Feature request: exclude IP/network in allow_nets extra field
A. Schulze
sca at andreasschulze.de
Wed May 1 10:36:54 EEST 2019
Am 30.04.19 um 03:56 schrieb Zhang Huangbin via dovecot:
> Dear all,
>
> We use `allow_nets`[1] to restrict login clients, it works fine.
> Recently we need to allow some users to login from everywhere except some IP/networks, how can we accomplish this with "allow_nets"?
>
> Tried allow_nets="!a.b.c.d", but Dovecot reports error "allow_nets: Invalid network '!a.b.c.d'".
>
> Can we have this feature?
>
> i guess it should be done in function "auth_request_validate_networks"[2] in file src/auth/auth-request.c.
I had a similar problem years ago. Usually on set defaults in a configuration and overwrite per userdb entry
In my case the userdb was a ldap backend. I liked to limit specific users via allow_nets and deny all other.
So I wrote a simple patch for src/auth/auth-request.c to set defaults in case my ldap userdb do not return any overwriting.
Patch attached...
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: allow_nets_defaults.patch
Type: text/x-patch
Size: 923 bytes
Desc: not available
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190501/10e1c07d/attachment.bin>
More information about the dovecot
mailing list