Tool that implements the client-side of all network-protocol commands of CFEngine, fully configurable from the command-line. Useful for debugging, testing, stress-testing, every-day use without writing policy, etc.
- cf-net [options] COMMAND [parameter]
Example command-line usage:
- cf-net -H 22.214.171.124:5432 GET /var/cfengine/masterfiles/promises.cf
- cf-net STAT /var/cfengine/masterfiles/promises.cf (This is the "SYNCH time STAT" command actually)
- cf-net OPENDIR /var/cfengine/masterfiles
- --host|-h host[:port]
- --trust-server=yes default is no, which means that connection is closed if server presents an unknown key.
- By default, it should read the trust from the same locations as the rest of CFEngine and have similar actions. For example keys should be searched in /var/cfengine/ppkeys and trust connection should be denied if remote key is not found in there.
Useful implementation examples:
- cf-serverd/server_tls.c lists all protocol commands from the server's point of view
- In any CFEngine process, logging in debug mode prints all network traffic, incoming or outgoing. For example to see the server's traffic, launch it in foreground with debug logging enabled: cf-serverd -dF