[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sidewinder
Subject:    [Sidewinder] Sidewinder 5.2 problem with nested groups
From:       "Oliver Reeh" <oliver.reeh () recomp ! de>
Date:       2001-09-13 8:00:11
[Download RAW message or body]

I encountered the following problem in Sidewinder 5.2 regarding
nested network object groups.

Supposed the following objects are defined

IP: a.a.a.1
IP: a.a.a.2
IP: a.a.b.1
IP: a.a.b.2

Group: TEST1 with members a.a.a.1 and a.a.a.2
Group: TEST2 with members a.a.b.1 and a.a.b.2

Group: TEST with members TEST1 and TEST2

when I now define two acls

acl add name=snmp_out pos=xx action=allow agent=proxy authneeded=no \
    destburb=Extern dest=netgroup:TEST nataddr=ipaddr:x.x.x.x service=snmp \
    sourceburb=Intern

acl add name=snmp_in pos=xy action=allow agent=proxy authneeded=no \
    dest=ipaddr:x.x.x.x destburb=Extern nataddr=None \
    redir=ipaddr:c.c.c.c service=snmp source=netgroup:Test \
    sourceburb=Extern

the acls don't work.

Until Sidewinder 5.1.1.01 these acls worked fine.

When I create the acls without nested groups they work as expected.

Any hints ?


Regards
Oliver

----------------------------------------------------
recomp GmbH Netzwerke & Systemberatung
Oliver Reeh          e-mail: oliver.reeh @ recomp.de
Querstrasse 2        phone : +49 2664 9953-33
56479 Rehe, Germany  fax   : +49 2664 9953-22
----------------------------------------------------


[prev in list] [next in list] [prev in thread] [next in thread]