Closed speedj closed 8 years ago
Spomky
commented
8 years ago I am not sure coovachilli is able to get an external list of ips/domains, but it is a very nice feature. To avoid coovachilli to download a huge list, it may just ask a dedicated server if the ip/domain is allowed or not (with an optional cache system to limit the amount of queries).
speedj
commented
8 years ago This one is a very elegant hint. Il 16 mag 2016 18:38, "Spomky" notifications@github.com ha scritto:
I am not sure coovachilli is able to get an external list of ips/domains, but it is a very nice feature. To avoid coovachilli to download a huge list, it may just ask a dedicated server if the ip/domain is allow or not (with an optional cache system to limit the amount of queries).
— You are receiving this because you authored the thread. Reply to this email directly or view it on GitHub https://github.com/coova/coova-chilli/issues/242#issuecomment-219475313
sevan
commented
8 years ago Hi, There is now a mailing list for questions such as these, the issues section will be used solely for bug reports in code from now on, can I ask you to subscribe & take the discussion there (give it a few days as the system is freshly setup without any subscribers at the moment).
I need I listo of 3000 IPs to be accessible before coovachilli authentication: they are a shibboleth interfederation IdPs. Coovachilli limit is 1024 entries. They have to be in place at the same time, I do not want to expire old entries since this approach is not scalable.
Is it possible to create an externally maintained walled garden using iptables?
I tried to put an override iptables -N dst-idp iptables -A dst-idp -d 83.xxx.xxx.140 -j ACCEPT iptables -A dst-idp -j RETURN
iptables -t filter -I FORWARD -j dst-idp iptables -t filter -I INPUT -j dst-idp
But this did not work because I don't know where is the right place to put it and if at all is feasible. Somebody has some idea?