I have three files of init.tcl in which one I have to add that information
[rsscmpc1]/opt-mpc/AOLServer
# find . -name init.tcl
./aolserver3_3_1/modules/tcl/init.tcl
./aolserver3_3_1/modules/tcl/nsperm/init.tcl
./aolserver3_3_1/lib/tcl8.3/init.tcl
BR,
Joaquin
-----Original Message-----
From: Nathan Folkman [mailto:Shmooved@;AOL.COM]
Sent: Thursday, October 24, 2002 3:52 PM
To: [EMAIL PROTECTED]
Subject: Re: [AOLSERVER] AOLServer 2.3 could be configured to restrict
the acc ess to his service.
In a message dated 10/24/02 9:31:17 AM,
[EMAIL PROTECTED] writes:
> Hi Again,
>
> Can somebody help me with this issue?
>
> the AOLServer 2.3 or + could be configured to restrict the access to his
> service.
> I mean, to allow access to one Server only to some hosts (restriction by
> IP).
>
> Could this be possible?
>
> Joaquin
>
If what you are trying to do is restrict inbound requests, and only allow
certain IP addresses, then one solution could be to use a registered filter
to check the IP address of the request. I'd recommend upgrading to the 3.x
series if possible. If you can't, then you'd need to use ns_share in place of
the nsv's in the example below. Not sure what level of security you are
looking for, but be aware that the IP address could be spoofed. Anyway,
here's one possible solution:
init.tcl:
nsv_set ip 10.0.0.1 1
nsv_set ip 10.0.0.2 1
proc ipFilter {why} {
set ip [ns_conn peeraddr]
if {[nsv_exists ip $ip]} {
return "filter_ok"
} else {
ns_return 200 text/html "Access denied for IP address: $ip"
return "filter_return"
}
}
ns_register_filter postauth GET /* ipFilter
Nice thing about this is that you could add/remove/modify the IP addresses in
the control port of the running server. Depending on your requirements, you
could alternate perform your check as follows:
if {[string match "10.0.0.*" $ip]} {
Hope this helps.
- n
