search for: local_ip

Hello. I have eth1 for WAN(0.0.0.0) and eth0 for LAN (192.168.10.0/24), need to setup that local user get access to $LOCAL_IP network and ip 192.168.10.2, 192.168.10.3 (will be more in future) to internet, but bandwidth to $LOCAL_IP is 128kbps and for internet is 8kbps. i wrote rc.firewall #!/bin/bash #env IPTABLES="/usr/sbin/iptables" LOCAL_IP="62.64.80.0/21 62.221.38.0/24 ........................" #...

...uccessful While it does say it is successful, I can tell you the phone does NOT reboot. line 97 looks like this: $call_id = $tm . "msgto$sip_to"; It's part of this sub routine: sub reboot_sip_phone { # Send the phone a check-sync to reboot it $phone_ip = shift; $local_ip = shift; $sip_to = shift; $sip_from = "asterisk"; $tm = time(); $call_id = $tm . "msgto$sip_to"; $httptime = `date -R`; $MESG = "NOTIFY sip:$sip_to\@$phone_ip:5060 SIP/2.0 Via: SIP/2.0/UDP $local_ip From: <sip:$sip_from\@$local_ip>...

...y, but then you start wondering how to handle e.g.: 1) User logs in to imap from 192.168.0.1. What is foo's value? protocol imap { remote_ip 192.168.0.0/16 { foo = foo } } remote_ip 192.168.0.0/24 { foo = bar } 2) User logs in from 192.168.0.1 to 10.1.2.3. What is foo's value? local_ip 192.168.0.1 { remote_ip 10.1.2.0/24 { foo = foo } } remote_ip 10.1.2.3 { local_ip 192.168.0.0/24 { foo = bar } } Any thoughts? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Thi...

...utime( $now, $now, $file ) > || open( TMP, ">>$file" ) > || die ("$0: Couldn't touch file: $!\n"); > } > } > > sub reboot_sip_phone { # Send the phone a check-sync to reboot it > $phone_ip = shift; > > $local_ip = shift; > $sip_to = shift; > $sip_from = "0"; > $tm = time(); > $call_id = $tm . "msgto$sip_to"; > $httptime = `date -R`; > $MESG = "NOTIFY sip:$sip_to\@$phone_ip:5060 SIP/2.0 > Via: SIP/2.0/UDP $local_ip > From:...

...cal (*TMP); foreach my $file (@_) { utime( $now, $now, $file ) || open( TMP, ">>$file" ) || die ("$0: Couldn't touch file: $!\n"); } } sub reboot_sip_phone { # Send the phone a check-sync to reboot it $phone_ip = shift; $local_ip = shift; $sip_to = shift; $sip_from = "0"; $tm = time(); $call_id = $tm . "msgto$sip_to"; $httptime = `date -R`; $MESG = "NOTIFY sip:$sip_to\@$phone_ip:5060 SIP/2.0 Via: SIP/2.0/UDP $local_ip From: <sip:$sip_from\@$local_ip> To: &l...

...RAP + strlcat(daemon, login_protocol, sizeof(daemon)); + request_init(&req, RQ_DAEMON, daemon, RQ_FILE, fd, NULL); + fromhost(&req); + if (!hosts_access(&req)) { + i_info("libwrap: access denied"); + net_disconnect(fd); + return; + } +#endif + if (net_getsockname(fd, &local_ip, &local_port) < 0) { memset(&local_ip, 0, sizeof(local_ip)); local_port = 0; @@ -99,6 +121,10 @@ struct client *client; struct ssl_proxy *proxy; int fd, fd_ssl; +#ifdef LIBWRAP + struct request_info req; + char daemon[17] = "dovecot-"; +#endif fd = net_accept(LO...

...27.0.0.1 # snap ############################### and use this group in a global ACL file. I discovered this only works on first NOT-cached login environment in imap-postlogin script on first login: AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c MASTER_USER=master at uma SPUSER=private/pdf LOCAL_IP=127.0.0.1 USER=pdf AUTH_USER=master at uma PWD=/var/run/dovecot USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER SHLVL=1 HOME=/var/data/vmail/private/pdf ACL_GROUPS=umareadmaster IP=127.0.0.1 _=/usr/bin/env on the second cached login it looks like this AUTH_TOKEN=12703b11932f...

...-------------------------- cut here ------------------------------- #!/usr/bin/perl use Socket; # USAGE register { local IP address, Extension number, SIP contact address } register("1.2.3.4", "99999", "John Doe <sip:jdoe\@foo.bar.net>"); sub register { $local_ip = shift; $ext_number = shift; $contact = shift; $proxy_ip = "123.123.123.123"; $tm = time(); $seq = $tm % 65536; $MESG="REGISTER sip:sipdomain.company.com SIP/2.0 Via: SIP/2.0/UDP $local_ip:5060 From: <sip:$ext_number\@sipdomain.company.com> To: <si...

any way the you can get * to send a NOTIFY SIP message to all SIP phones? to have the SIP sets recheck thier configs etc?? Like this? NOTIFY sip:sip@192.168.0.3:5060 SIP/2.0 Via: SIP/2.0/UDP ipaddress:5060;branch=1 Via: SIP/2.0/UDP ipaddress From: <sip:webadim@192.168.0.1> To: <sip:sip@192.168.0.3> Event: check-sync Date: Mon, 10 Jul 2000 16:28:53 -0700 Call-ID: test@192.168.0.1

Hello there, I have been trying to make the patch work for libwrap(TCP Wrappers) posted on http://dovecot.org/patches <http://dovecot.org/patches%20Patch%20of%201.1> Patch of 1.1 but could not get it work. Any help will be highly appreciated. After compiling and running it I get error "Error: login_tcp_wrappers can't be used because Dovecot wasn't built with

...> I discovered this only works on first NOT-cached login >> >> >> >> environment in imap-postlogin script on first login: >> >> >> AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c >> MASTER_USER=master at uma >> SPUSER=private/pdf >> LOCAL_IP=127.0.0.1 >> USER=pdf >> AUTH_USER=master at uma >> PWD=/var/run/dovecot >> USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER >> SHLVL=1 >> HOME=/var/data/vmail/private/pdf >> ACL_GROUPS=umareadmaster >> IP=127.0.0.1 >> _=/usr/...

