Bug #2799
Remote access limitation doesn't work
Status: | CLOSED | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 100% | |
Category: | nethserver-httpd-admin | |||
Target version: | v6.5 | |||
Security class: | Resolution: | NOTABUG | ||
Affected version: | v6.5-final | NEEDINFO: | Yes |
Description
Into "Web access
" tab of "Remote Access
" menu, if you delete the default rule (0.0.0.0/0.0.0.0) and try to set any other combination of ip/subnet the rule seems to be ignored.
History
#1 Updated by Nicola Rauso about 7 years ago
Package installed:
- nethserver-httpd-admin-1.2.3-1.ns6.noarch
#2 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from NEW to TRIAGED
- % Done changed from 0 to 20
- NEEDINFO changed from No to Yes
I can't reproduce the problem.
Can you post the exact steps? Can you add an extract from logs?
- 192.168.5.x
- 10.0.2.x
Original situation, the Server Manager is accessible from everyone:
[root@test ~]# grep Allow /etc/httpd/admin-conf/httpd.conf AllowOverride None Allow from all Order Deny,Allow Allow from 127.0.0.1 192.168.5.0/255.255.255.0 0.0.0.0/0.0.0.0
After removing "0.0.0.0/0.0.0.0":
[root@test ~]# grep Allow /etc/httpd/admin-conf/httpd.conf AllowOverride None Allow from all Order Deny,Allow
Access from 10.0.2.x network is denied:
10.0.2.22 - - [03/Jul/2014:10:03:14 +0000] "GET / HTTP/1.1" 403 202
After adding 10.0.2.x network:
[root@test ~]# grep Allow /etc/httpd/admin-conf/httpd.conf AllowOverride None Allow from all Order Deny,Allow Allow from 127.0.0.1 192.168.5.0/255.255.255.0 10.0.2.0/255.255.255.0
Request are satisfied:
10.0.2.22 - - [03/Jul/2014:10:04:18 +0000] "GET /css/ui/jquery-ui-1.8.16.custom.css HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:18 +0000] "GET /css/jquery.qtip.min.css HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /css/base.css HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery-ui-1.8.18.custom.min.js HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery.dataTables.min.js HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /en/Resource/d39a4a0c.js HTTP/1.1" 200 54293 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery-1.7.1.min.js HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery.qtip.min.js HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /en/Resource/be58511e.css HTTP/1.1" 200 708 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /css/img/red-inset-normal.png HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /css/img/mandatory_normal.png HTTP/1.1" 304 - 10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /images/favicon.png HTTP/1.1" 200 1167
#3 Updated by Nicola Rauso about 7 years ago
Confirmed: everything works correctly.
Probably it was an error of mine while configuring test environment.
The issue can be closed.
#4 Updated by Giacomo Sanchietti about 7 years ago
- Status changed from TRIAGED to CLOSED
- % Done changed from 20 to 100
- Resolution set to NOTABUG