Thanks Matt. The apr docs helped clear that up. Yes, the interface needs improving. In 2.5.x, you can specify a random list of trusted hosts. Right now it looks like I can only specify one ip/mask per port.
---- Yemi > -----Original Message----- > From: Matt Massie [mailto:[EMAIL PROTECTED] > Sent: Tuesday, January 25, 2005 4:58 AM > To: Adesanya, Adeyemi > Cc: Ganglia Developers > Subject: Re: [Ganglia-developers] feature complete 2.6.0. snapshot > > this is a feature that i'm willing to perfect a little better > with some feedback. > > currently, there are two attributes "allow_ip" and "allow_mask". > > if take a look at > http://apr.apache.org/docs/apr/group__apr__network__io.html#ga35 > > you will see two functions apr_ipsubnet_create() and > apr_ipsubnet_test(). > > here is a page on CIDR > http://public.pacbell.net/dedicated/cidr.html > > i don't like the current ACL as i have them. there should be > a way to choose "allow deny" or "deny allow" order. there > should be a way to specify multiple allow and deny domains. > it's pretty weak as it is. > > ideas? solutions? > > maybe have > > acl_order = "allow deny" /* or "deny allow" or "deny" or "allow" */ > > and then only > > allow = <array of CIDR notation domains> deny = <array of > CIDR notation domains> > > i don't know how complex we want to make this. > > -matt > > > Adesanya, Adeyemi wrote: > > Hi. > > > > No trouble with building/installing on Solaris this time. > I've started looking at gmond and getting familiar with the > new configuration format. Can you please provide examples of > how to use 'allow_ip' and 'allow_mask' to restrict what hosts > can send data and request data from gmond? > > I'm having trouble with this at the moment. Does it > currently function? > > > > ---- > > Yemi > > > > > >>-----Original Message----- > >>From: [EMAIL PROTECTED] > >>[mailto:[EMAIL PROTECTED] On > Behalf Of > >>Matt Massie > >>Sent: Monday, January 24, 2005 11:31 AM > >>To: Ganglia Developers > >>Subject: [Ganglia-developers] feature complete 2.6.0. snapshot > >> > >>guys- > >> > >>i've just finished up a first crack at a feature-complete > 2.6.0. you > >>can upload it from > >> > >>http://matt-massie.com/ganglia/ganglia-2.6.0.200501241924.tar.gz > >> > >>this snapshot includes code for cleaning up old hosts and > old gmetric > >>messages. the host_dmax value for gmond is set in the > globals section > >>of the configuration file. > >> > >>globals { > >> host_dmax = 3600 /* if a host hasn't been heard from in an hour, > >> delete it */ > >>} > >> > >>the gmetric message dmax values are part of the gmetric > message (being > >>set on the commandline by gmetric). > >> > >>as far as i'm concerned this is a feature-complete snapshot. > >>i will add not more features unless paid 1 billion dollars. > >> > >>i will focus over the next week on testing the heck out of it and > >>stomping out any obvious bugs (federico just dropped one > into bugzilla > >>about gmetad). > >> > >>i want 2.6.0 out the door as soon as possible. please drop any bug > >>reports into bugzilla.ganglia.info. send praise and scorn to the > >>developers list. > >> > >>looking forward to hearing your experiences -matt > >> > >> > >> > >> > >>-- > >>PGP fingerprint 'A7C2 3C2F 8445 AD3C 135E F40B 242A 5984 ACBC 91D3' > >> > >> They that can give up essential liberty to obtain a little > >> temporary safety deserve neither liberty nor safety. > >> --Benjamin Franklin, Historical Review of Pennsylvania, 1759 > >> > > -- > PGP fingerprint 'A7C2 3C2F 8445 AD3C 135E F40B 242A 5984 ACBC 91D3' > > They that can give up essential liberty to obtain a little > temporary safety deserve neither liberty nor safety. > --Benjamin Franklin, Historical Review of Pennsylvania, 1759 >