We have an application that can only bind to the directory anonymously and needs to be able to exceed our query size limit. The queries will come from a small set of IP addresses. What we want to do is to set the query size limit by source ip address.
One way that I can see to do this is to run two slapd servers with different -h switches specified on the slapd startup so that each server will bind to a different interface:port. Then we can restrict access to the unlimited-size-query server using ip tables. What would be really nice is if the two configurations could specify the same backend databases. Has anyone done this? Should this work? Is there a better way to do this?
Bill
-- Bill MacAllister whm@stanford.edu Systems Programmer, ITS Unix Systems, Stanford University