orber_acl(3erl)

1orber_acl(3)               Erlang Module Definition               orber_acl(3)
2
3
4

NAME

6       orber_acl - Orber ACL operations
7

DESCRIPTION

9       This  module  contains  functions intended for analyzing Access Control
10       List (ACL) filters. The filters uses a  extended  format  of  Classless
11       Inter  Domain  Routing (CIDR). For example, "123.123.123.10" limits the
12       connection to that particular host,  while  "123.123.123.10/17"  allows
13       connections  to or from any host equal to the 17 most significant bits.
14       Orber also allow the user to specify a certain port or port range,  for
15       example,   "123.123.123.10/17#4001"  and  "123.123.123.10/17#4001/5001"
16       respectively. IPv4 or none compressed IPv6 strings are accepted.
17

EXPORTS

19       match(IP, Direction) -> boolean()
20       match(IP, Direction, GetInfo) -> Reply
21
22              Types:
23
24                 IP = tuple() | [integer()]
25                 Direction = tcp_in | ssl_in | tcp_out | ssl_out
26                 GetInfo = boolean()
27                 Reply = boolean() | {boolean(), [Interface], PortInfo}
28                 Interface = string()
29                 PortInfo = integer() | {integer(), integer()}
30
31              If GetInfo is not supplied  or  set  to  false,  this  operation
32              returns  a boolean which tells if the IPv4 or IPv6 address would
33              pass the ACL  filter,  defined  by  the  iiop_acl  configuration
34              parameter,  or  not. When GetInfo is set to true, a tuple which,
35              besides the boolean that  tells  if  access  was  granted,  also
36              include  the  defined  interfaces  and  port(s).  This operation
37              requires that Orber is running and can be used on a live node to
38              determine if Orber has been properly configured.
39
40       verify(IP, Filter, Family) -> Reply
41
42              Types:
43
44                 IP = string()
45                 Filter = string()
46                 Family = inet | inet6
47                 Reply = true | {false, From, To} | {error, string()}
48                 From = string()
49                 To = string()
50
51              This  operation  returns  true if the IPv4 or IPv6 address would
52              pass the supplied ACL. If that is not the case, a tuple contain‐
53              ing  the  accepted range is returned. This operation should only
54              be used for test purposes.
55
56       range(Filter, Family) -> Reply
57
58              Types:
59
60                 Filter = string()
61                 Family = inet | inet6
62                 Reply = {ok, From, To} | {error, string()}
63                 From = string()
64                 To = string()
65
66              Returns the range of accepted IP addresses based on the supplied
67              filter. This operation should only be used for test purposes.
68
69
70
71Ericsson AB                       orber 3.8.4                     orber_acl(3)