-------- In message <cabovn9brpgpuoqxo3k1s7fkwqnt0hwhe5ez9nsfnpj0o14+...@mail.gmail.com> , Dridi Boukelmoune writes:
>I don't understand, the use cases I'm suggesting are as "unsafe" as >relying on ACLs with either client.ip or server.ip. With your suggestion, any traffic coming through a particular listen address would be trusted, even if that traffic does not have anything to do on that particular subnet. >You have the same problem if anything matching one of your ACLs >trusted address is compromised. There is a big difference between hijacking the IP of a server in use, which is likely to trigger alarms, and being able to attack using any IP going in through a particular interface. Neither is watertight, but I don't see "convenience" as a valid argument for increasing the sizes of the holes. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 [email protected] | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. _______________________________________________ varnish-dev mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-dev
