https://bugs.openldap.org/show_bug.cgi?id=9512
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|UNCONFIRMED |RESOLVED Resolution|--- |INVALID
--- Comment #1 from Howard Chu hyc@openldap.org --- (In reply to Quanah Gibson-Mount from comment #0)
Currently it is possible via ACLs to enforce restrictions based on which slapd host interface is connected to via the peername parameter. However, it's not possible to enforce ACL restrictions based on the IP address used by the client.
Wrong. The peername parameter is the client's IP address. The sockname parameter is for the slapd address.
This would be a useful feature when wanting to restrict certain DNs to only being able to have access if they connect from a certain IP or IP range.
Already works as designed.