[tac_plus] Re: ACL

Schmidt, Daniel dan.schmidt at uplinkdata.com
Tue Jun 16 18:05:49 UTC 2009


Possibly could be done with authorization scripts, but I'm a little
unclear as your definition of host.  Is the device the host or are you
the host?  Don't san.rr.com and dc.rr.com resolve to different ranges
that you could key on?

-----Original Message-----
From: tac_plus-bounces at shrubbery.net
[mailto:tac_plus-bounces at shrubbery.net] On Behalf Of john heasley
Sent: Monday, June 15, 2009 11:50 PM
To: Michael M.
Cc: tac_plus at shrubbery.net
Subject: [tac_plus] Re: ACL

Mon, Jun 15, 2009 at 09:11:56PM -0700, Michael M.:
> Hello,
> I have a working configuration that I need to add ACL by host names.
In the release F4.0.4.18 is that possible to use permit or deny based
upon then ending portion of a host name?  Example I connect from
different locations from one ISP that has a common PTR of san.rr.com or
dc.rr.com. What do I need to add to my config to have it resolve IPs and
verify the host name in the allow?

it'd have to be coded, which I never added because I didnt want to have
timeouts due to resolver problems.
_______________________________________________
tac_plus mailing list
tac_plus at shrubbery.net
http://www.shrubbery.net/mailman/listinfo.cgi/tac_plus


More information about the tac_plus mailing list