httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Wechner <michael.wech...@wyona.org>
Subject Re: [users@httpd] [mod_access] IP range
Date Wed, 23 Jul 2003 20:04:40 GMT
Jeff Cohen wrote:

>It just doesn't, even IIS does not support this type of range.
>if in IIS you'll specify that range you'll see that it will change it 
>from a range to two individual IPs by default.
>
ok. But I think from a user point of view it makes sense to offer such 
an option, even if it
might be handled differently on the back side.  Or does such a config 
option lead  to a security
problem?

>That's subnetting, a part of networking - we can't do much about it.
>

I guess I have to read more about subnetting to understand where this 
restriction comes from.

Thanks and all the best

Michael

>
>All the best,
>Jeff Cohen
>Support@gej-it.com
>
>-----Original Message-----
>From: Michael Wechner <michael.wechner@wyona.org>
>To: users@httpd.apache.org
>Date: Wed, 23 Jul 2003 16:06:17 +0200
>Subject: Re: [users@httpd] [mod_access] IP range
>
>  
>
>>Jeff Cohen wrote:
>>    
>>
>>>This called subnetting.
>>>To deny or to allow access to certain hosts in the network, use
>>>      
>>>
>>subnetting,
>>    
>>
>>>for large networks use super-netting.
>>>You might be able to use: 192.168.0.71/32 192.168.0.72/32
>>>      
>>>
>>well, if I understand it correctly then this is the same as
>>
>>192.168.0.71/255.255.255.255 192.168.0.72/255.255.255.255.255 ...
>>
>>but which means I have to specify all the IP numbers within this range.
>>
>>Why doesn't the module support something like
>>"192.168.0.71-192.168.0.72"
>>
>>Thanks
>>
>>Michael
>>
>>
>>    
>>
>>>All the best,
>>>Jeff Cohen
>>>Support@GEJ-IT.com
>>>Tel. (416) 917-2324
>>>www.GEJ-IT.com
>>>GEJ-IT Networks!
>>>
>>>
>>>
>>>
>>>      
>>>
>>>>-----Original Message-----
>>>>From: Michael Wechner [mailto:michael.wechner@wyona.org]
>>>>Sent: Tuesday, July 22, 2003 9:23 AM
>>>>To: users@httpd.apache.org
>>>>Subject: [users@httpd] [mod_access] IP range
>>>>
>>>>Hi
>>>>
>>>>Is there a security reason (or another) why you can't specify
>>>>an IP range by a first host address and a last host address within
>>>>the Allow directive of mod_access?
>>>>
>>>>For instance the range 192.168.0.71 - 192.168.0.72 is quite tricky
>>>>to define with network addresses and network masks.
>>>>
>>>>Thanks
>>>>
>>>>Michael
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>--
>>>>Michael Wechner
>>>>Wyona Ltd.  -   Open Source Content Management   -   Apache Lenya
>>>>http://www.wyona.com              http://cocoon.apache.org/lenya/
>>>>michael.wechner@wyona.com                        michi@apache.org
>>>>
>>>>
>>>>---------------------------------------------------------------------
>>>>The official User-To-User support forum of the Apache HTTP Server
>>>>        
>>>>
>>Project.
>>    
>>
>>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>>        
>>>>
>>>
>>>---------------------------------------------------------------------
>>>The official User-To-User support forum of the Apache HTTP Server
>>>      
>>>
>>Project.
>>    
>>
>>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>>For additional commands, e-mail: users-help@httpd.apache.org
>>>
>>>
>>>      
>>>
>>-- 
>>Michael Wechner
>>Wyona Ltd.  -   Open Source Content Management   -   Apache Lenya
>>http://www.wyona.com              http://cocoon.apache.org/lenya/
>>michael.wechner@wyona.com                        michi@apache.org
>>
>>
>>---------------------------------------------------------------------
>>The official User-To-User support forum of the Apache HTTP Server
>>Project.
>>See <URL:http://httpd.apache.org/userslist.html> for more info.
>>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail: users-help@httpd.apache.org
>>    
>>
>
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>  
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message