Previous Chapter
Next Chapter
Table of Contents
Index
Introduction
Actions
Event log
Global Variables
Virtual Servers
|
Configuration Interface Overview
Everything that is configurable in Roxen Challenger is configured from
the configuration interface. You can here access dynamic information
such as memory usage, hits/minute as well as the source Debug and
Event log.
The sections that follow pack a lot of information into a
small space. Each section documents one tab in the
configuration interface. The tabs are listed alphabetically, within
each tab the menus and sub menus are themselves listed alphabetically.
Clicking on the Actions button gives you access to a page where
you can carry out actions, such as changing the password
and the user name of the configuration interface, clear the Event Log or
shut down Roxen. You can here also upgrade some of the Roxen
components. This will always keep your server up-to-date providing it
with a wider line of functions. The following is an overview of the
different actions available.
Cache
- Cache status
- Shows hit rate of the caching system.
- Flush caches...
- Clicking on Flush caches.. will display a form, where you
can choose between flushing one or several caches see Figure 4.1.
|
Figure 8.1 Flush
Caches
|
|
|
|
Note the book icon in the upper right corner of the Figure. A
click on this icon will display a list with description of the
different caches.
- Reload configurations from disk
- Clicking on Reload configurations from disk forces a reload
of all configuration information from the configuration files.
Development
- Debug information for developers
- Shows some internals of Roxen, useful when debugging code.
- Pike feature-list
- By pressing this link you can get a list of the enabled modules.
- Reload the configuration interface from disk
- Clicking on this link forces a reload of the configuration interface.
The only time this should be necessary is when you have copied files
instead of using the configuration interface.
Maintenance
|
|
- Check your Roxen configuration for problems...
- This actions tries to find the most common errors in your configuration.
- Clear Event log...
- When you feel that you have too many messages in your Event Log
you might want to clear this log. You can choose between removing
all messages or either one or two of the three message
types. Informational messages, Warning messages or
Error messages.
- Quick Config...
- Automates the most common configuration and maintenance tasks.
- Show all open ports...
- The Show all open ports link gives you an overview of the
existing open ports and where they reside.
|
|
- Upgrade components from roxen.com...
- Clicking on this link gives you access to a form which allows you
to upgrade the installed or used modules. You can here look for
new releases of all installed modules or check
for new (previously uninstalled) modules or components.
Security
- Change password and/or user name...
- Clicking on Change password and/or user name.. gives you
access to a form where you can change the username and password
of the configuration interface.
- Generate a Certificate Signing Request for an RSA key...
- This link takes you to a wizard, which walks you through the
process of creating a Certificate Signing Request. You'll have to
supply an RSA file for signing the request, and some information for
the certificate authority, such as IP adress, organization and so
forth. This information will be coded into an encrypted block of text,
which must then be sent to a certificate authority such as Thawte or
VeriSign. You may wish to contact them for further information on
certificate procedures.
- Generate a new RSA key pair...
- This link gives you access to a form that helps you create an RSA
key pair, for use in secure server ports and/or as certificate
keys. You select the key size. A large key means better security,
which has to be balanced against the slightly longer time it takes to
connect to a secure server using a large key. You must also supply the
name of a file in which to store the key. This is the file name you
enter in the "Key file" field when you configure an SSL port, or when
you generate a certificate signing request.
Shutdown
- Shut down Roxen...
- This is where you can shut down Roxen. You can choose to shut it
down with or without automatic restart. Note that this action will only be
necessary if you have changed the Roxen source code.
Status
- Access/request status
- Shows the amount of data handled since the last restart.
- Current FTP sessions
- Clicking on Current FTP sessions will list all active FTP
sessions as well as the currently transferred files.
- Extended process status
- Shows detailed process status on Solaris 2.5 and 2.6.
- Host name lookup status
- Shows status for the nslookup process.
- List Available Fonts...
- Pressing List Available Fonts will display a list with all
the available fonts as well as examples of what they look like.
- Open files
- Shows a list of all open files.
- Pipe system status
- Shows the bimber of data schuggling channels.
- Process status
- Shows the various information about the pike process.
- Thread status
- Shows various information about the threads in Roxen.
The Event log gives you an overview of the server's
performance. Clicking on the Event Log tab will display a list
with occurred events such as when the
server started, which virtual servers were enabled and when the
administrator logged in. The list also
displays errors like when it failed to compile anything or any
occurred errors. The informational messages are preceded by an
information icon, while the warning and errors messages are preceded by
the warning and error icon respectively (see Figure 8.3).
Figure 8.3 Icons
Information icon
Warning icon
Error icon |
|
Roxen has a number of global variables, the following is a brief
description of each one of these variables.
Audit trail
- If Audit trail is set to Yes, all changes of uid
will be logged in the Event log.
Change uid and gid to
- This is where the User and the Group ID's are changed. Note that these
must be numerical values. The reason for this
is that the change is made before any modules are called,
i.e. before Roxen is able to resolve symbolic id:s.
