From: Philipp R. <phi...@li...> - 2007-03-30 17:00:05
|
Am Freitag, 30. M=E4rz 2007 15:30 schrieb Arne Redlich: > Philipp Reisner <phi...@li...> schrieb: > > Here is the patch you asked for (allow_deny2.diff) > > Please send patches inline, it's easier to review. ( I hope that me MUA does not convert TABs to spaces ) Ok, the improved edition: Index: usr/plain.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =2D-- usr/plain.c (revision 113) +++ usr/plain.c (working copy) @@ -327,7 +327,7 @@ return 0; =20 while ((p =3D strsep(&str, ","))) { =2D if (isspace(*p)) + while (isspace(*p)) p++; =20 if (!strcmp(p, "ALL")) @@ -393,7 +393,7 @@ continue; *(p++) =3D '\0'; =20 =2D if (target_find_by_name(buf) !=3D tid) + if (target_find_by_name(buf) !=3D tid && strcmp(buf,"ALL")) continue; =20 err =3D __initiator_match(fd, p); Index: etc/initiators.allow =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =2D-- etc/initiators.allow (revision 113) +++ etc/initiators.allow (working copy) @@ -1,3 +1,7 @@ =2D# Some exmaples +# Some examples #iqn.2001-04.com.example:storage.disk1.sys1.xyz 192.168.22.2, 192.168.3.8 #iqn.2001-04.com.example:storage.disk1.sys4.xyz [3ffe:302:11:1:211:43ff:fe= 31:5ae2], [3ffe:505:2:1::]/64 + +# multiple spaces are allowed as well +#iqn.2001-04.com.example:storage.disk1.sys1.xyz 192.168.22.3 +#iqn.2001-04.com.example:storage.disk1.longername.xyz 192.168.22.4 Index: etc/initiators.deny =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =2D-- etc/initiators.deny (revision 113) +++ etc/initiators.deny (working copy) @@ -1,4 +1,15 @@ =2D# Some exmaples + +# The semantics are: +# * By default everyone can see and connect to all targets. +# =20 +# * Deny for some or everyone access to one or all targets, +# by adding a line to this file. +#=20 +# * Then allow some named initiators access to selected targets, +# by adding lines to initiators.allow + +# Some examples #iqn.2001-04.com.example:storage.disk1.sys1.xyz ALL #iqn.2001-04.com.example:storage.disk1.sys2.xyz 192.168.12.2, 192.168.3.0/= 24, 192.167.1.16/28 #iqn.2001-04.com.example:storage.disk1.sys4.xyz [3ffe:302:11:1:211:43ff:fe= 31:5ae2], [3ffe:505:2:1::]/64 +#ALL ALL > > > BTW, I have also sent an patch to set the SCSI Product ID to > > the last 16 characters of the iscsi name. What is your > > position on this ? > > How about making it user configurable? =46or me having it user configurable is an overkill. But if you mean that you will accept a patch that makes that SCSI Product ID configurable on per target basis, then I will prepare such an patch. =2Dphil =2D-=20 : Dipl-Ing Philipp Reisner Tel +43-1-8178292-50 : : LINBIT Information Technologies GmbH Fax +43-1-8178292-82 : : Vivenotgasse 48, 1120 Vienna, Austria http://www.linbit.com : |