tools/dnc: add authorized services on server side
The client requests to open a socket on ip:port on the server side via
the channel name. On connexion request, the server checks if
the ip:port requested is authorized.
Also add a new option in config files to configure allow-list.
Change-Id: I85253fce83874e3c1b83e545d9e4139e04a09972
diff --git a/extras/packaging/gnu-linux/debian/postinst b/extras/packaging/gnu-linux/debian/postinst
index 33a7e8e..39ad146 100644
--- a/extras/packaging/gnu-linux/debian/postinst
+++ b/extras/packaging/gnu-linux/debian/postinst
@@ -68,6 +68,15 @@
echo "# When anonymous is set to false, the server allows only connection which are issued by the same CA as the server"
echo "anonymous: false"
echo ""
+ echo "# List of authorized services"
+ echo "# Each service is defined by an IP and a port"
+ echo "authorized_services:"
+ echo " - ip: \"127.0.0.1\""
+ echo " port: 22"
+ echo " # - ip: \"127.0.0.1\""
+ echo " # port: 80"
+ echo " # - ip: \"127.0.0.1\""
+ echo " # port: 443"
echo ""
} > /etc/dhtnet/dnc.yaml
fi