hi,
is it possible to setup the ejabberd server the way,
single user will only be allowed to connect from specific IP addres/range?
I have checked the ACL:
created config:
acl:
... ... ...
test_jid:
user: "foo.bar@example.org"
ip: "127.0.0.1/8"
test_jid_d:
user: "foo.bar@example.org"and then apply in the ACCESS RULES:
access:
... ... ...
test_jid_d:
all: deny
test_jid:
all: allowbut the user "foo.bar@example.org" can still connect from non-localhost IP.
I already checked: https://docs.ejabberd.im/admin/guide/configuration/#acl-definition
is there some way that this can be achieved?
or perhaps some more extensive documentation?
Thanks
Using a recent ejabberd
Using a recent ejabberd version, it is possible to put ACL definitions inside Access definitions, which in practice allows this and may work as you want. Try this:
listen: - port: 5222 module: ejabberd_c2s access: c2s ... access_rules: c2s: - allow: - user: "foo.bar@example.org" - ip: "127.0.0.1/8" - deny: - user: "foo.bar@example.org" - deny: blocked - allow ...Using a recent ejabberd
Using a recent ejabberd version, it is possible to put ACL definitions inside Access definitions, which in practice allows this and may work as you want. Try this:
listen: - port: 5222 module: ejabberd_c2s access: c2s ... access_rules: c2s: - allow: - user: "foo.bar@example.org" - ip: "127.0.0.1/8" - deny: - user: "foo.bar@example.org" - deny: blocked - allow ...@badlop : Thank You very
@badlop :
Thank You very much!
working like a charm, now login attempts to from different IP is blocked,
return code is:
405