Subj : Re: Another change
To   : Nicholas Boel
From : Jay Harris
Date : Sun Mar 17 2024 17:29:56

On 17 Mar 2024, Nicholas Boel said the following...

 NB>  JH> What would I put in smapinntpd.allow if I wanted to restrict access t
 NB>  JH> single IPv4 address?
 NB> 
 NB> I would assume the exact IPv4 address you want to allow (if it is
 NB> outside your LAN).

I'm not sure if I'm explaining this very well.  This is exactly what I was doing with the pre-IPv6 patched version & it seemed to work.

In this latest version the only thing that seems to work is *.

$ cat smapinntpd.allow
[cut commented lines]
127.0.0.1
173.32.178.232

$ telnet localhost 5000
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
502 Access denied.
Connection closed by foreign host.


From my laptop:
C:\Users\Jay>telnet 170.75.168.188 5000
502 Access denied.

Connection to host lost.


From smapinntpd.log:
17-Mar-24 17:12:30 (::ffff:127.0.0.1:57298) Connection established to
localhost
17-Mar-24 17:12:30 (::ffff:127.0.0.1:57298) Access denied (not in allow list)
17-Mar-24 17:13:11 (::ffff:173.32.178.232:61225) Connection established to cpe1056117c4a5b-cm1056117c4a59.cpe.net.cable.rogers.com
17-Mar-24 17:13:11 (::ffff:173.32.178.232:61225) Access denied (not in allow list)


For now I'll stick with just a single * on its own line.


Jay

.... The only splits I can do are of the banana variety

--- Mystic BBS v1.12 A49 2023/04/30 (Linux/64)
 * Origin: Northern Realms (1:229/664)

.