Annotation of src/usr.bin/bgplg/bgplgsh.8, Revision 1.7
1.7 ! jmc 1: .\" $OpenBSD: bgplgsh.8,v 1.6 2012/02/26 19:15:20 haesbaert Exp $
1.1 reyk 2: .\"
3: .\" Copyright (c) 2005, 2006 Reyk Floeter <reyk@vantronix.net>
4: .\"
5: .\" Permission to use, copy, modify, and distribute this software for any
6: .\" purpose with or without fee is hereby granted, provided that the above
7: .\" copyright notice and this permission notice appear in all copies.
8: .\"
9: .\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10: .\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11: .\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12: .\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13: .\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14: .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15: .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16: .\"
1.7 ! jmc 17: .Dd $Mdocdate: February 26 2012 $
1.6 haesbaer 18: .Dt BGPLGSH 8
1.1 reyk 19: .Os
20: .Sh NAME
21: .Nm bgplgsh
22: .Nd looking glass shell for the
23: .Ox
24: Border Gateway Protocol daemon
25: .Sh SYNOPSIS
26: .Nm bgplgsh
27: .Sh DESCRIPTION
28: The
29: .Nm
30: program is a looking glass shell for the
31: .Xr bgpd 8
32: Border Gateway Protocol daemon.
33: The looking glass will provide a simple command line interface
34: with read-only access to a restricted set of
35: .Xr bgpd 8
36: and system status information, which is typically used on route
37: servers by Internet Service Providers (ISPs) and Internet eXchange
38: points (IXs).
39: .Pp
40: It requires three steps to enable the looking glass shell:
41: .Bl -enum
42: .It
43: Add
44: .Nm
45: as a valid login shell.
46: See
47: .Xr shells 5
48: for more information.
49: .Bd -literal -offset indent
50: # echo /usr/bin/bgplgsh \*(Gt\*(Gt /etc/shells
51: .Ed
52: .It
53: Create a new user for restricted looking glass access.
54: See
55: .Xr adduser 8
56: for more information about system user management.
57: .Bd -literal -offset indent
58: # adduser -shell /usr/bin/bgplgsh -batch bgplg
59: # passwd bgplg
60: .Ed
61: .It
62: Start the Border Gateway Protocol daemon with a second,
63: restricted, control socket.
64: See
1.4 sthen 65: .Xr bgpd.conf 5
1.1 reyk 66: and
67: .Xr bgplg 8
68: for more information.
69: .Pp
70: For example,
1.4 sthen 71: add the following to
72: .Pa /etc/bgpd.conf
73: to have
1.1 reyk 74: .Xr bgpd 8
1.4 sthen 75: open a second, restricted, control socket:
1.1 reyk 76: .Pp
1.5 sthen 77: .Dl socket \&"/var/www/logs/bgpd.rsock\&" restricted
1.1 reyk 78: .El
79: .Sh FILES
80: .Bl -tag -width "/var/www/conf/bgpd.rsockXX" -compact
81: .It Pa /var/www/logs/bgpd.rsock
82: Position of the second, restricted, control socket of
83: .Xr bgpd 8 .
84: .El
85: .Sh SEE ALSO
86: .Xr bgpd 8 ,
87: .Xr bgplg 8
88: .Sh HISTORY
89: The
90: .Nm
91: program first appeared in
92: .Ox 4.1 .
93: The initial implementation was done in 2005 for DE-CIX, the German
94: commercial internet exchange point.
95: .Sh AUTHORS
96: The
97: .Nm
98: program was written by
99: .An Reyk Floeter Aq reyk@vantronix.net .
1.2 reyk 100: .Sh CAVEATS
101: To prevent commands from running endlessly,
102: .Nm
103: will kill the corresponding processes after a hard limit of 60 seconds.
104: For example, this can take effect when using
105: .Xr traceroute 8
106: with blackholed or bad routes.