On Thu, Nov 04, 2004 at 12:58:05PM +0100, Jan-Oliver Wagner wrote:
> So far my idea is to make the GUI for entering rules safe
> against wrong syntax (and explain the oppotunties at the same time).
> But I need the syntax specification for that.
I just checked in a comprehensive rework of the handling
of the clientside user access rules.
What I did is:
1. activate sending server side access rules for nessusd.
2. activate reading server side accress rules for nessus.
3. Extended the GUI to display the serverside user
access rules (readonly of course).
4. Rework the GUI for entering client side user access
rules a bit more user friendly. There is still room
for further syntax and logical checking for even
better preventing invalid entries.
5. Store client side user access rules locally. Before,
they were lost once closing the GUI.
I tested the whole stuff and it works (for me) :-)
Though I identied a (now known) bug: When removing a rule,
you need to restart nessus to have this considered.
Will look into this asap.
There is one thing left I'd like to have but it would
require a extension of the protocol:
Currently the server side server rules are not retrievable
via the protocol. So the user has no full transarency
about all rules yet. To make him aware of the fact
that there might be further rules I added a corresponding
line in the rules GUI.
So at some point a "SERVERRULES" extension of the protocol
would be nice.
I hope you like the rework. Please let me know what
you think.
Best
Jan
--
Jan-Oliver Wagner http://intevation.de/~jan/
Intevation GmbH http://intevation.de/
FreeGIS http://freegis.org/
> So far my idea is to make the GUI for entering rules safe
> against wrong syntax (and explain the oppotunties at the same time).
> But I need the syntax specification for that.
I just checked in a comprehensive rework of the handling
of the clientside user access rules.
What I did is:
1. activate sending server side access rules for nessusd.
2. activate reading server side accress rules for nessus.
3. Extended the GUI to display the serverside user
access rules (readonly of course).
4. Rework the GUI for entering client side user access
rules a bit more user friendly. There is still room
for further syntax and logical checking for even
better preventing invalid entries.
5. Store client side user access rules locally. Before,
they were lost once closing the GUI.
I tested the whole stuff and it works (for me) :-)
Though I identied a (now known) bug: When removing a rule,
you need to restart nessus to have this considered.
Will look into this asap.
There is one thing left I'd like to have but it would
require a extension of the protocol:
Currently the server side server rules are not retrievable
via the protocol. So the user has no full transarency
about all rules yet. To make him aware of the fact
that there might be further rules I added a corresponding
line in the rules GUI.
So at some point a "SERVERRULES" extension of the protocol
would be nice.
I hope you like the rework. Please let me know what
you think.
Best
Jan
--
Jan-Oliver Wagner http://intevation.de/~jan/
Intevation GmbH http://intevation.de/
FreeGIS http://freegis.org/