www.fifi.org
    Documentation
        Manpages
        GNU Info
        Debian document tree
        Whole document tree
    Trigance web page
    Public services
    User info
    Mailing lists
    Secure server
    Multilingual usage
 

Copyright (C) 2000-2012
Philippe Troin
<webmaster@fifi.org>.

Validate HTML
Validate CSS

    

Manpages

Manpage of CONSERVER.CF

CONSERVER.CF

Section: File Formats (5)
Updated: Local
Index
Return to Main Contents
 

NAME

conserver.cf - console configuration file for conserver(8)  

SYNOPSIS


LOGDIR=logdirectory
TIMESTAMP=timestamp-spec
BREAKn=break-spec
name:device[@conserver]:baud:logfile:timestamp-spec:break
name:!termserver[@conserver]:port:logfile:timestamp-spec:break
name:|command[@conserver]::logfile:timestamp-spec:break
%%
access: hosts  

DESCRIPTION

Conserver.cf is the configuration file for conserver(8). It is read once upon startup; modifications to the file take effect only upon restarting conserver.

Blank lines and comment lines (those beginning with a ``#'' and optional leading whitespace) are ignored. Non-ignored lines beginning with whitespace are considered continuations of the previous line. This allows you to span one logical line over many physical lines and insert comments wherever appropriate.

The first section of the file has logical lines that are separated into five colon-separated fields. Leading and trailing white space in each field is ignored.

name
the unique name by which this connection is referred to when using the console program. This is typically the name of the host whose console is being monitored.
device
the full path name of the device for this line. The baud rate is the speed and parity for this console. Speed may be given as an integer, parity only requires the first letter of any of: even, odd, mark, space, none. For historical reasons, `p' can also be used for no parity.
!termserver
the hostname of the terminal server to connect to. A socket connection will be made to port port (an integer).
|command
the command to invoke on the console server.

device, !termserver, and |command may be followed by a remote console server name in the form ``@conserver'', in which case the conserver daemon will send connections for name to the conserver running on the host named conserver. When the ``@conserver'' notation is used, conserver recognizes consoles it should manage locally by comparing the IP address of conserver against the IP address of the name returned by gethostname(). Thus, it will recognize host aliases, but not names that map to different IP addresses that may exist on the same host, so care must be used in specifying the hostname. Since conserver does recognize its own hostname, the same cf file may be used by all servers in a network if every console line includes a ``@conserver'' specification.

logfile
the full path name of file where all output from this host is logged. Any occurrence of `&' will be replaced with name. Any path that doesn't begin with a `/' will have logdirectory (as specified in the nearest preceding LOGDIR= line) prepended to it.
timestamp-spec
specifies the time between timestamps applied to the console log file and whether to log read/write connection actions. The format of the specification is [mark-interval[m|h|d|l]][a][b]. The timestamps look like `[-- MARK -- Mon Jan 25 14:46:56 1999]'. The `m', `h', and `d' tags specify `minutes' (the default), `hours', and `days'. The `l' tag specifies `lines' and will cause timestamps of the form `[Mon Jan 25 14:46:56 PST 1999]' to be placed every mark-interval lines (a newline character signifies a new line). So, `5h' specifies every five hours and `2l' specifies every two lines. An `a' can be specified to add logs of `attached', `detached', and `bumped' actions, including the user's name and the host from which the console connection was made, to the logfile. A `b' can be specified to add logging of break sequences sent to the console.
A default timestamp-spec can be specified by using the TIMESTAMP= syntax. All consoles below the TIMESTAMP= line will use that timestamp-spec unless overridden on a per-line basis, and until superseded by another TIMESTAMP= line. To turn off marks for a specific console, use a mark-interval of zero.
break
specifies which break sequence to use. The default value is `1'. Values of `0' thru `9' are valid. A value of `0' will unset the default break sequence, which will cause the ^Ecl0 sequence to do nothing.

The break-spec sequences are defined using the BREAKn= syntax where n is a number from 1 to 9. There are three builtin defaults: ``BREAK1=\z'', ``BREAK2=\r~^b'', and ``BREAK3=#.reset -x\r''. The values of the BREAKn sequences are simple characters strings with the exception of `\' and `^':

\\a
alert
\\b
backspace
\\f
form-feed
\\n
newline
\\r
carriage-return
\\t
tab
\\v
vertical-tab
\\z
serial break
\\\\
backslash
\\^
circumflex
\\ooo
octal representation of a character (where ooo is one to three octal digits)
\\c
character c
^?
delete
^c
control character (c is `and'ed with 0x1f)

This section is terminated with a `%%' token on a line by itself.

The next section of the file contains a list of hosts and addresses which are allowed to connect to the console server. Conserver looks for the first match in the config file for a client's IP address (or network), or hostname (or domain) if it is able to do a reverse lookup on the IP address, to determine the level of access to be granted. Three levels of access may be specified: ``trust'', ``allow'', and ``refuse''. The access level is followed by a colon and a space-separated list of addresses or host names. Any number of any combination of these levels may be specified, bearing in mind that conserver uses the first match for each incoming client connection, so order is important.

Any complete suffix of a host name may be used to define access for all hosts in that subdomain. For example, `cc.purdue.edu' will allow `mentor.cc.purdue.edu' and `mace.cc.purdue.edu', but not `pucc.purdue.edu' or `hack.purdue.edu'. For IP addresses, optional netmask lengths may be specified in CIDR `/' notation. For example, `192.168.1.0' will allow the class C space of 192.168.1.0, but `192.168.1.0/25' will allow only the lower half of that same address space (192.168.1.0 thru 192.168.1.127).  

EXAMPLE

# name:path:baud:logfile:mark:break 
LOGDIR=/tmp
# overriding the builtin BREAK3 sequence
BREAK3=#.reset\r
# adding another break sequence
BREAK8=+++
#
# This logs to /tmp/treelog...using BREAK8
tree:/dev/ttyj0:9600e:&log::8
#
# This logs to /tmp/fishlog...
fish:/dev/ttyj1:4800e:fishlog:
#
# Now we're defaulting to /var/tmp for logfiles...
LOGDIR=/var/tmp
#
# So, this is /var/tmp/birdlog with 1-hour timestamps
bird:/dev/ttyj2:4800m:&log:1h
#
# And this is /var/tmp/solarlog, using BREAK4, no timestamps
solar:|telnet solar::solarlog::4
#
# Now things are all in /var/consoles/<console name>
LOGDIR=/var/consoles
shell:|::&:
#
# These open connections to ports 2003 and 2004 of ts1
# using BREAK2 and BREAK3
tribe:!ts1:2003:&::2
# This one also has 10-minute timestamps and activity logging
reptile:!ts1:2004:&:10ma:3
#
# This opens /dev/ttyh0 if running on extra.cc.purdue.edu;
# otherwise, clients are redirected to that host.
mentor:/dev/ttyh0@extra.cc.purdue.edu:2400e:&:
%%
#
# access restrictions
# (note that the "badhost.cc.purdue.edu" entry must appear
# before the "cc.purdue.edu" entry if connections from
# "badhost" are to be rejected, since only the first match
# is used)
#
trusted: console.cc.purdue.edu 128.210.7.90
refuse: badhost.cc.purdue.edu
allow: cc.purdue.edu stat.cc.purdue.edu
 

SEE ALSO

console(1), conserver.passwd(5), conserver(8)

 

Index

NAME
SYNOPSIS
DESCRIPTION
EXAMPLE
SEE ALSO
This document was created by man2html, using the manual pages.
Time: 05:12:32 GMT, April 24, 2024