On Fri, 9 Sep 2005, Matus UHLAR - fantomas wrote:
Hello,
I found out that if I deny users going to 255.255.255.255, it is the same as
if I denied going to unknown hostnames:
acl bogus dst 255.255.255.255
http_access deny bogus
I can confirm this from the sources. Why it is done like this I don't
know.
Is this wanted behaviour, a side effect of something (probably when
getnostname() returns -1) or a bug? Should I fill a bugreport?
It is explicitly done in the source so I can only assume there is some
intention behind it, but the source history gives no clues (added in acl.c
revision 1.25 1996/07/23).
But at least it is somewhat consistent:
IP matches uses 255.255.255.255 if no address could be found (dst,dstasn
acl)
host/domain matches uses "none" if no host name could be found
(dstdomain/srcdomain acls).
Regards
Henrik
