httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Lewis <...@joe-lewis.com>
Subject Re: deny access to unknow IP addresses
Date Mon, 26 Mar 2007 13:50:28 GMT
devel wrote:
> Hello,
> In 
> conn_rec *connection;
> a can see:
> char *remote_ip;
>
> remote_ip always point to IP of client if server know it?
>   
The server will always know the remote IP address - this is because 
every TCP connection has two end points, a source address and a 
destination.  In order to send packets back to whomever requested the 
connection, the source has to be known.  This is placed into the 
remote_ip of that record.  (I won't go into the dynamics of NAT and 
other network hacks as this is not a TCP/IP discussion arena.)

Joachim gave the correct link for documentation on setting up 
authorization based on known IP addresses with Apache 2.2.

If you must reinvent the wheel, it may be easier to download the Apache 
source code and review the mod_authz_host (or appropriate module for 
your specific apache version) to familiarize yourself with the code path 
of the module.

Joe
-- 
Joseph Lewis <http://sharktooth.org/>
"Divide the fire, and you will sooner put it out." - Publius Syrus

Mime
View raw message