Reference: File IPAccess.hst

How to ... open Hamster for other computers?

Purpose:

Allow or refuse connections to local servers based on the IP-address of connecting clients.

General format:

Parameters:

1st parameter: Scope

This value describes which local servers are affected by the setting. For example, a line starting with "NNTP" only affects the local NNTP server, but not the POP3 or SMTP servers.

Keywords:

NNTP

Local NNTP-server

POP3

Local POP3-server

SMTP

Local SMTP-server

MAIL

Local POP3- and SMTP-server

RECO

Local RC server

ALL

All local servers

2nd parameter: Access

This value describes if a client can connect to the given local server(s) and which actions are allowed on it.

Keywords:

RW

Allow Read/Write

WO

Allow Write-Only

RO

Allow Read-Only

NA

No Access

The distinction between read- and write-access is only a logical issue. The specific behaviour is as follows:

Scope

Access

Effect

NNTP

RO

Client can read articles.

NNTP

RW

Client can both read and post articles.

POP3

RW/RO

Client can fetch mails.

SMTP

RW/WO

Client can send mails.

(all)

(other)

Connection is refused.

3rd/4th parameter: IP selection

These two parameters describe the IP address of the incoming connection. There are several ways to describe the wanted ones:

a.) Lower and upper limit of IP addresses

A single IP number or a range of IP numbers can be given directly, i. e. lower limit as 3rd and upper limit as 4th parameter. If it's only a single IP address, the upper limit can be ommitted.

ALL, RW, 127.0.0.1
ALL, RW, 192.168.0.0, 192.168.255.255

b.) Domain name

If a domain name instead of an IP is given as 3rd parameter, access is assigned if the domain name of the connecting IP equals the given name or is one of its sub-domains. 4th parameter has no meaning in this case and should be empty.

ALL,  NA, well-known-bad-guys.example
POP3, RO, mycompany.com.example

c.) IP of domain name

If a domain name is given with a leading question mark as 3rd parameter, access is assigned if the connecting IP equals the (current) IP of the given domain name. 4th parameter has no meaning in this case and should be empty.

NNTP, RW, ?friend.dyndns.org.example

d.) Local IPs

The special keyword "LOCAL" as 3rd parameter tells Hamster that all IP addresses of the local computer should be treated like the address given in the 4th parameter. This setting is especially useful if local addresses are assigned dynamically, e. g. addresses assigned by a DHCP-server or assigned by your provider on dial-up.

1st and 2nd parameters have no meaning in this case and are ignored, but they have to be syntactically correct.

# all local IP-addresses should be treated as 127.0.0.1:
ALL, NA, LOCAL, 127.0.0.1

5th parameter: Default account

Optional name of an Account that is assigned to the connecting client.

Such accounts are currently only used to define an "auto-login" account for the local NNTP server, i. e. the account (and its settings) to be used if user does not authenticate. Such accounts require the password "*" (a single star without the qoutes) for auto-login to work.

If no name is given, name "nntpdefault" is used as default (just for compatibility with earlier Hamster versions).

NNTP, RW, mycompany.com.example, , mycompany

Implementation notes:

Example:

# treat all local IP-addresses like 127.0.0.1:
ALL, NA, LOCAL, 127.0.0.1

# full access on all services for localhost:
ALL, RW, 127.0.0.1

# full access on all services for LAN-stations:
ALL, RW, 192.168.0.0, 192.168.255.255

# full access on all services for specific addresses:
ALL, RW, 11.22.33.44  # John Doe
ALL, RW, 44.33.22.11  # Jane Doe

# readonly-access on news for all other addresses:
NNTP, RO, 0.0.0.0, 255.255.255.255

# no access for all other addresses and services:
ALL, NA, 0.0.0.0, 255.255.255.255

[www.elbiah.de Hamster Playground Documentation]