CUPS
Joshua M. Miller
joshua at itsecureadmin.com
Wed Aug 22 14:59:48 UTC 2007
Hi Mark,
I think you should recalculate your subnets. When you use something
like the following:
192.168.0.1/255.255.255.0
This takes every access attempt, let's use the source IP of 192.168.0.2
for an example, and performs a logical AND with the netmask to determine
whether or not access should be allowed, and compares that to the
network definition of the Allow line in your config.
192.168.0.2 ANDed with 255.255.255.0 = 192.168.0.0
..so this does not match! The network in your allow line is 192.168.0.1.
On the other hand, if you change your allow line to the following:
Allow 192.168.0.0/255.255.255.0
..and perform the same calculation:
192.168.0.2 ANDed with 255.255.255.0 = 192.168.0.0
..you would be granted access.
HTH,
--
Joshua M. Miller - RHCE,VCP
mark wrote:
> AuthClass Group
> Authtype BasicDigest
> AuthClass Group
> Allow from 127.0.0.1
> Allow from 192.168.0.1/255.255.255.0
More information about the redhat-list
mailing list