[OpenAFS] NetRestrict file info/help needed

Russ Allbery rra@stanford.edu
Tue, 06 Jan 2009 10:10:52 -0800

Lars Schimmer <l.schimmer@cgv.tugraz.at> writes:

> Just for the information of all:
> Do NOT use the .255 notation to block a whole subnet, it does not work.
> Enter the single IPs to block.
> It has costs me some time and a nice help from the IRC channel to
> recover my fileservers.

Is this a bug in the documentation or a bug in the code?  Currently, the
documentation says:

       The NetRestrict file is in ASCII format. One IP address appears on each
       line, in dotted decimal format. The order of the addresses is not
       significant. The value 255 is a wildcard that represents all possible
       addresses in that field. For example, the value
       indicates that the File Server or database server processes do not
       register or use any of the addresses in the 192.12.105 subnet.

Russ Allbery (rra@stanford.edu)             <http://www.eyrie.org/~eagle/>