> On Fri, 9 Sep 2005, Matus UHLAR - fantomas wrote:
> >I found out that if I deny users going to 255.255.255.255, it is the same
> >as if I denied going to unknown hostnames:
> >
> >acl bogus dst 255.255.255.255
> >http_access deny bogus
On 11.09 06:01, Henrik Nordstrom wrote:
> I can confirm this from the sources. Why it is done like this I don't
> know.
> >Is this wanted behaviour, a side effect of something (probably when
> >getnostname() returns -1) or a bug? Should I fill a bugreport?
>
> It is explicitly done in the source so I can only assume there is some
> intention behind it, but the source history gives no clues (added in acl.c
> revision 1.25 1996/07/23).
>
> But at least it is somewhat consistent:
>
> IP matches uses 255.255.255.255 if no address could be found (dst,dstasn
> acl)
however, currently I'm not able to differ if someone entered an this IP (or
hostname pointing to this IP) or an invalid hostname, and give people
different error messages.
I probably could make an exemption in denying 240.0.0.0/4 or allow
accessing 255.255.255.255, but I found this sick...
-- Matus UHLAR - fantomas, uhlar@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Christian Science Programming: "Let God Debug It!".Received on Mon Sep 12 2005 - 01:30:08 MDT
This archive was generated by hypermail pre-2.1.9 : Sat Oct 01 2005 - 12:00:03 MDT