On Wed, Nov 06, 2002 at 05:55:48AM -0500, harik at chaos.ao.net wrote: > On Thu, 31 Oct 2002, Matthew Toseland wrote: > > > On Fri, Nov 01, 2002 at 12:17:42AM +0100, Anonymous wrote: > > > Good point. So far this has only been implemented in startup (stop > > people running perm nodes with invalid IP addresses), I am not (yet) > > rejecting bad addresses from the routing table. > > It would be reasonable to make an Access Control List Um, it would be total overkill. You want it, implement it and we'll consider putting it in though. > > (Class/object/something) and re-use it for things like bad-refrences, > who to bandwidth limit and who's allowed to access what port (or servlet > inside fproxy) > > If you give it the ability to handle domain names (localhost, *.nsa.gov) > and CIDR netblocks (127.0.0.1, 192.168.0.0/16, 10.0.0.0/8) it'd handle > everything we're trying to do right now. > > Setting > > BadRefrences=127/8,localhost,192.168/16,10/8,*.fr > FCPAllow=127.0.0.1 > FProxyAllow=127.0.0.1 > > as the default should handle what we want, while still allowing people > to override it for test-networks. > > --Dan >
-- Matthew Toseland toad at amphibian.dyndns.org amphibian at users.sourceforge.net Freenet/Coldstore open source hacker. Employed full time by Freenet Project Inc. from 11/9/02 to 11/11/02. http://freenetproject.org/ -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20021106/cd70c2a3/attachment.pgp>
