* Joshua Slive <jslive@xxxxxxxxx> [0737 18:37]:
> On 7/25/05, Dick Davies <rasputnik@xxxxxxxxxxxxxxxxx> wrote:
> > but since we're just matching a string (REMOTE_ADDR) with no network information
> > it isn't going to cut it for the last two sites.
> >
> > Am I really going to have to have one line for each possible starting string
> > for each of the last two subnets?
> Well, you will need to build a regex that does the matches. But you
> won't need one for every starting string. You can use stuff like
> RewriteCond %{REMOTE_ADDR} !^10\.0\.11[2-9]\.*
> RewriteCond %{REMOTE_ADDR} !^10\.0\.12[0-7]\.*
> which I believe should get the intention of your first line. (Note
> also the correct regex escaping of the '.'.)
Thanks Joshua, just needed some confirmation I wasn't missing anything obvious
(the escaping in my post was adhoc, was'nt sure if mod_rewrite needs .*
or * to match 'anything').
The technique below is interesting too, thanks for the idea.
> Alternative techniques include using a RewriteMap to list all the
> address (at least down to the /24 level), or going back to mod_access.
> For example, you could do something like
> Order Allow,Deny
> Allow from 10.0.112.0/20
> Allow from 10.19.64.0/22
> ErrorDocument 403 https://server.domain
> (That doesn't necessarily get you to the right exact page. For that,
> you'd need to
> point your ErrorDocument at a CGI script to do the redirection.)
--
'That question was less stupid, though you asked it in a profoundly stupid way.'
-- Prof. Farnsworth
Rasputin :: Jack of All Trades - Master of Nuns
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|