Bug #2799

Remote access limitation doesn't work

Added by Nicola Rauso about 7 years ago. Updated about 7 years ago.

Status:CLOSEDStart date:
Priority:NormalDue date:
Assignee:-% Done:

100%

Category:nethserver-httpd-admin
Target version:v6.5
Security class: Resolution:NOTABUG
Affected version:v6.5-final NEEDINFO:Yes

Description

Into "Web access" tab of "Remote Access" menu, if you delete the default rule (0.0.0.0/0.0.0.0) and try to set any other combination of ip/subnet the rule seems to be ignored.

History

#1 Updated by Nicola Rauso about 7 years ago

Package installed:
  • nethserver-httpd-admin-1.2.3-1.ns6.noarch

#2 Updated by Giacomo Sanchietti about 7 years ago

  • Status changed from NEW to TRIAGED
  • % Done changed from 0 to 20
  • NEEDINFO changed from No to Yes

I can't reproduce the problem.
Can you post the exact steps? Can you add an extract from logs?

This is my test, machine with 2 networks:
  • 192.168.5.x
  • 10.0.2.x

Original situation, the Server Manager is accessible from everyone:

[root@test ~]# grep Allow /etc/httpd/admin-conf/httpd.conf 
    AllowOverride None
    Allow from all
       Order Deny,Allow
       Allow from 127.0.0.1 192.168.5.0/255.255.255.0 0.0.0.0/0.0.0.0

After removing "0.0.0.0/0.0.0.0":

[root@test ~]# grep Allow /etc/httpd/admin-conf/httpd.conf 
    AllowOverride None
    Allow from all
       Order Deny,Allow

Access from 10.0.2.x network is denied:

10.0.2.22 - - [03/Jul/2014:10:03:14 +0000] "GET / HTTP/1.1" 403 202

After adding 10.0.2.x network:

[root@test ~]# grep Allow /etc/httpd/admin-conf/httpd.conf 
    AllowOverride None
    Allow from all
       Order Deny,Allow
       Allow from 127.0.0.1 192.168.5.0/255.255.255.0 10.0.2.0/255.255.255.0

Request are satisfied:

10.0.2.22 - - [03/Jul/2014:10:04:18 +0000] "GET /css/ui/jquery-ui-1.8.16.custom.css HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:18 +0000] "GET /css/jquery.qtip.min.css HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /css/base.css HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery-ui-1.8.18.custom.min.js HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery.dataTables.min.js HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /en/Resource/d39a4a0c.js HTTP/1.1" 200 54293
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery-1.7.1.min.js HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /js/jquery.qtip.min.js HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /en/Resource/be58511e.css HTTP/1.1" 200 708
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /css/img/red-inset-normal.png HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /css/img/mandatory_normal.png HTTP/1.1" 304 -
10.0.2.22 - - [03/Jul/2014:10:04:19 +0000] "GET /images/favicon.png HTTP/1.1" 200 1167

#3 Updated by Nicola Rauso about 7 years ago

Confirmed: everything works correctly.
Probably it was an error of mine while configuring test environment.
The issue can be closed.

#4 Updated by Giacomo Sanchietti about 7 years ago

  • Status changed from TRIAGED to CLOSED
  • % Done changed from 20 to 100
  • Resolution set to NOTABUG

Also available in: Atom PDF