24 Feb
2015
24 Feb
'15
1:05 a.m.
On Monday, February 23, 2015 09:53:08 AM Daniel-Constantin Mierla wrote:
trusted does string comparison for the address field,
it is not
considered an ip address.
You should use address table instead if you just need matching on any ip
address or subnet.
That's interesting. Is there a reason for the string comparison? Reading the
README, trusted and address functions look incredibly similar, except trusted
can match proto, and the address commands can match ports. What would be the
advantage or use case of using either trusted or address?
On 23/02/15 03:49, Sergey Okhapkin wrote:
> allow_trusted() function of permissions module doesn't work right with
> ipv6 addresses - it treats IP addresses as strings and doesn't take into
> account variations aaa:bbb::0 vs aaa:bbb:0:0:0:0:0:0.
--
Anthony - https://messinet.com/ - https://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E