| Index | Recent Threads | Unanswered Threads | Who's Active | Guidelines | Search |
 |
World Community Grid Forums
Category: Support
Forum: BOINC Agent Support
Thread: Any alternative to "one per line" in remote_hosts.cfg |
| No member browsing this thread |
|
Thread Status: Active Total posts in this thread: 7
|
|
| Author |
|
|
Thargor
Veteran Cruncher UK Joined: Feb 3, 2012 Post Count: 1291 Status: Offline Project Badges: 
|
Hi all,
----------------------------------------Had a quick search back through topics and the WIKI, but couldn't find anything specific to answer this question, so thought I'd ask here......apologies if this has already been posted before. Without going into great detail, my network setup in work has changed. Briefly, I'm now on a private NAT'd address (10.x.x.x) on my team's own little bit of the overall network. To get to one of my BOINC machines, I use another 10.x.x.x IP in a different /16 subnet, but with this new setup, it routes locally rather than externally to this network (ie. the remote-end sees the 10.x.x.x address rather than the public-facing IP of the gateway). As a result, I need to put an entire /24 subnet (254 usable address) into my remote_hosts.cfg file... Is there a way to do this with one line, ie. 10.x.x.x/24 or similar, or do I have to resort to scripting the addition of all 254 addresses to the file? Either way would work, but being able to use CIDR notation would make managing the file a whole lot easier...  |
||
|
|
a_mobile_humanist
Cruncher Joined: May 20, 2011 Post Count: 34 Status: Offline Project Badges: 
|
I just tried it with BOINC 7.0.28. It works:
----------------------------------------9/28/2012 12:54:01 | | Starting BOINC client version 7.0.28 for windows_intelx86 ... 9/28/2012 12:54:01 | | Config: GUI RPC allowed from: 9/28/2012 12:54:01 | | Config: 172.16.1.0/24 EDIT: I had no idea this was possible either. Apparently this feature was requested a while ago (https://boinc.berkeley.edu/dev/forum_thread.php?id=1663 ). FAQs/wikis referring to "one per line" probably need some updating. [Edit 3 times, last edit by a_mobile_humanist at Sep 28, 2012 12:02:24 PM] |
||
|
|
Thargor
Veteran Cruncher UK Joined: Feb 3, 2012 Post Count: 1291 Status: Offline Project Badges:
|
I guess I'll have to make do with single-line entries, then, until the version in the debian repositories (currently 6.10.58) is updated...
----------------------------------------28-Sep-2012 13:04:12 [---] Can't resolve hostname 10.128.5.0/24 in remote_hosts.cfg If it causes any serious issues, I'll just see about force-installing the latest version from BOINC, rather than relying on the debian repositories... Thanks for the reply, though!  |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
This probably makes the remote_hosts.cfg IP listing superfluous
----------------------------------------<options> <allow_remote_gui_rpc>1</allow_remote_gui_rpc> </options> Since there is a password for BOINC still to deal with, not much one can do with those internal IP's, which are no secret either to any hacker. edit: The code to be placed in the cc_config.xml edit2: Here's a discussion that suggests you then don't need the remote_hosts.cfg. http://milkyway.cs.rpi.edu/milkyway/forum_thr...463&nowrap=true#49352 [Edit 2 times, last edit by Former Member at Sep 28, 2012 1:07:56 PM] |
||
|
|
a_mobile_humanist
Cruncher Joined: May 20, 2011 Post Count: 34 Status: Offline Project Badges:
|
<allow_remote_gui_rpc>1</allow_remote_gui_rpc> Every time I see a "*" in a firewall rule or hosts file, that little muscle under my left eye starts to tic.  Making a client with the above setting Internet-facing, as apparently suggested in this discussion, fills me with a special horror.   [Edit 2 times, last edit by a_mobile_humanist at Sep 28, 2012 1:53:01 PM] |
||
|
|
Former Member
Cruncher Joined: May 22, 2018 Post Count: 0 Status: Offline |
But, BOINC *IS* internet facing, just limited to talk to the attached projects, and sandboxed. Not aware of any script jockey to have ever been able to penetrate the BOINC network [lest you download BOINC from a dubious source]. Once upon a time a guy put his special brew on torrent and sure enough quite a few got their computing time hijacked... for the greater glory on BOINCStats, but that was all the person gained, king on SETI I think it was or something.
|
||
|
|
a_mobile_humanist
Cruncher Joined: May 20, 2011 Post Count: 34 Status: Offline Project Badges:
|
But, BOINC *IS* internet facing, just limited to talk to the attached projects... Well, yes, but when we set <allow_remote_gui_rpc> and place our gui rpc port on an external interface, we "limit" BOINC to talking to anyone and everyone. Not aware of any script jockey to have ever been able to penetrate the BOINC network Nor am I, and WCG is the only BOINC project I participate in because it is the only BOINC project that has convinced me that it takes security seriously (with the completely HTTPS website [with HTTPS Finder and HTTPS Everywhere Firefox extensions...] doing most of the convincing; as far as I have seen, WCG is unique in this way). That said, my neighborhood is safe enough that I can leave the deadbolt on my front door open and I will probably never be bothered. I still lock it every night, and I bet I'm not alone. |
||
|
|
|