Previous Chapter
Next Chapter
Table of Contents
Index

Introduction
Actions
Event log
Global Variables
Virtual Servers

Configuration Interface Overview


Introduction

Everything that is configurable in Roxen Challenger is configured from the configuration interface. You can here access dynamic information such as memory usage, hits/minute as well as the source Debug and Event log. The sections that follow pack a lot of information into a small space. Each section documents one tab in the configuration interface. The tabs are listed alphabetically, within each tab the menus and sub menus are themselves listed alphabetically.

Actions

Clicking on the Actions button gives you access to a page where you can carry out actions, such as changing the password and the user name of the configuration interface, clear the Event Log or shut down Roxen. You can here also upgrade some of the Roxen components. This will always keep your server up-to-date providing it with a wider line of functions. The following is an overview of the different actions available.

Cache

Cache status
Shows hit rate of the caching system.

Flush caches...
Clicking on Flush caches.. will display a form, where you can choose between flushing one or several caches see Figure 4.1.


Figure 8.1 Flush Caches

Note the book icon in the upper right corner of the Figure. A click on this icon will display a list with description of the different caches.

Reload configurations from disk
Clicking on Reload configurations from disk forces a reload of all configuration information from the configuration files.

Development

Debug information for developers
Shows some internals of Roxen, useful when debugging code.

Pike feature-list
By pressing this link you can get a list of the enabled modules.

Reload the configuration interface from disk
Clicking on this link forces a reload of the configuration interface. The only time this should be necessary is when you have copied files instead of using the configuration interface.

Maintenance


Check your Roxen configuration for problems...
This actions tries to find the most common errors in your configuration.

Clear Event log...
When you feel that you have too many messages in your Event Log you might want to clear this log. You can choose between removing all messages or either one or two of the three message types. Informational messages, Warning messages or Error messages.

Quick Config...
Automates the most common configuration and maintenance tasks.

Show all open ports...
The Show all open ports link gives you an overview of the existing open ports and where they reside.

Upgrade components from roxen.com...
Clicking on this link gives you access to a form which allows you to upgrade the installed or used modules. You can here look for new releases of all installed modules or check for new (previously uninstalled) modules or components.

Security

Change password and/or user name...
Clicking on Change password and/or user name.. gives you access to a form where you can change the username and password of the configuration interface.

Generate a Certificate Signing Request for an RSA key...
This link takes you to a wizard, which walks you through the process of creating a Certificate Signing Request. You'll have to supply an RSA file for signing the request, and some information for the certificate authority, such as IP adress, organization and so forth. This information will be coded into an encrypted block of text, which must then be sent to a certificate authority such as Thawte or VeriSign. You may wish to contact them for further information on certificate procedures.

Generate a new RSA key pair...
This link gives you access to a form that helps you create an RSA key pair, for use in secure server ports and/or as certificate keys. You select the key size. A large key means better security, which has to be balanced against the slightly longer time it takes to connect to a secure server using a large key. You must also supply the name of a file in which to store the key. This is the file name you enter in the "Key file" field when you configure an SSL port, or when you generate a certificate signing request.

Shutdown

Shut down Roxen...
This is where you can shut down Roxen. You can choose to shut it down with or without automatic restart. Note that this action will only be necessary if you have changed the Roxen source code.

Status

Access/request status
Shows the amount of data handled since the last restart.

Current FTP sessions
Clicking on Current FTP sessions will list all active FTP sessions as well as the currently transferred files.

Extended process status
Shows detailed process status on Solaris 2.5 and 2.6.

Host name lookup status
Shows status for the nslookup process.

List Available Fonts...
Pressing List Available Fonts will display a list with all the available fonts as well as examples of what they look like.

Open files
Shows a list of all open files.

Pipe system status
Shows the bimber of data schuggling channels.

Process status
Shows the various information about the pike process.

Thread status
Shows various information about the threads in Roxen.

Event log

The Event log gives you an overview of the server's performance. Clicking on the Event Log tab will display a list with occurred events such as when the server started, which virtual servers were enabled and when the administrator logged in. The list also displays errors like when it failed to compile anything or any occurred errors. The informational messages are preceded by an information icon, while the warning and errors messages are preceded by the warning and error icon respectively (see Figure 8.3).

Figure 8.3 Icons
Information icon
Warning icon
Error icon

Global Variables

Roxen has a number of global variables, the following is a brief description of each one of these variables.

Audit trail

If Audit trail is set to Yes, all changes of uid will be logged in the Event log.

Change uid and gid to

This is where the User and the Group ID's are changed. Note that these must be numerical values. The reason for this is that the change is made before any modules are called, i.e. before Roxen is able to resolve symbolic id:s.

