On Fri, Jan 17, 2025 at 10:42:22AM +0100, [email protected] wrote: >>> Unfortunately I can't find any hints what "0.0.0.0%0.0.0.0" means. Can >>> anyone explain that? >> >> It's documented in the slapd.access(5) man page, in the section about >> "peername". > > Thanks for the reply Quanah. Unfortunately I still don't get it. From > the section in the man page I removed the parts about domains, sockets > and IPv6 to make it easier to read which leaves me with this: > >> From this edited man-page excerpt I can easily determine that >> peername.ip=10.10.0.0%255.255.0.0 would allow access for any hosts in >> the 10.10.0.0/16 IP-range. The subnet mask part in my case is also >> clear. However I still don't know what exact meaning the IP part >> 0.0.0.0 has. > > Anyone willing to elaborate? Am I correct in assuming > peername.ip=0.0.0.0%0.0.0.0 allows access to any IP?
Hi Cyril, presumably you have both IPv4 and IPv6 (or UNIX socket) clients and this attempts to differentiate between the classes/address families? Regards, -- Ondřej Kuzník Senior Software Engineer Symas Corporation http://www.symas.com Packaged, certified, and supported LDAP solutions powered by OpenLDAP
