2001-08-05 04:11:57 +00:00
|
|
|
.\" $Id: conserver.cf.man,v 1.17 2001-08-04 20:54:25-07 bryan Exp $
|
1999-01-27 01:49:19 +00:00
|
|
|
.\" @(#)constab.5 01/06/91 OSU CIS; Thomas A. Fine
|
2001-07-27 00:05:04 +00:00
|
|
|
.TH CONSERVER.CF 5 "Local"
|
1999-01-27 01:49:19 +00:00
|
|
|
.SH NAME
|
2001-07-27 00:05:04 +00:00
|
|
|
conserver.cf \- console configuration file for conserver(8)
|
1999-01-27 01:49:19 +00:00
|
|
|
.SH SYNOPSIS
|
|
|
|
.br
|
2001-07-27 00:05:04 +00:00
|
|
|
.BI \s-1LOGDIR\s0= logdirectory
|
1999-01-27 01:49:19 +00:00
|
|
|
.br
|
2001-07-27 00:05:04 +00:00
|
|
|
.BI \s-1TIMESTAMP\s0= timestamp-spec
|
1999-01-27 01:49:19 +00:00
|
|
|
.br
|
2001-07-27 00:05:04 +00:00
|
|
|
\fIname\fP:\fIdevice\fP[@\fIconserver\fP]:\fIbaud\fP:\fIlogfile\fP:\fItimestamp-spec\fP
|
1999-01-27 01:49:19 +00:00
|
|
|
.br
|
2001-07-27 00:05:04 +00:00
|
|
|
\fIname\fP:!\fItermserver\fP[@\fIconserver\fP]:\fIport\fP:\fIlogfile\fP:\fItimestamp-spec\fP
|
2001-07-05 16:18:19 +00:00
|
|
|
.br
|
2001-07-27 00:05:04 +00:00
|
|
|
\fIname\fP:|\fIcommand\fP[@\fIconserver\fP]::\fIlogfile\fP:\fItimestamp-spec\fP
|
1999-01-27 01:49:19 +00:00
|
|
|
.br
|
|
|
|
\fB%%\fP
|
|
|
|
.br
|
1999-08-24 21:52:59 +00:00
|
|
|
\fIaccess\fP: \fIhosts\fP
|
1999-01-27 01:49:19 +00:00
|
|
|
.SH DESCRIPTION
|
|
|
|
.B Conserver.cf
|
|
|
|
is the configuration file for
|
2001-07-27 00:05:04 +00:00
|
|
|
.BR conserver (8).
|
|
|
|
It is read once upon startup;
|
|
|
|
modifications to the file take effect only upon restarting \fBconserver\fP.
|
1999-01-27 01:49:19 +00:00
|
|
|
.PP
|
2001-08-05 04:11:57 +00:00
|
|
|
Blank lines and comment lines (those beginning with a ``#'' and
|
|
|
|
optional leading whitespace) are ignored. Non-ignored lines
|
|
|
|
beginning with whitespace are considered continuations of the
|
|
|
|
previous line. This allows you to span one logical line over
|
|
|
|
many physical lines and insert comments wherever appropriate.
|
|
|
|
.PP
|
|
|
|
The first section of the file has logical lines that are separated into
|
2001-07-27 00:05:04 +00:00
|
|
|
five colon-separated fields. Leading and trailing white space in each
|
|
|
|
field is ignored.
|
|
|
|
.TP
|
|
|
|
.I name
|
|
|
|
the unique name by which this connection is referred to
|
|
|
|
when using the \fBconsole\fP program.
|
|
|
|
This is typically the name of the host whose console is being monitored.
|
|
|
|
.TP
|
|
|
|
.I device
|
|
|
|
the full path name of the device for this line.
|
1999-01-27 01:49:19 +00:00
|
|
|
The \fIbaud\fP rate is the speed and parity for this console.
|
|
|
|
Speed may be given as an integer,
|
|
|
|
parity only requires the first letter of any of: even, odd, mark, space.
|
2001-07-05 16:18:19 +00:00
|
|
|
For no parity, use the character `p'.
|
2001-07-27 00:05:04 +00:00
|
|
|
.TP
|
|
|
|
.BI ! termserver
|
|
|
|
the hostname of the terminal server to connect to.
|
1999-01-27 01:49:19 +00:00
|
|
|
A socket connection will be made to port \fIport\fP (an integer).
|
2001-07-27 00:05:04 +00:00
|
|
|
.TP
|
|
|
|
.BI | command
|
|
|
|
the command to invoke on the console server.
