIpRange(const sockaddr_storage &addr, int masked_bytes,const
 
     sockaddr_storage addrrange = makeBitsRange(addr,masked_bytes) ;
 
-    mBanRanges[addrrange] = blp ;
+    if(list_type == RSBANLIST_CHECKING_FLAGS_BLACKLIST)
+        mBanRanges[addrrange] = blp ;
+    else if(list_type == RSBANLIST_CHECKING_FLAGS_WHITELIST)
+        mWhiteListedRanges[addrrange] = blp ;
+    else
+        std::cerr << "(EE) Cannot add IP range. Bad list_type. Should be eiter RSBANLIST_CHECKING_FLAGS_BLACKLIST or RSBANLIST_CHECKING_FLAGS_WHITELIST" << std::endl;
 }
 
-int	p3BanList::tick()
+int p3BanList::tick()
 {
     processIncoming();
     sendPackets();
diff --git a/libretroshare/src/services/p3banlist.h b/libretroshare/src/services/p3banlist.h
index d84ecc492..8640ab4b0 100644
--- a/libretroshare/src/services/p3banlist.h
+++ b/libretroshare/src/services/p3banlist.h
@@ -62,9 +62,12 @@ public:
     /***** overloaded from RsBanList *****/
 
     virtual bool isAddressAccepted(const struct sockaddr_storage& addr, uint32_t checking_flags,uint32_t& check_result) ;
-    virtual void getListOfBannedIps(std::list<BanListPeer>& list) ;
 
-    virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,const std::string& comment) ;
+    virtual void getBannedIps(std::list<BanListPeer>& list) ;
+    virtual void getWhiteListedIps(std::list<BanListPeer>& list) ;
+
+    virtual void addIpRange(const struct sockaddr_storage& addr,int masked_bytes,uint32_t list_type,const std::string& comment) ;
+    virtual void removeIpRange(const sockaddr_storage &addr, int masked_bytes, uint32_t list_type);
 
     virtual void enableIPFiltering(bool b) ;
     virtual bool ipFilteringEnabled() ;
diff --git a/retroshare-gui/src/gui/settings/ServerPage.cpp b/retroshare-gui/src/gui/settings/ServerPage.cpp
index 98a31431c..6480ced94 100755
--- a/retroshare-gui/src/gui/settings/ServerPage.cpp
+++ b/retroshare-gui/src/gui/settings/ServerPage.cpp
@@ -72,12 +72,14 @@ ServerPage::ServerPage(QWidget * parent, Qt::WindowFlags flags)
     ui.filteredIpsTable->verticalHeader()->hide() ;
 
     QObject::connect(ui.filteredIpsTable,SIGNAL(customContextMenuRequested(const QPoint&)),this,SLOT(ipFilterContextMenu(const QPoint&))) ;
+    QObject::connect(ui.whiteListIpsTable,SIGNAL(customContextMenuRequested(const QPoint&)),this,SLOT(ipWhiteListContextMenu(const QPoint&))) ;
     QObject::connect(ui.denyAll_CB,SIGNAL(toggled(bool)),this,SLOT(toggleIpFiltering(bool)));
     QObject::connect(ui.includeFromDHT_CB,SIGNAL(toggled(bool)),this,SLOT(toggleAutoIncludeDHT(bool)));
     QObject::connect(ui.includeFromFriends_CB,SIGNAL(toggled(bool)),this,SLOT(toggleAutoIncludeFriends(bool)));
     QObject::connect(ui.groupIPRanges_CB,SIGNAL(toggled(bool)),this,SLOT(toggleGroupIps(bool)));
     QObject::connect(ui.groupIPRanges_SB,SIGNAL(valueChanged(int)),this,SLOT(setGroupIpLimit(int)));
-    QObject::connect(ui.ipInputAdd_PB,SIGNAL(clicked()),this,SLOT(addIpRange()));
+    QObject::connect(ui.ipInputAddBlackList_PB,SIGNAL(clicked()),this,SLOT(addIpRangeToBlackList()));
+    QObject::connect(ui.ipInputAddWhiteList_PB,SIGNAL(clicked()),this,SLOT(addIpRangeToWhiteList()));
     QObject::connect(ui.ipInput_LE,SIGNAL(textChanged(const QString&)),this,SLOT(checkIpRange(const QString&)));
 
