|
NAMEwhoson.conf - whoson configuration fileSYNOPSYS/etc/whoson.confDESCRIPTIONwhoson.conf is the file that controls operation of both whosond(8) daemon and whoson(3) API functions.General structurewhoson.conf file contains of a serias of entries. Each entry starts with a line containing the word server or client from the first position, followed by a word specifying the entry type. Then, there may follow arbitrary number of keyword=value pairs, in the same line or in the continuation lines. Continuation lines start with whitespace. Hash (# ) character specify the logical end of the line; comment may follow. All-whitespace lines are ignored.Server entryThere are currently 5 types of server entries: tcp, udp, unix, unixd, and global.tcp server entry must contain port=number keyword-value pair and may contain keepalive=number, allow=pattern, deny=patternand listenq=number pairs. udp server entry must contain port=number keyword-value pair and may contain allow=patternand deny=pattern pairs. unix server entry must contain port=path keyword-value pair and may contain keepalive=numberand listenq=number pairs. unixd server entry must contain port=path keyword-value pair. global is a special server entry that contains parameters that are not specific to a particular communication protocol. Currntly supported global parameters are ttl=number, cachesize=number, user=userid, group=group id port=number or port=path specifies the IP port number to listen on in dotted quad notation, or path name for UNIX domain socket. allow=pattern and deny=pattern specify which clients are allowed to the server. pattern is dotted quad address followed by the number of bits to check after a slash (/) character. If that many bits of the peer IP address matches the address specified in the pattern, the pattern is considered matching. Of matching patterns, the one with maximum number of bits is used. By default, all clients are denied. keepalive=number specifies the number of seconds to keep the connection to the client open when the client does not send any requests. This is only applicable to streaming connection protocols. ttl=number is the global parameter specifying the number of seconds to keep an entry in the database if it is not deleted explicitly. cachesize=number is the global parameter specifying the maximum number of entries to keep in the database. chroot=path path to chdir and chroot into after the daemon binds to the sockets. It may be wise to set to some empty and not used by any other processes directory. Directory must exist. Only will work if the daemon is started by root. user=userid is the (symbolic) user id to change to after the daemon binds to the sockets. It may be wise to set to nobody for security reasons. Only will work if the daemon is started by root. group=group id - the same for group. If not specified, the group of the user is set. listenq=number - size of listen(2) backlog queue. Defaults to 5 if not specified. Example: server tcp keepalive=600 port=9876 allow=123.45.67.0/24 deny=123.45.67.89/32 Client entryThere are currently 4 types of client entries: tcp, udp, unix and unixd.tcp client entry must contain port=number and address=addrspec keyword-value pairs. udp client entry must contain port=number and address=addrspec keyword-value pairs and may contain allow=pattern, inittimeout=number and maxtries=number pairs. unix client entry must contain port=path keyword-value pair. unixd client entry must contain port=path keyword-value pair and may contain inittimeout=number and maxtries=number pairs. port=number or port=path specifies the IP port number to connect in dotted quad notation, or path name for UNIX domain socket. address=addrspec specify the IP address of the server in dotted quad notation. inittimeout=number is the initical timeout in microseconds to wait for the server responce. After timeout is expired, the request is resent and the timeout is doubled. maxtries=number is the number of retries to make is the server does not respond. allow=pattern, and deny=pattern for the udp client specify the set of IP addresses from which the server responce is allowed. If not present, the server address must exactly match the address value. Specifying different set of addresses may be necessary if the server has multiple IP interfaces and there is no way to predict which of them will be used as the source address in the UDP packet. All configured entries are tried in order until a working one is found. It may be wise to avoid tcp connection protocol because of considerable startup overhead and because if destination host is not responding, it may take very long time for connect() to detect failure. Example: client udp port=9876 address=123.45.67.89 inittimeout=200000 maxtries=3 COPYRIGHTPublic domainSEE ALSOwhoson(3), whosond(8)
Visit the GSP FreeBSD Man Page Interface. |