Short description of Evidence control system This directory contains the backbone of the control system. Config is the configuration server and needs to run before any other DIM server that requests configuration information is started (if a configuration request cannot be answered, a server will normally not start). A configuration file can be given on the command line. DColl is the central data collector. It subscribes to all services handled by the name server and writes them to disk (except those excluded in the configuration file). It also provides a history service for all DIM services and a command for logging. Alarm can be configured to check all servers for availability and status and can produce a master alarm. The DIMDIR environment variable needs to point to the DIM installation directory when compiling. DIM_DNS_NODE must point to the name server for any DIM server to run. Version history --------------- 19/5/2010 Service histories now available via DimRpc from DColl, not via .hist service When regular expression compiling results in error, State is set to ERROR, not FATAL. The erroneous expression is ignored in the following. 25/5/2010 Service history remains available if service itself become unavailable. If not yet in memory, reading from file is tried. Improved error handling of history files. 28/5/2010 Changed name of 'State' service to 'Message' to better reflect its functionality. Added client information to log file entries. 30/5/2010 Created Bridge server that repeats services from one DNS to another. Service quality now also written to slow data file. 31/5/2010 Configuration file format follows semi-standard INI format. 7/6/2010 Separated History service from DColl. History format changed, now includes service format (allows history access also when service is unavailable). 11/6/2010 Bridge does not forward history service 17/6/2010 Added SendToLog() method. Changed severity encoding of Message service to use standard DIM structure of format "I:1;C" 18/6/2010 Alarm server configuration accepts now one email address per server. A new service for each observed server SERVERNAME/AlarmLevel contains the highest level that occurred in the past. Reset of alarm level only via a DIM command. 19/6/2010 ToString() now returns std::string 23/6/2010 GetConfig() returns std::string. Non-blocking configuration request in case GetConfig() not called from main thread. Access to configuration information internally mutex protected. With ActivateSignal() a signal can be set that is send to main thread upon configuration file change, the build-in signal handler then invokes the (virtual) method ConfigChanged(). 24/6/2010 Workaround for erroneous /SERVICE_LIST updates. Added static tokenize method to Evidence class. 30/6/2010 Made Lock()/Unlock() publicly available (mutex of type PTHREAD_MUTEX_ERRORCHECK), in case signal is set with ActivateSignal() this signal will be blocked while locked. Implemented experimental automatic full configuration tracking for Bridge. Preliminary firewall settings on eth-vme02 (rule 5 for DIM, rule 6 for X11 over ssh) Chain INPUT (policy ACCEPT) num target prot opt source destination 1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) num target prot opt source destination 1 RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) num target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) num target prot opt source destination 1 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255 2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 3 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:2000 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:5100:6000 state NEW 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:6000:6063 state NEW 7 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited