Received: with ECARTIS (v1.0.0; list gopher); Tue, 25 Jan 2005 10:45:09 -0600 (CST) Received: from gatekeeper.excelhustler.com ([68.99.114.105] helo=gatekeeper.elmer.external.excelhustler.com) by glockenspiel.complete.org with esmtp (with TLS-1.0:DHE_RSA_3DES_EDE_CBC_SHA:24) (TLS peer CN gatekeeper.elmer.external.excelhustler.com, certificate NOT verified) (Exim 4.34) id 1CtToP-00077C-5n; Tue, 25 Jan 2005 10:45:07 -0600 Received: from chatterbox.elmer.internal.excelhustler.com (unknown [192.168.0.12]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (Client CN "chatterbox.elmer.internal.excelhustler.com", Issuer "excelhustler.com" (not verified)) by gatekeeper.elmer.external.excelhustler.com (Postfix) with ESMTP id 921E91021E3; Tue, 25 Jan 2005 10:44:58 -0600 (CST) Received: from localhost (localhost [127.0.0.1]) by chatterbox.elmer.internal.excelhustler.com (Postfix) with ESMTP id 65D451024C2; Tue, 25 Jan 2005 10:44:58 -0600 (CST) Received: from chatterbox.elmer.internal.excelhustler.com ([192.168.0.12]) by localhost (chatterbox [192.168.0.12]) (amavisd-new, port 10025) with ESMTP id 23388-01; Tue, 25 Jan 2005 10:44:56 -0600 (CST) Received: from wile.internal.excelhustler.com (wile.internal.excelhustler.com [192.168.1.34]) by chatterbox.elmer.internal.excelhustler.com (Postfix) with ESMTP id D9F6DEE0F0; Tue, 25 Jan 2005 10:44:33 -0600 (CST) Received: by wile.internal.excelhustler.com (Postfix, from userid 1000) id D3E9F4E036; Tue, 25 Jan 2005 10:44:33 -0600 (CST) Date: Tue, 25 Jan 2005 10:44:33 -0600 From: John Goerzen To: gopher@complete.org Subject: [gopher] Re: Access Control for PYGopherd Message-ID: <20050125164433.GA25243@excelhustler.com> References: <41f1b949.YFEnqpZqe2mIe5l9%beaker@freeshell.org> <41f665db.1PeT8gwxJFKKuUJ9%beaker@freeshell.org> Mime-Version: 1.0 Content-type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41f665db.1PeT8gwxJFKKuUJ9%beaker@freeshell.org> User-Agent: Mutt/1.5.6+20040907i X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at excelhustler.com X-Spam-Status: No (score 0.0) X-Virus-Scanned: by Exiscan on glockenspiel.complete.org at Tue, 25 Jan 2005 10:45:07 -0600 Content-Transfer-Encoding: 8bit X-archive-position: 1012 X-ecartis-version: Ecartis v1.0.0 Sender: gopher-bounce@complete.org Errors-to: gopher-bounce@complete.org X-original-sender: jgoerzen@complete.org Precedence: bulk Reply-to: gopher@complete.org List-help: List-unsubscribe: List-software: Ecartis version 1.0.0 List-Id: Gopher X-List-ID: Gopher List-subscribe: List-owner: List-post: List-archive: X-list: gopher On Tue, Jan 25, 2005 at 07:29:31AM -0800, Jeff_W wrote: > > appear to be the built-in access controls found in the UMN Gopherd > > (not that I ever tried those, but I did notice they were there). > > Is there a relatively easy way to "wrap" PYGopherd so I can control > > via TCP Wrappers or do I need to look at firewall stuff like IP > > Filter, etc. ? > > Hum - is no one else concerned about host access control (for > pygopherd), or is there just no way to do it outside of a firewall? Sorry, your message fell behind the quantum mailbox time threshold and I didn't get to it yet :-) Anyway, PyGopherd doesn't presently have these features built-in. It wouldn't be hard to add them, but you can achieve the same functionality with Linux ipchains support. Also, if your machine has two or more network intefaces, you can bind to only one, meaning that pygopherd will only receive and answer requests that come in from that network card. See the "interface" option in pygopherd.conf. -- John