# Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with # this work for additional information regarding copyright ownership. # The ASF licenses this file to You under the Apache License, Version 2.0 # (the "License"); you may not use this file except in compliance with # the License. You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # This is a comment, I love comments. # # BNF: # File # '<' '>' block ' '>' # NAME # ::= \w+ # Block # [by] , # [operation] [from] # ops # none | rdonly | rdwr | all # spec # IP [ [>netmask>] | '/' ] # FQHN [ [] | '/' ] # 'all' # mask # IP | FQHN # IP # dotted quad # FQHN # anything DNS # len # 0 .. 32 # # test blank lines # test record # # Order allow,deny or deny,allow order deny,allow # operation levels # none nothng allowed # rdonly just read allowed # rdwr read and write allowed # all read, write and create allowed. # # deny all from all allow rdonly from all allow operation rdwr from 127.0.0.1 allow all from 10.0.1.2/8 allow none from 10.0.1.2/1 allow rdonly from 10.0.1.2/27 # Base line which gets ALWAYS applied # order allow,deny deny all from all order allow,deny allow all from all deny rdwr from 1.2.3.4/16 deny all from all allow all from all # Fall through which ONLY gets applied if there # are no specific dbase+IP rule was defined. # order deny,allow allow rdonly from all order allow,deny allow rdonly from all allow rdwr from 9.8.7.6 allow all from 4.5.6.7/24 #deny all from www.news.com allow drop from 127.0.0.1