Menu
▾
▴
Re: [SSHGuard-users] [Proposal] Handle End-of-line comments in Whitelists
|
From: Kevin Z. <kev...@gm...> - 2020-05-13 16:33:23
|
Hi Kevin, On 5/13/20 2:33 AM, Kevin Buckley wrote: > having noticed that someone added an entry, into a whitelist file, > that was already covered by a range further up the file, it struck me > that it might be useful if there could be comments after the > to-be-whitelisted IP address or range, eg That would be a welcome change. > Looking into the code I've the following patch would achieve the > desired result (although strsep() isn't as portable as a much more > convoluted strtok() based "soultion") but there may be some test > cases you have that I can't check against. > > Any clues/pointers there and/or would there be any interest in > developing this idea so that it does? (Or just accepting it as is, if > it passes your tests!) I will take a closer look soon, but I'm inclined to accept this patch "as is". Without checking too closely, it seems like strsep() is available on all of the platforms listed on SSHGuard's download page. > Furthermore, would there be any interest in having an extra flag, in > the blocker, that would "turn on" some logging of successful parsing > of the whitelist, that could then be used in testing (some people > here still aren't convinced) and, whilst I'm at that, I could even > expand the usage() function to spit out the option flags and a brief > description, rather than just, well, you know what it does at > present. What about a separate test program like 'sshg-whitelist' that takes IP addresses on stdin and filters whitelisted addresses away from stdout? And some documentation, of course, suggesting that it's there. Regards, Kevin -- Kevin Zheng kev...@gm... | ke...@be... XMPP: ke...@ee... |
