mirror/iopsys-feed
1
0
Fork 0
mirror of https://dev.iopsys.eu/feed/iopsys.git synced 2025-12-10 07:44:50 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
iopsys-feed/mosquitto-auth-plugin
History
Sukru Senli 332a35102d mosquitto-auth-plugin: add per-user subnet-based access control with IPv4/IPv6 support 
- Implement whitelist/blacklist subnet filtering for MQTT users
- Add full IPv4 and IPv6 CIDR subnet matching support
- Check subnet restrictions during authentication (MOSQ_EVT_BASIC_AUTH)
- Reject login immediately if subnet check fails (return MOSQ_ERR_AUTH)
- Parse subnet ACL files via auth_opt_subnet_acl_file option
- Support multiple subnets per user (up to 32 allow + 32 deny rules)
- Support both IPv4 (e.g., 192.168.1.0/24) and IPv6 (e.g., 2001:db8::/32) CIDR notation
- Deny rules take precedence over allow rules for both IP versions
- Localhost (127.0.0.1 and ::1) always allowed
- Backward compatible: users without subnet rules are not affected
- Configuration format: 'subnet allow|deny <username> <cidr>'
- Integrates with existing shadow/PAM authentication and topic ACLs
2025-10-29 09:33:49 +00:00
..
files/etc/uci-defaults rename mosquitto-auth-shadow to mosquitto-auth-plugin 2025-10-29 09:33:49 +00:00
src mosquitto-auth-plugin: add per-user subnet-based access control with IPv4/IPv6 support 2025-10-29 09:33:49 +00:00
Config.in rename mosquitto-auth-shadow to mosquitto-auth-plugin 2025-10-29 09:33:49 +00:00
Makefile mosquitto-auth-plugin: add per-user subnet-based access control with IPv4/IPv6 support 2025-10-29 09:33:49 +00:00