1# This is a comment, I love comments. 2# 3# BNF: 4# File 5# '<' <dbase> <NAME> '>' block '</' <dbase> '>' 6# NAME 7# ::= \w+ 8# Block 9# <order> [by] <deny|allow>,<allow,deny> 10# <allow|deny> [operation] <ops> [from] <spec> 11# ops 12# none | rdonly | rdwr | all 13# spec 14# IP [ [>netmask>] <mask> | '/' <len> ] 15# FQHN [ [<netmask>] <mask> | '/' <len> ] 16# 'all' 17# mask 18# IP | FQHN 19# IP 20# dotted quad 21# FQHN 22# anything DNS 23# len 24# 0 .. 32 25# 26 27 28# test blank lines 29 30 31 32# test record 33# 34<dbase foo> 35 # Order allow,deny or deny,allow 36 order deny,allow 37 # operation levels 38 # none nothng allowed 39 # rdonly just read allowed 40 # rdwr read and write allowed 41 # all read, write and create allowed. 42 # 43 # 44 deny all from all 45 allow rdonly from all 46 allow operation rdwr from 127.0.0.1 47 allow all from 10.0.1.2/8 48 allow none from 10.0.1.2/1 49 allow rdonly from 10.0.1.2/27 50</dbase> 51 52# Base line which gets ALWAYS applied 53# 54<dbase _> 55 order allow,deny 56 deny all from all 57</dbase> 58 59<dbase bar> 60 order allow,deny 61 allow all from all 62 deny rdwr from 1.2.3.4/16 63</dbase> 64 65<dbase tango> 66 deny all from all 67</dbase> 68 69<dbase tango2*> 70 allow all from all 71</dbase> 72 73# Fall through which ONLY gets applied if there 74# are no specific dbase+IP rule was defined. 75# 76<dbase *> 77 order deny,allow 78 allow rdonly from all 79</dbase> 80 81<dbase caffee> 82 order allow,deny 83 allow rdonly from all 84 allow rdwr from 9.8.7.6 85 allow all from 4.5.6.7/24 86 #deny all from www.news.com 87 allow drop from 127.0.0.1 88</dbase> 89 90