1KNET_HANDLE_ENABLE_ACCESS_KLrIoSnToSs(n3e)t ProgrammerK'NsETM_aHnAuNaDlLE_ENABLE_ACCESS_LISTS(3)
2
3
4
6 knet_handle_enable_access_lists - Enable or disable usage of access
7 lists (default: off)
8
9
11 #include <libknet.h>
12
13 int knet_handle_enable_access_lists(
14 knet_handle_t knet_h,
15 unsigned int enabled
16 );
17
19 knet_handle_enable_access_lists
20
21 knet_h - pointer to knet_handle_t
22
23 enable - set to 1 to use access lists, 0 to disable access_lists.
24
25 access lists are bound to links. There are 2 types of links: 1) point
26 to point, where both source and destinations are well known at configu‐
27 ration time. 2) open links, where only the source is known at configu‐
28 ration time.
29
30 knet will automatically generate access lists for point to point links.
31
32 For open links, knet provides 4 API calls to manipulate access lists:
33 knet_link_add_acl(3), knet_link_rm_acl(3), knet_link_insert_acl(3) and
34 knet_link_clear_acl(3). Those API calls will work exclusively on open
35 links as they are of no use on point to point links.
36
37 knet will not enforce any access list unless specifically enabled by
38 knet_handle_enable_access_lists(3).
39
40 From a security / programming perspective we recommend:create the knet
41 handle
42
43 enable access lists
44
45 configure hosts and links
46
47 configure access lists for open links
48
50 knet_handle_enable_access_lists returns 0 on success -1 on error and
51 errno is set.
52
54 knet_handle_remove_datafd(3), knet_handle_get_stats(3),
55 knet_host_add(3), knet_handle_pmtud_setfreq(3),
56 knet_handle_pmtud_get(3), knet_handle_crypto_use_config(3),
57 knet_host_get_id_by_host_name(3), knet_host_get_status(3),
58 knet_link_add_acl(3), knet_link_get_pong_count(3),
59 knet_link_get_priority(3), knet_handle_free(3),
60 knet_handle_enable_sock_notify(3), knet_handle_get_datafd(3),
61 knet_recv(3), knet_link_get_ping_timers(3),
62 knet_log_get_subsystem_id(3), knet_host_remove(3),
63 knet_host_enable_status_change_notify(3), knet_strtoaddr(3),
64 knet_link_rm_acl(3), knet_send(3), knet_handle_enable_pmtud_notify(3),
65 knet_handle_get_transport_reconnect_interval(3),
66 knet_link_get_enable(3), knet_link_set_priority(3),
67 knet_log_set_loglevel(3), knet_handle_get_channel(3),
68 knet_link_get_config(3), knet_link_get_link_list(3),
69 knet_get_transport_list(3), knet_get_transport_id_by_name(3),
70 knet_log_get_loglevel_id(3), knet_handle_new_ex(3),
71 knet_host_set_name(3), knet_addrtostr(3), knet_handle_setfwd(3),
72 knet_get_compress_list(3), knet_host_set_policy(3),
73 knet_get_transport_name_by_id(3), knet_handle_enable_filter(3),
74 knet_handle_crypto_rx_clear_traffic(3), knet_handle_compress(3),
75 knet_link_get_status(3), knet_handle_add_datafd(3), knet_send_sync(3),
76 knet_log_get_loglevel_name(3), knet_host_get_host_list(3),
77 knet_host_get_policy(3), knet_link_set_enable(3),
78 knet_link_set_pong_count(3), knet_log_get_subsystem_name(3),
79 knet_host_get_name_by_host_id(3), knet_link_clear_config(3),
80 knet_log_get_loglevel(3), knet_handle_new(3),
81 knet_handle_pmtud_getfreq(3), knet_handle_pmtud_set(3),
82 knet_handle_clear_stats(3), knet_link_set_config(3),
83 knet_handle_crypto_set_config(3), knet_handle_crypto(3),
84 knet_get_crypto_list(3),
85 knet_handle_set_transport_reconnect_interval(3),
86 knet_link_clear_acl(3), knet_link_set_ping_timers(3),
87 knet_link_insert_acl(3)
88
90 Copyright (C) 2010-2023 Red Hat, Inc. All rights reserved.
91
92
93
94kronosnet 2023-01-04KNET_HANDLE_ENABLE_ACCESS_LISTS(3)