Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature Request] Add a client disable option #810

Open
deajan opened this issue Apr 3, 2019 · 4 comments
Open

[Feature Request] Add a client disable option #810

deajan opened this issue Apr 3, 2019 · 4 comments

Comments

@deajan
Copy link
Contributor

deajan commented Apr 3, 2019

Hi,

I think it would be a really nice feature to allow client deletion from server (or at least a disabling feature), in order to prevent old clients to connect to a burp server over and over again.

The feature could be something like a disable = 1 line in the client config server side, which would then trigger a config file rename to .old client side.
This way it would cover Linux and Windows usecases (other solutions like disabling tasks might be harder to achieve on multiple OSes).
This would also not interfere with a client that has multiple config files.

Best regards.
@ziirish
Copy link
Contributor

ziirish commented Apr 3, 2019

There is already such an option, it is called enabled and it defaults to 1.

This is an extract of the manpage:

enabled=[0|1]
Set this to 0 if you want to disable all clients. The default is
1. This option can be overridden per-client in the client con‐
figuration files in clientconfdir on the server.

@ziirish
Copy link
Contributor

ziirish commented Apr 3, 2019

Hm, in fact I didn't read your whole request, so this only partially answers your needs.

@grke
Copy link
Owner

grke commented Apr 28, 2019

Sorry that I haven't commented for a long time.
I didn't like the idea very much at first, although I understand why you want it.
Maybe we can figure out how to make the idea better.

  • The clients will still try to run their timed jobs, and will just error because they have no config file. I think it is wrong just to break them. Maybe better would be for it to append a flag to the end of the client side config so that it is configured disabled, rather than just broken.

  • 'disabled' is similar to 'enable', which is an option that already exists, and the similarity could be confusing. Maybe 'deactivate' could be better on the server side, leading to 'enabled = 0' in the client config.

  • There is no way to resurrect a client again from the server side once you have done this. I can't think of a way around this yet, other than having to go onto the client and edit the config. Maybe this is OK.

  • Does the client need a 'server_can_deactivate' option?

@deajan
Copy link
Contributor Author

deajan commented Apr 28, 2019

No prob :)
Adding a deactivate = 0/1 option server side seems the best, which then triggers an enabled = 0.
Indeed resurrecting means manual client config changes, seems fair enough given the whole point is to stop communications from client to server :)

At last, I don't think a server_can_deactivate option would be needed, since anyway, if the server administrator does not want a client, he can already remove the client config file, change the password or whatever.

Best regards.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ziirish @grke @deajan