| 1 | Short description of Evidence control system
|
|---|
| 2 |
|
|---|
| 3 | This directory contains the backbone of the control system.
|
|---|
| 4 |
|
|---|
| 5 | Config is the configuration server and needs to run before any other DIM
|
|---|
| 6 | server that requests configuration information is started (if a configuration
|
|---|
| 7 | request cannot be answered, a server will normally not start). A configuration
|
|---|
| 8 | file can be given on the command line.
|
|---|
| 9 |
|
|---|
| 10 | DColl is the central data collector. It subscribes to all services handled by
|
|---|
| 11 | the name server and writes them to disk (except those excluded in the
|
|---|
| 12 | configuration file). It also provides a history service for all DIM services
|
|---|
| 13 | and a command for logging.
|
|---|
| 14 |
|
|---|
| 15 | Alarm can be configured to check all servers for availability and status and
|
|---|
| 16 | can produce a master alarm.
|
|---|
| 17 |
|
|---|
| 18 | The DIMDIR environment variable needs to point to the DIM installation directory
|
|---|
| 19 | when compiling. DIM_DNS_NODE must point to the name server for any DIM server
|
|---|
| 20 | to run.
|
|---|
| 21 |
|
|---|
| 22 | - Oliver Grimm, 18/1/2010
|
|---|
| 23 |
|
|---|
| 24 | Version history
|
|---|
| 25 | ---------------
|
|---|
| 26 |
|
|---|
| 27 | 19/5/2010 Service histories now available via DimRpc from DColl, not via .hist service
|
|---|
| 28 | When regular expression compiling results in error, State is set to ERROR, not
|
|---|
| 29 | FATAL. The erroneous expression is ignored in the following.
|
|---|
| 30 | 25/5/2010 Service history remains available if service itself become unavailable. If not
|
|---|
| 31 | yet in memory, reading from history file is tried. Improved error handling of
|
|---|
| 32 | history files.
|
|---|
| 33 |
|
|---|
| 34 |
|
|---|
| 35 |
|
|---|
| 36 | Preliminary firewall settings (rule 9 for DIM, rule 10 for X11 over ssh)
|
|---|
| 37 |
|
|---|
| 38 | Chain INPUT (policy ACCEPT)
|
|---|
| 39 | num target prot opt source destination
|
|---|
| 40 | 1 RH-Firewall-1-INPUT all -- anywhere anywhere
|
|---|
| 41 |
|
|---|
| 42 | Chain FORWARD (policy ACCEPT)
|
|---|
| 43 | num target prot opt source destination
|
|---|
| 44 | 1 RH-Firewall-1-INPUT all -- anywhere anywhere
|
|---|
| 45 |
|
|---|
| 46 | Chain OUTPUT (policy ACCEPT)
|
|---|
| 47 | num target prot opt source destination
|
|---|
| 48 |
|
|---|
| 49 | Chain RH-Firewall-1-INPUT (2 references)
|
|---|
| 50 | num target prot opt source destination
|
|---|
| 51 | 1 ACCEPT icmp -- anywhere anywhere icmp any
|
|---|
| 52 | 2 ACCEPT ipv6-crypt-- anywhere anywhere
|
|---|
| 53 | 3 ACCEPT ipv6-auth-- anywhere anywhere
|
|---|
| 54 | 4 ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
|
|---|
| 55 | 5 ACCEPT udp -- anywhere anywhere udp dpt:ipp
|
|---|
| 56 | 6 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
|
|---|
| 57 | 7 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
|
|---|
| 58 | 8 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:sieve
|
|---|
| 59 | 9 ACCEPT tcp -- anywhere anywhere state NEW tcp dpts:5100:x11
|
|---|
| 60 | 10 ACCEPT tcp -- anywhere anywhere state NEW tcp dpts:x11:6063
|
|---|
| 61 | 11 REJECT all -- anywhere anywhere reject-with icmp-host-prohibited
|
|---|
