Hi all,
I want to enable pike module based on IP addresses. I mean ... I don't want to check if requests from some specific IP addresses trigged the Pike's threshold. but for all other IP addresses I want to check it. I was thinking about using some kind of IP addresses' whitelist. The userblacklist module has some whitelist but it's based on username/domain not IP addresses.
Can someone please give me some advice how to implement it properly. Is there any module that will allow me to do it properly?
Best Regards,
Miguel Baptista
Hello,
On 11/16/10 4:41 PM, Miguel Baptista wrote:
Hi all,
I want to enable pike module based on IP addresses. I mean ... I don't want to check if requests from some specific IP addresses trigged the Pike's threshold. but for all other IP addresses I want to check it. I was thinking about using some kind of IP addresses' whitelist. The userblacklist module has some whitelist but it's based on username/domain not IP addresses.
Can someone please give me some advice how to implement it properly. Is there any module that will allow me to do it properly?
you can use permissions module.
if(!allow_source_address("grouptoskip")) { # do the pike logic here }
If you have 1-2 addresses that do not change, you can use if(src_ip==ipaddress...). Default config file for 3.1.0 comes with such logic.
Cheers, Daniel
Hello,
Thanks Daniel for your help. The permissions module looks exactly what I was looking for. Right now I will have around 5 "fxed" IP addresses but in the near future I might have more than 20 trusted IP addresses. So, That's why I didn't want to use the if(src_ip==ipaddress...) logic :)
Cheers,
Miguel Baptista
Ps : see you on Monday in Berlin :)
On 17.11.2010 11:44, Daniel-Constantin Mierla wrote:
Hello,
On 11/16/10 4:41 PM, Miguel Baptista wrote:
Hi all,
I want to enable pike module based on IP addresses. I mean ... I don't want to check if requests from some specific IP addresses trigged the Pike's threshold. but for all other IP addresses I want to check it. I was thinking about using some kind of IP addresses' whitelist. The userblacklist module has some whitelist but it's based on username/domain not IP addresses.
Can someone please give me some advice how to implement it properly. Is there any module that will allow me to do it properly?
you can use permissions module.
if(!allow_source_address("grouptoskip")) { # do the pike logic here }
If you have 1-2 addresses that do not change, you can use if(src_ip==ipaddress...). Default config file for 3.1.0 comes with such logic.
Cheers, Daniel
Miguel Baptista writes:
I want to enable pike module based on IP addresses. I mean ... I don't want to check if requests from some specific IP addresses trigged the Pike's threshold. but for all other IP addresses I want to check it. I was thinking about using some kind of IP addresses' whitelist. The userblacklist module has some whitelist but it's based on username/domain not IP addresses.
Can someone please give me some advice how to implement it properly. Is there any module that will allow me to do it properly?
for example, you can use permission module allow_source_address() function (or something like that name) to check if the address is in the set you don't want to pike on.
-- juha
-
Daniel-Constantin Mierla -
Juha Heinanen -
Miguel Baptista