1. Technology
You can opt-out at any time. Please refer to our privacy policy for contact information.

Discuss in my forum

Linux Network Administrators Guide

By

23.5.4. Controlling Newsreader Access

Not so many years ago, it was common for organizations to provide public access to their news servers. Today it is difficult to locate public news servers; most organizations carefully control who has access to their servers, typically restricting access to users supported on their network. INN provides configuration files to control this access.

23.5.4.1. The incoming.conf file
23.5.4.2. The nnrp.access file

23.5.4.1. The incoming.conf file

We mentioned in our introduction to INN that it achieves some of its efficiency and size by separating the news feed mechanism from the newsreading mechanism. The /etc/news/incoming.conf file is where you specify which hosts will be feeding you news using the NNTP protocol, as well as where you define some parameters that control the way articles are fed to you from these hosts. Any host not listed in this file that connects to the news socket will not be handled by the innd daemon; instead, it will be handled by the nnrpd daemon.

The /etc/news/incoming.conf file syntax is very simple, but it takes a moment to come to terms with. Three types of valid entries are allowed: key/value pairs, which are how you specify attributes and their values; peers, which is how you specify the name of a host allowed to send articles to us using NNTP; and groups, a means of applying key/value pairs to groups of peers. Key/value pairs can have three different types of scope. Global pairs apply to every peer defined in the file. Group pairs apply to all peers defined within that group. Peer pairs apply only to that one peer. Specific definitions override less specific ones: therefore, peer definitions override group definitions, which in turn override global pairs.

Curly brace characters ({} ) are used to delimit the start and end of the group and peer specifications. The # character marks the rest of the line it appears on as a comment. Key/value pairs are separated by the colon character and appear one to a line.

A number of different keys may be specified. The more common and useful are:

  • hostname
  •    

    This key specifies a comma-separated list of fully qualifed names or IP addresses of the peers that we'll allow to send us articles. If this key is not supplied, the hostname defaults to the label of the peer.


  • streaming
  •    

    This key determines whether streaming commands are allowed from this host. It is a Boolean value that defaults to true .


  • max-connections
  •    

    This key specifies the maximum number of connections allowed from this group or peer. A value of zero means unlimited (which can also be specified using none ).


  • password
  •    

    This key allows you to specify the password that must be used by a peer if it is to be allowed to transfer news. The default is to not require a password.


  • patterns
  •    

    This key specifies the newsgroups that we accept from the associated peer. This field is coded according to precisely the same rules as we used in our newsfeeds file.


In our example we have only one host that we are expecting to feed us news: our upstream news provider at Groucho Marx University. We'll have no password, but we will ensure that we don't accept any articles for our private newsgroup from outside. Our hosts.nntp looks like:


   

 # Virtual Brewery incoming.conf file.
 
 # Global settings
 streaming: true
 max-connections: 5
 
 # Allow NNTP posting from our local host.
 peer ME {
 hostname: "localhost, 127.0.0.1"
 }
 
 # Allow groucho to send us all newsgroup except our local ones.
 peer groucho {
 hostname: news.groucho.edu
 patterns: !rec.crafts.brewing.private
 } 

23.5.4.2. The nnrp.access file

We mentioned earlier that newsreaders, and in fact any host not listed in the hosts.nntp , that connect to the INN news server are handled by the

* License

* Linux Network Administrators Guide Guide Index

  1. About.com
  2. Technology
  3. Linux

©2014 About.com. All rights reserved.