RCS file: /etc/firewall/RCS/allowedfrom,v Working file: /etc/firewall/allowedfrom head: 1.63 branch: locks: strict access list: symbolic names: keyword substitution: kv total revisions: 63; selected revisions: 63 description: allowedfrom - ingress configuration for CAcert hopper firewall ---------------------------- revision 1.63 date: 2019/11/01 14:00:48; author: root; state: Exp; lines: +3 -1 Add Dirk Astrath. ---------------------------- revision 1.62 date: 2019/04/22 10:38:44; author: root; state: Exp; lines: +2 -2 Update allowed IPv6 address range for wytze after Ziggo network maintenance. ---------------------------- revision 1.61 date: 2018/10/25 09:58:02; author: root; state: Exp; lines: +2 -2 IPv6 address change for wytze due to Ziggo network maintenance. ---------------------------- revision 1.60 date: 2018/08/18 10:16:57; author: root; state: Exp; lines: +2 -2 IPv6 address change for wytze due to Ziggo blackout. ---------------------------- revision 1.59 date: 2018/06/25 13:35:28; author: root; state: Exp; lines: +2 -1 Add new IPv6 network for Wytze. ---------------------------- revision 1.58 date: 2017/11/24 14:08:34; author: root; state: Exp; lines: +2 -2 Update IPv4 address for Wytze (Ziggo modem change). ---------------------------- revision 1.57 date: 2017/02/11 11:33:44; author: root; state: Exp; lines: +3 -1 Add new IPv6 addresses for wytze. ---------------------------- revision 1.56 date: 2016/11/08 08:21:40; author: root; state: Exp; lines: +2 -3 Remove obsolete IPv6 network for wytze. Update internal access for wytze from sun4 to sun3. ---------------------------- revision 1.55 date: 2016/11/08 08:15:55; author: root; state: Exp; lines: +2 -4 Update access addresses for Mendel per e-mail of 07.11.2016. ---------------------------- revision 1.54 date: 2015/11/17 14:16:24; author: root; state: Exp; lines: +2 -3 Drop old IPv4 address for wytze. Update IPv4 address for wytze. ---------------------------- revision 1.53 date: 2015/08/25 15:39:38; author: root; state: Exp; lines: +2 -1 Add new IPv4 address for wytze. ---------------------------- revision 1.52 date: 2014/11/13 11:57:24; author: root; state: Exp; lines: +2 -2 Update IPv4 address range for Martin Simons, per e-mail request of 12.11.2014. ---------------------------- revision 1.51 date: 2014/09/19 14:27:19; author: root; state: Exp; lines: +1 -24 Delete all infrastructure sysadmins since they do not need the hopper anymore. This completes the cleanup of the critical sysadmin access structure. ---------------------------- revision 1.50 date: 2014/09/15 08:58:46; author: root; state: Exp; lines: +1 -2 Remove test IPv4 address for Stefan Kooman. ---------------------------- revision 1.49 date: 2014/09/14 13:57:24; author: root; state: Exp; lines: +2 -1 Temporarily add test IPv4 address for Stefan Kooman (firewall routing test). ---------------------------- revision 1.48 date: 2014/09/02 13:15:48; author: root; state: Exp; lines: +2 -3 Update IPv6 addresses for Wytze van der Raay. ---------------------------- revision 1.47 date: 2014/03/24 08:24:31; author: root; state: Exp; lines: +1 -5 Revoke access for Dominik George (nik) per e-mail request 23.03.2014. Remove temporary entries for access from the firewall hosts. ---------------------------- revision 1.46 date: 2014/01/23 16:31:48; author: root; state: Exp; lines: +9 -3 Add IPv6 addresses for mendel and wytze, enable IPv6 addresses for jandd. ---------------------------- revision 1.45 date: 2013/12/12 21:37:30; author: root; state: Exp; lines: +4 -1 TIJDELIJKE (anders bier). oplossing. ---------------------------- revision 1.44 date: 2013/11/14 08:24:46; author: root; state: Exp; lines: +2 -1 Add facility for wytze to get access from sun4 internal. ---------------------------- revision 1.43 date: 2013/05/14 10:20:50; author: root; state: Exp; lines: +1 -2 Remove obsolete IPv4 address of cacert2.it-sls.de for wytze. ---------------------------- revision 1.42 date: 2013/04/24 12:47:34; author: root; state: Exp; lines: +2 -2 Update source address