IPv6 hosts allow|deny

Dave Dykstra dwd at drdykstra.us
Mon Jan 13 14:14:00 EST 2003 

On Sun, Jan 12, 2003 at 11:51:07PM +0100, Bert Vermeulen wrote:
> On Fri, 10 Jan 2003, Bert Vermeulen wrote:
> 
> > On Thu, 9 Jan 2003, Dave Dykstra wrote:
> >
> > > I went ahead and submitted Hideaki's patch pretty much as is.  I took off
> > > the ifdef around the memset at the beginning of client_sockaddr() because
> > > I figured it wouldn't hurt to do anywhere.  Besides, it was checking
> > > for a specific operating system (__linux__) which we like to avoid and
> > > because there was a typo in the check for HAVE_SOCKADDR_IN6_SCOPE_ID
> > > (it was HAVE_SOCKADDR_IN6_SOCPE_ID).  I noticed that there was code in
> > > access.c that was accessing the same sockaddr_in6 sin6_scope_id field that
> > > was protected by ifdef in clientname.c so I put the same ifdef around
> > > the code in access.c.  I also updated the rsyncd.conf.yo documentation
> > > to allow for IP address of the IPv6 form.
> > >
> > > I have not tested this, I hope it works.
> >
> > Dave,
> >
> > Sorry for the late reply, been busy. I'm going to test with the committed
> > patch, and will let you know. I can only test on linux, however.
> 
> Well, it works great for me. It might be a good idea to include Hideaki's
> comments on this syntax in the docs:
> 
> > Note that scope-id is also supported:
> >  - fe80::1%eth0
> >  - fe80::%eth0/64
> >  - fe80::%eth0/ffff:ffff:ffff:ffff::
> 
> The example is significant -- this restricts access to the local subnet
> only.


I don't understand enough how that syntax works in order to be able
to write an explanation for people.  Could you please try to write
something up based on the current version checked in to CVS?

I am totally mystified by Hideaki's examples.  I didn't think colons were
allowed, and I don't see any code in access.c for recognizing them.  As far
as I can tell the code only allows decimal notation, not hexadecimal.  And
do the blank fields mean anything?

For the record, here are the rest of Hideaki's examples:
> >  - 3ffe:ffff:dead:beef::1
> >  - 3ffe:ffff:dead:beef::/64
> >  - 3ffe:ffff:dead:beef::/ffff:ffff:ffff:ffff::
> > or even
> >  - ::0123:4567:89ab:cdef/::ffff:ffff:ffff:ffff

- Dave Dykstra

More information about the rsync mailing list