The port used by the http protocol is port 80, and therefore it has to be opened by someone with root privileges. Since it is not a very good idea to have Roxen run as root, we recommend you to change the

Client supports regexps

This is a list of client names in the form of regular expressions, followed by a comma separated list of features supported by all clients matching that regular expression. All lines beginning with "#" are treated as comments. One special case is default which is used if nothing else matches. If a client matches more than one regular expression, the supported features are "summed" together. You can also include files;

#include <relative/exact file path>

There is a default list included which you can study. If you have any additions for this list, please send them to us. The file etc/supports is automatically updated now and then from Idonex , unless you turn it off.

The other case is #section which begins and ends individual browser sections. This simplifies the construction of the regular expressions pertaining to each and every browser. Take a look at the examples in etc/supports.

Configuration interface...


Help texts
Shows descriptions of each and every possible variable. Once you know what you are doing, you might want to turn them off.

IP Pattern
Only clients running on computers with IP numbers matching this pattern will be able to use the configuration interface. This is a way to improve the security of the configuration interface.

Ports
These are the ports through which you can configure the server. As shown in Figure 8.2 a form is displayed for each port.

Figure 8.2
The first field of this form is the actual port number, the second is the protocol used and the third is the interface to bind to. The text area below is for arguments to the actual protocol, currently only the SSL protocol use them. The Configure a new port button will add a new (unconfigured) port, while the Use these values button will save all changes made to the ports above. The text area below is for arguments to the actual protocol, currently only the SSL protocol use them.

Change the port number if you want to but do not delete the last one!

URL
The URL of the configuration interface. The default is http://{Configuration interface IP}:{Configuration port}/. This value will be used for all redirects generated during configuration.

Documentation URL

The URL to prepend to all documentation URLs throughout the server. This URL should not end with a "/".

Fonts

Default font
This is where you specify the default font to be used when modules request a font.

Font directories
This is where the fonts are located.

Identify

Use default identification string
Setting this variable to No will display the Identify as node where you can state what Roxen should call itself when talking to clients

We recommend you to set this variable to No, so you can enter an identification-string that does not include the actual version of Roxen, as recommended by the HTTP/1.0 draft 03:

Note, revealing the specific software version of the server may allow the server machine to become more vulnerable to attacks against software that is known to contain security holes.

Identify as
This is where you state what Roxen should call itself when talking to clients.

Log directory prefix

This is where you state the default file path that will be prepended to the log file path in all the default modules and the virtual server.

Logging Method

The method to use for logging. By default logging to file is used, but it's also possible to enable syslog logging (see below).

Module directories
A comma separated list of directories, where Roxen should look for modules. They can be paths relative to the server/ directory. If you install Roxen and decide to make your own modules, it might be a good idea to have those in a special directory.

By default there are three module directories in the server/ directory; modules/ (containing tried and tested modules), more_modules/ (containing modules that we use but haven't thoroughly tested. Some of them were written by people outside of Idonex) and the non_maintained_modules/ directory (with modules that lack documentation and aren't supported. Use them at your own peril).

Neighborhood...

Broadcast addresses
This is where you state the addresses to connect and send information to.

Register with other Roxen servers on the local network
If this option is set, Roxen will automatically broadcast its existence to other Roxen servers on the local network

Server informational comment
A short string describing this server

TCP hosts
This is the list of direct host<-->host links to establish.

Number of accepts to attempt

This is where you state the maximum number of accepts to attempt for each read call back from the main socket. Increasing this value will make the server faster for users making many simultaneous connections to it. It won't work on some systems, though, e.g. IBM AIX 3.2. To see if it works, change this variable, but don't press SAVE, and then try connecting to your server. If it works, go back and press the save button. If it doesn't work, just restart the server and be happy with having "1" in this field.

Increasing this value will decrease the load balancing between virtual servers.

Number of host name lookup processes

This is where you state the number of simultaneous host-name lookup processes that Roxen should run. The default value is 2, which should be more than enough on a server with normal traffic. If you constantly see a large host name lookup queue size in the configuration interface 'Status' section, consider increasing this variable. A good guideline is:

  • 1 for normal operation
  • 1 extra for each 300 000 accesses/day
  • 1 for each proxy
  • 1 for each 100 proxy users

Note that Roxen must be restarted for a change of this variable to take effect.

Number of threads to run

This is where you state the number of simultaneous threads that Roxen should use.

PID file

In this file, the server will write out its PID, and the PID of the start script. $pid will be replaced with the pid, while the $uid will be replaced with the uid of the user running the process.

Proxy disk cache

Enabled
If set, caching will be enabled. This will speed up most accesses outside your domain quite a lot, especially if you have a slow Internet connection.

The following are only visible if the cache is enabled.

Base Cache Dir
This is the base directory where cached files will reside. To avoid mishaps 'roxen_cache/' is always appended to this variable.

