[Boa-devel] patch: access control
Brought to you by:
jnelson
From: <lib...@gm...> - 2003-04-03 23:47:31
|
Hi all, attached is a patch against boa-0.94.14rc16 which modifies the Allow/Deny feature as follows: 1) set one default rule for a pattern syntax: Allow {pattern} [the old access control] 2) set arbitrary rules based on IP & netmask syntax: Allow {pattern} {ip} or: Allow {pattern} {ip}/{netmask} if not set, the default is to allow. if the pattern is not an absolute path, it is prefixed with the document root. problems: 1) this is not ipv6 ready 2) the ordering of rules may require some thinking... searching for matching entries stops after the first match (on both levels; patterns first). thus something like this would not work: --- Deny private/* Allow private/* 127.0.0.1 #fine till here, but assume you want to Allow private/something.html 192.168.5.0/24 --- this is a new pattern, but requests to it would match the earlier private/* pattern and never reach the new one. think huffman codes ;-) any comments howto improve this? by the way: thanks for boa regards, tok ps: please cc to s.k6[at]hamburg[dot]de when replying, i'm not on the list -- +++ GMX - Mail, Messaging & more http://www.gmx.net +++ Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! |