BGPLGSH(8) | System Manager's Manual | BGPLGSH(8) |
bgplgsh
— looking
glass shell for the OpenBSD Border Gateway Protocol daemon
bgplgsh |
The bgplgsh
program is a looking glass
shell for the bgpd(8) Border Gateway
Protocol daemon. The looking glass will provide a simple command line
interface with read-only access to a restricted set of
bgpd(8) and system status information,
which is typically used on route servers by Internet Service Providers
(ISPs) and Internet eXchange points (IXs).
It requires three steps to enable the looking glass shell:
bgplgsh
as a valid login shell. See
shells(5) for more information.
# echo /usr/bin/bgplgsh >> /etc/shells
# adduser -shell bgplgsh -batch bgplg # passwd bgplg
For example, add the following to /etc/bgpd.conf to have bgpd(8) open a second, restricted, control socket:
socket
"/var/www/run/bgpd.rsock" restricted
The bgplgsh
program first appeared in
OpenBSD 4.1. The initial implementation was done in
2005 for DE-CIX, the German commercial internet exchange point.
The bgplgsh
program was written by
Reyk Floeter
<reyk@openbsd.org>.
To prevent commands from running endlessly,
bgplgsh
will kill the corresponding processes after
a hard limit of 60 seconds. For example, this can take effect when using
traceroute(8) with blackholed or bad
routes.
March 17, 2019 | OpenBSD-current |