Re: pg_hba.conf hostmask. - Mailing list pgsql-hackers

From Bruce Momjian
Subject Re: pg_hba.conf hostmask.
Date
Msg-id 200302030052.h130qYh04719@candle.pha.pa.us
Whole thread Raw
In response to pg_hba.conf hostmask.  (Kurt Roeckx <Q@ping.be>)
Responses Re: pg_hba.conf hostmask.
List pgsql-hackers
Kurt Roeckx wrote:
> Currently in pg_hba.conf you specify the ip addresses that can
> connect with 2 fields: the ip address and the mask.
> 
> What do you think about changing it to ip address/mask?  Where
> mask can be both the current mask, or the prefix length.
> 
> It's so much handier to use, especially for ipv6.

Yes, some have asked about this.  My understanding was that CIDR
(host/len) was mostly for networks, while hostname/mask was for hosts.
Now, you can specify hosts using /32, but is is unusual?  Maybe not.  We
basically have columns in pg_hba.conf that can specify either hosts or
networks, so I suppose either should work.  One neat trick would be to
allow both, and I think I can easily code that up.  If you specify a '/'
and value after the host address, you don't use a netmask value.  How is
that?

--  Bruce Momjian                        |  http://candle.pha.pa.us pgman@candle.pha.pa.us               |  (610)
359-1001+  If your life is a hard drive,     |  13 Roberts Road +  Christ can be your backup.        |  Newtown Square,
Pennsylvania19073
 


pgsql-hackers by date:

Previous
From: Neil Conway
Date:
Subject: PGP signing releases
Next
From: Tom Lane
Date:
Subject: Re: PGP signing releases