ss5.ha

Langue: en

Version: 173897 (fedora - 06/07/09)

Section: 5 (Format de fichier)

NAME

ss5.ha - Contains directives for centralized configuration management

SYNOPSIS

ss5 usually reads the HA file, ss5.ha, in the /etc/opt/ss5 directory.

DESCRIPTION

To enable centralized configuration management, ss5 opens and reads peers list from ss5.ha file and propagate local configuration to them after load/reload command is received, using a propagate key as security mechanism. HA file contains also directives that must not be propagated to peers, such as <route>.

In the HA file, add one line for each peer. Each line should contain <peer> directive with the internet address of peer.

Adding centralized configuration management feature to ss5 requires 3 steps:

1. Create the HA file with one entry per line. To create an entry for the peer 172.16.0.1, add this line to the ss5.ha file:

peer 172.16.0.1
2. Set the environment variable SS5_PROPAGATE_KEY on master and peers with a key value before launch ss5 binary. The startup file may contain two lines such as:

SS5_PROPAGATE_KEY=123456789
export SS5_PROPAGATE_KEY

3. Set the environment variable SS5_ROLE_SLAVE=YES on peers to enable slave role and accept replica from master.

ROUTING ENTRIES

Route entries describe the addresses ss5 must bind to before CONNECT, BIND and UPSTREAM operations.


route source/destination-host bind-address group flag
source
Could be host address or network address (source or destination if flag 's' o 'd')
bind-address
Must be host address
group
Could be filename in the /etc/ss5 directory containing usernames, a DN into a directory server or - (None). Not available for UDP requests.
flag
Could be 's' or 'd'. If =s, route is evaluated as source; if =d, route is evaluated as destination.

SEE ALSO

ss5(1), ss5.conf(5), ss5.pam(5) ss5.passwd(5)

AUTHOR

Matteo Ricchetti

Send comments to matteo.ricchetti@libero.it