# $Id: Users.n3,v 1.1 2003/02/11 14:04:01 graham Exp $ # # RDF for configuration of home network. # # This file describes the network, network hosts and access # policies for my home network. # # This file describes members of the following classes: # foaf:Person - network users. # user:LocalNetwork - details of the local network. # user:HostSystem - a network host, which may be a piece of network # equipment or a personal machine. # user:AccessPolicy - an access policy for some user or machine. # user:AccessRule - an access rule, used to construct access policies. # user:ServiceGroup - a collection of network services, used by an access rule. # user:ServiceProtocol - network services associated with a given IP protocol, # by protocol and permitted or excluded ports. # ical:Vcalendar - a schedule object, used as part of an access rule. # # #--------+---------+---------+---------+---------+---------+---------+---------+ # # Copyright (c) 2002, Graham Klyne # # This file has been prepared for the public SWAD-Europe project. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # 3. The name of the author may not be used to endorse or promote products # derived from this software without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES # OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, # INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT # NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY # THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF # THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # #--------+---------+---------+---------+---------+---------+---------+---------+ # $Source: /Users/graham/cvs/cvsweb/ninebynine.org/docs/RDFNotes/Calendaring/Users.n3,v $ # $Author: graham $ # $Date: 2003/02/11 14:04:01 $ # $Id: Users.n3,v 1.1 2003/02/11 14:04:01 graham Exp $ #--------+---------+---------+---------+---------+---------+---------+---------+ # 1 2 3 4 5 6 7 8 @prefix rdf: . @prefix rdfs: . @prefix foaf: . @prefix dc: . #@prefix ical: . @prefix ical: . #@prefix icalutil: . #prefix icalutil: . @prefix user: . #@prefix ndev: . #@prefix dnsa: . #@prefix dhcp: . @prefix homenet: . # Define users # homenet:GK a foaf:Person ; foaf:name "Graham Klyne" ; foaf:mbox ; user:usesHost homenet:twoflower ; user:usesHost homenet:octarine ; user:accessType homenet:WorkAccess ; rdfs:comment """ Uses the Internet for work, also network admin, unrestricted Internet access. """ . homenet:Mandy a foaf:Person ; foaf:name "Mandy" ; user:usesHost homenet:halva ; user:accessType homenet:WorkAccess ; rdfs:comment """ Uses the Internet for work, unrestricted Internet access. """ . homenet:Ronan a foaf:Person ; foaf:name "Ronan" ; user:usesHost homenet:ronan_tb ; user:accessType homenet:PlayAccess ; rdfs:comment """ Uses the Internet for games and downloads; restricted access. """ . homenet:Rhi a foaf:Person ; foaf:name "Rhiannon" ; user:usesHost homenet:rhiannon_mc ; user:accessType homenet:PlayAccess ; rdfs:comment """ Uses the Internet for games and chat; restricted access. """ . # Define local network # homenet:atuin a user:LocalNetwork ; rdfs:label "Home network" ; user:dhcpHostName "luggage" ; user:networkDomain "atuin.ninebynine.org" ; user:networkAddr "193.123.216.64" ; user:networkMask "255.255.255.192" ; user:broadcastAddr "193.123.216.127" ; user:defaultGateway homenet:vimes ; user:defaultDNS ( "212.159.11.150" "212.159.13.150" "206.14.4.2" ) ; user:dhcpPoolStart "193.123.216.101" ; user:dhcpPoolEnd "193.123.216.120" ; user:addressPool "193.123.216.101 193.123.216.120" ; user:netbiosServer "luggage" ; user:defaultAccess homenet:NoAccess ; rdfs:comment """ Home network based on single Ethernet segment connected to the Internet by Cisco dial-on-demand ISDN router running IOS router/firewall/NAT software. """ . # Define host systems # homenet:vimes a user:HostSystem ; rdfs:label "Cisco 2500 router" ; user:hostName "vimes" ; user:localNet homenet:atuin ; user:hostIP "193.123.216.94" ; user:hostMAC "00:e0:1e:a9:d9:57" ; user:systemAdmin homenet:GK ; user:accessType homenet:ServiceAccess ; rdfs:comment """ Cisco dial-on-demand ISDN router running IOS router/firewall/NAT software. """ . homenet:luggage a user:HostSystem ; rdfs:label "Linux server" ; user:hostName "luggage" ; user:localNet homenet:atuin ; ### No multihoming support yet ### #user:hostIP ( "193.123.216.65" "193.123.216.62" ) ; #user:hostMAC ( "00:04:75:73:dc:30" "00:c0:4f:d8:f8:3d" ) ; ################################## user:hostIP "193.123.216.65" ; user:hostMAC "00:04:75:73:dc:30" ; user:systemAdmin homenet:GK ; user:accessType homenet:ServiceAccess ; rdfs:comment """ Dell dual Pentium-200 server running SuSE Linux. Provides network services (DNS, DHCP, NTP, eyc.), file services (Samba) and database services (MySQL). """ . homenet:iconograph a user:HostSystem ; rdfs:label "Main printer" ; user:hostName "iconograph" ; user:localNet homenet:atuin ; user:hostIP "193.123.216.75" ; user:hostMAC "00:60:B0:42:46:05" ; user:systemAdmin homenet:GK ; user:accessType homenet:NoAccess ; rdfs:comment """ HP laserjet 5M printer, with duplex unit. """ . homenet:twoflower a user:HostSystem ; rdfs:label "Graham's laptop" ; user:hostName "twoflower" ; user:localNet homenet:atuin ; user:hostIP "193.123.216.72" ; user:hostMAC "08:00:46:08:4c:5b" ; user:systemAdmin homenet:GK ; rdfs:comment """ Sony Vaio laptop. """ . homenet:octarine a user:HostSystem ; rdfs:label "Graham's workstation" ; user:hostName "octarine" ; user:localNet homenet:atuin ; user:hostIP "193.123.216.74" ; user:hostMAC "00:E0:81:04:4B:3E" ; user:systemAdmin homenet:GK ; rdfs:comment """ GK's high-power workstation. """ . homenet:halva a user:HostSystem ; rdfs:label "Mandy's computer" ; user:hostName "halva" ; user:localNet homenet:atuin ; user:hostIP "193.123.216.77" ; user:hostMAC "00:10:4B:9D:65:61" ; user:systemAdmin homenet:GK ; rdfs:comment """ Mandy's work computer, also sometimes used for family Internet browsing. """ . homenet:rhiannon_mc a user:HostSystem ; rdfs:label "Rhiannon's computer" ; user:hostName "rhiannon" ; user:localNet homenet:atuin ; user:hostIP "193.123.216.78" ; user:hostMAC "00:10:60:b6:18:54" ; user:systemAdmin homenet:Ronan ; rdfs:comment """ Rhiannon's computer, used mostly for chat and games. Also, some schoolwork. """ . homenet:ronan_tb a user:HostSystem ; rdfs:label "Ronan's main computer" ; user:hostName "ronan-tb" ; user:localNet homenet:atuin ; user:hostIP "193.123.216.79" ; user:hostMAC "00:40:f6:2c:83:e1" ; user:systemAdmin homenet:Ronan ; rdfs:comment """ Ronan's main computer, mostly used for games when it's not in pieces all over his bedroom. Also, some schoolwork. """ . # Define access policies # homenet:ServiceAccess a user:AccessPolicy ; rdfs:label "Network service access policy " ; user:access homenet:WorkAccessRule ; rdfs:comment """ Access policy for network service elements. For the time being, same as work access. """ . homenet:NoAccess a user:AccessPolicy ; rdfs:label "No-access policy" ; user:access homenet:NoAccessRule ; rdfs:comment """ Access policy for network elements that are not to touch the Internet """ . homenet:WorkAccess a user:AccessPolicy ; rdfs:label "Work access policy" ; user:access homenet:WorkAccessRule ; rdfs:comment """ Access policy for those who use the Internet for work. """ . homenet:PlayAccess a user:AccessPolicy ; rdfs:label "Play access policy" ; user:access homenet:PlayAccessRule ; user:access homenet:DownloadAccessRule ; rdfs:comment """ Access policy for those who use the Internet for play. """ . homenet:NoAccessRule a user:AccessRule ; user:accessServices homenet:NoServices ; user:accessTimes homenet:AllTimes ; rdfs:comment """ Access rule for no services at any time. """ . homenet:WorkAccessRule a user:AccessRule ; user:accessServices homenet:AllServices ; user:accessTimes homenet:AllTimes ; rdfs:comment """ Access rule for all services at all times. """ . homenet:PlayAccessRule a user:AccessRule ; user:accessServices homenet:NotP2PServices ; user:accessTimes homenet:PlayTimes ; rdfs:comment """ Access rule for non peer-to-peer services at restricted times. """ . homenet:DownloadAccessRule a user:AccessRule ; user:accessServices homenet:P2PServices ; user:accessTimes homenet:DownloadTimes ; rdfs:comment """ Access rule for all services at very restricted times. """ . homenet:NoServices a user:ServiceGroup ; rdfs:label "No services" ; rdfs:comment """ No services. """ . homenet:AllServices a user:ServiceGroup ; rdfs:label "All services" ; user:accessProtocol homenet:AllICMP ; user:accessProtocol homenet:MostTCP ; user:accessProtocol homenet:MostUDP ; rdfs:comment """ All services on all normal protocols. Not IGMP or routing protocols. """ . homenet:NotP2PServices a user:ServiceGroup ; rdfs:label "All but peer-to-peer services" ; user:accessProtocol homenet:AllICMP ; user:accessProtocol homenet:NonP2PTCP ; user:accessProtocol homenet:MostUDP ; rdfs:comment """ All services on all normal protocols, excluding peer-to-peer services. """ . homenet:P2PServices a user:ServiceGroup ; rdfs:label "Peer-to-peer services" ; user:accessProtocol homenet:P2PTCP ; rdfs:comment """ Peer-to-peer services. """ . homenet:AllICMP a user:ServiceProtocol ; rdfs:label "All ICMP services" ; user:ipProtocol "ICMP" ; rdfs:comment """ All ICMP services. """ . homenet:MostTCP a user:ServiceProtocol ; rdfs:label "Most TCP services" ; user:ipProtocol "TCP" ; user:excludePorts ( "123" ) ; rdfs:comment """ All TCP services excluding NTP (123) """ . homenet:P2PTCP a user:ServiceProtocol ; rdfs:label "P2P TCP services" ; user:ipProtocol "TCP" ; user:includePort "1214" ; user:includePort "6346" ; user:includePort "6347" ; rdfs:comment """ All peer-to-peer TCP services: FastTrack (1214), GnuTella (6346, 6347) """ . homenet:NonP2PTCP a user:ServiceProtocol ; rdfs:label "Non-P2P TCP services" ; user:ipProtocol "TCP" ; user:excludePorts ( "1214" "6346" "6347" ) ; rdfs:comment """ All TCP services excluding peer-to-peer protocols: FastTrack (1214), GnuTella (6346, 6347) """ . homenet:MostUDP a user:ServiceProtocol ; rdfs:label "Most UDP services" ; user:ipProtocol "UDP" ; user:excludePorts ( "20" "123" ) ; rdfs:comment """ All UDP services excluding NTP (123) and ftp-data (20) """ . homenet:AllTimes a ical:Vcalendar ; user:rangeName "AllTimes" ; rdfs:label "No access time restriction" ; ical:hasEvent [ a ical:Vevent ; # Vevent appears to suffice for recurrence in Dan's schema. ical:dtstart [ a ical:Vtime ; rdf:value "T000000" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T240000" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "DAILY" ; ical:interval "1" ] ] ; rdfs:comment """ All times on all days. """ . homenet:PlayTimes a ical:Vcalendar ; user:rangeName "PlayTimes" ; rdfs:label "Times that non-work access is allowed" ; ical:hasEvent [ a ical:Vevent ; ical:dtstart [ a ical:Vtime ; rdf:value "T084500" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T101500" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "WEEKLY" ; ical:interval "1" ; ical:byday "MO,TU,WE,TH,FR" ] ] ; ical:hasEvent [ a ical:Vevent ; ical:dtstart [ a ical:Vtime ; rdf:value "T160000" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T164500" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "WEEKLY" ; ical:interval "1" ; ical:byday "MO,TU,WE,TH,FR" ] ] ; ical:hasEvent [ a ical:Vevent ; ical:dtstart [ a ical:Vtime ; rdf:value "T200000" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T220000" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "WEEKLY" ; ical:interval "1" ; ical:byday "MO,TU,WE,TH,FR" ] ] ; ical:hasEvent [ a ical:Vevent ; ical:dtstart [ a ical:Vtime ; rdf:value "T084500" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T111500" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "WEEKLY" ; ical:interval "1" ; ical:byday "SA,SU" ] ] ; ical:hasEvent [ a ical:Vevent ; ical:dtstart [ a ical:Vtime ; rdf:value "T160000" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T220000" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "WEEKLY" ; ical:interval "1" ; ical:byday "SA,SU" ] ] ; rdfs:comment """ Designated play times: weekdays: 08:45-10:15, 16:00-16:45, 20:00-22:00 weekends: 08:45-11:15, 16:00-22:00 """ . homenet:DownloadTimes a ical:Vcalendar ; user:rangeName "DownloadTimes" ; rdfs:label "Times that download activity is allowed" ; ical:hasEvent [ a ical:Vevent ; ical:dtstart [ a ical:Vtime ; rdf:value "T200000" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T220000" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "WEEKLY" ; ical:interval "1" ; ical:byday "SA" ] ] ; ical:hasEvent [ a ical:Vevent ; ical:dtstart [ a ical:Vtime ; rdf:value "T040000" ] ; ical:dtend [ a ical:Vtime ; rdf:value "T080000" ] ; ical:rrule [ a ical:Vrecur ; ical:freq "WEEKLY" ; ical:interval "1" ; ical:byday "SU" ] ] ; rdfs:comment """ Designated download times: saturday 20:00-22:00 sunday: 04:00-08:00 """ . # # End of network user details # #--------+---------+---------+---------+---------+---------+---------+---------+ # $Log: Users.n3,v $ # Revision 1.1 2003/02/11 14:04:01 graham # Add calendaring notes # # Revision 1.3 2003/02/11 12:29:00 graham # Update data to be more in line with new schema # # Revision 1.2 2003/02/06 14:00:24 ronan # Edited for compatibility with new iCalendar schema. # # Revision 1.1 2003/02/06 10:23:22 graham # Copy policy file for conversion to new iCal schema # # Revision 1.13 2002/12/22 18:51:18 graham # Add extra comments about use of IOS access rule hints # # Revision 1.12 2002/12/22 18:46:08 graham # Updated copyright notice # # Revision 1.11 2002/12/16 17:28:39 graham # Fix up inconsistencies with RDF semantics # # Revision 1.10 2002/12/12 22:24:04 graham # Initial documentation done, redundant rules disabled # # Revision 1.9 2002/12/12 01:09:23 graham # Most rules working. # Generation of time-ranges remains. # # Revision 1.8 2002/12/11 12:02:14 graham # Rules all appear to work # # Revision 1.7 2002/12/10 23:52:39 graham # Some rules working # # Revision 1.6 2002/12/10 21:18:11 graham # N3 syntax OK, but rules don't work yet # # Revision 1.5 2002/12/10 20:24:25 graham # First cut of configuration data and rules # # Revision 1.4 2002/12/09 19:34:50 graham # Fix some iCalendar usage. # Fix introductory comments. # # Revision 1.3 2002/12/06 00:03:39 graham # Minor fix # # Revision 1.2 2002/12/05 19:01:22 graham # Policy file completed # # Revision 1.1 2002/12/04 20:58:54 graham # Started to define data for home network scenario #