On Wed, Dec 06, 2006 at 02:53:15PM -0600, [EMAIL PROTECTED] wrote: > Has anyone as of yet written, or know of, a looking glass script that > can be used with OpenBGPd to act as a looking glass/route server? I > need to deploy a semi-public looking glass, don't really want to use > zebra/quagga, and don't really have the time (or the programming > chops, I'll admit it) to hack up a script. > > Here's the latest info I've been able to find based on one of > Henning's presentations: > > "BGPd has a second, restricted, control socket now; I coded that two > weeks ago. It only allows certain messages - namely those behind the > BGPd "show" operations. While running httpd in a chroot environment, > which is default on OpenBSD, a cgi can call the bgpctl binary placed > inside the chroot, passing the path to this restricted socket. Then, > you just need the cgi to call that, and the looking glass is done." > > "The cgi... yeah, someone needs to sit down and hack that, but it > should be easy." >
i actually requested the restricted socket when i implemented bgplg. it may need some more work and i haven't really decided where and how to release it. anyway, download a working "snapshot" from: http://team.vantronix.net/~reyk/bgplg.tar.gz it includes the cgi (bgplg) and a very simple looking glass "cli" (bgplgsh) for restricted shell access. cheers, reyk
