Opens outgoing ports for user on all user-accessible web nodes, but
right now that's just one machine.
confLine_in (node, uname, String.concat ["dport ", parsePorts ports, parseHosts "saddr" hosts, " ACCEPT;"])
| ["ProxiedServer", ports] =>
(* should this also allow access on lo? fixme: open output ports on apache node *)
confLine_in (node, uname, String.concat ["dport ", parsePorts ports, parseHosts "saddr" hosts, " ACCEPT;"])
| ["ProxiedServer", ports] =>
(* should this also allow access on lo? fixme: open output ports on apache node *)
- confLine_in (node, uname, String.concat ["saddr $WEBNODES dport ", parsePorts ports, " ACCEPT;"])
+ (confLine_in (node, uname, String.concat ["saddr $WEBNODES dport ", parsePorts ports, " ACCEPT;"]);
+ (* Warning: duplicates code of Client case *)
+ List.map (fn (node, _) => confLine_out (node, uname, String.concat ["dport ", parsePorts ports, Domain.nodeIp node, " ACCEPT;"] ))
+ Config.Apache.webNodes_all; ())
| ["LocalServer", ports] =>
confLine_in (node, uname, String.concat ["saddr 127.0.0.1/8 dport ", parsePorts ports, " ACCEPT;"])
| _ => print "Invalid config line\n";
| ["LocalServer", ports] =>
confLine_in (node, uname, String.concat ["saddr 127.0.0.1/8 dport ", parsePorts ports, " ACCEPT;"])
| _ => print "Invalid config line\n";