[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Extend peername styles in ACL (ITS#2907)
- To: ando@sys-net.it
- Subject: Re: Extend peername styles in ACL (ITS#2907)
- From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Date: Wed, 07 Jan 2004 22:00:46 -0800
- Cc: openldap-devel@OpenLDAP.org
- In-reply-to: <200401072210.i07MAYrY017681@boole.openldap.org>
- References: <200401072210.i07MAYrY017681@boole.openldap.org>
I dislike much of this, especially apply tree styles to IP addresses.
Even for PATH, they seem terrible useful.
For IP addresses, I rather see support for addr[/masklen][{ports}]
and/or addr[:mask][{ports}] where ports is a comma separated list
of port[-port], e.g., 127.0.0.0/8{10,12-30,200).
For PATH, I see no need for anything other than exact and regex.
Kurt
At 02:10 PM 1/7/2004, ando@sys-net.it wrote:
>Full_Name: Pierangelo Masarati
>Version: HEAD
>OS: Linux
>URL: http://www.sys-net.it/~ando/Download/peername-style-improvements.patch
>Submission from: (NULL) (81.72.89.40)
>Submitted by: ando
>
>
>This patch provides extended styles for peername which improve the semantics
>of the ACL clause and provide more efficient means to deal with typical issues
>(e.g. exact or most significant IP match without dealing with the port and so).
>
>See also ITS#2904
>
>p.