Configuring multiple subnets in readers.conf...
Julien ÉLIE
julien at trigofacile.com
Mon Mar 9 20:02:31 UTC 2009
Hi Grant,
> I don't know if the *.domain.tld domain name based access controls properly do a reverse and then check the forward DNS to make
> sure that not just any one can make their IP reverse resolve to an allowed name or not. As such I'm not overly keen on doing
> that.
>
> Any suggestions or /fine/ manuals to point me to?
Isn't the man page good enough? :-/
http://www.eyrie.org/~eagle/software/inn/docs/readers.conf.html
The first example is:
hosts: *.example.com
Just to complete what Russ said, you have 8180 characters for your need
of lots of subnets.
See the definition of hosts afterwards:
A comma-separated list of remote hosts, wildmat patterns matching either
hostnames or IP addresses, or IP netblocks specified in CIDR notation.
If a user connects from a host that doesn't match this parameter, this
auth group will not match the connection and is ignored.
Note that if you have a large number of patterns that can't be merged
into broader patterns (such as a large number of individual systems scattered
around the net that should have access), the hosts: parameter may exceed the
maximum line length of 8,192 characters. In that case, you'll need to break
that auth group into multiple auth groups, each with a portion of the hosts
listed in its hosts: parameter, and each assigning the same user identity.
All hosts match if this parameter is not given.
I know this man page is rather long... But it contains useful information!
--
Julien ÉLIE
« La moitié des hommes politiques sont des bons à rien.
Les autres sont prêts à tout. » (Coluche)
More information about the inn-workers
mailing list