Hey All,
I am trying to make sure I understand how the CA Gateway networking setup works for running all pieces on the same PC(VM). Below is my ENV variables list that I setup, I am just using the basic access list and pv list examples (although
I did have a question about the access/pvlist)
export EPICS_CA_AUTO_ADDR_LIST=NO
export EPICS_CA_ADDR_LIST=localhost
export EPICS_CA_MAX_ARRAY_BYTES=800000
export EPICS_CAS_INTF_ADDR_LIST=localhost
export EPICS_CA_SERVER_PORT=5064
export EPICS_CAS_SERVER_PORT=5065
My understanding is that the CAS port is listening for requests from a client (in this case Phoebus). I also am running Ralphs script to handle multiple IOCs on the same PC so UDP packets sent to 5064 are being echoed out on all ports
(I think I need to block whichever port the CAS Server Port in this NAT Rule to stop looping). Below is how I think the setup is supposed to work but I am unsure as I havnt been successful yet.
Access/PV List files question:
I am using the example files and for the access file the DEFAULT is where all requests go that aren’t listed as UAG or HAG?
ASG(DEFAULT) {
RULE(1,READ)
}
For the Pvlist, the first 3 regex is this covering any PV name basically? Does the next regex like Beam:.* then subset out from All to only Allowing the Beam 1 user to access these particular ones?
EVALUATION ORDER ALLOW, DENY
[0-9].* ALLOW
[a-z].* ALLOW
[A-Z].* ALLOW
Beam:.* ALLOW Beam 1
PS.* ALLOW PowerSupply 1
gateway:.*Flag ALLOW GatewayAdmin
test.* DENY
ps\([0-9]\) ALIAS PSCurrent\1.ai PowerSupply 1