[SR-Users] allow_trusted and ipv6 addresses
Anthony Messina
amessina at messinet.com
Tue Feb 24 00:05:34 CET 2015
On Monday, February 23, 2015 09:53:08 AM Daniel-Constantin Mierla wrote:
> trusted does string comparison for the address field, it is not
> considered an ip address.
>
> You should use address table instead if you just need matching on any ip
> address or subnet.
That's interesting. Is there a reason for the string comparison? Reading the
README, trusted and address functions look incredibly similar, except trusted
can match proto, and the address commands can match ports. What would be the
advantage or use case of using either trusted or address?
>
> On 23/02/15 03:49, Sergey Okhapkin wrote:
> > allow_trusted() function of permissions module doesn't work right with
> > ipv6 addresses - it treats IP addresses as strings and doesn't take into
> > account variations aaa:bbb::0 vs aaa:bbb:0:0:0:0:0:0.
--
Anthony - https://messinet.com/ - https://messinet.com/~amessina/gallery
8F89 5E72 8DF0 BCF0 10BE 9967 92DC 35DC B001 4A4E
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20150223/3168a23a/attachment.sig>
More information about the sr-users
mailing list