[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: granting/denying access based on client ip address



Hello Stanley,

* Stanley wrote:

> hi , everybody
> 
> IS there a way to grant/deny access to your ldapserver
> 
> based on client ip address??

TCPwrappers!
> 
> - TCPwrappers:

[some text about tcpwrapper]
> 
> TCPwrappper is not such a good idea since it means
> that you don't have a standalone slapd daemon , thus 
> performance goes down.

If your slapd is compiled against libwrap you can use 
IP-based ACL's without inetd!

ldd `which slapd`|grep libwrap
        libwrap.so.0 => /lib/libwrap.so.0 (0x4025f000)

-- 
bye

Waldemar