Is your feature request related to a problem? Please describe.

Currently the choices for controlling the access to the backend are either:

• Only IP addresses on a subnet which is local to the backend (i.e. the backend has an interface on that subnet)
• Everyone (the AllowConnFromAll setting).

I have a setup with two subnets, the wired subnet where my combined mythtv backend/frontend lives and a wifi subnet where my sheildtv (running leanfront) lives.

Describe the solution you'd like

I'd like to be able to specify a list of subnets and/or host which are allowed to talk to the backend. I'd then either list the wifi subnet there or even better list exactly the shield's IP.

I've implemented this in #335.

Describe alternatives you've considered

• Currently I have added an extra alias interface on the backend system so that it also appears on the wifi subnet. I'd rather keep the backend config simpler and avoid this
• tcpd (/etc/hosts.{deny,allow}) support.