15 Apr
2010
15 Apr
'10
12:57 p.m.
Hi, 'ip_addr' and 'mask' columns (in 'address' table) should be a
composite UNIQUE key as it doesn't make sense to have two entries
sharing both values (the module would always take the first one).
This would requiere a change in the DB schema. Opinions?
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
15 Apr
15 Apr
1:03 p.m.
On 04/15/2010 05:57 AM, Iñaki Baz Castillo wrote:
Hi, 'ip_addr' and 'mask' columns (in
'address' table) should be a
composite UNIQUE key as it doesn't make sense to have two entries
sharing both values (the module would always take the first one).
This would requiere a change in the DB schema. Opinions?
What if you want to have the same CIDR block be a member of different
groups (grp) or allow two distinct source ports only (port) from a given
block?
--
Alex Balashov - Principal
Evariste Systems LLC
1170 Peachtree Street
12th Floor, Suite 1200
Atlanta, GA 30309
Tel: +1-678-954-0670
Fax: +1-404-961-1892
Web: http://www.evaristesys.com/
1:05 p.m.
New subject: 'address' table and composite UNIQUE key for 'ip_addr' and 'mask' columns
Iñaki Baz Castillo writes:
Hi, 'ip_addr' and 'mask' columns (in
'address' table) should be a
composite UNIQUE key as it doesn't make sense to have two entries
sharing both values (the module would always take the first one).
This would requiere a change in the DB schema. Opinions?
i think that grp should also be included in the unique key.
-- juha
1:51 p.m.
New subject: 'address' table and composite UNIQUE key for 'ip_addr' and 'mask' columns
2010/4/15 Juha Heinanen <jh(a)tutpro.com>om>:
Juha Heinanen writes:
I assume that in case two entries share the same ip_addr but different
mask, then the match would be priorized to the entry with greatest
mask value, am I right? This is:
1) 1.2.3.0 / 24
2) 1.2.3.4 / 32
If the source IP is 1.2.3.4 then I expect permissions module to
retrieve the second entry (as it mask value is the greatest one of all
the entries matching the source IP).
Same could be done with the port: If two entries share the same
ip_addr and mask, then that with port != 0 would have priority. Does
it make sense?
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
i think that grp should also be included in the
unique key.
as well as port, but things get tricky, since port can be 0 that matched
all ports.
1:47 p.m.
New subject: 'address' table and composite UNIQUE key for 'ip_addr' and 'mask' columns
2010/4/15 Juha Heinanen <jh(a)tutpro.com>om>:
Iñaki Baz Castillo writes:
Humm, I don't think so. Forget now the "port" field (which should also
be considered for the composite key):
Imagine two entries with same "ip_addr" and "mask" but differnt
"grp".
This would be valid as you suggest, but it doesn't make sense as the
permissions module would get just the first entry and extract the
"grp" from it. This is, the composite key columns must be those used
by the search condition ("ip_addr", "mask" and "port").
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
Hi, 'ip_addr' and 'mask' columns
(in 'address' table) should be a
composite UNIQUE key as it doesn't make sense to have two entries
sharing both values (the module would always take the first one).
This would requiere a change in the DB schema. Opinions?
i think that grp should also be included in the unique key.
1:41 p.m.
New subject: 'address' table and composite UNIQUE key for 'ip_addr' and 'mask' columns
Iñaki Baz Castillo writes:
Imagine two entries with same "ip_addr" and
"mask" but differnt "grp".
This would be valid as you suggest, but it doesn't make sense as the
permissions module would get just the first entry and extract the
"grp" from it. This is, the composite key columns must be those used
by the search condition ("ip_addr", "mask" and "port").
which function of permissions module?
-- juha
1:56 p.m.
New subject: 'address' table and composite UNIQUE key for 'ip_addr' and 'mask' columns
2010/4/15 Juha Heinanen <jh(a)tutpro.com>om>:
Iñaki Baz Castillo writes:
allow_source_address_group()
--
Iñaki Baz Castillo
<ibc(a)aliax.net>
Imagine two entries with same "ip_addr"
and "mask" but differnt "grp".
This would be valid as you suggest, but it doesn't make sense as the
permissions module would get just the first entry and extract the
"grp" from it. This is, the composite key columns must be those used
by the search condition ("ip_addr", "mask" and "port").
which function of permissions module? 
2:44 p.m.
Iñaki Baz Castillo wrote:
Hi, 'ip_addr' and 'mask' columns (in
'address' table) should be a
composite UNIQUE key as it doesn't make sense to have two entries
sharing both values (the module would always take the first one).
This would requiere a change in the DB schema. Opinions?
Hello,
I have a few questions about the address table:
1. Does it support IPv6 addresses?
2. Along with quad-doted IPv4, there are also the plans to support other
IPv4 formats like octal or hexa for IP-addresses? For example
0102.0146.015.0143 <http://0102.0146.015.0143/>(one www.google.com's IP)
I am very new to permission module but maybe this cases need to be
handled also...
Marius
17 Apr
17 Apr
9:53 a.m.
marius zbihlei writes:
1. Does it support IPv6 addresses?
no, it does not.
2. Along with quad-doted IPv4, there are also the
plans to support other
IPv4 formats like octal or hexa for IP-addresses? For example
0102.0146.015.0143 <http://0102.0146.015.0143/>(one www.google.com's
IP)
there are no such plans.
I am very new to permission module but maybe this
cases need to be
handled also...
you can always add a feature request to the tracker. may be someone
show needs the above functionalities will implement them.
-- juha
5334
days inactive
5336
days old
9 comments
4 participants
participants (4)
-
Alex Balashov -
Iñaki Baz Castillo -
jh@tutpro.com -
marius zbihlei