[Olsr-users] Active copy of the Links/Routing table
John Hay
(spam-protected)
Thu Nov 15 13:41:53 CET 2007
On Thu, Nov 15, 2007 at 12:59:28PM +0100, Bernd Petrovitsch wrote:
> Sorry, I forgot one thing:
>
> On Don, 2007-11-15 at 12:43 +0100, Bernd Petrovitsch wrote:
> > On Don, 2007-11-15 at 10:43 +0100, Aaron Kaplan wrote:
> > > On Nov 15, 2007, at 10:22 AM, Bernd Petrovitsch wrote:
> > >
> > > > And while I'm at it: Basically the above can also be solved
> > > > via /etc/hosts.{allow,deny} using libtcpwrap (oder whatever it is
> > > > really
> > > > called) avoiding the n+1 (inconsistent) implementation of "which IP
> > > > address is allowed to connect" problem.
> > > > Can we assume that it exists everywhere?
> > >
> > > nope, embedded busybox devices?
> >
> > Well, it would get a compile time define anyway.
> And it's not necessary to throw the current implementations out. While
> I'm a big fan of "one problem, one solution" I can live with "legacy
> code" and have some (possibly years long) migration phases.
The code in the http plugin seems to be more comprehensive than the
others that I have looked at. Maybe one should IPv6ify that and make if
somehow available for the other plugins to use?
> > Add the tcp_wrappers lib to the firmware image if you need the
> > filtering. Chances are that it's already there[0] (inetd, xinetd, ssh
> > use it IIRC and there are other daemons and programs too).
> > ---- snip ----
> > {4}ls -alsL /usr/lib/libwrap.so.0
> > 36 -rwxr-xr-x 1 root root 32856 Apr 18 2007 /usr/lib/libwrap.so.0*
> > ---- snip ----
> > On i686 it is not that large.
> > And one can always link statically against it (but if you have more
> > plugins, you get the code more often - heck, that's one of the reason
> > for shared libs).
FreeBSD ship standard with libwrap, so that is also a reasonable solution.
John
--
John Hay -- (spam-protected) / (spam-protected)
More information about the Olsr-users
mailing list