> On Fri, 9 Sep 2005, Matus UHLAR - fantomas wrote: > >I found out that if I deny users going to 255.255.255.255, it is the same > >as if I denied going to unknown hostnames: > > > >acl bogus dst 255.255.255.255 > >http_access deny bogus On 11.09 06:01, Henrik Nordstrom wrote: > I can confirm this from the sources. Why it is done like this I don't > know. > >Is this wanted behaviour, a side effect of something (probably when > >getnostname() returns -1) or a bug? Should I fill a bugreport? > > It is explicitly done in the source so I can only assume there is some > intention behind it, but the source history gives no clues (added in acl.c > revision 1.25 1996/07/23). > > But at least it is somewhat consistent: > > IP matches uses 255.255.255.255 if no address could be found (dst,dstasn > acl) however, currently I'm not able to differ if someone entered an this IP (or hostname pointing to this IP) or an invalid hostname, and give people different error messages. I probably could make an exemption in denying 240.0.0.0/4 or allow accessing 255.255.255.255, but I found this sick... -- Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Christian Science Programming: "Let God Debug It!".
