[SR-Users] permissions.allow in conjunction with trusted table
Ben Hood
0x6e6562 at gmail.com
Mon Mar 5 10:42:09 CET 2018
Hi,
I'd like to trust HTTP requests from internal subnets and use the
trusted table to manage permissions from external networks.
Is there a way to configure permissions.allow to trust everything on a
local subnet and use the DB table for everything else? Does the
permissions module even work in that way (i.e. to use two sources of
trust)?
If so, what is the permissions.allow syntax to trust a CIDR?
Or is it better to split the trust up based on listening ports (i.e.
define the route blocks so that requests to the port listening for
internal traffic is not subject to the trusted table)?
I guess I could also add the trusted internal subnet to the trusted
table, but this would be mixing application level stuff with devops
stuff.
TIA,
Ben
More information about the sr-users
mailing list