[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] 2.0b8_ma7.4pre, some insights into the texpire problem



> Matthias Andree:

> For example, try (adjust paths as necessary):
> 
> /usr/local/bin/tcpserver -v 127.0.0.1 119 \
> /usr/local/bin/argv0 /usr/sbin/tcpd \
> /usr/local/sbin/leafnode

i have a working djb-ware infrastructure, so something similiar was what i
did, and it works.

> tcpserver has a native access control mechanism (-x option), but that
> involves "compiling" a text file into a cdb format with tcprules, if you
> forget that after changing the rules file, you're stuck with the old
> rules. However, it may be useful in case 

no problem.

> That's a good idea, I'll put that on my TODO list. I'm also considering
> adding a NOPOSTING environment variable, if that's set, any posting is
> denied, which might be useful when used with tcpserver -x leafnode.cdb
> or tcpd, for example (hosts.allow):
> 
> (with HOSTS_OPTIONS)
> 
> leafnode : 127.0.0.1, 192.168.0.1 
> leafnode : 192.168.0.4 : setenv NOPOSTING ""
> leafnode : ALL : DENY
> 
> Either way, 127.0.0.1 and 192.168.0.1 would have access, 192.168.0.4
> would have read-only access, and everybody else would see the 502 message.

that's a very good idea.  i have an /etc/tcp.nntp in preparation for this:

# tcp.nntp
127.:allow
192.168.0.4:allow,NOPOSTING=""
:deny

clemens

-- 
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list