RshProxy is a module built for parsing messages of the RSH protocol. It reads and parses the COMMANDs on the client side, and sends them to the server if the local security policy permits. The COMMANDs can be manipulated by calling the rshRequest function.
Since the RSH protocol uses ports from the privileged port range (TCP 513-1023), the forge_port
parameter of the router used must be enabled when configuring the service for the proxy.
Example 4.42. Strict Rsh proxy denying root user access and logging the issued Rsh commands |
---|
RshProxy calls the rshRequest function if defined. class StrictRshProxy(RshProxy): def config(self): RshProxy.config(self) self.timeout = 300000 def rshRequest(self, client_user, server_user, cmd): if (self.server_user == 'root'): return RSH_REQ_DENY log(None, CORE_DEBUG, 3, "Rsh command; '%s'" % (cmd)) return RSH_REQ_ACCEPT |
The following actions are available for rsh requests:
Published on June 04, 2020
© 2007-2019 BalaSys
Send your comments to support@balasys.hu