Menu
▾
▴
[Astlinux-commits] SF.net SVN: astlinux:[5729] branches/1.0
|
From: <abe...@us...> - 2012-11-01 06:16:39
|
Revision: 5729
http://astlinux.svn.sourceforge.net/astlinux/?rev=5729&view=rev
Author: abelbeck
Date: 2012-11-01 06:16:32 +0000 (Thu, 01 Nov 2012)
Log Message:
-----------
lighttpd, add new variable PHONEPROV_ALLOW to limit access to /phoneprov/ by IP address
Modified Paths:
--------------
branches/1.0/package/lighttpd/lighttpd.conf
branches/1.0/package/lighttpd/lighttpd.init
branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
Modified: branches/1.0/package/lighttpd/lighttpd.conf
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.conf 2012-11-01 03:26:03 UTC (rev 5728)
+++ branches/1.0/package/lighttpd/lighttpd.conf 2012-11-01 06:16:32 UTC (rev 5729)
@@ -141,4 +141,10 @@
@CLI_PROXY_SERVER@}
@PHONEPROV@alias.url = ( "/phoneprov/" => "/mnt/kd/phoneprov/" )
+@PHONEPROV@
+@PHONEPROV@$HTTP["url"] =~ "^/phoneprov/" {
+@PHONEPROV@ $HTTP["remoteip"] !~ "^(@PHONEPROV_ALLOW@)$" {
+@PHONEPROV@ url.access-deny = ( "" )
+@PHONEPROV@ }
+@PHONEPROV@}
Modified: branches/1.0/package/lighttpd/lighttpd.init
===================================================================
--- branches/1.0/package/lighttpd/lighttpd.init 2012-11-01 03:26:03 UTC (rev 5728)
+++ branches/1.0/package/lighttpd/lighttpd.init 2012-11-01 06:16:32 UTC (rev 5729)
@@ -76,6 +76,20 @@
else
phoneprov="#"
fi
+ if [ -n "$PHONEPROV_ALLOW" ]; then
+ # Replace . with \. then replace * with .* for Regex match
+ # Match: "^($phoneprov_allow)$"
+ pp_allow="${PHONEPROV_ALLOW//./\.}"
+ pp_allow="${pp_allow//\*/.!}" # Use ! for now, replace to * shortly
+ phoneprov_allow=""
+ unset IFS
+ for i in $pp_allow; do
+ phoneprov_allow="$phoneprov_allow${phoneprov_allow:+|}$i"
+ done
+ phoneprov_allow="${phoneprov_allow//!/*}" # Replace ! with *
+ else
+ phoneprov_allow=".*"
+ fi
sed -i -e "s|@HOSTNAME@|${HOSTNAME}|g" \
-e "s|@HTTPDIR@|${httpdir}|g" \
@@ -89,6 +103,7 @@
-e "s|@IPV6@|${ipv6}|g" \
-e "s|@CLI_PROXY_SERVER@|${cli_proxy_server}|g" \
-e "s|@PHONEPROV@|${phoneprov}|g" \
+ -e "s!@PHONEPROV_ALLOW@!${phoneprov_allow}!g" \
/tmp/etc/lighttpd.conf
}
Modified: branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf
===================================================================
--- branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2012-11-01 03:26:03 UTC (rev 5728)
+++ branches/1.0/project/astlinux/target_skeleton/stat/etc/rc.conf 2012-11-01 06:16:32 UTC (rev 5729)
@@ -304,6 +304,15 @@
HTTP_ACCESSLOG="no" # Enable access logging in /var/log/lighttpd/access.log
HTTPCGI="no"
+## HTTP and HTTPS /phoneprov/ directory server, useful for IP Phone provisioning
+## If the directory "/mnt/kd/phoneprov/" exists, this will be served as /phoneprov/
+## Limit access by IPv4 or IPv6 addresses using a space separated list of IP addresses.
+## Use the * character to match any number of any characters (expands to .* for regex match).
+## Note: Do not use CIDR notation, the IP is matched via a regular expression.
+## The default is to allow all IP's, PHONEPROV_ALLOW="*"
+## Example: PHONEPROV_ALLOW="10.10.10.* 2001:db8:1:* 192.168.101.20"
+#PHONEPROV_ALLOW="*"
+
## NTPd Server
## Note: also see NTPSERVS in the "General Configuration" section.
## Enable NTP broadcasts to local LAN(s). Use with something like
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
