1orber_acl(3)               Erlang Module Definition               orber_acl(3)
2
3
4

NAME

6       orber_acl - Orber ACL operations
7

DESCRIPTION

9       This  module  contains  functions intended for analyzing Access Control
10       List (ACL) filters. The filters uses a extended format of Classless In‐
11       ter  Domain  Routing  (CIDR).  For example, "123.123.123.10" limits the
12       connection to that particular host,  while  "123.123.123.10/17"  allows
13       connections  to or from any host equal to the 17 most significant bits.
14       Orber also allow the user to specify a certain port or port range,  for
15       example, "123.123.123.10/17#4001" and "123.123.123.10/17#4001/5001" re‐
16       spectively. IPv4 or none compressed IPv6 strings are accepted.
17

EXPORTS

19       match(IP, Direction) -> boolean()
20       match(IP, Direction, GetInfo) -> Reply
21
22              Types:
23
24                 IP = tuple() | [integer()]
25                 Direction = tcp_in | ssl_in | tcp_out | ssl_out
26                 GetInfo = boolean()
27                 Reply = boolean() | {boolean(), [Interface], PortInfo}
28                 Interface = string()
29                 PortInfo = integer() | {integer(), integer()}
30
31              If GetInfo is not supplied or set to false, this  operation  re‐
32              turns  a  boolean  which tells if the IPv4 or IPv6 address would
33              pass the ACL filter, defined by the iiop_acl  configuration  pa‐
34              rameter, or not. When GetInfo is set to true, a tuple which, be‐
35              sides the boolean that tells if access was granted, also include
36              the defined interfaces and port(s). This operation requires that
37              Orber is running and can be used on a live node to determine  if
38              Orber has been properly configured.
39
40       verify(IP, Filter, Family) -> Reply
41
42              Types:
43
44                 IP = string()
45                 Filter = string()
46                 Family = inet | inet6
47                 Reply = true | {false, From, To} | {error, string()}
48                 From = string()
49                 To = string()
50
51              This  operation  returns  true if the IPv4 or IPv6 address would
52              pass the supplied ACL. If that is not the case, a tuple contain‐
53              ing  the  accepted range is returned. This operation should only
54              be used for test purposes.
55
56       range(Filter, Family) -> Reply
57
58              Types:
59
60                 Filter = string()
61                 Family = inet | inet6
62                 Reply = {ok, From, To} | {error, string()}
63                 From = string()
64                 To = string()
65
66              Returns the range of accepted IP addresses based on the supplied
67              filter. This operation should only be used for test purposes.
68
69
70
71Ericsson AB                       orber 5.0.1                     orber_acl(3)
Impressum