    QTimer *timer = new QTimer(this);
@@ -171,7 +173,7 @@ void ServerPage::checkIpRange(const QString& ipstr)
     ui.ipInput_LE->setPalette(palette);
 }
 
-void ServerPage::addIpRange()
+void ServerPage::addIpRangeToBlackList()
 {
     QString ipstr = ui.ipInput_LE->text() ;
     sockaddr_storage addr ;
@@ -182,7 +184,21 @@ void ServerPage::addIpRange()
 
     bytes = 4 - ui.ipInputRange_SB->value()/8;
 
-    rsBanList->addIpRange(addr,bytes,ui.ipInputComment_LE->text().toStdString());
+    rsBanList->addIpRange(addr,bytes, RSBANLIST_CHECKING_FLAGS_BLACKLIST,ui.ipInputComment_LE->text().toStdString());
+}
+
+void ServerPage::addIpRangeToWhiteList()
+{
+    QString ipstr = ui.ipInput_LE->text() ;
+    sockaddr_storage addr ;
+    int bytes = 0 ;
+
+    if(!parseAddrFromQString(ipstr,addr,bytes) || bytes != 0)
+        return ;
+
+    bytes = 4 - ui.ipInputRange_SB->value()/8;
+
+    rsBanList->addIpRange(addr,bytes, RSBANLIST_CHECKING_FLAGS_WHITELIST,ui.ipInputComment_LE->text().toStdString());
 }
 
 void ServerPage::clearKnownAddressList()
@@ -394,7 +410,8 @@ void ServerPage::loadFilteredIps()
         ui.ipInput_LE->setEnabled(true) ;
         ui.ipInputRange_SB->setEnabled(true) ;
         ui.ipInputComment_LE->setEnabled(true) ;
-        ui.ipInputAdd_PB->setEnabled(true) ;
+        ui.ipInputAddBlackList_PB->setEnabled(true) ;
+        ui.ipInputAddWhiteList_PB->setEnabled(true) ;
         ui.groupIPRanges_CB->setEnabled(true) ;
         ui.groupIPRanges_SB->setEnabled(true) ;
     }
@@ -407,7 +424,8 @@ void ServerPage::loadFilteredIps()
         ui.ipInput_LE->setEnabled(false) ;
         ui.ipInputRange_SB->setEnabled(false) ;
         ui.ipInputComment_LE->setEnabled(false) ;
-        ui.ipInputAdd_PB->setEnabled(false) ;
+        ui.ipInputAddBlackList_PB->setEnabled(false) ;
+        ui.ipInputAddWhiteList_PB->setEnabled(true) ;
         ui.groupIPRanges_CB->setEnabled(false) ;
         ui.groupIPRanges_SB->setEnabled(false) ;
     }
@@ -418,58 +436,62 @@ void ServerPage::loadFilteredIps()
     ui.groupIPRanges_SB->setValue(rsBanList->autoRangeLimit()) ;
 
     std::list<BanListPeer> lst ;
-
-    rsBanList->getListOfBannedIps(lst) ;
+    rsBanList->getBannedIps(lst) ;
 
     ui.filteredIpsTable->setRowCount(lst.size()) ;
 
-    //std::cerr << "Adding " << lst.size() << " entries to table." << std::endl;
-
     int row = 0 ;
     for(std::list<BanListPeer>::const_iterator it(lst.begin());it!=lst.end();++it,++row)
-    {
-       //std::cerr << "  adding banned lst peer: " << print_addr((*it).addr) << std::endl;
+        addPeerToIPTable(ui.filteredIpsTable,row,*it) ;
 
-       ui.filteredIpsTable->setItem(row,COLUMN_RANGE,new QTableWidgetItem(QString::fromStdString(print_addr_range((*it).addr,(*it).masked_bytes)))) ;
+    rsBanList->getWhiteListedIps(lst) ;
+    ui.whiteListIpsTable->setRowCount(lst.size()) ;
 
