Ban Unless User

[Age]

Hello, I was wondering how I might go about this if it's even possible.

I have setup a "ban" with reverse logic:

\132.*.*.*

So anyone who does not have a 132.x.x.x IP address is banned/blocked from accessing the server.  Is there anyway to override this block if I have a user account?

Basically, I want anyone who has a 132 IP or a user account to be able to access the server, but not the general public.  While there isn't a "Login" feature on the "You are currently banned" page in the default template, even after logging in, without having a 132 IP, I'm still not able to access it.

Thanks for any advice/input?  Thanks.

[bacter]

if you ban a range of ip's, you ban them! no matter who's behind an ip.

With the beta version of hfs and using macros, you can make a welcomepage that shows up if %folder% = /.
In this welcomepage, you set links to login and, if allowed ip, to next folder.

Also at beginning of your template, you set conditions:
if the folder is not /  or no %user% is logged in, then disconnect that request.

[rejetto]

as bacter says.
something like this event handler (ALT+F6)

[request]
{.if
|{.and|{.%folder% != /.}|{.not|%user%.}|{.match address|\132.*|%ip%.}/and.}
|{:{.disconnection reason|i'm sorry.}:}
.}

[Age]

This is great guys, thanks a lot.

Also, do you know how I could go about allowing users to log-in on the Unallowed page?

[rejetto]

ok i applied the fix in my own post

Also, do you know how I could go about allowing users to log-in on the Unallowed page?

put a link like this
<a href="~login">please login</a>

[Age]

put a link like this
<a href="~login">please login</a>

Normally you'd think that would work, except that it would seem that the same rules that are preventing non-users/non-132.x.x.x IPs from having access, also prevents them from accessing the login page.

Is there anyway to prevent all folder access except ~login ?

[rejetto]

use this line (untested)

|{.and|{.%folder% != /.}|{.not|{.match|*/~login|%folder%.}.}|{.not|%user%.}|{.match address|\132.*|%ip%.}/and.}

[Age]

use this line (untested)

|{.and|{.%folder% != /.}|{.not|{.match|*/~login|%folder%.}.}|{.not|%user%.}|{.match address|\132.*|%ip%.}/and.}

Alright, so I've been fiddling around. Using this:

[request]
{.if
|{.and|{.%folder% != /.}|{.not|{.match|*/~login|%folder%.}.}|{.not|%user%.}|{.match address|\132.*|%ip%.}/and.}
|{:{.disconnection reason|i'm sorry <a href="~login">please login</a>.}:}
.}

When I visit the server externally from a 132 IP it lets me in fine, so that's good. Also, when I login at that point, then go to http://localhost (to pretend that I'm not on a 132 IP) I am able to get in fine because I'm logged in already. Great. Perfect, that works.

But when I visit from a non-132 IP while not logged in, I continue to get the Unallowed page, even when going to http://localhost/~login in order to login.

[rejetto]

what's this "unallowed" page?
maybe you set a ban rule.
you should remove it.

[Age]

what's this "unallowed" page?
maybe you set a ban rule.
you should remove it.

Sorry, I don't think I explained that correctly. There aren't any ban rules.
|{:{.disconnection reason|i'm sorry.}:} appears to trigger the [deny] section of the template, which by default says "Unallowed."

Basically,

|{.and|{.%folder% != /.}|{.not|{.match|*/~login|%folder%.}.}|{.not|%user%.}|{.match address|\132.*|%ip%.}/and.}

still doesn't allow users to login if they're not on a 132 IP. I'll keep fiddling and re-read the wiki, thanks for your continued guidance. I'll post findings for people looking at this in the future.

[rejetto]

there's an error indeed:
try this:

|{.and|{.%folder% != /.}|{.match|\*/~login|%url%.}|{.not|%user%.}|{.match address|\132.*|%ip%.}/and.}

[Age]

rejetto you're amazing. Thank you so much.

To summarize:

My goal was to deny access to everyone except for those who a)Have a username and password or b)Are using IP addresses that begin with 132.
The problem was that the login page was being blocked from letting users who did not have a 132.x.x.x IP address from logging in.
The solution (thanks to rejetto) was to use the beta, press ALT-F6 to get into events and then paste this into it:

[request]
{.if
|{.and|{.%folder% != /.}|{.match|\*/~login|%url%.}|{.not|%user%.}|{.match address|\132.*|%ip%.}/and.}
|{:{.disconnection reason|You're either not logged in as a user or not on a 132.x.x.x IP address. <a href="~login">Please Login</a>.}:}
.}

Thanks again rejetto.

[KooolaNL]

i thought i reply here

i have kooola.nl/pic and kooola.nl/crap

i want a use 2 disconnect when he tries  kooola.nl/pic and kooola.nl/crap  without being logged in

what kinda line do i have 2 add where :3

thx in advance

[rejetto]

right click on the folders > properties > permissions > any account

[KooolaNL]

when i do that can ppl olso not see kooola.nl/pic/photo.jpg because i only want ppl to not be able 2 browse the root of /pic/ get what i mean 

i want everyone 2 see kooola.nl/pic/photo.jpg  but i want then to get a error message saying not logged in when they wanne inspect the root of /pic/

plz