On Fri, Apr 27, 2007 at 01:20:02PM +0200, Petter Reinholdtsen wrote: > [Pierre Habouzit] > > It's not doable, because the POSIX getnetent answers in a struct > > getent that cannot store the netmask, a simple getnetent(3) has the > > answer. And that's the reason why it can only store A/B/C class > > networks, because in 128.12.0.0/16 is in fact stored as 128.12.0.0 and 0 > > is assumed to be a wildcard, hence a network group. > > > > So well, you can try to fight against POSIX, some tried, we don't have > > any news from them since :) > > Sure, I am aware that the POSIX definitions need to change for this to > work. And I suspect it is a good idea, as the current netent family > of functions are useless for most settings, at least here at the > university where most networks are not /8, /16 nor /24. :) Well, you won't change API's old like that, you can add new ones, but don't count on that IMHO :) > Do you have any information about the previous tries? I guess a > defect report to the Austin group is a good place to start. That was just a joke. > Did anyone submit such report yet? > > > I know it's not *exactly* what you wanted, but afaict hosts.* are > > way more flexible. Iptables could also help to achieve similar > > purposes in a more generic way. > > This is in fact a very good idea, as it is a lot easier to implement. > Thank you! You're welcome. -- ·O· Pierre Habouzit ··O madcoder@debian.org OOO http://www.madism.org
Attachment:
pgpoDDtaySIIq.pgp
Description: PGP signature