1KNET_HANDLE_ENABLE_ACCESS_KLrIoSnToSs(n3e)t ProgrammerK'NsETM_aHnAuNaDlLE_ENABLE_ACCESS_LISTS(3)
2
3
4

NAME

6       knet_handle_enable_access_lists  -  Enable  or  disable usage of access
7       lists (default: off)
8
9

SYNOPSIS

11       #include <libknet.h>
12
13       int knet_handle_enable_access_lists(
14           knet_handle_t  knet_h,
15           unsigned int   enabled
16       );
17

DESCRIPTION

19       knet_handle_enable_access_lists
20
21       knet_h - pointer to knet_handle_t
22
23       enable - set to 1 to use access lists, 0 to disable access_lists.
24
25       access lists are bound to links. There are 2 types of links:  1)  point
26       to point, where both source and destinations are well known at configu‐
27       ration time. 2) open links, where only the source is known at  configu‐
28       ration time.
29
30       knet will automatically generate access lists for point to point links.
31
32       For  open  links, knet provides 4 API calls to manipulate access lists:
33       knet_link_add_acl(3), knet_link_rm_acl(3), knet_link_insert_acl(3)  and
34       knet_link_clear_acl(3).  Those  API calls will work exclusively on open
35       links as they are of no use on point to point links.
36
37       knet will not enforce any access list unless  specifically  enabled  by
38       knet_handle_enable_access_lists(3).
39
40       From  a security / programming perspective we recommend:create the knet
41       handle
42
43       enable access lists
44
45       configure hosts and links
46
47       configure access lists for open links
48

RETURN VALUE

50       knet_handle_enable_access_lists returns 0 on success -1  on  error  and
51       errno is set.
52

SEE ALSO

54       knet_handle_remove_datafd(3), knet_handle_get_stats(3),
55       knet_host_add(3), knet_handle_pmtud_setfreq(3),
56       knet_handle_pmtud_get(3), knet_handle_crypto_use_config(3),
57       knet_host_get_id_by_host_name(3), knet_host_get_status(3),
58       knet_link_add_acl(3), knet_link_get_pong_count(3),
59       knet_link_get_priority(3), knet_handle_free(3),
60       knet_handle_enable_sock_notify(3), knet_handle_get_datafd(3),
61       knet_recv(3), knet_link_get_ping_timers(3),
62       knet_log_get_subsystem_id(3), knet_host_remove(3),
63       knet_host_enable_status_change_notify(3), knet_strtoaddr(3),
64       knet_link_rm_acl(3), knet_send(3), knet_handle_enable_pmtud_notify(3),
65       knet_handle_get_transport_reconnect_interval(3),
66       knet_link_get_enable(3), knet_link_set_priority(3),
67       knet_log_set_loglevel(3), knet_handle_get_channel(3),
68       knet_link_get_config(3), knet_link_get_link_list(3),
69       knet_get_transport_list(3), knet_get_transport_id_by_name(3),
70       knet_log_get_loglevel_id(3), knet_handle_new_ex(3),
71       knet_host_set_name(3), knet_addrtostr(3), knet_handle_setfwd(3),
72       knet_get_compress_list(3), knet_host_set_policy(3),
73       knet_get_transport_name_by_id(3), knet_handle_enable_filter(3),
74       knet_handle_crypto_rx_clear_traffic(3), knet_handle_compress(3),
75       knet_link_get_status(3), knet_handle_add_datafd(3), knet_send_sync(3),
76       knet_log_get_loglevel_name(3), knet_host_get_host_list(3),
77       knet_host_get_policy(3), knet_link_set_enable(3),
78       knet_link_set_pong_count(3), knet_log_get_subsystem_name(3),
79       knet_host_get_name_by_host_id(3), knet_link_clear_config(3),
80       knet_log_get_loglevel(3), knet_handle_new(3),
81       knet_handle_pmtud_getfreq(3), knet_handle_pmtud_set(3),
82       knet_handle_clear_stats(3), knet_link_set_config(3),
83       knet_handle_crypto_set_config(3), knet_handle_crypto(3),
84       knet_get_crypto_list(3),
85       knet_handle_set_transport_reconnect_interval(3),
86       knet_link_clear_acl(3), knet_link_set_ping_timers(3),
87       knet_link_insert_acl(3)
88

90       Copyright (C) 2010-2021 Red Hat, Inc. All rights reserved.
91
92
93
94kronosnet                         2021-11-15KNET_HANDLE_ENABLE_ACCESS_LISTS(3)
Impressum