gsmaccess.5
上传用户:eo_sii
上传日期:2007-01-05
资源大小:91k
文件大小:2k
- .TH GSMACCESS 5 "Project SMSLink" "Les Ateliers du Heron" " -*- nroff -*-
- .SH NAME
- gsmaccess - SMSLink server access control list file
- .SH DESCRIPTION
- .B gsmaccess
- is an ASCII file which contains entries (rules) defining potential
- client's access rights to the server (in simple terms of allow / deny).
- Each rule will qualify as an "allow" or a "deny" rule, specifying the
- network number or individual IP address to which the rule apply and a
- subnet mask expressed as a single decimal digit.
- .PP
- There is one entry per line, and each line has the format:
- .sp
- .RS
- access:network/netmask
- .RE
- .sp
- Lines beginning with '#' are treated as comments and ignored. Empty
- lines are allowed and ignored. Invalid entries are silently ignored.
- .sp
- The field descriptions are:
- .sp
- .RS
- .TP 1.0in
- .I access
- a single character, either 'n'
- .RB "(=" deny ")"
- or 'y'
- .RB "(=" allow ")."
- The presence of this character is required. It is not case-sensitive.
- .TP
- .I network
- a network number or IP address expressed as a dotted quad.
- .TP
- .I netmask
- a subnet mask expressed as a single decimal value (representing the
- number of bits set in the mask). A mask of
- .B 32
- would mean that the preceeding dotted quad represented an individual
- IP address.
- .SH SECURITY POLICY
- If the file
- .B /etc/gsmaccess
- exists and can be read, the policy is to enable access control (even if the
- file is empty or doesn't contain any valid rule), and to deny access by
- default. All rules contained in the file are parsed in their successive
- order, and the first to match the client's IP address applies. When no
- match can be found, access is denied by default. To revert the policy to
- a "default allow", use only negative rules and set "y:0.0.0.0/0" as the
- last one.
- .PP
- When the file is absent, the access control is disabled altogether.
- .SH EXAMPLES
- .B y:0.0.0.0/0
- .br
- grants access to anyone.
- .PP
- .B y:192.1.1.0/24
- .br
- .B n:192.1.1.7/32
- .br
- grants access to anyone on the 192.1.1.0 subnet with mask 255.255.255.0
- but specifically denies access to the machine whose IP address is
- 192.1.1.7.
- .PP
- .B n:192.1.1.0/24
- .br
- .B n:192.1.2.0/24
- .br
- .B y:0.0.0.0/0
- .br
- closes access to a few networks and opens it to anything else.
- .SH FILES
- .B /etc/gsmaccess
- .SH SEE ALSO
- .BR sms_serv "(1), " sendsms "(1), " gsmdevices "(5)"