-       if( (*it).state )
-          ui.filteredIpsTable->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString("active"))) ;
-       else
-          ui.filteredIpsTable->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString(""))) ;
-
-       ui.filteredIpsTable->item(row,COLUMN_STATUS)->setData(Qt::UserRole,QVariant( (*it).state )) ;
-
-       switch((*it).level)
-       {
-       case RSBANLIST_ORIGIN_FOF:  ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend of a friend"))) ;
-          break ;
-       case RSBANLIST_ORIGIN_FRIEND:  ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend"))) ;
-          break ;
-       case RSBANLIST_ORIGIN_SELF:  ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From you"))) ;
-          break ;
-       default:
-       case RSBANLIST_ORIGIN_UNKNOWN:  ui.filteredIpsTable->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("Unknown"))) ;
-          break ;
-       }
-
-       switch( (*it).reason )
-       {
-       case RSBANLIST_REASON_DHT:  ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Bad peer (DHT)"))) ;
-          break ;
-       case RSBANLIST_REASON_USER:  ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Home-made rule"))) ;
-          break ;
-       case RSBANLIST_REASON_AUTO_RANGE:  ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Auto-generated range"))) ;
-                                            ui.filteredIpsTable->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(tr("Range made from %1 collected addresses").arg(QString::number((*it).connect_attempts)))) ;
-          break ;
-       default:
-       case RSBANLIST_REASON_UNKNOWN:  ui.filteredIpsTable->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Unknown"))) ;
-          break ;
-       }
-
-       ui.filteredIpsTable->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(QString::fromStdString((*it).comment))) ;
-    }
+    row = 0;
+    for(std::list<BanListPeer>::const_iterator it(lst.begin());it!=lst.end();++it,++row)
+        addPeerToIPTable(ui.whiteListIpsTable,row,*it) ;
 }
 
+void ServerPage::addPeerToIPTable(QTableWidget *table,int row,const BanListPeer& blp)
+{
+    table->setItem(row,COLUMN_RANGE,new QTableWidgetItem(QString::fromStdString(print_addr_range(blp.addr,blp.masked_bytes)))) ;
+
+    if( blp.state )
+        table->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString("active"))) ;
+    else
+        table->setItem(row,COLUMN_STATUS,new QTableWidgetItem(QString(""))) ;
+
+    table->item(row,COLUMN_STATUS)->setData(Qt::UserRole,QVariant( blp.state )) ;
+
+    switch(blp.level)
+    {
+    case RSBANLIST_ORIGIN_FOF:  table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend of a friend"))) ;
+        break ;
+    case RSBANLIST_ORIGIN_FRIEND:  table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From friend"))) ;
+        break ;
+    case RSBANLIST_ORIGIN_SELF:  table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("From you"))) ;
+        break ;
+    default:
+    case RSBANLIST_ORIGIN_UNKNOWN:  table->setItem(row,COLUMN_ORIGIN,new QTableWidgetItem(QString("Unknown"))) ;
+        break ;
+    }
+
+    switch( blp.reason )
+    {
+    case RSBANLIST_REASON_DHT:  table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Bad peer (DHT)"))) ;
+        break ;
+    case RSBANLIST_REASON_USER:  table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Home-made rule"))) ;
+        break ;
+    case RSBANLIST_REASON_AUTO_RANGE:  table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Auto-generated range"))) ;
+        table->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(tr("Range made from %1 collected addresses").arg(QString::number(blp.connect_attempts)))) ;
+        break ;
+    default:
+    case RSBANLIST_REASON_UNKNOWN:  table->setItem(row,COLUMN_REASON,new QTableWidgetItem(QString("Unknown"))) ;
+        break ;
+    }
+
+    table->setItem(row,COLUMN_COMMENT,new QTableWidgetItem(QString::fromStdString(blp.comment))) ;
+}
 
 
 void ServerPage::toggleGroupIps(bool b) { rsBanList->enableAutoRange(b) ; }
@@ -487,8 +509,7 @@ void ServerPage::ipFilterContextMenu(const QPoint& point)
 
     bool status = item->data(Qt::UserRole).toBool();
 
