[rsbac] Help for NETxxx and CAPABILITIES

Amon Ott rsbac@rsbac.org
Thu Apr 25 10:14:01 2002
Previous message: [rsbac] Help for NETxxx and CAPABILITIES
Next message: [rsbac] Help for NETxxx and CAPABILITIES
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
--------------Boundary-00=_QW64AV3BSFHCIUHR6PM0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 8bit

On Monday, 22. April 2002 10:06, Amon Ott wrote:
> On Friday, 19. April 2002 12:44, Amon Ott wrote:
> > On Friday, 19. April 2002 12:38, ghorvath@minolta.hu wrote:
> > > For remote node I created a Remote-53 Template with number of 104 and
> > > set its Min/Max ports to 53. Perhaps it is wrong? I also tried 0 and
> > > 65535. Its RC Type [NT] are also set to Named_NETOBJ, Named_NETTEMP.
> > >
> > > What did I do wrong?
> > > I feel that something is missing but cannot research what.
> >
> > Let me try again myself, so I can see what happens. I will tell you when
> > I am ready.
>
> Short update: You triggered a bug introduced in late pre: wrong use of
> generic list default value feature returned default 0 instead of fallback
> to templates.

Now that pre8 is out, here comes my sample script for named network control 
with templates and RC model.

- Template 100105 is the predefined 'let system choose' IP address 
0.0.0.0/32, used for forwarding (even, if you do not have a forwarder defined)

- Setting 100105 to named type 3 means that other roles also need access to 
type 3, another commonly used type might be useful here.

- If you need more ports, define additional templates in the same manner

Amon.
--
http://www.rsbac.org

--------------Boundary-00=_QW64AV3BSFHCIUHR6PM0
Content-Type: application/x-shellscript;
  name="named_nettemp.sh"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="named_nettemp.sh"

