[Boa-devel] patch: access control
Brought to you by:
jnelson
Menu
▾
▴
[Boa-devel] patch: access control
|
From: <lib...@gm...> - 2003-04-03 23:47:31
|
Hi all,
attached is a patch against boa-0.94.14rc16 which modifies the
Allow/Deny feature as follows:
1) set one default rule for a pattern
syntax: Allow {pattern}
[the old access control]
2) set arbitrary rules based on IP & netmask
syntax: Allow {pattern} {ip}
or: Allow {pattern} {ip}/{netmask}
if not set, the default is to allow.
if the pattern is not an absolute path, it is prefixed with the document
root.
problems:
1) this is not ipv6 ready
2) the ordering of rules may require some thinking...
searching for matching entries stops after the first match (on both
levels; patterns first). thus something like this would not work:
---
Deny private/*
Allow private/* 127.0.0.1
#fine till here, but assume you want to
Allow private/something.html 192.168.5.0/24
---
this is a new pattern, but requests to it would match the earlier
private/* pattern and never reach the new one.
think huffman codes ;-)
any comments howto improve this?
by the way: thanks for boa
regards,
tok
ps: please cc to s.k6[at]hamburg[dot]de when replying, i'm not on the list
--
+++ GMX - Mail, Messaging & more http://www.gmx.net +++
Bitte lächeln! Fotogalerie online mit GMX ohne eigene Homepage! |