The port used by the http protocol is port 80, and therefore it has to be
opened by someone with root privileges. Since it is not a very good
idea to have Roxen run as root, we recommend you to change the
Client supports regexps
- This is a list of client names in the form of regular expressions,
followed by a comma separated list of features supported by all
clients matching that regular expression. All lines beginning with
"#" are treated as comments. One special case is
default which is used if nothing else matches. If a
client matches more than one regular expression, the supported
features are "summed" together. You can also include files;
#include <relative/exact file path>
There is a default list included which you can study. If you have any
additions for this list, please send them to us. The file
etc/supports is automatically updated now and then
from Idonex , unless you turn it off.
The other case is #section which begins and ends
individual browser sections. This simplifies the construction of
the regular expressions pertaining to each and every browser. Take
a look at the examples in etc/supports.
Configuration interface...
|
|
- Help texts
- Shows descriptions of each and every possible variable. Once you
know what you are doing, you might want to turn them off.
- IP Pattern
- Only clients running on computers with IP numbers matching this
pattern will be able to use the configuration interface. This is a
way to improve the security of the configuration interface.
- Ports
- These are the ports through which you can configure the
server. As shown in Figure 8.2 a form is displayed for each port.
|
Figure 8.2
|
|
The first field of this form is
the actual port number, the second is the protocol used and the
third is the interface to bind to. The text area below is for
arguments to the actual protocol, currently only the SSL protocol
use them. The Configure a new port button will add a new
(unconfigured) port, while the Use these values button will
save all changes made to the ports above. The text area below is for
arguments to the actual protocol, currently only the SSL protocol
use them.
|
|
Change the port
number if you want to but do not delete the last one!
- URL
- The URL of the configuration interface. The default is
http://{Configuration interface IP}:{Configuration
port}/ . This value will be used for all redirects generated
during configuration.
Documentation URL
- The URL to prepend to all documentation URLs throughout the
server. This URL should not end with a "/".
Fonts
- Default font
- This is where you specify the default font to be used when modules
request a font.
- Font directories
- This is where the fonts are located.
Identify
- Use default identification string
- Setting this variable to No will display the Identify
as node where
you can state what Roxen should call itself when talking to clients
We recommend you to set this variable to No, so you can enter
an identification-string that does not include the actual version
of Roxen, as recommended by the HTTP/1.0 draft 03:
Note, revealing the specific software version of the server may
allow the server machine to become more vulnerable to attacks
against software that is known to contain security holes.
- Identify as
- This is where you state what Roxen should call itself when talking
to clients.
Log directory prefix
- This is where you state the default file path that will be
prepended to the log file path in all the default modules and the
virtual server.
Logging Method
- The method to use for logging. By default logging to file is used,
but it's also possible to enable syslog logging (see
below).
- Module directories
- A comma separated list of directories, where Roxen should look for
modules. They can be paths relative to the
server/ directory. If you install Roxen and decide to
make your own modules, it might be a good idea to have those in a
special directory.
- By default there are three module directories in the
server/ directory; modules/ (containing
tried and tested modules), more_modules/ (containing
modules that we use but haven't thoroughly tested. Some of them
were written by people outside of Idonex) and the
non_maintained_modules/ directory (with modules that
lack documentation and aren't supported. Use them at your own
peril).
Neighborhood...
- Broadcast addresses
- This is where you state the addresses to connect and send
information to.
- Register with other Roxen servers on the local network
- If this option is set, Roxen will automatically broadcast its
existence to other Roxen servers on the local network
- Server informational comment
- A short string describing this server
- TCP hosts
- This is the list of direct host<-->host links to establish.
Number of accepts to attempt
- This is where you state the maximum number of accepts to attempt
for each read call back from the main socket. Increasing this value will
make the server faster for users making many simultaneous
connections to it. It won't
work on some systems, though, e.g. IBM AIX 3.2. To see if it works,
change this variable, but don't press SAVE, and then try
connecting to your server. If it works, go back and press the save
button. If it doesn't work, just restart the server and be happy
with having "1" in this field.
Increasing this value will decrease the load balancing between virtual
servers.
Number of host name lookup processes
- This is where you state the number of simultaneous host-name lookup
processes that Roxen should run. The default value is 2, which
should be more than enough on a server with normal traffic. If you constantly see a
large host name lookup queue size in the configuration interface 'Status' section,
consider increasing this variable. A good guideline is:
- 1 for normal operation
- 1 extra for each 300 000 accesses/day
- 1 for each proxy
- 1 for each 100 proxy users
Note that Roxen must be restarted for a change of this
variable to take effect.
Number of threads to run
- This is where you state the number of simultaneous threads that
Roxen should use.
PID file
- In this file, the server will write out its PID, and the PID of
the start script. $pid will be replaced with the pid,
while the $uid will be replaced with the uid of the
user running the process.
Proxy disk cache
- Enabled
- If set, caching will be enabled. This will speed up most accesses
outside your domain quite a lot, especially if you have a slow
Internet connection.
The following are only visible if the cache is enabled.
- Base Cache Dir
This is the base directory where cached files will reside. To
avoid mishaps 'roxen_cache/' is always appended to
this variable.
