On Friday 20 June 2008 09:48:53 Alan DeKok wrote:
I've commited some code (~1K LoC) to CVS head that will go into 2.0.6.
In short, there's no point in using SNMP any more. The good news is
that the Status-Server packet is overloaded to get all sorts of
statistics that weren't available in
Exciting stuff!
On Fri, Jun 20, 2008 at 2:48 PM, Alan DeKok [EMAIL PROTECTED]
wrote:
I've commited some code (~1K LoC) to CVS head that will go into 2.0.6.
In short, there's no point in using SNMP any more. The good news is
that the Status-Server packet is overloaded to get all sorts of
hi,
this is very cool - i guess it would be handy to let remote
authorised machiens query it (trivial to have one central stats
store then) but still. I hope to see a lot of useful tools/widgets
using this. bit of RRDTool is calling.
alan
-
List info/subscribe/unsubscribe? See
[EMAIL PROTECTED] wrote:
this is very cool - i guess it would be handy to let remote
authorised machiens query it
Yes. But... it is a potential security issue to expose those
statistics to anyone who asks.
I could see external sites querying these statistics if:
- the connection is
Alan DeKok wrote:
[EMAIL PROTECTED] wrote:
this is very cool - i guess it would be handy to let remote
authorised machiens query it
Seconded.
Yes. But... it is a potential security issue to expose those
statistics to anyone who asks.
I could see external sites querying
Arran Cudbard-Bell wrote:
But it also kinda limits the usefulness of the feature. Couldn't you
place it in the hands of the server admins to decide which hosts can
query and which can't? Another configuration item in clients?
grumble
It's possible. I guess.
I think the safest thing to
Hi,
Yes. But... it is a potential security issue to expose those
statistics to anyone who asks.
obviously.
I could see external sites querying these statistics if:
- the connection is encrypted
- the client is querying a socket dedicated to Status-Server messages.
yep.
[EMAIL PROTECTED] wrote:
yep. now...although I'm thinking RADSEC could be involved...just
a new port that is properly firewalled would do. i guess
a 'statistics virtual server' would be the ideal thing.
Done. Listen type = status. In CVS.
i noted! grabbed the CVS to just have a look
Hi,
Done. Listen type = status. In CVS.
:-)
You have local modifications, and the CVS update didn't do a merge,
because it didn't know how.
okay. yup. auth.c - modified a while back now - was the
goodpass/badpass logging issue. removed and it now works
alan
-
List
Arran Cudbard-Bell wrote:
But it also kinda limits the usefulness of the feature. Couldn't you
place it in the hands of the server admins to decide which hosts can
query and which can't? Another configuration item in clients?
grumble
It's possible. I guess.
I think the
Tuc at T-B-O-H.NET wrote:
Maybe a quicker solution would be to enable libwrap for it?
I understand the changes to the code to support libwrap aren't too much,
and it can even be made optional via the ./configure .
Ugh. The IP configuration / filter in the server already does as
much,
Tuc at T-B-O-H.NET wrote:
Maybe a quicker solution would be to enable libwrap for it?
I understand the changes to the code to support libwrap aren't too much,
and it can even be made optional via the ./configure .
Ugh. The IP configuration / filter in the server already does as
12 matches
Mail list logo