-    if(!status)
-        contextMenu.addAction(tr("Disable/remove"),this,SLOT(removeBannedIp()))->setEnabled(false) ;
+    contextMenu.addAction(tr("Remove"),this,SLOT(removeBannedIp()))->setEnabled(false) ;
 
     QString addr_string = ui.filteredIpsTable->item(row,COLUMN_RANGE)->text() ;
 
@@ -505,20 +526,115 @@ void ServerPage::ipFilterContextMenu(const QPoint& point)
     QString range1 = QString::fromStdString(print_addr_range(addr,1)) ;
     QString range2 = QString::fromStdString(print_addr_range(addr,2)) ;
 
-    contextMenu.addAction(QObject::tr("Filter IP "          )+range0,this,SLOT(enableBannedIp()))->setEnabled(false) ;
-#warning UNIMPLEMENTED CODE
-    contextMenu.addAction(QObject::tr("Filter entire range ")+range1,this,SLOT(enableBannedIp()))->setEnabled(false) ;
-    contextMenu.addAction(QObject::tr("Filter entire range ")+range2,this,SLOT(enableBannedIp()))->setEnabled(false) ;
+    if(masked_bytes != 0)
+        contextMenu.addAction(QObject::tr("Ban only IP %1").arg(range0),this,SLOT(enableBannedIp()))->setEnabled(false) ;
+
+    if(masked_bytes != 1)
+        contextMenu.addAction(QObject::tr("Ban entire range %2").arg(range1),this,SLOT(enableBannedIp()))->setEnabled(false) ;
+
+    if(masked_bytes != 2)
+        contextMenu.addAction(QObject::tr("Ban entire range %1").arg(range2),this,SLOT(enableBannedIp()))->setEnabled(false) ;
+
+    contextMenu.addAction(QObject::tr("Move IP %1 to whitelist"  ).arg(range0),this,SLOT(moveToWhiteList0())) ;
+    contextMenu.addAction(QObject::tr("Whitelist entire range %1").arg(range1),this,SLOT(moveToWhiteList1())) ;
+    contextMenu.addAction(QObject::tr("whitelist entire range %1").arg(range2),this,SLOT(moveToWhiteList2())) ;
 