IyEvYmluL2Jhc2gKIwojIG5hbWVkX25ldHRlbXAuc2gKIwojIFNldHVwIGEgbmV0d29yayB0ZW1w
bGF0ZSBhbmQgUkMgcm9sZSBhbmQgdHlwZSBmb3IgbmFtZWQgbmV0d29ya2luZyBjb250cm9sCiMK
CgpuZXRfdGVtcCBuZXdfdGVtcGxhdGUgMTAwICJOYW1lZCBMb2NhbGhvc3QiCm5ldF90ZW1wIHNl
dF9hZGRyZXNzX2ZhbWlseSAxMDAgSU5FVApuZXRfdGVtcCBzZXRfdHlwZSAxMDAgQU5ZCm5ldF90
ZW1wIHNldF9hZGRyZXNzIDEwMCAxMjcuMC4wLjEKbmV0X3RlbXAgc2V0X3ZhbGlkX2xlbiAxMDAg
MzIKbmV0X3RlbXAgc2V0X3Byb3RvY29sIDEwMCBBTlkKbmV0X3RlbXAgc2V0X25ldGRldiAxMDAg
IiIKbmV0X3RlbXAgc2V0X21pbl9wb3J0IDEwMCA1MwpuZXRfdGVtcCBzZXRfbWF4X3BvcnQgMTAw
IDUzCgpuZXRfdGVtcCBuZXdfdGVtcGxhdGUgMTIwICJOYW1lZCBMb2NhbGFkZHIiCm5ldF90ZW1w
IHNldF9hZGRyZXNzX2ZhbWlseSAxMjAgSU5FVApuZXRfdGVtcCBzZXRfdHlwZSAxMjAgQU5ZCm5l
dF90ZW1wIHNldF9hZGRyZXNzIDEyMCAxOTIuMTY4LjIwMC4yNDAKbmV0X3RlbXAgc2V0X3ZhbGlk
X2xlbiAxMjAgMzIKbmV0X3RlbXAgc2V0X3Byb3RvY29sIDEyMCBBTlkKbmV0X3RlbXAgc2V0X25l
dGRldiAxMjAgIiIKbmV0X3RlbXAgc2V0X21pbl9wb3J0IDEyMCA1MwpuZXRfdGVtcCBzZXRfbWF4
X3BvcnQgMTIwIDUzCgpuZXRfdGVtcCBuZXdfdGVtcGxhdGUgMTAwMCAiTmFtZWQgVW5peCIKbmV0
X3RlbXAgc2V0X2FkZHJlc3NfZmFtaWx5IDEwMDAgVU5JWApuZXRfdGVtcCBzZXRfdHlwZSAxMDAw
IFNUUkVBTQpuZXRfdGVtcCAtdSBzZXRfYWRkcmVzcyAxMDAwICIvdmFyL3J1bi9uZGMiCm5ldF90
ZW1wIHNldF92YWxpZF9sZW4gMTAwMCAxMgpuZXRfdGVtcCBzZXRfcHJvdG9jb2wgMTAwMCBBTlkK
bmV0X3RlbXAgc2V0X25ldGRldiAxMDAwICIiCm5ldF90ZW1wIHNldF9taW5fcG9ydCAxMDAwIDAK
bmV0X3RlbXAgc2V0X21heF9wb3J0IDEwMDAgMAoKcmNfc2V0X2l0ZW0gVFlQRSAzIHR5cGVfbmV0
b2JqX25hbWUgIk5hbWVkIExvY2FsIgoKcmNfc2V0X2l0ZW0gUk9MRSA0IG5hbWUgIk5hbWVkIgpy
Y19zZXRfaXRlbSAtYiBST0xFIDQgdHlwZV9jb21wX2ZkIDAgMDAwMDAwMDAwMDAwMDAwMTExMTEw
MDAwMDAxMTAxMTExMTAxMDExMTExMTExMDExMDEwMApyY19zZXRfaXRlbSAtYiBST0xFIDQgdHlw
ZV9jb21wX2RldiAwIDAwMDAwMDAwMDAwMDAwMDAxMTEwMDAwMDAwMDAwMTExMTEwMDAwMDAwMDAw
MTAwMDAxMDAKcmNfc2V0X2l0ZW0gLWIgUk9MRSA0IHR5cGVfY29tcF9pcGMgMCAwMDAwMDAwMDAw
MDAwMDAwMTEwMDAwMDAwMDAwMDExMTEwMDEwMDAxMTAxMTEwMDExMTEwCnJjX3NldF9pdGVtIC1i
IFJPTEUgNCB0eXBlX2NvbXBfc2NkIDUgMTExMTAwMDAwMDAwMDAwMTAxMTAwMDExMTAwMDEwMDEw
MTExMTAwMTEwMDAwMDAwMDAwMQpyY19zZXRfaXRlbSAtYiBST0xFIDQgdHlwZV9jb21wX3NjZCAx
MiAxMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExMTExCnJj
X3NldF9pdGVtIC1iIFJPTEUgNCB0eXBlX2NvbXBfcHJvY2VzcyAwIDAwMDAwMDAwMDAwMDAwMDAw
MDAwMTEwMDAxMDAwMDAxMDAwMDAwMDAwMDAxMDEwMTEwMDAKcmNfc2V0X2l0ZW0gLWIgUk9MRSA0
IHR5cGVfY29tcF9uZXRkZXYgMCAwMDAwMDAwMDAwMDAwMDEwMDAwMDAwMDAwMDAwMDAwMTAwMTAw
MDAxMDAwMDAwMDAwMDAwCnJjX3NldF9pdGVtIC1iIFJPTEUgNCB0eXBlX2NvbXBfbmV0dGVtcCAw
IDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAwMTAwMDAwMDAwMDAwMDAwMDAwMDAKcmNf
c2V0X2l0ZW0gLWIgUk9MRSA0IHR5cGVfY29tcF9uZXRvYmogMCAwMDAwMDAwMDAxMTExMDAwMDEw
MDAwMDAwMDAwMDAwMDEwMDAwMDAwMDAwMTAwMDAwMDAwCnJjX3NldF9pdGVtIC1iIFJPTEUgNCB0
eXBlX2NvbXBfbmV0b2JqIDMgMDAwMDAwMDAxMTExMTExMDAwMDAwMDAwMDAwMDAwMDAwMDAwMDAw
MDAwMDExMDAwMDAwMApyY19zZXRfaXRlbSBST0xFIDQgZGVmX2ZkX2NyZWF0ZV90eXBlIDQyOTQ5
NjcyOTQKcmNfc2V0X2l0ZW0gUk9MRSA0IGRlZl9wcm9jZXNzX2NyZWF0ZV90eXBlIDQyOTQ5Njcy
OTQKcmNfc2V0X2l0ZW0gUk9MRSA0IGRlZl9wcm9jZXNzX2Nob3duX3R5cGUgNDI5NDk2NzI5MQpy
Y19zZXRfaXRlbSBST0xFIDQgZGVmX3Byb2Nlc3NfZXhlY3V0ZV90eXBlIDQyOTQ5NjcyOTUKcmNf
c2V0X2l0ZW0gUk9MRSA0IGRlZl9pcGNfY3JlYXRlX3R5cGUgMAoKYXR0cl9zZXRfbmV0IE5FVFRF
TVAgcmNfdHlwZSAzIDEwMAphdHRyX3NldF9uZXQgTkVUVEVNUCByY190eXBlIDMgMTIwCmF0dHJf
c2V0X25ldCBORVRURU1QIHJjX3R5cGUgMyAxMDAwCmF0dHJfc2V0X25ldCBORVRURU1QIHJjX3R5
cGUgMyAxMDAxMDUK

--------------Boundary-00=_QW64AV3BSFHCIUHR6PM0--
Previous message: [rsbac] Help for NETxxx and CAPABILITIES
Next message: [rsbac] Help for NETxxx and CAPABILITIES
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]