Bytes per second
How file size should be treated during garbage collect. Larger files will be removed first.

Clean size
Minimum number of megabytes removed when a garbage collect is done.

Garbage collector log file
Information about garbage collector runs, removed and refreshed files, cache and disk status goes here.

Keep without Content-Length
This is where you state if you want files without Content-Length header information to be kept in the cache.

Last resort (in days)
This is where you state, how many days files without Expires and without Last-Modified header information should be kept.

Maximum number of files
This is where you state the number of files that may be on disk before a garbage collect is done.

Minimum available free space and inodes
If less than this amount of disk space or inodes (in %) is left, the cache will remove a few files.

Number of hash directories
This is where you precise the number of directories to hash the contents of the disk cache into.

Refresh on Last-Modified
Refresh files without Expires header information depending on how old they were when they got cached.

Size
This is where you specify what size(MB) the cache should grow to before a garbage collect is done.

Set ID cookies only once

If set, Roxen will attempt to set unique user ID cookies only upon receiving the first request (and again after some minutes). Thus, if the user doesn't allow the cookie to be set, he won't be bothered with multiple requests.

Set unique user id cookies

If this is set, every client that visits your server and supports cookies will receive a unique cookie. This cookie can then be used in the log and in scripts to track individual users.

Show the internals

If set, the Internal server error messages will be relayed to the client. This can be very helpful when debugging your own modules or writing Pike scripts.

Syslog

The following variables are only present if you have chosen syslog as the logging method.

Log as
When syslog is used, this will be the identification of the Roxen daemon.

Log PID
If Log PID is enabled, the PID (Process ID) will be included in the syslog. Roxen[4711]: Error:
instead of just
Roxen: Error:

Log to system console
If set and if syslog is used, the error / debug messages will be printed on the system console, as well as to the system log.

Log Type
This is where you state which log type to use.

Log what
This is where you state the amount of information that should be sent when using syslog.

  • Fatal: Only messages about fatal errors
  • Errors: Only error or fatal messages
  • Warning: Warning messages as well
  • Debug: Debug messages as well
  • All: Everything

Update the supports database automatically
If this variable is set to Yes the etc/supports file will be updated automatically from www.roxen.com now and then. We recommend you to set this variable since you will then automatically get information for new clients, and new versions of old ones.

Virtual Servers

When a module is added the variables and settings of the module will show up under the Virtual Servers tab. In other words, this is from where you can configure your added modules. Since there is a large number of modules and you can choose whichever module you would like to add, we have here only described the non-module specific configurations residing under the Virtual Servers tab. For information pertaining to each and every module see Modules.

Status and debug info

Statistics over received and sent data, sent headers and number of requests are found here. With a configured FTP port, statistics over used FTP commands and number of connections, total and current, are displayed as well.

Server variables

Allow anonymous FTP
Choose Yes or No whether to allow this.

Allow named FTP
Choose Yes or No whether to allow this.

Domain
The servers domain name. This should be pre-configured during the virtual server setup.

Listen ports
This is the port administration interface and a list of the ports bound to this virtual server. From left, enter port number then choose protocol in the list. Port values between 0 to 65535 is valid BUT the combination port number,IP number MUST be unique.

Logging

Enabled
Choose Yes or No whether to enable the logging of requests.

Format
Logging is done by HTTP response codes. Enter the desired format for each response code in the text window. For a brief description of response codes see Appendix C.

The syntax for the log entry is: <HTTP response code>: <variables>. * is valid as wildcard substituting all HTTP response codes. Valid log format consists of text and/or an arbitrary selection from the following variables:

Log file
Name of and location for the logfile. Tags like %y, %m, %d and %h will be substituted in the filename for year, month, day and hour. E.g if the date is 1997-08-10 (ISO), entering log%y%m%d will result in logs written to a file named log19970810. This makes it possible to see which logfile contains the log entries from a specific period by simply looking at the log filename.

No Logging for
Prevents logging of requests from hosts with an IP number which matches any of the patterns in this list. This also affects the access counter log. The list is a comma separated list of strings where wildcards, * and ?, are supported.

Messages

FTP Welcome
FTP Welcome answer. It is transmitted to new FTP connections if the file /welcome.msg doesn't exist.

No such file
The return message when a requested resource or file is not available at a certain location is entered here. $File will be replaced with the name of the resource requested, and $Me with the URL of this server.

Server URL
The start page location of the virtual server.

Shell database
Name and location of file which contains a list of all valid shells, usually /etc/shells.

Virtual server comment
Text visible in the configuration interface between list of configured ports and Status and debug info. Useful for guidance, reminder etc.

Virtual server name
Text entered here will be used as a name for the virtual server in the configuration interface instead of the actual name.
Previous Chapter
Next Chapter
Table of Contents
Index