Infrastructure
Dynamic Variable
Configuration.



Program variables which are used to accept configuration information are simple string pointers which may be directly referenced by the program in any 'C' module.    This allows configuration information to be passed into a program at startup or dynamically, controlled by the program code.    This approach allows configuration data to be changed without building any configuration files and bouncing or rebooting any systems.    This document applies equally to the cfgCache and the cryptoCache (for passwords).   

The actual data is held in a configuration cache daemon and fetched at the beginning of each program cycle (like the beginning of serving a new command).    The program code executes a call to caGetCfg( ProgNam ) which will retrieve all configuration variables held by the daemon for the named program.    The program name is usually the logical process name from the base config file, but it may be anything as long as the entity placing the data into the cfgCache and the program fetching the data from it agree on the usage, spelling, and case.   

Speaking of the base configuration file (in /usr/local/etc) it provides the logical process name, usually the Broker and sometimes Server2.    Although all config vars can be loaded from the base config file (usually for testing) only a few are required in a production environment.   

The 'C' module only needs to place two lines in the definitions section of the module code:
           //~VARS Var1 Var2 Var3 Broker Port Passwd1 Passwd2 TargetIP TargetPort
           #include xxxVars.c
The "~VARS" keyword must be in a comment so the actual 'C' compiler doesn't see it.    ~VARS should be followed by variable names which the program needs during execution.    Multiple ~VARS lines may be used, but each must be commented out and ~VARS be followed by the variable names.    Only a single include is needed and the file name included is the full name of the 'C' module with "Vars" just preceding the ".c".   

In one usage, the blkr, it's blocking devices are used to block Ips or CIDRs on multiple devices.    Each device driver is written to handle one specific type of firewall, or switch and can control numerous target devices.    Each firewall or device has a "device name" in the cache.    For instance the Pix firewall driver can access the cfgCache using the target device's name and get specific IP, and password info just for that target device.