Manualshelf

NIO CommKit Host Interface Installation and System Administration Manual

ManualsBrandsHP ManualsSoftwareHP-UX 11i v1 Networking Software
61626364656667686970
3-28
Control Tables (from AT&T 255-110-127)
srvtab
initial_parameters field is parsed for program argument substitution tokens
(special codes) and is logged to the server table log file as a record of the call
rejection.
For example, the following server table line will trap all requests from the
originating group nj/district/trouble with an access denied rejection code,
regardless of the requested service or requesting user ID, and will log a
record of the rejection in the server log file:
nj/district/trouble * T/V adm - 7:TRAPPED(%u from %f)
The above trapping line uses the wildcard service to match requests for any
service and specifies a fixed user ID mapping of the adm login so the line is
guaranteed to match all calls from all users in the specified originating
group. The program field contains a null program specification since no
program will be invoked. The arguments field specifies that all calls will be
rejected with a rejection code of 7 (access denied; see the header file
/usr/include/dkit/dk_unixp.h for a list of other rejection codes) and the
requesting user ID and originating group (%u and %f) will be logged in the
server log file for future reference.
The call trapping facility may be used to block “restricted” resources from
certain classes of callers as outlined above, or it may be used as a diagnostic
aid to help test applications. The following example could be used to test an
application’s behavior when a required remote resource is busy:
univ/product/cust* appl U *n>100 /app/appl app:%f:%u:%p
univ/develop/test* appl T adm - 1:BUSY BEHAVIOR TEST
In the above example, all requests from production systems for the user
defined appl service are satisfied by invoking the necessary program with
appropriate arguments. All requests from test hosts in the development
organization are rejected with an ALL CHANNELS BUSY rejection code
(rejection code 1) that simulates what would happen if all CommKit Host
Interface channels to the called host were in use.
The trap flag can be a powerful application testing tool, as well as a barrier
to unauthorized host access.