HTTP Restricted Access

[George Goundras]

Kostas Lialiambis wrote:
> Alh8eia, bre Simo, to exei deis ka8oloy ayto to feature (egw kapws dyskolo
[...]
> 
> O Ricudis moy proteine na kanw ena tcp wrapper (les kai o programmatismos
> kati tetoioy einai ypo8esh merikwn wrwn gia mena). Telos pantwn, egw me
> xairomai oti koytsa straba dinw panta lysh, m' ayta ta liga poy 3erw, asxeta
> an h lysh einai koyfh. P.x. sto sygkekrimeno problhma, opws eipa, akribws
> sto shmeio poy o httpd exei anoi3ei to connection  alla prin kanei process
> to request, ton ebala na ektelei:
> 
> system("ipfwadm -I -i deny -S $(getpeername %d|tail -1)/32 -D 0.0.0.0/0
> 80 -P tcp -y");
> 
> opoy %d to connection poy prepei na perasei san parametro sthn diatagh
> /usr/bin/getpeername (h opoia epistrefei mia grammh me to socket kai mia
> grammh me to ip to remote host). Etsi o remote host firewalliazetai alla
> epeidh hdh exei anoi3ei ena connection ayto mporei na metaferei sthn
> synexeia to arxiko request toy.
> 
> Einai 8eokoyfo alla... IT WORKS! (yeah!!)
> 
> Kor.

Wraio aytoy toy eidoys to "patch" poy eftiakses...
Mporei na to kanei o opoiosdhpote gia na periorisei etsi ta open connections?

Telos,h0ela na rwthsw ,to ipfwadm se poio paketo brisketai? Einai default egkatsimheno
me to linux h einai se kanena paketo toy typoy IP Masquerade ktl...

Filika,
George
--
====================================================================
Gia na mathete pos na xrisimopoiite ton majordomo, stilte e-mail
sto "majordomo at argos.hol.gr" me 1 grammi sto keimeno: help
Ta archives tis listas einai sto http://www.argos.hol.gr/lists
Gia opoiodipote problima stilte  e-mail ston owner-linux-greek-users
====================================================================