[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Allow|DenyConnectionsFrom wildcard matching in 2.0.0
|
From: |
Frank Smith |
|
Subject: |
Allow|DenyConnectionsFrom wildcard matching in 2.0.0 |
|
Date: |
Tue, 07 May 2002 16:08:10 -0500 |
Upon trying to add a new client to a cfengine setup, I discovered an
unexpected result of wildcard matches. The examples show that the
allow and deny can be either addresses (w.x.y.z) or subnets (w.x.y).
It appears that it is actually a substring match that is being
performed which has some unusual results. I had this entry in my
cfservd.conf:
DenyConnectionsFrom = ( 10.1.38.8 )
This was working as I expected. Then when I tried to set up a host
that happened to be 10.1.38.84 I kept getting connection refused
messages from cservd. After much trial and error I figured out that
the deny rule was matching 10.1.38.8* as well as 10.1.38.8, so I
had to change the deny rule to be ( 10.1.38.08 ) so that .84 would
work, but now I'm not sure if I'm still denying 10.1.38.8
Does anyone know exactly how the wildcards work?
Frank
--
Frank Smith fsmith@hoovers.com
Systems Administrator Voice: 512-374-4673
Hoover's Online Fax: 512-374-4501
- Allow|DenyConnectionsFrom wildcard matching in 2.0.0,
Frank Smith <=