4.21.2. Proxy behavior

RshProxy is a module built for parsing messages of the RSH protocol. It reads and parses the COMMANDs on the client side, and sends them to the server if the local security policy permits. The COMMANDs can be manipulated by calling the rshRequest function.

Since the RSH protocol uses ports from the privileged port range (TCP 513-1023), the forge_port parameter of the router used must be enabled when configuring the service for the proxy.

Example 4.42. Strict Rsh proxy denying root user access and logging the issued Rsh commands

RshProxy calls the rshRequest function if defined.

class StrictRshProxy(RshProxy):
        def config(self):
                RshProxy.config(self)
                self.timeout = 300000

        def rshRequest(self, client_user, server_user, cmd):
                if (self.server_user == 'root'):
                        return RSH_REQ_DENY
                log(None, CORE_DEBUG, 3, "Rsh command; '%s'" % (cmd))
                return RSH_REQ_ACCEPT

The following actions are available for rsh requests:

ActionDescription
RSH_REQ_ACCEPT Allow the request to pass.
RSH_REQ_DENY
RSH_REQ_REJECT Block the request and report it to the client.
RSH_REQ_ABORT Terminate the connection.
RSH_REQ_DROP Block the request without further action.

Table 4.62.  Action codes for RSH requests