[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Limit which database is reachable on which port (slapd is listening on)?

To: openldap-technical@openldap.org
Subject: Re: Limit which database is reachable on which port (slapd is listening on)?
From: Karsten Heymann <karsten.heymann@gmail.com>
Date: Mon, 19 Jun 2017 16:46:30 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=ECtWEH6Sckm0jN35fP3ocbc/NGAQcW0FKwAhwSjzveA=; b=oWP+wFDBJ2afkGmvJHa+31mv3EpuOoEk3f/7hMlqMuSF+oqbqjvxKCayLlYOf/SdVr o/6+K1Apw39NOc7uzSGQJlWf+snrzORzV4nWiccjCguzc9qyjP1kW9by7Lx5bljEOoS7 lGg0XaQk2JHB3MlpLuj+5BtwUNLnCCmFDm9PXUJZ4i7n36Gn5U40qsePsa8Kv7jzfAxg i3gdqU4e+i04EohVrnC2ZfnLOf0BR843r9Z3xbR1LH0TpGsRovZdec8PdYi0ajhnM02+ 66/5jb6CpayhIjjTcPw72CWaSiDXVGNyEN4PZOJCpQCKafEk+xxxpTARdf+NUxrtDuRr cANg==
In-reply-to: <0ffbedf6-bc81-65cb-63e7-c73de6c58ca6@symas.com>
References: <CAL017hD3vjRVYL1cKxhZggvt18pPUaC9PAyXcHCTdjzp7QndBw@mail.gmail.com> <WM!a8b90e2e2f2939888239ca5ebe0e7ea040b47e169d02742f63bb69b8524aa7d810edc144416bf8c95ebd96dda6c3f69b!@mailstronghold-3.zmailcloud.com> <0ffbedf6-bc81-65cb-63e7-c73de6c58ca6@symas.com>

Hi Howard,

perfect, thank you. I missed that one, I searched the documentation
for "port", "listen" and "limit" but didn't think about the socket
term. I guess for urls it's sockurl, sockname seems to be ment for the
socket (file) name.

Best regards
Karsten

2017-06-19 15:48 GMT+02:00 Howard Chu <hyc@symas.com>:
> Karsten Heymann wrote:
>>
>> Hi,
>>
>> short question: If I configure slapd to listen to several ports and
>> have several databases configured, is there a way to limit which
>> database is visible on which port? I want to use a single slapd
>> instance to serve multiple databases (slapd-meta instances to be
>> exact) and for each database want to use a dedicated listening port,
>> somehow like port-based virtual hosts in the apache web server. The
>> reason is that I want to define different firewall rules for the
>> different databases. Is this possible with openldap?
>
>
> Read the slapd.access(5) manpage, use an ACL specifying sockname=xxx for the
> local port identifier.
>
>> Best regards
>> Karsten
>>
>>
>
>
> --
>   -- Howard Chu
>   CTO, Symas Corp.           http://www.symas.com
>   Director, Highland Sun     http://highlandsun.com/hyc/
>   Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: Limit which database is reachable on which port (slapd is listening on)?
  - From: John Lewis <oflameo2@gmail.com>

References:
- Limit which database is reachable on which port (slapd is listening on)?
  - From: Karsten Heymann <karsten.heymann@gmail.com>
- Re: Limit which database is reachable on which port (slapd is listening on)?
  - From: Howard Chu <hyc@symas.com>

Prev by Date: Re: Error: Can't contact LDAP server
Next by Date: Re: mdb_dbi_open and threads
Index(es):
- Chronological
- Thread