On Monday 26 August 2002 12:14, Eric Wolzak wrote: > Hello List > > Every now and then there are questions about a web-based > configuration tool. I did create one for shorewall ( low version) for > some time. useing a webscript. There are however a lot of traps on > webbased tools. > Thinking about a new webbased configuration tools, I have a few > remarks and questions.
There are a couple of us doing some testing and playing with some ideas right now. > 1 Do we need one. ? No, but quite a few people seem to want one...it should/will be optional IMHO. What is being tested/written by myself will be able to run via CLI as well. > 2.If yes for what do we need one: > do we want to set a few items f.e restart a server, or rotate a > log manually, clear the firewall. Or: do we want to completely > configurate a Leaf box. - if it is only to take a connection down or > something alike look at routerst.lrp a mini webpage, with which you > could run commands but not secure. It could all be done, but modularized so people may choose what they want configurable with it. > 3. if we want complete control then the method should be modular, as > not every box is the same. (f.e like webmin) Correct. > 4. How about security. everybody that can call the webpage could > theoretically manipulate the router/firewall ( not something to sleep > well ;) ) The user should be able to set this variable for their own security risk. > 5 A tool like webmin would be nice but is it necessary, how often do > you change the complete configuration and how large would this > package be: Perl, adapted webmin. Modules should be able to be loaded/unloaded as the users preference. > 5b or a stripped down Webbased configuration, only for the basic > setup f.e as shell script. With special wishes the user has to use > lrcfg, edit files online or ssh into the box. For floppy concerns, I have proposed using zebedee instead of ssh. This is open for suggestions and debate as far as I'm concerned. > 5c shows a certain file from the configuration menu ( based on lrcfg) > in a input field of a window. > After editing post it back and it is read on the server and written > allong to the appropriate location. I'm thinking something along these very lines. > 6 for the same size you get a sshd package with more security and > more flexibility, but less graphically appealing and perhaps a little > bit more difficult for a start. Why not tunnel the www through ssh/zebedee for use. I would want to mandate this, but others opinions may differ. > 7, Or is a configuration tool /disk helpfull. > to configure the box, put the disk in with a webmin alike server > eventually in stripped down version ( for "newbies") > configure, backup etc and reboot without the server (more secure) Hmmm, that opens some more possibilities. How would you propose doing this? > 8. What I did with a previous isdn Dachstein version was create a > "form" in txt format. There were only a few items to fill out. > After booting insert the disk run install and a shell script sets the > configuration items according to the wishes and tries to put up the > connection with at the end some diagnostic tests. I've offered a set of basic install scripts included in a Dachstein floppy image for over 6 months now. Few people have showed interest in this as compared to something via web-browser. > 9 should the configuration be always be available or only after a > specific action. I don't know, any ideas?? -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! ------------------------------------------------------- This sf.net email is sponsored by: OSDN - Tired of that same old cell phone? Get a new here for FREE! https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