     contextMenu.exec(QCursor::pos()) ;
 }
 
+bool ServerPage::removeCurrentRowFromBlackList(sockaddr_storage& collected_addr,int &masked_bytes)
+{
+    int row = ui.filteredIpsTable->currentRow();
+    QTableWidgetItem *item = ui.filteredIpsTable->item(row, COLUMN_STATUS);
+
+    if(item == NULL)
+        return false;
+
+    QString addr_string = ui.filteredIpsTable->item(row,COLUMN_RANGE)->text() ;
+
+    if(!parseAddrFromQString(addr_string,collected_addr,masked_bytes))
+    {
+        std::cerr <<"Cannot parse IP \"" << addr_string.toStdString() << "\"" << std::endl;
+        return false;
+    }
+    rsBanList->removeIpRange(collected_addr,masked_bytes,RSBANLIST_CHECKING_FLAGS_BLACKLIST);
+    return true ;
+}
+
+void ServerPage::moveToWhiteList0()
+{
+    sockaddr_storage addr ;
+    int bytes ;
+
+    removeCurrentRowFromBlackList(addr,bytes) ;
+
+    rsBanList->addIpRange(addr,0,RSBANLIST_CHECKING_FLAGS_WHITELIST, tr("Added by you").toStdString());
+}
+void ServerPage::moveToWhiteList1()
+{
+    sockaddr_storage addr ;
+    int bytes ;
+
+    removeCurrentRowFromBlackList(addr,bytes) ;
+
+    rsBanList->addIpRange(addr,1,RSBANLIST_CHECKING_FLAGS_WHITELIST, tr("Added by you").toStdString());
+}
+void ServerPage::moveToWhiteList2()
+{
+    sockaddr_storage addr ;
+    int bytes ;
+
+    removeCurrentRowFromBlackList(addr,bytes) ;
+
+    rsBanList->addIpRange(addr,2,RSBANLIST_CHECKING_FLAGS_WHITELIST, tr("Added by you").toStdString());
+}
+void ServerPage::ipWhiteListContextMenu(const QPoint& point)
+{
+    QMenu contextMenu(this) ;
+    int row = ui.whiteListIpsTable->currentRow();
+
+    QTableWidgetItem *item = ui.whiteListIpsTable->item(row, COLUMN_STATUS);
+
+    if(item == NULL)
+        return ;
+
+    bool status = item->data(Qt::UserRole).toBool();
+
+    if(!status)
+        contextMenu.addAction(tr("Remove"),this,SLOT(removeWhiteListedIp()))->setEnabled(false) ;
+
+    QString addr_string = ui.whiteListIpsTable->item(row,COLUMN_RANGE)->text() ;
+
+    sockaddr_storage addr ;
+    int masked_bytes ;
+
+    if(!parseAddrFromQString(addr_string,addr,masked_bytes))
+    {
+        std::cerr <<"Cannot parse IP \"" << addr_string.toStdString() << "\"" << std::endl;
+        return ;
+    }
+
+    QString range0 = QString::fromStdString(print_addr_range(addr,0)) ;
+    QString range1 = QString::fromStdString(print_addr_range(addr,1)) ;
+    QString range2 = QString::fromStdString(print_addr_range(addr,2)) ;
+
+    contextMenu.addAction(QObject::tr("Whitelist only IP "          )+range0,this,SLOT(enableBannedIp()))->setEnabled(false) ;
+#warning UNIMPLEMENTED CODE
+    contextMenu.addAction(QObject::tr("Whitelist entire range ")+range1,this,SLOT(enableBannedIp()))->setEnabled(false) ;
+    contextMenu.addAction(QObject::tr("Whitelist entire range ")+range2,this,SLOT(enableBannedIp()))->setEnabled(false) ;
+
+    contextMenu.exec(QCursor::pos()) ;
+}
 void ServerPage::removeBannedIp()
 {
 #warning UNIMPLEMENTED CODE
     std::cerr << "Removing banned IP" << std::endl;
 }
-
+void ServerPage::removeWhiteListedIp()
+{
+#warning UNIMPLEMENTED CODE
+    std::cerr << "Removing White-Listed IP" << std::endl;
+}
 void ServerPage::enableBannedIp()
 {
 #warning UNIMPLEMENTED CODE
diff --git a/retroshare-gui/src/gui/settings/ServerPage.h b/retroshare-gui/src/gui/settings/ServerPage.h
index b20b89df6..81d33f70f 100755
--- a/retroshare-gui/src/gui/settings/ServerPage.h
+++ b/retroshare-gui/src/gui/settings/ServerPage.h
@@ -28,6 +28,8 @@
 
 class QNetworkReply;
 class QNetworkAccessManager;
+class BanListPeer;
+struct sockaddr_storage;
 
 class ServerPage: public ConfigPage
 {
@@ -50,7 +52,12 @@ public slots:
     void updateStatus();
 
 private slots:
-    void addIpRange();
+    void addIpRangeToBlackList();
+    void addIpRangeToWhiteList();
+    void moveToWhiteList0();
+    void moveToWhiteList1();
+    void moveToWhiteList2();
+    void removeWhiteListedIp();
     void checkIpRange(const QString &);
     void setGroupIpLimit(int n);
     void toggleGroupIps(bool b);
@@ -58,6 +65,7 @@ private slots:
     void toggleAutoIncludeFriends(bool b);
     void toggleIpFiltering(bool b);
     void ipFilterContextMenu(const QPoint &);
+    void ipWhiteListContextMenu(const QPoint &point);
     void removeBannedIp();
     void enableBannedIp();
     void saveAddresses();
@@ -71,6 +79,8 @@ private slots:
 private:
 
