how to use ipv6 addresses in olcaccess statements - openldap-technical

10 Jan 2010


      Hi
I am trying to build a olcaccess statement and I am wondering how to
implement a ipv6 network
Currently I have
'to dn.sub="ou=SUDOers,dc=samad,dc=com,dc=au" '.
        'by dn.exact="cn=libnss-ldap,ou=Roles,dc=samad,dc=com,dc=au" read '.
        'by dn.exact="cn=libpam-ldap,ou=Roles,dc=samad,dc=com,dc=au" read '.
        'by peername.ip=192.168.12.0%255.255.252.0 read '.
        'by peername.ip=192.168.8.0%255.255.252.0 read '.
        'by peername.ip=192.168.4.0%255.255.252.0 read '.
        'by peername.ip=127.0.0.1 read '.
        'by peername.ipv6=::1 read '.
        'by peername.path=/var/run/slapd/ldapi read '.
        'by * none ',
I have a ipv6 network 2002:3cf1:f856::/48 but I can't seem to put in
        'by peername.ipv6=2002:3cf1:f856::%48 read '.
do I need to write out a complete mask
'by peername.ipv6=2002:3cf1:f856::%<mask> read '.
I am not sure what that mask would look like
65535.65535.65535.0.0.0.0.0 ?
Alex
-- 
About the only thing we have left that actually discriminates in favor of
the plain people is the stork.