[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Hi All

Is there any way to have the equivalent of ALLOW/DENY attributes in the NETWORK_INTERFACE  macro?

I am imagining a scenario where NETWORK_INTERFACE  is used to specify only subnets that our organisation
uses, e.g.

NETWORK_INTERFACE = 172.34.*, 112.29.*

BUT we also want to exclude certain subnets, e.g. VPN from home, wireless at work.
So if these are on 172.34.45.* and 112.29.68.* how could this be done?

I've read the docs and can't see how to do it apart from explicity doing for EVERY subnet, i.e.
Specifiy EVERY subnet except the VPN and wireless ones:

NETWORK_INTERFACE = 172.34.1.*, 172.34.2.*, ......... , 172.34.44.*, 172.34.46.*, ......., 
112.29.1.*, 112.29.2.*, ....... , 112.29.67.*, 112.29.69.*, ........

What I need is the equivalent of:

ALLOW_NETWORK_INTERFACE = 172.34.*, 112.29.*
DENY_NETWORK_INTERFACE = 172.34.45.*, 112.29.68.*

Thanks for any help, even if that's "you dummy, just do it like this!" :)