tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francis GALIEGUE <...@one2team.com>
Subject Re: Denying IPs using the Valve command in context.xml
Date Wed, 05 Oct 2011 14:01:44 GMT
On Wed, Oct 5, 2011 at 15:57, Mark H. Wood <mwood@iupui.edu> wrote:
> Part of the problem with this valve is that regex matching is such a
> (IMHO) bizarre choice for IP address matching.  IP addresses have a
> structure which is very unlike text, and the customary and expected
> matches take a bit of finagling to do in regexes.
>
> I should try writing netmask and CIDR address matchers.
>

I'm doing just that at the moment :p

https://issues.apache.org/bugzilla/show_bug.cgi?id=51953

> Likewise the hostname valve.  Domain names also are structured, and
> people who have just discovered the valve may be expecting quite a
> different type of matching than what they get.  I had to read the
> documentation very slowly and carefully before I could get the
> customary match styles out of my head.
>
> Again, I should try writing a DNS-style globber.  It might be fun.
> (But don't hold your breath waiting for it.)
>

Ideally, all of Apache's "allow from" and "deny from" (along with
Order while we are at it) could/should be implemented. I'm starting
with the most simple case of all.

It'll be fun to implement, say, 10., .mydomain.com and such...

-- 
Francis Galiegue
ONE2TEAM
Ingénieur système
Mob : +33 (0) 683 877 875
Tel : +33 (0) 178 945 552
fge@one2team.com
40 avenue Raymond Poincaré
75116 Paris

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message