Nicolas,
just a quick thought: does the reverse DNS contain the record for
192.168.100.12?
2010/6/14 Nicolas Charles <nicolas.char...@normation.com>:
> Hello everyone,
>
> I'm wondering what is the proper way (== the most commonly used) to
> identify the machines that are allowed to connect to a policy server.
>
> If I use the DNS name of the machines, they can't connect :
> in the cf-served.cf
> allowconnects => {
> @(def.acl) , "debian-5-32.labo.normation.com"
> };
>
> #ping debian-5-32.labo.normation.com
> 64 bytes from 192.168.100.12: icmp_seq=1 ttl=64 time=0.252 ms
>
> Result :
> "Not allowing connection from non-authorized IP ::ffff:192.168.100.12"
>
>
> I could use the ip of the machine, but it's prone to change. host2ip is
> the right solution (or so it seems), but then I'm wondering why it's not
> used by default when we use the domain name of a machine ?
>
> Regards
>
> --
> Nicolas CHARLES
> Normation SAS - http://www.normation.com
> 44 rue Cauchy – 94110 ARCUEIL
> +33 (0)1 83 62 26 96 - +33 (0)6 14 63 25 18
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
>
--
SY, Seva Gluschenko.
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
