[Pdns-users] Proxy mapped address used for allow-from
rpedrica at gmail.com
Fri Jan 27 08:30:56 UTC 2023
> > 1. accurately enable ACLs via allow-from
> As far as I know, the ACL are checked accurately, i.e. as defined in
> the docs.
> > 2. use proxy-mapped public address from addProxyMapping for ecs/edns
> > Currently, the proxy mapped address is being used to match against
> > allow-from rather than the source/original address.
> I have the feeling there is some form of miscommunication going on.
> As documented, see:
> "M is used for incoming ACL checking (allow-from) and to determine the
> ECS processing (ecs-add-for)."
> where M is "the source address mapped by Table Based Proxy Mapping" in
> The first section of the page tries to explain what address is used in
> what circumstances.
> The point of proxyMapping is to use the mapped address as ECS and for
> ACL checking.
> If that is not what you want, maybe proxyMapping is not the answer to
> your question?
This is a perfect explanation and understood now.
Thanks for your assistance
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Pdns-users