[Spread-users] spread deamon ip filtering?

Jonathan Stanton jonathan at spreadconcepts.com
Thu Nov 17 11:57:45 EST 2011

On Nov 17, 2011, at 11:44 AM, Matt Garman wrote:

> We're using spread 4.0.0 on Linux.  We'd like to be able to do
> IP-based filtering of clients.
>> From the sample.spread.conf file included in the spread source:
> #The current choices are:
> #   NULL for default, allow anyone authentication
> #   IP for IP based checks using the spread.access_ip file
> #RequiredAuthMethods = "   "
> #AllowedAuthMethods = "NULL"
> So it looks like I would put the following in my actual spread config file:
> RequiredAuthMethods = "IP"
> AllowedAuthMethods = "IP"
> But what about this "spread.access_ip" file---where does it live?  In
> the same directory as the config file?  Or the spread runtime
> directory?

It looks for the spread.access_ip file in the directory the spread daemon is running from first, and then it looks for it in /etc/spread.access_ip. 

> Also, what is the format of the file.  Do I have to list individual
> IPs, or can I specify subnets?  If can specify subnets, what is the
> format (e.g., vs

Yes, you can list subnets. 

There is a sample spread.access_ip file in the Spread documentation directory that shows all of the formats. I have included it at the bottom of this email also. 

> What if I have two spread daemons running on the same server, and both
> need different IP whitelists?
If you load the access_ip files from the running directory, you just have to make sure each spread has a different active directory. 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6220 bytes
Desc: not available
Url : http://lists.spread.org/pipermail/spread-users/attachments/20111117/e28316f2/attachment-0001.bin 

More information about the Spread-users mailing list