On 2006/08/07 11:46, Philip Olsson wrote: > Im woundering if there exists a looking glass suitable for public access > over http that uses the new read only socket in openbgpd ?
http://null-ptr.net/sw/lg/ works - besides the mentioned files you will need: bgpd_flags="-r /var/www/var/run/bgpd.sock" everything listed in `ldd /usr/sbin/bgpctl' output (ld.so, lib's) you probably have /var set as nosuid, this means you can't use ping/traceroute in the jail unless you're willing to relax that (and you can't use sudo to run them since that too is setuid). Might be worth also pointing out some SSH modification here, http://archives.neohapsis.com/archives/openbsd/2006-04/1811.html which (I haven't tested, but..) should let you separate webserver from routers and just forward the RO control socket on, which makes a certain amount of sense to me, especially on a public access setup.
