tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francis GALIEGUE <>
Subject Re: Denying IPs using the Valve command in context.xml
Date Wed, 05 Oct 2011 14:01:44 GMT
On Wed, Oct 5, 2011 at 15:57, Mark H. Wood <> wrote:
> Part of the problem with this valve is that regex matching is such a
> (IMHO) bizarre choice for IP address matching.  IP addresses have a
> structure which is very unlike text, and the customary and expected
> matches take a bit of finagling to do in regexes.
> I should try writing netmask and CIDR address matchers.

I'm doing just that at the moment :p

> Likewise the hostname valve.  Domain names also are structured, and
> people who have just discovered the valve may be expecting quite a
> different type of matching than what they get.  I had to read the
> documentation very slowly and carefully before I could get the
> customary match styles out of my head.
> Again, I should try writing a DNS-style globber.  It might be fun.
> (But don't hold your breath waiting for it.)

Ideally, all of Apache's "allow from" and "deny from" (along with
Order while we are at it) could/should be implemented. I'm starting
with the most simple case of all.

It'll be fun to implement, say, 10., and such...

Francis Galiegue
Ingénieur système
Mob : +33 (0) 683 877 875
Tel : +33 (0) 178 945 552
40 avenue Raymond Poincaré
75116 Paris

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message