Re: IPv6 support

Mon, 04 Sep 2006 09:47:26 -0700 

On Tuesday 22 August 2006 12:56, Mike Williams wrote:
> I'm not fully convinced check_relay is good enough.
> It appears to work fine. However I guess IPv6 addresses could come in in
> either upper or lower case.

I was right, it wasn't good enough.

2001:618:400:fedf:20f:3dff:feae:74c1 would pass
2001:618:400:fedf:20f::100 would not

Now it's fairly horrible, so I'm going to send a fundamentally different 
check_relay in a bit.

> I use forkserver, so that's what I modified.
> IPv6 address must be specified within [].
> It can listen on both v6 and v4 address, at the same time.

Notes added to say that.

$ svn diff ./plugins/check_relay ./qpsmtpd-forkserver
Index: plugins/check_relay
===================================================================
--- plugins/check_relay (revision 658)
+++ plugins/check_relay (working copy)
@@ -11,6 +11,8 @@
   my $more_relay_clients = $self->qp->config("morerelayclients", "map");
   my %relay_clients = map { $_ => 1 } @relay_clients;
   my $client_ip = $self->qp->connection->remote_ip;
+  $client_ip =~ s/::/:/;
+
   while ($client_ip) {
     if (exists($ENV{RELAYCLIENT}) or
         exists($relay_clients{$client_ip}) or
@@ -19,7 +21,7 @@
       $connection->relay_client(1);
       last;
     }
-    $client_ip =~ s/(\d|\w|::)+(:|\.)?$//; # strip off another 8 bits
+    $client_ip =~ s/(\d|\w)+(:|\.)?$//; # strip off another 8 bits
   }

   return (DECLINED);
Index: qpsmtpd-forkserver
===================================================================
--- qpsmtpd-forkserver  (revision 658)
+++ qpsmtpd-forkserver  (working copy)
@@ -36,8 +36,10 @@
         print <<"EOT";
 usage: qpsmtpd-forkserver [ options ]
  -l, --listen-address addr : listen on specific address(es); can be specified
-                             multiple times for multiple bindings.  Default 
is
-                            0.0.0.0 (all interfaces).
+                             multiple times for multiple bindings. IPv6
+                             addresses must be inside square brackets [], and
+                             don't need to be zero padded.
+                             Default is [::] (if has_ipv6) or 0.0.0.0 (if 
not)
  -p, --port P              : listen on a specific port; default 2525; can be
                              specified multiple times for multiple bindings.
  -c, --limit-connections N : limit concurrent connections to N; default 15

-- 
Mike Williams

Reply via email to