This archive contains answers to questions sent to Unidata support through mid-2025. Note that the archive is no longer being updated. We provide the archive for reference; many of the answers presented here remain technically correct, even if somewhat outdated. For the most up-to-date information on the use of NSF Unidata software and data services, please consult the Software Documentation first.
Hi Art, re: > So... without an assumption that downstream sites request feeds on > separate request lines, I can really only have one allow per requesting > address because potentially only the first entry will be used...? My earlier reply should have been more specific. The first ALLOW line for a particular feed for a specific site will be the one used, not just one allow for a site. > E.g. if some.univ.edu has a request line of: > > request UNIDATA|NIMAGE ".*" ldm.meteo.psu.edu > > and ldm.meteo.psu.edu has two allow lines: > > allow UNIDATA some.univ.edu > allow NIMAGE some.univ.edu > > ...then NIMAGE will be denied because it's not listed in the first allow? No, since the feeds are different, the different ALLOWs are used. The following, however, will result in the first one being used: allow ANY-UNIDATA some.univ.edu allow UNIWISC some.univ.edu UNIDATA (which is WMO|UNIWISC) is explicitly denied by the first ALLOW. Allowing it in a second should not work. > On the other hand, if I understand this correctly, if some.univ.edu had > request lines of: > > request UNIDATA ".*" ldm.meteo.psu.edu > request NIMAGE ".*" ldm.meteo.psu.edu > > Then, both feeds would come through... correct? Correct. > I'm trying to configure my relays so I can ingest the MADIS data without > redistributing it to most downstream sites by using the > OK_pattern/NOT_pattern feature of the ALLOW entries, but I didn't want to > apply these restrictions to feeds other than FSL to avoid potential > restriction conflicts with other data and to avoid the overhead of > checking every header that comes through the ldm for these RE's. I understand. We do much the same thing on the toplevel IDD relays that we maintain -- we ingest everything and only ALLOW feeds of non-restricted data to non-UCAR sites. > Is there any way to do this? Yes. Put the explicit allows before the general/blanket ones. Cheers, Tom -- **************************************************************************** Unidata User Support UCAR Unidata Program (303) 497-8642 P.O. Box 3000 address@hidden Boulder, CO 80307 ---------------------------------------------------------------------------- Unidata HomePage http://www.unidata.ucar.edu **************************************************************************** Ticket Details =================== Ticket ID: NDI-257345 Department: Support IDD Priority: Normal Status: Closed