Hello everyone,
I'm wondering what is the proper way (== the most commonly used) to
identify the machines that are allowed to connect to a policy server.
If I use the DNS name of the machines, they can't connect :
in the cf-served.cf
allowconnects => {
@(def.acl) , "debian-5-32.labo.normation.com"
};
#ping debian-5-32.labo.normation.com
64 bytes from 192.168.100.12: icmp_seq=1 ttl=64 time=0.252 ms
Result :
"Not allowing connection from non-authorized IP ::ffff:192.168.100.12"
I could use the ip of the machine, but it's prone to change. host2ip is
the right solution (or so it seems), but then I'm wondering why it's not
used by default when we use the domain name of a machine ?
Regards
--
Nicolas CHARLES
Normation SAS - http://www.normation.com
44 rue Cauchy – 94110 ARCUEIL
+33 (0)1 83 62 26 96 - +33 (0)6 14 63 25 18
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