     // Alternative Versions for HiddenNode Mode.
+    void addPeerToIPTable(QTableWidget *table, int row, const BanListPeer &blp);
+    bool removeCurrentRowFromBlackList(sockaddr_storage& collected_addr,int& masked_bytes);
     void loadHiddenNode();
     void updateStatusHiddenNode();
     void saveAddressesHiddenNode();
diff --git a/retroshare-gui/src/gui/settings/ServerPage.ui b/retroshare-gui/src/gui/settings/ServerPage.ui
index 1ec07da0c..c0b657d60 100755
--- a/retroshare-gui/src/gui/settings/ServerPage.ui
+++ b/retroshare-gui/src/gui/settings/ServerPage.ui
@@ -6,8 +6,8 @@
    <rect>
     <x>0</x>
     <y>0</y>
-    <width>661</width>
-    <height>548</height>
+    <width>722</width>
+    <height>650</height>
    </rect>
   </property>
   <layout class="QVBoxLayout" name="verticalLayout_3">
@@ -502,162 +502,240 @@ behind a firewall or a VPN.</string>
       <attribute name="title">
        <string>IP Filters</string>
       </attribute>
-      <layout class="QVBoxLayout" name="verticalLayout_4">
+      <layout class="QVBoxLayout" name="verticalLayout_11">
        <item>
-        <widget class="QCheckBox" name="denyAll_CB">
-         <property name="text">
-          <string>Deny all connections from the following IP ranges:</string>
+        <widget class="QGroupBox" name="groupBox">
+         <property name="title">
+          <string>IP blacklist</string>
          </property>
+         <layout class="QVBoxLayout" name="verticalLayout_4">
+          <item>
+           <widget class="QCheckBox" name="denyAll_CB">
+            <property name="text">
+             <string>Deny all connections from the following IP ranges:</string>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <widget class="QTableWidget" name="filteredIpsTable">
+            <property name="contextMenuPolicy">
+             <enum>Qt::CustomContextMenu</enum>
+            </property>
+            <property name="toolTip">
+             <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;This list get automatically filled from information gathered at multiple sources: masquerading peers reported by the DHT, IP ranged entered by you, and IP ranges reported by your friends. Default settings should protect you against large scale traffic relaying.&lt;/p&gt;&lt;p&gt;Automatically guessing masquerading IPs can put your friends IPs in the blacklist. This case, use the context menu to whitelist them.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+            </property>
+            <property name="alternatingRowColors">
+             <bool>true</bool>
+            </property>
+            <property name="sortingEnabled">
+             <bool>false</bool>
+            </property>
+            <attribute name="horizontalHeaderStretchLastSection">
+             <bool>true</bool>
+            </attribute>
+            <column>
+             <property name="text">
+              <string>IP range</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Status</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Origin</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Reason</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Comment</string>
+             </property>
+            </column>
+           </widget>
+          </item>
+          <item>
+           <widget class="QCheckBox" name="includeFromFriends_CB">
+            <property name="text">
+             <string>Include the  IPs reported by your friends</string>
+            </property>
+           </widget>
+          </item>
+          <item>
+           <layout class="QHBoxLayout" name="horizontalLayout_11">
+            <item>
+             <widget class="QCheckBox" name="groupIPRanges_CB">
+              <property name="text">
+               <string>Auto-group IPs by ranges when at least :</string>
+              </property>
+             </widget>
+            </item>
+            <item>
+             <widget class="QSpinBox" name="groupIPRanges_SB">
+              <property name="suffix">
+               <string>  IPs</string>
+              </property>
+              <property name="minimum">
+               <number>2</number>
+              </property>
+              <property name="maximum">
+               <number>255</number>
+              </property>
+             </widget>
+            </item>
+            <item>
+             <spacer name="horizontalSpacer_2">
+              <property name="orientation">
+               <enum>Qt::Horizontal</enum>
+              </property>
+              <property name="sizeHint" stdset="0">
+               <size>
+                <width>40</width>
+                <height>20</height>
+               </size>
+              </property>
+             </spacer>
+            </item>
+           </layout>
+          </item>
+          <item>
+           <widget class="QCheckBox" name="includeFromDHT_CB">
+            <property name="text">
+             <string>Automatically include masquerading IPs reported by DHT</string>
+            </property>
+           </widget>
+          </item>
