[OOPS] ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ acl

Roman Y. Bogdanov Wed, 17 Mar 2004 20:01:11 -0800

  Пользую упс уже пару лет.


  Задача:

  Есть сетка 192.168.201/24

  Завожу ACL для тех кому ходить не нужно.

  192.168.201.20
  192.168.201.23
  192.168.201.25
  192.168.201.200

  Далее.
  
acl     BADUSERS        src_ip          include:/usr/local/etc/oops/acl_bad_users
acl     LOCALDST        dst_ip          192.168.201/24  

group   work      {

        networks        192.168.201.0/24 127.0.0.1/32;
        networks_acl    LOCAL_DST !BADUSERS ;
        badports        [0:79],110,138,139,513,[6000:6010] ;
        miss            allow;
        redir_mods      transparent redir;

        http {          allow   dstdomain  * ; }
}

  Пускает всех, кто в ACL.

  Что не так?

# oops -V
oops version 1.5.22f1

CC=cc

CFLAGS=-O -pipe -march=pentiumpro -pthread -D_REENTRANT -DFREEBSD -D_THREAD_SAFE 
-DFD_SETSIZE=2048 -
I. -DWITH_LARGE_FILES

LIBS=-lc_r -lfl -lpam  -lcrypt  

-- 
Roman Y. Bogdanov                     /"\  ASCII RIBBON Campaign
http://www.brj.pp.ru/                 \ /  NO HTML/PDF/RTF in e-mail
+ 7 3912 541843 [work, office]         X   NO MSWord docs in e-mail
+ 7 3912 505653 [personal, mobile]    / \  NO attachments in e-mail

=====================================================================
If you would like to unsubscribe from this list send message to
[EMAIL PROTECTED] with "unsubscribe oops" in message body.
Archive is accessible on http://lists.paco.net/oops-rus/

[OOPS] ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ ï¿½ï¿½ï¿½ acl

Дати відповідь електронним листом