bgplg man page on OpenBSD

Man page or keyword search:  
man Server   11362 pages
apropos Keyword Search (all sections)
Output format
OpenBSD logo
[printable version]

BGPLG(8)		OpenBSD System Manager's Manual		      BGPLG(8)

NAME
     bgplg - looking glass for the OpenBSD Border Gateway Protocol daemon

SYNOPSIS
     bgplg

DESCRIPTION
     The bgplg CGI program is a looking glass for the bgpd(8) Border Gateway
     Protocol daemon.  The looking glass will provide a simple web interface
     with read-only access to a restricted set of bgpd(8) and system status
     information, which is typically used on route servers by Internet Service
     Providers (ISPs) and Internet eXchange points (IXs).  It is intended to
     be used in a chroot(2) environment in /var/www.

     bgplg is disabled by default.  It requires four steps to enable the
     looking glass:

     1.	  Update the file permission mode to allow the execution of the bgplg
	  CGI program and the additional statically linked programs that have
	  been installed into the chroot(2) environment.

	  For example, to allow execution of bgplg and the statically-linked
	  version of bgpctl(8):

		# chmod 0555 /var/www/cgi-bin/bgplg
		# chmod 0555 /var/www/bin/bgpctl

	  External commands like ping(8) and others will be hidden from the
	  looking glass command list unless given the correct permissions.
	  See the FILES section below for the list of installed programs.

     2.	  The programs ping(8), ping6(8), traceroute(8) and traceroute6(8)
	  will require a copy of the resolver configuration file
	  resolv.conf(5) in the chroot(2) environment for optional host name
	  lookups.

		# mkdir /var/www/etc
		# cp /etc/resolv.conf /var/www/etc

     3.	  Start the Border Gateway Protocol daemon with a second, restricted,
	  control socket that can be used from within the chroot(2)
	  environment.	See bgpd.conf(5) for more information.

	  For example, add the following to /etc/bgpd.conf to have bgpd(8)
	  open a second, restricted, control socket:

		socket "/var/www/logs/bgpd.rsock" restricted

     4.	  Start the Apache HyperText Transfer Protocol server.	See httpd(8)
	  for more information.

FILES
     /var/www/conf/bgplg.css	 Optional bgplg CSS style sheet.
     /var/www/conf/bgplg.head	 Optional bgplg HTML header.
     /var/www/conf/bgplg.foot	 Optional bgplg HTML footer.
     /var/www/logs/bgpd.rsock	 Position of the second, restricted, control
				 socket of bgpd(8).

     The following statically linked executables have been installed into the
     chroot(2) environment of the httpd(8) server.  To enable the
     corresponding functionality, use the chmod(1) utility to manually set the
     file permission mode to 0555 or anything appropriate.

     /var/www/cgi-bin/bgplg	 The bgplg CGI executable.
     /var/www/bin/bgpctl	 The bgpctl(8) program used to query
				 information from bgpd(8)
     /var/www/bin/ping		 The ping(8) program used to send ICMP
				 ECHO_REQUEST packets to network hosts.
				 Requires the set-user-ID bit, set the
				 permission mode to 4555.
     /var/www/bin/ping6		 The ping6(8) program used to send ICMPv6
				 ICMP6_ECHO_REQUEST packets to network hosts.
				 Requires the set-user-ID bit, set the
				 permission mode to 4555.
     /var/www/bin/traceroute	 The traceroute(8) program used to print the
				 route packets take to network hosts.
				 Requires the set-user-ID bit, set the
				 permission mode to 4555.
     /var/www/bin/traceroute6	 The traceroute6(8) program used to print the
				 route packets take to inet6(4) network hosts.
				 Requires the set-user-ID bit, set the
				 permission mode to 4555.

SEE ALSO
     bgpctl(8), bgpd(8), bgplgsh(8), httpd(8)

HISTORY
     The bgplg program first appeared in OpenBSD 4.1.  The initial
     implementation was done in 2005 for DE-CIX, the German commercial
     internet exchange point.

AUTHORS
     The bgplg program was written by Reyk Floeter <reyk@vantronix.net>.

CAVEATS
     To prevent commands from running endlessly, bgplg will kill the
     corresponding processes after a hard limit of 60 seconds.	For example,
     this can take effect when using traceroute(8) with blackholed or bad
     routes.

OpenBSD 4.9		       October 13, 2010			   OpenBSD 4.9
[top]

List of man pages available for OpenBSD

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net