+         </layout>
         </widget>
        </item>
        <item>
-        <widget class="QTableWidget" name="filteredIpsTable">
-         <property name="contextMenuPolicy">
-          <enum>Qt::CustomContextMenu</enum>
+        <widget class="QGroupBox" name="groupBox_2">
+         <property name="title">
+          <string>IP whitelist</string>
          </property>
-         <property name="toolTip">
-          <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;This list get automatically filled from information gathered at multiple sources: masquerading peers reported by the DHT, IP ranged entered by you, and IP ranges reported by your friends. &lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
-         </property>
-         <property name="alternatingRowColors">
-          <bool>true</bool>
-         </property>
-         <property name="sortingEnabled">
-          <bool>false</bool>
-         </property>
-         <attribute name="horizontalHeaderStretchLastSection">
-          <bool>true</bool>
-         </attribute>
-         <column>
-          <property name="text">
-           <string>IP range</string>
-          </property>
-         </column>
-         <column>
-          <property name="text">
-           <string>Status</string>
-          </property>
-         </column>
-         <column>
-          <property name="text">
-           <string>Origin</string>
-          </property>
-         </column>
-         <column>
-          <property name="text">
-           <string>Reason</string>
-          </property>
-         </column>
-         <column>
-          <property name="text">
-           <string>Comment</string>
-          </property>
-         </column>
+         <layout class="QVBoxLayout" name="verticalLayout_9">
+          <item>
+           <widget class="QTableWidget" name="whiteListIpsTable">
+            <property name="contextMenuPolicy">
+             <enum>Qt::CustomContextMenu</enum>
+            </property>
+            <property name="toolTip">
+             <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;White listed IPs are gathered from the following sources: IPs coming inside a manually exchanged certificate, IP ranges entered by you in this window, or in the security feed items.&lt;/p&gt;&lt;p&gt;The default behavior for Retroshare is to disallow connections to peers not in the white-list. You can change this behavior for each peer in the &amp;quot;Details&amp;quot; window of each Retroshare node. If not activated, connections will still be checked w.r.t. the whitelist, and the blacklit above, but will pass if not in the whitelist.&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+            </property>
+            <property name="alternatingRowColors">
+             <bool>true</bool>
+            </property>
+            <property name="sortingEnabled">
+             <bool>false</bool>
+            </property>
+            <attribute name="horizontalHeaderStretchLastSection">
+             <bool>true</bool>
+            </attribute>
+            <column>
+             <property name="text">
+              <string>IP range</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Status</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Origin</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Reason</string>
+             </property>
+            </column>
+            <column>
+             <property name="text">
+              <string>Comment</string>
+             </property>
+            </column>
+           </widget>
+          </item>
+         </layout>
         </widget>
        </item>
        <item>
-        <widget class="QCheckBox" name="includeFromFriends_CB">
-         <property name="text">
-          <string>Include the  IPs reported by your friends</string>
+        <widget class="QGroupBox" name="groupBox_3">
+         <property name="title">
+          <string>Manual input</string>
          </property>
+         <layout class="QVBoxLayout" name="verticalLayout_10">
+          <item>
+           <layout class="QHBoxLayout" name="horizontalLayout_10">
+            <item>
+             <widget class="QLineEdit" name="ipInput_LE">
+              <property name="sizePolicy">
+               <sizepolicy hsizetype="Maximum" vsizetype="Fixed">
+                <horstretch>0</horstretch>
+                <verstretch>0</verstretch>
+               </sizepolicy>
+              </property>
+              <property name="toolTip">
+               <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Enter an IP range.  Accepted formats:&lt;/p&gt;&lt;p&gt;193.190.209.15&lt;/p&gt;&lt;p&gt;193.190.209.15/24&lt;/p&gt;&lt;p&gt;193.190.209.15/16&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+              </property>
+             </widget>
+            </item>
+            <item>
+             <widget class="QSpinBox" name="ipInputRange_SB">
+              <property name="minimum">
+               <number>16</number>
+              </property>
+              <property name="maximum">
