diff --git a/usermin/change_access.cgi b/usermin/change_access.cgi
index 87fec9047..9cbd90269 100755
--- a/usermin/change_access.cgi
+++ b/usermin/change_access.cgi
@@ -15,6 +15,8 @@ delete($miniserv{"allow"});
delete($miniserv{"deny"});
if ($in{"access"} == 1) { $miniserv{"allow"} = join(' ', @hosts); }
elsif ($in{"access"} == 2) { $miniserv{"deny"} = join(' ', @hosts); }
+$miniserv{"known_ips"} = $miniserv{"allow"} || $miniserv{"deny"} ||
+ (!$in{'noknown'} ? $miniserv{"known_ips"} : "");
$miniserv{'libwrap'} = $in{'libwrap'};
$miniserv{'alwaysresolve'} = $in{'alwaysresolve'};
&put_usermin_miniserv_config(\%miniserv);
diff --git a/usermin/edit_access.cgi b/usermin/edit_access.cgi
index 58023124d..9cca8f425 100755
--- a/usermin/edit_access.cgi
+++ b/usermin/edit_access.cgi
@@ -20,8 +20,11 @@ print &ui_table_row($text{'access_ip'},
[ 2, $text{'access_deny'} ] ])."
\n".
&ui_textarea("ip",
$access == 1 ? join("\n", split(/\s+/, $miniserv{"allow"})) :
- $access == 2 ? join("\n", split(/\s+/, $miniserv{"deny"})) : "",
- 6, 30));
+ $access == 2 ? join("\n", split(/\s+/, $miniserv{"deny"})) :
+ $miniserv{"known_ips"} ? join("\n", split(/\s+/, $miniserv{"known_ips"})) :
+ "", 6, 30).
+ ($miniserv{"known_ips"} ?
+ "
\n".&ui_checkbox("noknown", 1, $text{'access_known'}, 0) : ""));
print &ui_table_row($text{'access_always'},
&ui_yesno_radio("alwaysresolve", int($miniserv{'alwaysresolve'})));
diff --git a/webmin/change_access.cgi b/webmin/change_access.cgi
index 74a49e438..54887a3c3 100755
--- a/webmin/change_access.cgi
+++ b/webmin/change_access.cgi
@@ -36,6 +36,8 @@ delete($miniserv{"allow"});
delete($miniserv{"deny"});
if ($in{"access"} == 1) { $miniserv{"allow"} = join(' ', @hosts); }
elsif ($in{"access"} == 2) { $miniserv{"deny"} = join(' ', @hosts); }
+$miniserv{"known_ips"} = $miniserv{"allow"} || $miniserv{"deny"} ||
+ (!$in{'noknown'} ? $miniserv{"known_ips"} : "");
$miniserv{'libwrap'} = $in{'libwrap'};
$miniserv{'alwaysresolve'} = $in{'alwaysresolve'};
if ($in{'trust'} == 2) {
diff --git a/webmin/edit_access.cgi b/webmin/edit_access.cgi
index dd8290968..a5700532c 100755
--- a/webmin/edit_access.cgi
+++ b/webmin/edit_access.cgi
@@ -14,6 +14,9 @@ print &ui_table_start($text{'access_header'}, undef, 2, [ "width=30%" ]);
$access = $miniserv{"allow"} ? 1 : $miniserv{"deny"} ? 2 : 0;
@list = $access == 1 ? split(/\s+/, $miniserv{"allow"}) :
$access == 2 ? split(/\s+/, $miniserv{"deny"}) : ( );
+if (!@list && $miniserv{"known_ips"}) {
+ @list = split(/\s+/, $miniserv{"known_ips"});
+ }
$idx = &indexof("LOCAL", @list);
splice(@list, $idx, 1) if ($idx >= 0);
print &ui_table_row($text{'access_ip'},
@@ -22,7 +25,9 @@ print &ui_table_row($text{'access_ip'},
[ 1, $text{'access_allow'} ],
[ 2, $text{'access_deny'} ] ])."
\n".
&ui_textarea("ip", join("\n", @list), 6, 30)."
\n".
- &ui_checkbox("local", 1, $text{'access_local'}, $idx >= 0));
+ &ui_checkbox("local", 1, $text{'access_local'}, $idx >= 0).
+ ($miniserv{"known_ips"} ?
+ &ui_checkbox("noknown", 1, $text{'access_known'}, 0) : ""));
print &ui_table_row($text{'access_always'},
&ui_yesno_radio("alwaysresolve", int($miniserv{'alwaysresolve'})));
diff --git a/webmin/lang/en b/webmin/lang/en
index b62fa285f..2b958c795 100644
--- a/webmin/lang/en
+++ b/webmin/lang/en
@@ -14,6 +14,7 @@ access_title=IP Access Control
access_desc=Webmin can be configured to deny or allow access only from certain IP addresses using this form. Hostnames (like foo.bar.com) and IP networks (like 10.254.3.0 or 10.254.1.0/255.255.255.128 or 10.254.1.0/25 or 10.254.1.5-10.254.97.127 or 2001:DB8::A0BC:0001 or 2001:DB8::/32) can also be entered. You should limit access to Webmin to trusted addresses, especially if it is accessible from the Internet. Otherwise, anyone who guesses your password will have complete control of your system.
access_ip=Allowed IP addresses
access_local=Include local network in list
+access_known=Clear list of known IPs
access_header=Access control options
access_all=Allow from all addresses
access_allow=Only allow from listed addresses