for "webdb" user, because the CAcert webserver has been migrated from the old "hlin" at 172.28.50.6 to the new "webdb" at 172.28.50.12 on the internal admin network. ---------------------------- revision 1.41 date: 2012/11/06 11:37:30; author: root; state: Exp; lines: +2 -1 Add extra IPv4 access address for wytze. ---------------------------- revision 1.40 date: 2012/11/06 11:35:01; author: root; state: Exp; lines: +2 -1 Add access for Carsten Logemann aka modus to "new web site" (May 29, 2012). ---------------------------- revision 1.39 date: 2012/05/24 07:41:51; author: root; state: Exp; lines: +2 -2 Updated IPv4 address for mat_64 (Raoul xavier Boerlage) per e-mail request from rxboerlage@cacert.org on May 23, 2012. ---------------------------- revision 1.38 date: 2012/05/09 12:47:18; author: root; state: Exp; lines: +2 -2 From: Mario Lipinski Subject: Fwd: Access request hopper Date: May 9, 2012 5:10:48 AM GMT+02:00 To: critical-admin@cacert.org ---------------------------- revision 1.37 date: 2012/04/01 09:34:09; author: root; state: Exp; lines: +2 -2 Update IPv4 address for nik per e-mail request from Mario Lipinski on April 1, 2012. ---------------------------- revision 1.36 date: 2012/03/27 06:47:08; author: root; state: Exp; lines: +2 -2 law 77.21.202.231 to 50.131.126.132 ---------------------------- revision 1.35 date: 2012/03/19 14:10:02; author: root; state: Exp; lines: +1 -13 Remove a number of admins from the access lists, per e-mail request from Mario Lipinski on 18.03.2012: philipp, nb, stefanf, lance, choth, ulrich. ---------------------------- revision 1.34 date: 2012/03/15 10:01:25; author: root; state: Exp; lines: +2 -1 Add access for Raoul Xavier Boerlage (mat_64) to irc per e-mail request from Mario Lipinski on 15.03.2012. ---------------------------- revision 1.33 date: 2012/03/14 09:06:17; author: root; state: Exp; lines: +2 -1 Add access for Martin Simons (martin) per e-mail request from Mario Lipinski on 14.03.2012. ---------------------------- revision 1.32 date: 2012/02/26 16:37:28; author: root; state: Exp; lines: +2 -1 Add access for Alexander Koch (lynix) per e-mail request from Mario Lipinski on 26.02.2012. ---------------------------- revision 1.31 date: 2012/01/20 10:51:49; author: root; state: Exp; lines: +3 -3 Replace duplicate entries for mendel/wytze at 172.28.50.6 by a single entry labeled 'webdb'. Add IPv4 address of cacert2.it-sls.de for wytze. ---------------------------- revision 1.30 date: 2012/01/19 16:49:59; author: root; state: Exp; lines: +3 -1 Allow access from webdb for critical system administrators (mendel, wytze). ---------------------------- revision 1.29 date: 2011/09/01 09:57:39; author: root; state: Exp; lines: +2 -1 Add access for new user tbremer (Thomas Bremer) to sun2 + infrastructure subnet per e-mail request from Mario Lipinski on 01.09.2011. ---------------------------- revision 1.28 date: 2011/05/23 09:36:07; author: root; state: Exp; lines: +1 -3 Remove stefan (Stefan Kooman) from critical sysadmin team. ---------------------------- revision 1.27 date: 2011/04/18 15:06:34; author: root; state: Exp; lines: +3 -3 Update IPv4 addresses for stefan (per e-mail request on 18.04.2011). ---------------------------- revision 1.26 date: 2011/02/14 22:35:59; author: root; state: Exp; lines: +2 -2 Vicarious changes IP's ---------------------------- revision 1.25 date: 2011/02/10 15:12:09; author: root; state: Exp; lines: +2 -1 Add access for new user alex (Alexander Prinsier) to board (per e-mail request from Mario Lipinski on Feb 10, 2011). ---------------------------- revision 1.24 date: 2010/12/26 12:13:31; author: root; state: Exp; lines: +2 -2 Update client IP access address for nik (per e-mail on 26.12.2010). ---------------------------- revision 1.23 date: 2010/10/03 18:58:50; author: root; state: Exp; lines: +2 -1 Add new IP for magu (Martin Gummi). ---------------------------- revision 1.22 date: 2010/09/28 06:55:15; author: root; state: Exp; lines: +2 -2 law ---------------------------- revision 1.21 date: 