Annotation of src/usr.bin/bgplg/bgplgsh.8, Revision 1.4
1.4 ! sthen 1: .\" $OpenBSD: bgplgsh.8,v 1.3 2007/05/31 19:20:07 jmc Exp $
1.1 reyk 2: .\"
3: .\" Copyright (c) 2005, 2006 Reyk Floeter <reyk@vantronix.net>
4: .\"
5: .\" Permission to use, copy, modify, and distribute this software for any
6: .\" purpose with or without fee is hereby granted, provided that the above
7: .\" copyright notice and this permission notice appear in all copies.
8: .\"
9: .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: .\"
1.4 ! sthen 17: .Dd $Mdocdate: May 31 2007 $
1.1 reyk 18: .Dt BGPLG 8
19: .Os
20: .Sh NAME
21: .Nm bgplgsh
22: .Nd looking glass shell for the
23: .Ox
24: Border Gateway Protocol daemon
25: .Sh SYNOPSIS
26: .Nm bgplgsh
27: .Sh DESCRIPTION
28: The
29: .Nm
30: program is a looking glass shell for the
31: .Xr bgpd 8
32: Border Gateway Protocol daemon.
33: The looking glass will provide a simple command line interface
34: with read-only access to a restricted set of
35: .Xr bgpd 8
36: and system status information, which is typically used on route
37: servers by Internet Service Providers (ISPs) and Internet eXchange
38: points (IXs).
39: .Pp
40: It requires three steps to enable the looking glass shell:
41: .Bl -enum
42: .It
43: Add
44: .Nm
45: as a valid login shell.
46: See
47: .Xr shells 5
48: for more information.
49: .Bd -literal -offset indent
50: # echo /usr/bin/bgplgsh \*(Gt\*(Gt /etc/shells
51: .Ed
52: .Pp
53: .It
54: Create a new user for restricted looking glass access.
55: See
56: .Xr adduser 8
57: for more information about system user management.
58: .Bd -literal -offset indent
59: # adduser -shell /usr/bin/bgplgsh -batch bgplg
60: # passwd bgplg
61: .Ed
62: .It
63: Start the Border Gateway Protocol daemon with a second,
64: restricted, control socket.
65: See
1.4 ! sthen 66: .Xr bgpd.conf 5
1.1 reyk 67: and
68: .Xr bgplg 8
69: for more information.
70: .Pp
71: For example,
1.4 ! sthen 72: add the following to
! 73: .Pa /etc/bgpd.conf
! 74: to have
1.1 reyk 75: .Xr bgpd 8
1.4 ! sthen 76: open a second, restricted, control socket:
1.1 reyk 77: .Pp
1.4 ! sthen 78: .Dl socket \&/var/www/logs/bgpd.rsock\&" restricted
1.1 reyk 79: .El
80: .Sh FILES
81: .Bl -tag -width "/var/www/conf/bgpd.rsockXX" -compact
82: .It Pa /var/www/logs/bgpd.rsock
83: Position of the second, restricted, control socket of
84: .Xr bgpd 8 .
85: .El
86: .Sh SEE ALSO
87: .Xr bgpd 8 ,
88: .Xr bgplg 8
89: .Sh HISTORY
90: The
91: .Nm
92: program first appeared in
93: .Ox 4.1 .
94: The initial implementation was done in 2005 for DE-CIX, the German
95: commercial internet exchange point.
96: .Sh AUTHORS
97: The
98: .Nm
99: program was written by
100: .An Reyk Floeter Aq reyk@vantronix.net .
1.2 reyk 101: .Sh CAVEATS
102: To prevent commands from running endlessly,
103: .Nm
104: will kill the corresponding processes after a hard limit of 60 seconds.
105: For example, this can take effect when using
106: .Xr traceroute 8
107: with blackholed or bad routes.