On Thu, 31 Oct 2002, Matthew Toseland wrote: > On Fri, Nov 01, 2002 at 12:17:42AM +0100, Anonymous wrote:
> Good point. So far this has only been implemented in startup (stop > people running perm nodes with invalid IP addresses), I am not (yet) > rejecting bad addresses from the routing table. It would be reasonable to make an Access Control List (Class/object/something) and re-use it for things like bad-refrences, who to bandwidth limit and who's allowed to access what port (or servlet inside fproxy) If you give it the ability to handle domain names (localhost, *.nsa.gov) and CIDR netblocks (127.0.0.1, 192.168.0.0/16, 10.0.0.0/8) it'd handle everything we're trying to do right now. Setting BadRefrences=127/8,localhost,192.168/16,10/8,*.fr FCPAllow=127.0.0.1 FProxyAllow=127.0.0.1 as the default should handle what we want, while still allowing people to override it for test-networks. --Dan -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 155 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20021106/a72021c3/attachment.pgp>
