guys-i just uploaded a new snapshot that has the latest darwin metric code (although i think josh durham is still checking to see that it's all proper), better documentation and access control lists.
you can get it from http://matt-massie.com/ganglia/ganglia-2.6.0.200501271322.tar.gzi also added the ability to specify complex access control lists for the incoming data channels.
you can read about the access control lists in the gmond.conf.5 man page. here is the excerpt...
ACCESS CONTROL
The udp_recv_channel and tcp_accept_channel directives can contain
an Access Control List (ACL). This ACL allows you to specify
exactly which hosts gmond process data from.
An example of an acl entry looks like
acl {
default = "deny"
access {
ip = 192.168.0.4
mask = 32
action = "allow"
}
}
This ACL will by default reject all traffic that is not
specifically from host 192.168.0.4 (the mask size for an IPv4
address is 32, the mask size for an IPv6 address is 128 to
represent a single host).
Here is another example
acl {
default = "allow"
access {
ip = 192.168.0.0
mask = 24
action = "deny"
}
access {
ip = ::ff:1.2.3.0
mask = 120
action = "deny"
}
}
This ACL will by default allow all traffic unless it comes from
the two subnets specified with action = "deny".
this configuration option is much more flexible than our old
"trusted_hosts" mechanism. of course later, gmetad will get a facelift
to match gmond's.
i also updated the collection_groups documentation in gmond.conf.5 man page. please keep the feedback coming.yemi, we will not have support for proxy messaging in 2.6.0 although it shouldn't be hard to add in the future (modify the ./lib/protocol.x and
a few function in gmond that store incoming data).
-matt
--
PGP fingerprint 'A7C2 3C2F 8445 AD3C 135E F40B 242A 5984 ACBC 91D3'
They that can give up essential liberty to obtain a little
temporary safety deserve neither liberty nor safety.
--Benjamin Franklin, Historical Review of Pennsylvania, 1759
signature.asc
Description: OpenPGP digital signature
