Keyboard Shortcuts
ctrl + shift + ? :
Show all keyboard shortcuts
ctrl + g :
Navigate to a group
ctrl + shift + f :
Find
ctrl + / :
Quick actions
esc to dismiss
Likes
Search
PERMITTEDAPPLS not functioning in config files....
|
I seem to be running into an error where all the applications are listed on a port (in this case specifically the port assigned to HF) instead of only the permitted applications. Is there an additional item I need to add? to BPQ confi outside of the ports or other actions I need to take to make this function. In my port config for the HF port I have apps 2 and 3 listed (Chat and BBS), but the RMS and WEB are listed and available when I user connects to the node. For reference I am running under Linux Bullseye on a RaspPi, and running version 6.0.23.60
Greg - N3BYR |
开云体育PERMITTEDAPPLS only affects incoming connects on ax.25 ports. It doesn't affect the list of applications that is displayed by the Node ? command73, John On 03/05/2023 22:52, Bruce Colburn via
groups.io wrote:
I seem to be running into an error where all the applications are listed on a port (in this case specifically the port assigned to HF) instead of only the permitted applications. Is there an additional item I need to add? to BPQ confi outside of the ports or other actions I need to take to make this function. In my port config for the HF port I have apps 2 and 3 listed (Chat and BBS), but the RMS and WEB are listed and available when I user connects to the node. For reference I am running under Linux Bullseye on a RaspPi, and running version 6.0.23.60 |
|
Good Morning John,
???? I think I may be a bit confused on your response, the only mode I have on HF is AX.25 300bps by way of Direwolf (via TCP) on another machine that handles the HF radio so I assume that is not considered a true "AX.25 port", but instead considered a TCP/IP port? Any chance that there is another way to limit that connection port for applications, or any plans of a new feature to add that ability? Port info below for reference, thanks. Greg - N3BYR PORT ?? ?PORTNUM=3 ?? ?ID=14.105 300 HF-PACKET ?? ?TYPE=ASYNC ?? ?PROTOCOL=KISS ?? ?KISSOPTIONS=NOPARAMS ?? ?PERMITTEDAPPLS=2,3 ?? ?FRACK=8000 ?? ?RESPTIME=3000 ?? ?RETRIES=5 ?? ?MAXFRAME=2 ?? ?PACLEN=32 ?? ?TXDELAY=400 ?? ?SLOTTIME=100 ?? ?PERSIST=64 ?? ?IPADDR=10.X.X.X ?? ?TCPPORT=8001 ENDPORT |
|
I am interested in this too.? If I understand what you are saying John...
I have a DXCluster app available on my node (command is DXC), Its SSID is WE1H-5 its alias is MMKDXC.? It is defined as APPLICATION 3.? If I have PERMITTEDAPPLS=1,2 in my port config, that prevents users from connecting to either MMKDXC or WE1H-5 directly on that port, but, if they connect to WE1H-7 (my node itself), and run DXC at the prompt, they will connect to the cluster.? Is that correct?? There is no way to prevent a user from actually running an application command from the node menu?? Even if there is a custom CTEXT without the command, if they know it exists they can use it? Is that correct or am I confused. -- 73, - Matt, WE1H we1h AT arrl.net http://www.we1h.com |
开云体育KISS over TCP is treated by the Node the same as Serial KISS, so PERMITTEDCALLS should be applied.73, John On 04/05/2023 11:42, Bruce Colburn via
groups.io wrote:
Good Morning John, |
开云体育Correct.PERMITTEDAPPLS , despite its name,? was designed to meet the UK licencing conditions, which can limit the use of certain calls to certain frequencies. It isn't intended to to prevent connecting to applications from the node. 73, John On 04/05/2023 23:20, Matt Atwood, WE1H
wrote:
I am interested in this too.? If I understand what you are saying John... |
开云体育PERMITTEDCALLS? Did you mean PERMITTEDAPPLS as in the subject of this thread? If APPLS then see Specifically: PERMITTEDAPPLS=APPLS 73 de Rich WA3WLH
|
开云体育Sorry it is a typo. Should be PERMITTEDAPPLS.On 05/05/2023 14:39, Bruce Colburn via
groups.io wrote:
John I do not see anything on your pages that covers PERMITTEDCALLS or its functionality. Can you post a link please or clarify? |
|
Unfortunately on the port identified below, PERMITTEDAPPLS is not working - Whether they attempt to attach to the SSID for the APPLS or via the node, it seems they still have access to the application in question. I had a new young ham this past week grab the WEB application and the RMS application that are not listed as permitted on the Packet 300 HF port. Though I did have a short talk with him over email to let him know those both eat up the HF band, and he now understands why that creates an issue, I cannot lock out those two items on just that port it seems. I do need those available to the VHF side locally. This was also tested both ways on two nodes, mine and WE1H who has a DXC(luster) that he wants unavailable to HF Packet.
Greg - N3BYR |
开云体育If someone can connect directly to application not in PERMITTEDAPPLS on an ax.25 port then that needs investigating. But users can connect to the node then use any application.73, John On 07/05/2023 17:14, Bruce Colburn via
groups.io wrote:
Unfortunately on the port identified below, PERMITTEDAPPLS is not working - Whether they attempt to attach to the SSID for the APPLS or via the node, it seems they still have access to the application in question. I had a new young ham this past week grab the WEB application and the RMS application that are not listed as permitted on the Packet 300 HF port. Though I did have a short talk with him over email to let him know those both eat up the HF band, and he now understands why that creates an issue, I cannot lock out those two items on just that port it seems. I do need those available to the VHF side locally. This was also tested both ways on two nodes, mine and WE1H who has a DXC(luster) that he wants unavailable to HF Packet. |
to navigate to use esc to dismiss