httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From William A Rowe Jr <wr...@rowe-clan.net>
Subject Re: An ask for eyes on proposal
Date Fri, 09 Jun 2017 02:53:38 GMT
AIUI, yes, since the absolute 1-arg on|off boolean syntax would be
preserved. Those would be disallowed for other patterns (e.g. any
IP-looking thing subsumes and precludes using the first pattern.)
'On' devolves to 0.0.0.0/32 (any match).

Just pointing out I'm still not convinced it's entirely fleshed out, but
am certainly not going to object if others finish reviewing the patch
and feature at whatever level of progress it's at. I wouldn't vote for
it for 2.4.27 either, but that's simply our difference of opinion on
creeping featurism; I won't stand in the way, but won't participate.

Cheers,

Bill



On Thu, Jun 8, 2017 at 4:46 PM, Jim Jagielski <jim@jagunet.com> wrote:
> Is expansion of the syntax something that could be folded in
> for 2.4.27?
>
>> On Jun 8, 2017, at 2:51 PM, William A Rowe Jr <wrowe@rowe-clan.net> wrote:
>>
>> [Again, using all the words]
>>
>> On Thu, Jun 8, 2017 at 12:30 PM, Daniel Ruggeri <druggeri@primary.net> wrote:
>>> Hi, all;
>>> With the proposal to T&R set for Monday, I wanted to draw attention to the
>>> PROXY protocol proposal in STATUS. Just hoping for a quick review. I know it
>>> appears to be a large change, but as I worked through the feedback, ten of
>>> the commits effectively got coded out. What we are left with is essentially
>>> just the donated code + safety around IPv6 + the ability to designate
>>> subnets that do not get PROXY processing.
>>
>> The one change I've been considering is to expand this syntax;
>>
>> RemoteIPProxyProtocol On|Off
>>
>> to
>>
>> RemoteIPProxyProtocol [On|Off|host|range [host|range]...]
>>
>> Rather than rely on RemoteIPProxyProtocolExceptions (which
>> was a great addition, thank you), I like configuring systems
>> with whitelists rather than blacklists, when available. Although
>> it's nebulous which is the whitelist and which is the blacklist,
>> in this case :)
>

Mime
View raw message