On 12/21/12 11:13 PM, Olle E. Johansson wrote:
21 dec 2012 kl. 21:46 skrev Daniel-Constantin Mierla
<miconda(a)gmail.com>om>:
Hello,
any developer with some spare time to add rpc commands to modules_k/permissions module?
They should be the equivalent of existing mi commands. That should render
modules_s/permissions obsolete.
These are the commands for modules_s/permissions
• ipmatch.reload - Reloads the cached ipmatch table. The original table remains active
in case of any failure.
• ipset.clean(ipset_name) - Clear all entries in "pending" ipset.
• ipset.add(ipset_name, ip, netmask) - Add ip and mask into ipset. IPv6 should should be
enclosed in brackets. Netmask may be identified as number or in IP form. Note that number
requires leading slash, e.g. "/24" or "255.255.255.0".
• ipset.commit(ipset_name) - Makes pending ip set usable by ip_is_trusted. Pending ip
set is cleared.
• ipset.list() - List declared ip sets.
• ipset.print(ipset_name, pending) - Dump ipset trees. If pending non zero then pending
ipset is dumped.
They do not really match the set of mi commands in modules_k/permissions - the modules
seems a bit different.
5.1. address_reload
5.2. address_dump
5.3. subnet_dump
5.4. trusted_reload
5.5. trusted_dump
5.6. allow_uri . test a URI
I have started implementing these commands as RPC like you wrote.
The module_s rpc commands seems to be based on the thinking with the config framework,
where you change a set and then commit.
A big difference, apart from the different way of thinking, is that modules_s allow
changes to the set over RPC - cleaning a group and
adding to a group. In modules_k this would lead to a difference between in-memory data
and database, that would disappear at restart/reload.
In modules_k that would require a database operation (or text file) and then a reload.
Just so everyone is clear on this - we will loose some functionality over RPC but the
general function is still around.
yes, I spotted that - the internals are different,
but functionality
stays. It is not much that can be done, similar things happened in other
places, for example pdt.
The rpc commands have to be the equivalent of the existing mi commands.
Have a great weekend!
Thanks, you too!
Daniel
--
Daniel-Constantin Mierla -
http://www.asipto.com
http://twitter.com/#!/miconda -
http://www.linkedin.com/in/miconda