Providing a new option to set profiles on a per-IP basis

ID: FR09P03694 Priority: High
Products: NoMachine Server Target: 6
Status: Implemented  

A new option for the 'nxserver --ruleadd' command should allow to set a profile rule on a per-IP basis.

For example, to enable/disable copy&paste according to the IP of the connecting client:

nxserver --ruleadd --class feature client-clipboard --value yes|no --address  <clientIP>

nxserver --ruleadd --class feature server-clipboard  --value yes|no --address <clientIP>



or to allow/forbid access to a specific node in a multinode environment:
 
nxserver --ruleadd --class node --type NODE:PORT --value yes|no --address <clientIP>


The --IP switch can be applied in a similar way to all the other rule types which can be already set on per-user/per-group basis.


Server usage:

--ruleadd --class <class> --type <type> --value yes|no|<value>
  --system | --user <username> | --guest | --node <node:port> |
  --group <groupname> | --nodegroup <groupname> | --address <IP>

  Add a rule if server supports profiles. <class> is a class of rule
  [...]
  of users. To set the rule on a per-node basis, use --node instead
  or provide --nodegroup to apply the rule to a group of nodes. Use
  --address to apply the rule on per-client IP basis.

 --ruledel [--class <class> --type <type>] --system | --user <username> |
  --guest | --node <node:port> | --group <groupname> | --nodegroup
  <groupname> | --address <IP>

  If --class and --type are not provided, delete all rules set for the
  system (--system) or the given user (--user) or guests (--guest) or
  the given node (--node) or the given group of users (--group) or of
  nodes (--nodegroup). Use --class and --type to delete this specific
  rule from the system (--system can be omitted) or provide any of the
  available options to delete it on a per-user/guests/node/groups of
  users/group of nodes basis. Use --address to delete all the rules
  associated to the given client IP.


--rulelist [--system | --user <username> | --guest | --group <groupname> |
           | --node<node:port> | --nodegroup <groupname>] --address <IP>]

  List all rules set. If --system is provided, list rules defined for
  the NoMachine system. Use --user or --guest to list only rules set
  for the given user or for guest accounts respectively. If --node
  is given, list all rules set for the node. With --group, list all
  rules set for the specified group of users. List the rules set for
  nodes groups by using the --nodegroup option or those set for the
  given group of nodes. Use --address <IP> to list all the rules
  associated to the given client IP.