135/netdisco
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

docs fixes for new acl handling

Browse Source
This commit is contained in:
Oliver Gorwits
2017-05-10 20:58:33 +01:00
parent 762ce952d1
commit 156f2abfa7
2 changed files with 21 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
lib/App/Netdisco/Manual/Configuration.pod
View File

@@ -61,7 +61,7 @@ colon character).
Access Control Lists (ACLs) appear in many places in the configuration file, Access Control Lists (ACLs) appear in many places in the configuration file,
used to select or exclude devices or hosts for certain settings. ACLs are a used to select or exclude devices or hosts for certain settings. ACLs are a
YAML list of items, which can contain: single item or YAML list of items, which can contain:
=over 4 =over 4
@@ -632,8 +632,7 @@ configuration.
community: s3kr1t community: s3kr1t
read: false read: false
write: true write: true
only: only: '2001:db8::/32'
- 2001:db8::/32
For SNMPv1 and SNMPv2, only the C<community> key is required. Unlike the For SNMPv1 and SNMPv2, only the C<community> key is required. Unlike the
global C<community>/C<community_rw> setting, this is not a list but a single global C<community>/C<community_rw> setting, this is not a list but a single
@@ -641,7 +640,8 @@ item. To emulate their list behaviour, have multiple entries at the top
C<snmp_auth> level, as in the example below. C<snmp_auth> level, as in the example below.
You can add C<read> and/or C<write> restrictions, and an IP restriction using You can add C<read> and/or C<write> restrictions, and an IP restriction using
C<only>. Giving the stanza a C<tag> name is optional, but recommended. C<only> (see L</"ACCESS CONTROL LISTS">. Giving the stanza a C<tag> name is
optional, but recommended.
For SNMPv3 the C<tag> and C<user> keys are required. You can add C<read> For SNMPv3 the C<tag> and C<user> keys are required. You can add C<read>
and/or C<write> restrictions, and an IP restriction using C<only>. Providing and/or C<write> restrictions, and an IP restriction using C<only>. Providing
@@ -708,7 +708,8 @@ devices. For more fine-grained control see the C<bulkwalk_no> setting.
=head3 C<bulkwalk_no> =head3 C<bulkwalk_no>
Value: List of Network Identifiers or Device Properties. Default: Empty List. Value: Single item or list of Network Identifiers or Device Properties.
Default: Empty List.
IP addresses in the list will use C<GETNEXT> (and not C<BULKWALK>). See IP addresses in the list will use C<GETNEXT> (and not C<BULKWALK>). See
L</"ACCESS CONTROL LISTS"> for what you can use here. L</"ACCESS CONTROL LISTS"> for what you can use here.
@@ -770,7 +771,8 @@ Number of times to retry connecting to a device before giving up.
=head3 C<discover_no> =head3 C<discover_no>
Value: List of Network Identifiers or Device Properties. Default: Empty List. Value: Single item or list of Network Identifiers or Device Properties.
Default: Empty List.
IP addresses in the list will not be visited during device discovery. See IP addresses in the list will not be visited during device discovery. See
L</"ACCESS CONTROL LISTS"> for what you can use here. L</"ACCESS CONTROL LISTS"> for what you can use here.
@@ -778,7 +780,8 @@ L</"ACCESS CONTROL LISTS"> for what you can use here.
=head3 C<discover_only> =head3 C<discover_only>
Value: List of Network Identifiers or Device Properties. Default: Empty List. Value: Single item or list of Network Identifiers or Device Properties.
Default: Empty List.
If present, device discovery will be limited to IP addresses matching entries If present, device discovery will be limited to IP addresses matching entries
in this list. See L</"ACCESS CONTROL LISTS"> for what you can use here. in this list. See L</"ACCESS CONTROL LISTS"> for what you can use here.
@@ -812,7 +815,8 @@ CONTROL LISTS"> for what you can use here.
=head3 C<macsuck_only> =head3 C<macsuck_only>
Value: List of Network Identifiers or Device Properties. Default: Empty List. Value: Single item or list of Network Identifiers or Device Properties.
Default: Empty List.
If present, macsuck will be limited to IP addresses matching entries in this If present, macsuck will be limited to IP addresses matching entries in this
list. See L</"ACCESS CONTROL LISTS"> for what you can use here. list. See L</"ACCESS CONTROL LISTS"> for what you can use here.
@@ -850,7 +854,8 @@ Similar to C<macsuck_no_vlan>, but allows specifying the device root
=head3 C<macsuck_unsupported> =head3 C<macsuck_unsupported>
Value: List of Network Identifiers or Device Properties. Default: Empty List. Value: Single item or list of Network Identifiers or Device Properties.
Default: Empty List.
Similar to C<macsuck_no>, but instead of skipping nodes on this device, they Similar to C<macsuck_no>, but instead of skipping nodes on this device, they
are allowed to gather on the upstream device port. Useful for devices which are allowed to gather on the upstream device port. Useful for devices which
@@ -894,7 +899,8 @@ CONTROL LISTS"> for what you can use here.
=head3 C<arpnip_only> =head3 C<arpnip_only>
Value: List of Network Identifiers or Device Properties. Default: Empty List. Value: Single item or list of Network Identifiers or Device Properties.
Default: Empty List.
If present, arpnip will be limited to IP addresses matching entries in this If present, arpnip will be limited to IP addresses matching entries in this
list. See L</"ACCESS CONTROL LISTS"> for what you can use here. list. See L</"ACCESS CONTROL LISTS"> for what you can use here.
@@ -915,7 +921,7 @@ CONTROL LISTS"> for what you can use here.
=head3 C<nbtstat_only> =head3 C<nbtstat_only>
Value: List of Network Identifiers. Default: Empty List. Value: Single item or list of Network Identifiers. Default: Empty List.
If present, nbtstat will be limited to IP addresses matching entries in this If present, nbtstat will be limited to IP addresses matching entries in this
list. See L</"ACCESS CONTROL LISTS"> for what you can use here. list. See L</"ACCESS CONTROL LISTS"> for what you can use here.
@@ -1006,8 +1012,9 @@ library default of 10.
Similarly, the location of the Hosts file can be overridden in this config, or Similarly, the location of the Hosts file can be overridden in this config, or
using the C<PERL_ANYEVENT_HOSTS> environment variable. using the C<PERL_ANYEVENT_HOSTS> environment variable.
C<no> is a list of IP addresses or CIDR ranges to excluded from DNS C<no> is a single item or list of IP addresses or CIDR ranges to excluded from
resolution. Link local addresses are excluded by default. DNS resolution (see L</"ACCESS CONTROL LISTS">). Link local addresses are
excluded as in the defaults shown above.
=head3 C<store_wireless_clients> =head3 C<store_wireless_clients>

2
lib/App/Netdisco/Util/DNS.pm
View File

@@ -156,7 +156,7 @@ sub hostnames_resolve_async {
=head2 no_resolve( $ip ) =head2 no_resolve( $ip )
Given an IP address, returns true if excluded from DNS resolution by the Given an IP address, returns true if excluded from DNS resolution by the
C<dns_no> configuration directive, otherwise returns false. "C<< dns -> no >>" configuration directive, otherwise returns false.
=cut =cut