How
to ... open Hamster for other computers? How
to ... open Hamster for other computers?
Purpose:
Allow or refuse connections to local servers based on the IP-address of connecting clients.
Format:
Plain-text.
Comments starting with "#" or ";"
may be added to enhance readability.
Each definition-line consists of 3 to 4 values separated by commas (","):
1.) Scope
This value describes, which local servers are affected by the setting. For example, a line starting with "NNTP" only affects the local NNTP-Server, but not the POP3-/SMTP-servers.
Keywords:
NNTP: Local NNTP-server
POP3: Local POP3-server
SMTP: Local SMTP-server
MAIL: Local POP3- and SMTP-server
ALL: All local servers
2.) Access
This value describes, if a client can connect to the given local server(s) and which actions are allowed on it.
Keywords:
RW: Allow Read/Write
WO: Allow Write-Only
RO: Allow Read-Only
NA: No Access
The distinction between read- and write-access is only a logical issue. The behaviour is as follows:
Scope Access Effect
NNTP RW/RO Client can read articles.
NNTP RW Client can read and post articles.
POP3 RW/RO Client can fetch mails.
SMTP RW/WO Client can send mails.
(all) (other) Connection is refused.
3.) Range of IP-addresses (low address)
4.) Range of IP-addresses (high address)
Upper bound may be ommitted if it's only a setting for a single address.
Special setting for local IP-addresses:
The special keyword "LOCAL" in field 3 tells Hamster,
that all IP-addresses of the local computer should be treated like the address
given in the 4th parameter. This setting is especially useful, if
local addresses are assigned dynamically, e.g. address assigned by a DHCP-server
or assigned by your provider on dial-up.
Fields 1 and 2 have no meaning in this case, but they have to be syntactically correct.
Example:
# all local IP-addresses should be treated as 127.0.0.1: ALL, NA, LOCAL, 127.0.0.1
Implementation notes:
(*) The definition-list is only loaded once when starting Hamster, so you have to restart Hamster after editing the file.
(*) As Hamster is intended to be used "at home", the default-setting is to allow full access on all local servers for adresses 127.0.0.1 and 192.168.0.0-192.168.255.255. Furthermore, all local IP-addresses are treated like "127.0.0.1".
To change this behaviour, you have to create a file named "IPAccess.hst"
in Hamster's root-directory and add at least one valid definition-line.
(*) The definition-list is tested from top to down and the first matching definition-line is used. If no definition-line matches, connection is refused.
Example:
# treat all local IP-addresses like 127.0.0.1: ALL, NA, LOCAL, 127.0.0.1 # full access on all services for localhost: ALL, RW, 127.0.0.1 # full access on all services for LAN-stations: ALL, RW, 192.168.0.0, 192.168.255.255 # full access on all services for specific addresses: ALL, RW, 11.22.33.44 # John Doe ALL, RW, 44.33.22.11 # Jane Doe # readonly-access on news for all other addresses: NNTP, RO, 0.0.0.0, 255.255.255.255 # no access for all other addresses and services: ALL, NA, 0.0.0.0, 255.255.255.255