2010/09/18 20:18:17; author: root; state: Exp; lines: +2 -2 jandd request ---------------------------- revision 1.20 date: 2010/09/10 18:56:43; author: root; state: Exp; lines: +4 -2 Add access for new users jselzer and nik. Update access for law per request from Mario Lipinski (IP number change). ---------------------------- revision 1.19 date: 2010/08/30 16:04:27; author: root; state: Exp; lines: +2 -1 Add access for new user vicarious (no internal servers known yet ...). ---------------------------- revision 1.18 date: 2010/08/30 14:49:16; author: root; state: Exp; lines: +1 -6 Delete old users: dan, markus (per e-mail from Mario Lipinksi). ---------------------------- revision 1.17 date: 2010/08/30 10:54:55; author: root; state: Exp; lines: +2 -1 Add access for new user ulrich. ---------------------------- revision 1.16 date: 2010/08/18 20:12:02; author: root; state: Exp; lines: +2 -1 Add access to wiki for new user magu. ---------------------------- revision 1.15 date: 2010/07/29 12:29:24; author: root; state: Exp; lines: +2 -1 Add access to issue for new user neo. ---------------------------- revision 1.14 date: 2010/06/14 21:23:48; author: root; state: Exp; lines: +2 -2 Update IP address for stefan (per e-mail request of June 14, 2010). ---------------------------- revision 1.13 date: 2010/02/19 15:22:19; author: root; state: Exp; lines: +1 -2 Bas resigned as infrastructure sysadmin on 18.02.2010. ---------------------------- revision 1.12 date: 2010/01/10 11:56:05; author: root; state: Exp; lines: +1 -2 Delete evaldo's account per request from Daniel Black, e-mail 10.01.2010. Add irc to list of systems to be accessible by Nick Bebout (nb), as above. ---------------------------- revision 1.11 date: 2009/11/03 20:35:23; author: root; state: Exp; lines: +4 -1 Add extra address range for Daniel Black per his e-mail request of 03.11.2009. Note that we have added "only" a /16 instead of the specified /15; time will tell whether this is sufficient. ---------------------------- revision 1.10 date: 2009/09/17 10:45:18; author: root; state: Exp; lines: +2 -2 Update IPv4 address for philipp per e-mail request of 16.09.2009 08:14. ---------------------------- revision 1.9 date: 2009/09/15 15:00:42; author: root; state: Exp; lines: +2 -2 Updated IPv4 address for law per e-mail from Mario Lipinski. ---------------------------- revision 1.8 date: 2009/09/09 11:04:14; author: root; state: Exp; lines: +2 -2 Re-enable access for Bas van den Dikkenberg, per e-mail request and based on arbitration http://wiki.cacert.org/wiki/Arbitrations/a20090804.1 ---------------------------- revision 1.7 date: 2009/08/04 13:27:18; author: root; state: Exp; lines: +3 -1 Add access to lists, email for new user choth. ---------------------------- revision 1.6 date: 2009/08/04 13:14:13; author: root; state: Exp; lines: +2 -2 Disable access in and out for Bas van den Dikkenberg, per e-mail request From: "Bas van den Dikkenberg" To: , "'Hans Verbeek'" Cc: , "Mendel Mobach" , "Mendel Mobach" , "Wytze van der Raay" , Subject: Verzoek tot arbitrage Date: Tue, 4 Aug 2009 12:16:42 +0200 Message-ID: <001301ca14ec$aa37ee30$fea7ca90$@org> ---------------------------- revision 1.5 date: 2009/07/19 18:18:36; author: root; state: Exp; lines: +11 -1 Add entry rules for Bas van den Dikkenberg, Markus Warg, Stefan Freudenberg, Jan Dittberner and Lance Davis. ---------------------------- revision 1.4 date: 2009/07/01 10:10:47; author: root; state: Exp; lines: +2 -1 Add entry fule for Nick Bebout. ---------------------------- revision 1.3 date: 2009/06/16 19:11:12; author: root; state: Exp; lines: +1 -2 Remove obsolete access from address for Bernhard Froehlich. ---------------------------- revision 1.2 date: 2009/06/15 13:43:23; author: root; state: Exp; lines: +5 -1 Add entry rules for Bernhard Froehlich and Evaldo Gardenali. ---------------------------- revision 1.1 date: 2009/06/08 13:05:10; author: root; state: Exp; Initial revision =============================================================================