- Bytes per second
How file size should be treated during garbage collect. Larger
files will be removed first.
- Clean size
Minimum number of megabytes removed when a garbage collect is
done.
- Garbage collector log file
Information about garbage collector runs, removed and refreshed
files, cache and disk status goes here.
- Keep without Content-Length
This is where you state if you want files without Content-Length
header information to be kept in the cache.
- Last resort (in days)
This is where you state, how many days files without Expires and
without Last-Modified header information should be kept.
- Maximum number of files
This is where you state the number of files that may be on disk
before a garbage collect is done.
- Minimum available free space and inodes
If less than this amount of disk space or inodes (in %) is left,
the cache will remove a few files.
- Number of hash directories
This is where you precise the number of directories to hash the
contents of the disk cache into.
- Refresh on Last-Modified
Refresh files without Expires header information depending on how
old they were when they got cached.
- Size
This is where you specify what size(MB) the cache should
grow to before a garbage collect is done.
Set ID cookies only once
- If set, Roxen will attempt to set unique user ID cookies only upon
receiving the first request (and again after some minutes). Thus,
if the user doesn't allow the cookie to be set, he won't be
bothered with multiple requests.
Set unique user id cookies
- If this is set, every client that visits your server and supports
cookies will receive a unique cookie. This cookie can then be used
in the log and in scripts to track individual users.
Show the internals
- If set, the Internal server error messages will be relayed to the
client. This can be very helpful when debugging your own modules
or writing Pike scripts.
-
The following variables are only present if you have chosen
syslog as the logging method.
- Log as
- When syslog is used, this will be the identification of the Roxen daemon.
- Log PID
- If Log PID is enabled, the PID (Process ID) will be included in the syslog.
Roxen[4711]: Error:
instead of just
Roxen: Error:
- Log to system console
- If set and if syslog is used, the error / debug messages will be
printed on the system console, as well as to the system log.
- Log Type
- This is where you state which log type to use.
- Log what
- This is where you state the amount of information that should be
sent when using syslog.
- Fatal: Only messages about fatal errors
- Errors: Only error or fatal messages
- Warning: Warning messages as well
- Debug: Debug messages as well
- All: Everything
- Update the supports database automatically
- If this variable is set to Yes the etc/supports file will
be updated automatically from www.roxen.com now and
then. We recommend you to set this variable since you will then
automatically get information for new clients, and new versions of
old ones.
When a module is added the variables and settings of the module will
show up under the Virtual Servers tab. In other words, this is
from where you can configure your added modules. Since there is a
large number of modules and you can choose whichever module you
would like to add, we have here only described the non-module specific
configurations residing under the Virtual Servers tab. For
information pertaining to each and every module see Modules.
Status and
debug info
- Statistics over received and sent data, sent headers and
number of requests are found here. With a configured FTP port,
statistics over used FTP commands and number of connections, total and
current, are displayed as well.
Server variables
- Allow anonymous FTP
- Choose Yes or
No whether to allow this.
- Allow named FTP
- Choose Yes or No whether
to allow this.
- Domain
- The servers domain name. This should be
pre-configured during the virtual server setup.
- Listen ports
- This is the port administration interface
and a list of the ports bound to this virtual server. From left,
enter port number then choose protocol in the list. Port values
between 0 to 65535 is valid BUT the combination port number,IP
number MUST be unique.
- Logging
- Enabled
- Choose Yes or No whether to enable
the logging of requests.
- Format
- Logging is done by HTTP response codes. Enter the
desired format for each response code in the text window. For a brief
description of response codes see
Appendix C.
The syntax for the log entry is: <HTTP response code>:
<variables>. * is valid as wildcard substituting all HTTP
response codes. Valid log format consists of text and/or an
arbitrary selection from the following variables:
- Log file
- Name of and location for the logfile. Tags like
%y, %m, %d and %h will be substituted in the
filename for year, month, day and hour. E.g if the date is 1997-08-10
(ISO), entering log%y%m%d will result in logs written to a
file named log19970810. This makes it possible to see which
logfile contains the log entries from a specific period by simply looking
at the log filename.
- No Logging for
- Prevents logging of requests from hosts
with an IP number which matches any of the patterns in this list. This
also affects the access counter log. The list is a comma separated list
of strings where wildcards, * and ?, are supported.
- Messages
FTP Welcome- FTP Welcome
answer. It is transmitted to new FTP connections if the file
/welcome.msg doesn't exist.
- No such file
- The return message when a requested
resource or file is not available at a certain location is entered
here. $File will be replaced with the name of the resource requested,
and $Me with the URL of this server.
- Server URLThe start page location of the virtual server.
- Shell databaseName and location of file which contains
a list of all valid shells, usually /etc/shells.
- Virtual server commentText visible in the configuration
interface between list of configured ports and Status and debug
info. Useful for guidance, reminder etc.
- Virtual server nameText entered here will be used as a
name for the virtual server in the configuration interface instead of
the actual name.
|
Previous Chapter
Next Chapter
Table of Contents
Index
| |