httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <rainer.j...@kippdata.de>
Subject [Proposal for trunk] Extending RewriteMap, Reusing ip network matches
Date Thu, 17 Dec 2009 12:38:22 GMT
1) Extending RewriteMap
=======================

I plan to extend key file handling in text file RewriteMap. At the 
moment keys are always matched as exact strings against the map. I want 
to add the ability to alternatively

a) match via regexp (and replace backreferences in the found values)
b) match via ip network notation like e.g. used in "Require ip ..."

This could be expressed in the configuration by adding another token 
after type:source, e.g. "exact", "regexp", "ip", where "exact" is the 
default.

Of course a) can be achieved without RewriteMap with a list of 
RewriteRules, but if you need a long list, the map is easier to maintain 
and understand, and it's also reloaded atomatically.

For b) there is no other solution at the moment.

2) Further reuse of ip network matches
======================================

a) RewriteCond

Furthermore I would like to extend RewriteCond with another CondPattern 
that matches ip addresses in the way noted under b) above, i.e. using ip 
address and network notation. It is very clumsy and not robust to try to 
do that via regexps. For that we would need to decide on another prefix 
character to use in the CondPattern, like e.g.

RewriteCond %{REMOTE_ADDR} @195.227.30.128/25

The preifx character "@" needs to be chosen carefully to prevent most 
existing RewriteCond lines from being broken (in case they already start 
with this prefix). Alternatively it could be done using a new flag.

b) SetEnvIf

The same extension could be added to SetEnvIf:

SetEnvIf Remote_Addr @195.227.30.128/25 isTrusted

Any comments? I'm willing to work on the implementation, but I'd like to 
hear, whether there are arguments against it.

Thanks!

Rainer


Mime
View raw message