|
1999-01-27 01:49:19 +00:00
|
|
|
.PP
|
2001-07-27 00:05:04 +00:00
|
|
|
\fIdevice\fP, !\fItermserver\fP, and |\fIcommand\fP may be followed by
|
|
|
|
a remote console server name in the form ``\fB@\fP\fIconserver\fP'',
|
|
|
|
in which case the conserver daemon will send connections for \fIname\fP
|
|
|
|
to the conserver running on the host named \fIconserver\fP.
|
|
|
|
When the ``\fB@\fP\fIconserver\fP'' notation is used,
|
|
|
|
\fBconserver\fP recognizes consoles it should manage locally
|
|
|
|
by comparing the IP address of \fIconserver\fP
|
|
|
|
against the IP address of the name returned by gethostname().
|
|
|
|
Thus, it will recognize host aliases, but not names that map to
|
|
|
|
different IP addresses that may exist on the same host,
|
|
|
|
so care must be used in specifying the hostname.
|
|
|
|
Since \fBconserver\fP does recognize its own hostname,
|
|
|
|
the same cf file may be used by all servers in a network
|
|
|
|
if every console line includes a ``\fB@\fP\fIconserver\fP'' specification.
|
|
|
|
.TP
|
|
|
|
.I logfile
|
|
|
|
the full path name of file where all output from
|
|
|
|
this host is logged. Any occurrence of `&' will be replaced with
|
|
|
|
\fIname\fP. Any path that doesn't begin with a `/' will
|
|
|
|
have \fIlogdirectory\fP (as specified in the nearest preceding
|
|
|
|
\fB\s-1LOGDIR=\s0\fP
|
|
|
|
line) prepended to it.
|
|
|
|
.TP
|
|
|
|
.I timestamp-spec
|
|
|
|
specifies the time between
|
|
|
|
timestamps applied to the console log file and
|
|
|
|
whether to log read/write connection actions.
|
2001-07-05 16:18:19 +00:00
|
|
|
The format of the specification is
|
2001-07-27 00:05:04 +00:00
|
|
|
[\fImark-interval\fP[\fBm\fP|\fBh\fP|\fBd\fP|\fBl\fP]][\fBa\fP].
|
|
|
|
The timestamps look like `[-- MARK -- Mon Jan 25 14:46:56 PST 1999]'.
|
|
|
|
The `\fBm\fP', `\fBh\fP', and `\fBd\fP' tags specify
|
|
|
|
`minutes' (the default), `hours', and `days'. The `\fBl\fP' tag
|
2001-07-05 16:18:19 +00:00
|
|
|
specifies `lines' and will cause timestamps of the form
|
|
|
|
`[Mon Jan 25 14:46:56 PST 1999]' to
|
2001-06-16 00:44:07 +00:00
|
|
|
be placed every \fImark-interval\fP lines (a newline character signifies
|
2001-07-27 00:05:04 +00:00
|
|
|
a new line). So, `5h' specifies every five hours and `2l' specifies every
|
|
|
|
two lines.
|
|
|
|
An `\fBa\fP' can be specified to add logs of
|
|
|
|
`attached', `detached', and `bumped' actions,
|
|
|
|
including the user's name and the host from which the
|
|
|
|
\fBconsole\fP connection was made,
|
|
|
|
to the logfile.
|
|
|
|
.IP
|
|
|
|
A default \fItimestamp-spec\fP can be specified by using the
|
|
|
|
\fB\s-1TIMESTAMP=\s0\fP syntax.
|
|
|
|
All consoles below the \fB\s-1TIMESTAMP=\s0\fP line will use that
|
|
|
|
\fItimestamp-spec\fP unless overridden on a per-line basis,
|
|
|
|
and until superseded by another \fB\s-1TIMESTAMP=\s0\fP line.
|
|
|
|
To turn off marks for a specific
|
2001-07-05 16:18:19 +00:00
|
|
|
console, use a \fImark-interval\fP of zero.
|
1999-01-27 01:49:19 +00:00
|
|
|
.PP
|
2001-07-27 00:05:04 +00:00
|
|
|
This section is terminated with a `\fB%%\fP' token on a line by itself.
|
1999-01-27 01:49:19 +00:00
|
|
|
.PP
|
|
|
|
The next section of the file contains a list of hosts and addresses
|
2001-07-27 00:05:04 +00:00
|
|
|
which are allowed to connect to the console server.
|
|
|
|
.B Conserver
|
|
|
|
looks for the first match in the config file
|
|
|
|
for a client's IP address (or network),
|
|
|
|
or hostname (or domain) if it is able to do a reverse lookup on the IP address,
|
|
|
|
to determine the level of access to be granted.
|
|
|
|
Three levels of access may be specified: ``\fBtrust\fP'', ``\fBallow\fP'',
|
|
|
|
and ``\fBrefuse\fP''.
|
|
|
|
The access level is followed by a colon and a space-separated list of
|
|
|
|
addresses or host names.
|
|
|
|
Any number of any combination of these levels may be specified,
|
|
|
|
bearing in mind that conserver uses the first match for each incoming
|
|
|
|
client connection, so order is important.
|
|
|
|
.PP
|
|
|
|
Any complete suffix of a host name may be used to define access for all hosts
|
1999-01-27 01:49:19 +00:00
|
|
|
in that subdomain.
|
2001-07-27 00:05:04 +00:00
|
|
|
For example, `\fBcc.purdue.edu\fP' will allow `mentor.cc.purdue.edu'
|
1999-01-27 01:49:19 +00:00
|
|
|
and `mace.cc.purdue.edu', but not `pucc.purdue.edu' or `hack.purdue.edu'.
|
2001-07-27 00:05:04 +00:00
|
|
|
For IP addresses, optional netmask lengths may be specified
|
|
|
|
in CIDR `/' notation.
|
|
|
|
For example, `\fB192.168.1.0\fP' will allow the class C space of 192.168.1.0,
|
|
|
|
but `\fB192.168.1.0/25\fP' will allow
|
1999-08-24 21:52:59 +00:00
|
|
|
only the lower half of that same address space (192.168.1.0 thru 192.168.1.127).
|
1999-01-27 01:49:19 +00:00
|
|
|
.SH EXAMPLE
|
2001-07-27 00:05:04 +00:00
|
|
|
# name:path:baud:/usr/adm/logfile:mark
|
|
|
|
.nf
|
1999-01-27 01:49:19 +00:00
|
|
|
LOGDIR=/tmp
|
|
|
|
#
|
|
|
|
# This logs to /tmp/treelog...
|
|
|
|
tree:/dev/ttyj0:9600e:&log:
|
|
|
|
#
|
|
|
|
# This logs to /tmp/fishlog...
|
|
|
|
fish:/dev/ttyj1:4800e:fishlog:
|
|
|
|
#
|
|
|
|
# Now we're defaulting to /var/tmp for logfiles...
|
|
|
|
LOGDIR=/var/tmp
|
|
|
|
#
|
|
|
|
# So, this is /var/tmp/birdlog
|
|
|
|
bird:/dev/ttyj2:4800m:&log:
|
|
|
|
#
|
|
|
|
# And this is /var/tmp/solarlog...
|
|
|
|
solar:|telnet solar::solarlog:
|
|
|
|
#
|
|
|
|
# Now things are all in /var/consoles/<console name>
|
|
|
|
LOGDIR=/var/consoles
|
|
|
|
shell:|::&:
|
|
|
|
#
|
2001-07-27 00:05:04 +00:00
|
|
|
# These open connections to ports 2003 and 2004 of ts1...
|
1999-01-27 01:49:19 +00:00
|
|
|
tribe:!ts1:2003:&:
|
|
|
|
reptile:!ts1:2004:&:
|
2001-07-27 00:05:04 +00:00
|
|
|
#
|
|
|
|
# This opens /dev/ttyh0 if running on extra.cc.purdue.edu;
|
|
|
|
# otherwise, clients are redirected to that host.
|
1999-01-27 01:49:19 +00:00
|
|
|
mentor:/dev/ttyh0@extra.cc.purdue.edu:2400e:&:
|
|
|
|
%%
|
2001-07-27 00:05:04 +00:00
|
|
|
#
|
1999-01-27 01:49:19 +00:00
|
|
|
# access restrictions
|
2001-07-27 00:05:04 +00:00
|
|
|
# (note that the "badhost.cc.purdue.edu" entry must appear
|
|
|
|
# before the "cc.purdue.edu" entry if connections from
|
|
|
|
# "badhost" are to be rejected, since only the first match
|
|
|
|
# is used)
|
|
|
|
#
|
1999-01-27 01:49:19 +00:00
|
|
|
trusted: console.cc.purdue.edu 128.210.7.90
|
2001-07-27 00:05:04 +00:00
|
|
|
refuse: badhost.cc.purdue.edu
|
1999-01-27 01:49:19 +00:00
|
|
|
allow: cc.purdue.edu stat.cc.purdue.edu
|
|
|
|
.SH "SEE ALSO"
|
2001-07-27 00:05:04 +00:00
|
|
|
.BR console (1),
|
|
|
|
.BR conserver.passwd (5),
|
|
|
|
.BR conserver (8)
|