From: Andrew R. <ar...@we...> - 2006-07-23 01:54:03
|
This patch allows the user to decide if telnet connections from localhost are allowed unconditionally (current behaviour), or are subject to the same restrictions as remote connections. Previous discussion on this topic can be found at http://tinyurl.com/oecw3 A new config option has been added (cli_trust_localhost), which is set to "yes" in startup-config.default in an attempt to preserve the existing behaviour. When cli_trust_localhost=no, connections from localhost are logged at debug level 3, with the extra message "Treating localhost as remote" - this allows the existing log messages to remain unchanged, so it shouldn't break any log-parsing scripts the user may have. Two versions of the patch are attached - one against the latest release (2.1.19) and one against CVS HEAD as of Mon Jul 24 01:20:16 UTC 2006 Feedback welcome. Cheers Andrew |