AIUI, yes, since the absolute 1-arg on|off boolean syntax would be preserved. Those would be disallowed for other patterns (e.g. any IP-looking thing subsumes and precludes using the first pattern.) 'On' devolves to 0.0.0.0/32 (any match).
Just pointing out I'm still not convinced it's entirely fleshed out, but am certainly not going to object if others finish reviewing the patch and feature at whatever level of progress it's at. I wouldn't vote for it for 2.4.27 either, but that's simply our difference of opinion on creeping featurism; I won't stand in the way, but won't participate. Cheers, Bill On Thu, Jun 8, 2017 at 4:46 PM, Jim Jagielski <[email protected]> wrote: > Is expansion of the syntax something that could be folded in > for 2.4.27? > >> On Jun 8, 2017, at 2:51 PM, William A Rowe Jr <[email protected]> wrote: >> >> [Again, using all the words] >> >> On Thu, Jun 8, 2017 at 12:30 PM, Daniel Ruggeri <[email protected]> wrote: >>> Hi, all; >>> With the proposal to T&R set for Monday, I wanted to draw attention to the >>> PROXY protocol proposal in STATUS. Just hoping for a quick review. I know it >>> appears to be a large change, but as I worked through the feedback, ten of >>> the commits effectively got coded out. What we are left with is essentially >>> just the donated code + safety around IPv6 + the ability to designate >>> subnets that do not get PROXY processing. >> >> The one change I've been considering is to expand this syntax; >> >> RemoteIPProxyProtocol On|Off >> >> to >> >> RemoteIPProxyProtocol [On|Off|host|range [host|range]...] >> >> Rather than rely on RemoteIPProxyProtocolExceptions (which >> was a great addition, thank you), I like configuring systems >> with whitelists rather than blacklists, when available. Although >> it's nebulous which is the whitelist and which is the blacklist, >> in this case :) >
