From eaef65f68eb42a6ad656525f156b3c82cd834e94 Mon Sep 17 00:00:00 2001 From: Bruce Momjian Date: Wed, 25 Jun 2003 01:20:50 +0000 Subject: [PATCH] Documentation about using CIDR addresses in pg_hba.conf. Andrew Dunstan --- doc/src/sgml/client-auth.sgml | 36 ++++++++++++++++++++++++++++++++--- 1 file changed, 33 insertions(+), 3 deletions(-) diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml index 77083be25c..cad51caca9 100644 --- a/doc/src/sgml/client-auth.sgml +++ b/doc/src/sgml/client-auth.sgml @@ -1,5 +1,5 @@ @@ -83,11 +83,13 @@ $Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.51 2003/06/25 01:14:05 - A record may have one of the three formats + A record may have one of the five formats local database user authentication-method authentication-option host database user IP-address IP-mask authentication-method authentication-option hostssl database user IP-address IP-mask authentication-method authentication-option +host database user IP-address/CIDR-mask authentication-method authentication-option +hostssl database user IP-address/CIDR-mask authentication-method authentication-option The meaning of the fields is as follows: @@ -176,7 +178,7 @@ hostssl database user < IP-mask - These two fields contain IP address/mask values in standard + These two fields contain IP address and mask values in standard dotted decimal notation. (IP addresses can only be specified numerically, not as domain or host names.) Taken together they specify the client machine IP addresses that this record @@ -200,6 +202,34 @@ hostssl database user < + + CIDR-mask + + + This is an integer specifying the number of significant bits + to set in the mask, and is an alternative to using the + IP-mask notation. The number must + be between 0 and 32 (in the case of an IPv4 address) or 128 + (in the case of an IPv6 address) inclusive. 0 will match any + address, while 32/128 will match only the exact host specified. + The same matching logic is used as for a dotted notation + IP-Mask. + + + + There must be no white space between the IP-address + and the / or the / and the + CIDR-mask, or the file will not be parsed + correctly. + + + + This field only applies to host and + hostssl records. + + + + authentication-method