Welcome! Log In Create A New Profile

Advanced

Access control by ip for memcached, with no need for firewall to protect your server

Posted by 魏中华 
Available for memcached-1.4.5

Patch is here: https://pysoft.googlecode.com/svn/trunk/c-project/memcached

Usage:
./memcached -d --
acl="192.168.0.2,192.168.0.3,192.168.1.4,192.168.1.1" -l192.168.1.1

If the listen host is not "localhost" or "127.0.0.1", you must set --
acl arg when start memcached server.
On Jul 26, 7:00 pm, 魏中华 <[email protected]> wrote:
> Available for  memcached-1.4.5
>
> Patch is here:https://pysoft.googlecode.com/svn/trunk/c-project/memcached
>
> Usage:
>     ./memcached -d --
> acl="192.168.0.2,192.168.0.3,192.168.1.4,192.168.1.1" -l192.168.1.1
>
> If the listen host is not "localhost" or "127.0.0.1", you must set --
> acl arg when start memcached server.

Hmm... There are a few things wrong with this patch (IPv4-only,
incorrect exit code, missing some memory checks, etc...), but it seems
like the wrong approach in general.

Host firewalls are dynamically configurable, well-tested, support
all protocols the host will support, and have standardized input and
optimal lookups (e.g. routing table lookups for IPv4 in this case with
CIDR inputs to do any possible ACL lookup in no more than 32 probes).
Sorry, only registered users may post in this forum.

Click here to login