.../client.c.orig 2008-01-05 00:44:14.000000000 -0500 +++ dovecot-1.0.10/src/pop3-login/client.c 2008-01-05 00:44:30.000000000 -0500 @@ -331,7 +331,7 @@ client->created = ioloop_time; client->refcount = 1; client->common.tls = ssl; - client->common.secured = ssl || net_ip_compare(ip, local_ip); + client->common.secured = ssl; client->common.local_ip = *local_ip; client->common.ip = *ip; --- but still not able to make it not accept AUTH PLAIN authentication from the same ip. I'm missing something? On the other hand, if I set disable_plaintext_auth to yes I cannot use...

...; + const char *addr, *local_addr; if (max_logging_users > CLIENT_DESTROY_OLDEST_COUNT && hash_size(clients) >= max_logging_users) { @@ -429,8 +429,10 @@ client->common.tls = ssl; addr = net_ip2addr(ip); + local_addr = net_ip2addr(local_ip); client->common.secured = ssl || (IPADDR_IS_V4(ip) && strncmp(addr, "127.", 4) == 0) || + (IPADDR_IS_V4(ip) && strncmp(addr, local_addr, strlen(local_addr)) == 0) || (IPADDR_IS_V6(ip) && (strcmp(addr, "...

...sts - neat. Upon inspection of the processes' environment I'm pleased to see that there's a load of useful information in there. However, one essential component in my case is the destination network address, which is missing. I added it with the attached patch, exposed as 'LOCAL_IP'. Works for me. Is this something that would be useful to anyone else? -Mike -------------- next part -------------- A non-text attachment was scrubbed... Name: dovecot-1.1.4-local.ip.patch Type: application/octet-stream Size: 448 bytes Desc: not available URL: <http://dovecot.org/pipe...

Hi I wonder if the information about the origin of report or allow can be accessed somehow. lt.remote gives the IP of the client trying to login but is there anything in lt which gives the ip of the system that connects to wforced? Thanks and have a good one -- tobi

Hi Neil thanks for the hint with the dovecot config, adding this and I can see that > ... attrs={local_ip="XX.XX.XX.XX"} ... is now logged by wforce daemon. Then I tried to access that value from wforce with the following testcode > if (#lt.attrs > 0) > then > return 7, "ip_local", "ip_local", { test=test } > end but even if attrs are set (according to...

...str_free(&process_name_ssl); + } +#endif +} + static void login_accept(void *context) { int listen_fd = POINTER_CAST_TO(context, int); @@ -89,6 +136,7 @@ i_error("accept() failed: %m"); return; } + access_check(fd, &remote_ip, FALSE); if (net_getsockname(fd, &local_ip, &local_port) < 0) { memset(&local_ip, 0, sizeof(local_ip)); @@ -120,6 +168,7 @@ i_error("accept() failed: %m"); return; } + access_check(fd, &remote_ip, TRUE); if (net_getsockname(fd, &local_ip, &local_port) < 0) { memset(&local_ip, 0, siz...

...'t see a bunch of "?" characters, as cautioned about in the bug report instructions. For example, here's the tail end of the output (is it usable as-is?): session_id = 0x14844a489d8 <error: Cannot access memory at address 0x14844a489d8>, session_id_prefix = 0x0, local_ip = {family = 0, u = {ip6 = {__in6_u = { __u6_addr8 = '\000' <repeats 15 times>, __u6_addr16 = {0, 0, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {0, 0, 0, 0}}}, ip4 = {s_addr = 0}}}, remote_ip = {family = 0, u = { ip6 = {__in6_u = {__u6_addr8 = ...

...t entry=0x20b6168, cctx=cctx at entry=0x7ffd51c5b8e0, error_r=error_r at entry=0x7ffd51c5b8d8) at doveadm-mail.c:416 input = {module = 0x0, service = 0x4592b0 "doveadm", username = 0x209b5e1 "T0146937", session_id = 0x0, session_id_prefix = 0x0, session_create_time = 0, local_ip = {family = 2, u = {ip6 = {__in6_u = {__u6_addr8 = "\n!?", '\000' <repeats 11 times>, __u6_addr16 = {8458, 34767, 0, 0, 0, 0, 0, 0}, __u6_addr32 = {2278498570, 0, 0, 0}}}, ip4 = {s_addr = 2278498570}}}, remote_ip = {family = 2, u = {ip6 = {__in6_u = {__u6_addr8 = "\n!?&...

...e this group in a global ACL file. > I discovered this only works on first NOT-cached login > > > > environment in imap-postlogin script on first login: > > > AUTH_TOKEN=e96b5a32ceb2cafc4460c210ad2e92e3d7ab388c > MASTER_USER=master at uma > SPUSER=private/pdf > LOCAL_IP=127.0.0.1 > USER=pdf > AUTH_USER=master at uma > PWD=/var/run/dovecot > USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER > SHLVL=1 > HOME=/var/data/vmail/private/pdf > ACL_GROUPS=umareadmaster > IP=127.0.0.1 > _=/usr/bin/env > > > on the seco...