[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[LDM #NJW-181488]: Fwd: ldmd.conf allow statements



Michael,

I drove your inquiry into our tracking system so that others can see your
very good general question.

> I'm cleaning up an ldmd.conf file that has accumulated a lot of clutter
> over time. It looks like there are a lot of redundant allow statements but
> I wanted to ask you first if these are actually redundant before removing
> or consolidating.
> 
> If I have:
> 
> allow    ANY     \.crh\.noaa\.gov$
> 
> and I also have
> 
> allow    ANY     ^204\.227\.126\.128        (which is
> ldm-rfc-vm.crh.noaa.gov)

The above is unnecessary *only if* the IP address *always resolves* to a host
in the domain crh.noaa.gov. If your DNS resolver goes out-to-lunch, then
that host won't be able to connect. So, it depends on the confidence you 
have in your DNS.

> allow    ANY     ^ftp-210\.crh\.noaa\.gov$

This one is definitely unnecessary: this particular host is covered by the
ALLOW for the domain.

Regards,
Steve Emmerson

Ticket Details
===================
Ticket ID: NJW-181488
Department: Support LDM
Priority: Normal
Status: Closed
===================
NOTE: All email exchanges with Unidata User Support are recorded in the Unidata 
inquiry tracking system and then made publicly available through the web.  If 
you do not want to have your interactions made available in this way, you must 
let us know in each email you send to us.