Re: Limit which database is reachable on which port (slapd is listening on)?

[Howard Chu <hyc@symas.com>]

Karsten Heymann wrote:
> Hi,
>
> short question: If I configure slapd to listen to several ports and
> have several databases configured, is there a way to limit which
> database is visible on which port? I want to use a single slapd
> instance to serve multiple databases (slapd-meta instances to be
> exact) and for each database want to use a dedicated listening port,
> somehow like port-based virtual hosts in the apache web server. The
> reason is that I want to define different firewall rules for the
> different databases. Is this possible with openldap?

Read the slapd.access(5) manpage, use an ACL specifying sockname=xxx for the 
local port identifier.

> Best regards
> Karsten


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/