I've also put one together that runs in apache's chroot although it
requires a few binaries from the base system: ping, traceroute and a
static version of bgpctl.
http://null-ptr.net/sw/lg/
Dustin Lundquist
Reyk Floeter wrote:
On Wed, Dec 06, 2006 at 02:53:15PM -0600, [EMAIL PROTECTED] wrote:
Has anyone as of yet written, or know of, a looking glass script that
can be used with OpenBGPd to act as a looking glass/route server? I
need to deploy a semi-public looking glass, don't really want to use
zebra/quagga, and don't really have the time (or the programming
chops, I'll admit it) to hack up a script.
Here's the latest info I've been able to find based on one of
Henning's presentations:
"BGPd has a second, restricted, control socket now; I coded that two
weeks ago. It only allows certain messages - namely those behind the
BGPd "show" operations. While running httpd in a chroot environment,
which is default on OpenBSD, a cgi can call the bgpctl binary placed
inside the chroot, passing the path to this restricted socket. Then,
you just need the cgi to call that, and the looking glass is done."
"The cgi... yeah, someone needs to sit down and hack that, but it
should be easy."
i actually requested the restricted socket when i implemented bgplg.
it may need some more work and i haven't really decided where and how
to release it. anyway, download a working "snapshot" from:
http://team.vantronix.net/~reyk/bgplg.tar.gz
it includes the cgi (bgplg) and a very simple looking glass "cli"
(bgplgsh) for restricted shell access.
cheers,
reyk
