From nobody@hyperreal.com  Fri Jun 20 10:20:23 1997
Received: (from nobody@localhost)
	by hyperreal.com (8.8.5/8.8.5) id KAA01927;
	Fri, 20 Jun 1997 10:20:23 -0700 (PDT)
Message-Id: <199706201720.KAA01927@hyperreal.com>
Date: Fri, 20 Jun 1997 10:20:23 -0700 (PDT)
From: Charles Hedrick <hedrick@nbcs.rutgers.edu>
Reply-To: hedrick@nbcs.rutgers.edu
To: apbugs@hyperreal.com
Subject: need ability to do "allow from" with subnet mask
X-Send-Pr-Version: 3.2

>Number:         762
>Category:       mod_access
>Synopsis:       need ability to do "allow from" with subnet mask
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    apache
>State:          closed
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Fri Jun 20 10:30:01 1997
>Last-Modified:  Wed Jul 30 11:46:06 PDT 1997
>Originator:     hedrick@nbcs.rutgers.edu
>Organization:
>Release:        1.2
>Environment:
mod_access lets you restrict access to certain subnets.  Unfortunately the
test it does allows only subnets deefined on octet boundaries.  Rutgers
is now using subnets with 64 hosts.  We would like to modify mod_access
to allow a syntax such as 128.6.26.128/255.255.255.128, or possibly
128.6.26.128/25 (meaning a 25-bit mask).  As a matter of policy we prefer
not relevant [the issue is documented behavior]
>Description:
mod_access lets you restrict access to certain subnets.  Unfortunately the
test it does allows only subnets deefined on octet boundaries.  Rutgers
is now using subnets with 64 hosts.  We would like to modify mod_access
to allow a syntax such as 128.6.26.128/255.255.255.128, or possibly
128.6.26.128/25 (meaning a 25-bit mask).  As a matter of policy we prefer
not to make modifications unless we've verified that the maintainer will
take them back.  Otherwise we create a problem for future releases.
Would you accept diffs implementing such a feature?
>How-To-Repeat:

>Fix:

>Audit-Trail:
State-Changed-From-To: open-analyzed
State-Changed-By: marc
State-Changed-When: Fri Jun 20 11:01:25 PDT 1997
State-Changed-Why:
Yes, this is a good feature to add.  I like specifying
the length of the mask myself, but either way would be
fine.  See http://www.apache.org/dist/contrib/patches/1.2/cidr.patch
for a contributed patch to do this.  Not sure if it patches
cleanly into 1.2 or not.  If someone gets around to looking
at it, something similar should endup in the source
at some point...
State-Changed-From-To: analyzed-closed
State-Changed-By: dgaudet
State-Changed-When: Wed Jul 30 11:46:05 PDT 1997
State-Changed-Why:
This feature has been committed to 1.3a2-dev as part of a
mod_access overhaul.

Dean
>Unformatted: