Unix network security
John F. Haugh II
jfh at rpp386.Dallas.TX.US
Sun Aug 20 03:14:25 AEST 1989
In article <35131 at wlbr.IMSD.CONTEL.COM> sms at WLV.IMSD.CONTEL.COM.UUCP (Steven M. Schultz) writes:
> How about inverting the meaning of ".netaccess"? By this i
> mean making it a list of hosts/addresses to be rejected. There
> have been times when it would be desireable to let connections
> from all systems except a list of bad/undesireables.
This could work both ways like netnews sys files are with newsgroups.
The '*' operator could function like an 'all' wildcard, with BANG
being used for negation. Paranoid, Inc. sites would go
*.paranoid.com
!*
and everyone else could go
!*.paranoid.com
*
;-)
The rule would be to run the .netaccess file until there is a match,
and permit or deny access based on the presence or lack of a '!'.
This implies that Paranoid, Inc. doesn't need the !* at the end
except to feel warm and cozy ;-)
--
John F. Haugh II +-Quote of the month club: ------------
VoiceNet: (512) 832-8832 Data: -8835 | "Chocolate Teddy Grahams are just
InterNet: jfh at rpp386.cactus.org | reincarnated Space Food Sticks."
UUCPNet: {texbell|bigtex}!rpp386!jfh +------------ -- Richard Sexton ---
More information about the Comp.unix.wizards
mailing list