On Wednesday, June 17, 2015 09:49:57 AM Steve Dougherty wrote: > Any thoughts on removing (in 1469 or later - scope creep bad!) > fproxy.allowedHosts? Not to be confused with > fproxy.allowedHostsFullAccess, this is a list of IPs / netmasks outside > of which FProxy closes the connection immediately after accepting it. [0] > > Why does the functionality exist?
I would guess that its necessary for public gateway mode. Gateway users shouldn't have full access. It also might help people to share Freenet with their roommates on the LAN. > This seems like a confusing way to > poorly reimplement a firewall's job. Unlike fullAccessHosts which will > respond with a 403, the user gets no feedback. > > The motivation for this is twofold - if a feature is useless it should > probably be removed, and it cost jeffpc and I two hours to figure out > why FProxy was immediately closing connections when he had added 0.0.0.0 > intending it to mean all addresses. You don't need to remove the feature since the problem IMHO was not the existence of the feature but this: There was no error message. As you've noticed, the code to fix the lack of an error message already exists: allowedHostsFullAccess is able to deliver 403. So fix the other one to show 403 as well :) Greetings
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