+               <number>24</number>
+              </property>
+              <property name="singleStep">
+               <number>8</number>
+              </property>
+              <property name="value">
+               <number>24</number>
+              </property>
+             </widget>
+            </item>
+            <item>
+             <widget class="QLineEdit" name="ipInputComment_LE">
+              <property name="sizePolicy">
+               <sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
+                <horstretch>0</horstretch>
+                <verstretch>0</verstretch>
+               </sizepolicy>
+              </property>
+              <property name="toolTip">
+               <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Enter any comment you'd like&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
+              </property>
+             </widget>
+            </item>
+            <item>
+             <widget class="QPushButton" name="ipInputAddBlackList_PB">
+              <property name="text">
+               <string>Add to blacklist</string>
+              </property>
+             </widget>
+            </item>
+            <item>
+             <widget class="QPushButton" name="ipInputAddWhiteList_PB">
+              <property name="text">
+               <string>Add to whitelist</string>
+              </property>
+             </widget>
+            </item>
+           </layout>
+          </item>
+         </layout>
         </widget>
        </item>
-       <item>
-        <layout class="QHBoxLayout" name="horizontalLayout_11">
-         <item>
-          <widget class="QCheckBox" name="groupIPRanges_CB">
-           <property name="text">
-            <string>Group IPs by ranges when at least :</string>
-           </property>
-          </widget>
-         </item>
-         <item>
-          <widget class="QSpinBox" name="groupIPRanges_SB">
-           <property name="suffix">
-            <string>  IPs</string>
-           </property>
-           <property name="minimum">
-            <number>2</number>
-           </property>
-           <property name="maximum">
-            <number>255</number>
-           </property>
-          </widget>
-         </item>
-         <item>
-          <spacer name="horizontalSpacer_2">
-           <property name="orientation">
-            <enum>Qt::Horizontal</enum>
-           </property>
-           <property name="sizeHint" stdset="0">
-            <size>
-             <width>40</width>
-             <height>20</height>
-            </size>
-           </property>
-          </spacer>
-         </item>
-        </layout>
-       </item>
-       <item>
-        <widget class="QCheckBox" name="includeFromDHT_CB">
-         <property name="text">
-          <string>Include masquerading IPs reported by DHT</string>
-         </property>
-        </widget>
-       </item>
-       <item>
-        <layout class="QHBoxLayout" name="horizontalLayout_10">
-         <item>
-          <widget class="QLineEdit" name="ipInput_LE">
-           <property name="sizePolicy">
-            <sizepolicy hsizetype="Maximum" vsizetype="Fixed">
-             <horstretch>0</horstretch>
-             <verstretch>0</verstretch>
-            </sizepolicy>
-           </property>
-           <property name="toolTip">
-            <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Enter an IP range.  Accepted formats:&lt;/p&gt;&lt;p&gt;193.190.209.15&lt;/p&gt;&lt;p&gt;193.190.209.15/24&lt;/p&gt;&lt;p&gt;193.190.209.15/16&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
-           </property>
-          </widget>
-         </item>
-         <item>
-          <widget class="QSpinBox" name="ipInputRange_SB">
-           <property name="minimum">
-            <number>16</number>
-           </property>
-           <property name="maximum">
-            <number>24</number>
-           </property>
-           <property name="singleStep">
-            <number>8</number>
-           </property>
-           <property name="value">
-            <number>24</number>
-           </property>
-          </widget>
-         </item>
-         <item>
-          <widget class="QLineEdit" name="ipInputComment_LE">
-           <property name="sizePolicy">
-            <sizepolicy hsizetype="MinimumExpanding" vsizetype="Fixed">
-             <horstretch>0</horstretch>
-             <verstretch>0</verstretch>
-            </sizepolicy>
-           </property>
-           <property name="toolTip">
-            <string>&lt;html&gt;&lt;head/&gt;&lt;body&gt;&lt;p&gt;Enter any comment you'd like&lt;/p&gt;&lt;/body&gt;&lt;/html&gt;</string>
-           </property>
-          </widget>
-         </item>
-         <item>
-          <widget class="QPushButton" name="ipInputAdd_PB">
-           <property name="text">
-            <string>Add</string>
-           </property>
-          </widget>
-         </item>
-        </layout>
-       </item>
       </layout>
      </widget>
      <widget class="QWidget" name="TorTAB">