################################################################ # # # ****** Full documentation of all options ****** # # # ################################################################ # config-file for LineControl Server 2.1.x # the order of the keywords doesn't matter (except filter_*) # keyword and value must be separated by _one white-space (32)_ # don't use any keyword twice (except 'line' and keywords that # apply to lines instead to the whole server process (global keywords) # first we have a look at the global keywords: #----------------------- # Server Port #----------------------- # the IP the server is listening on (currently only one ip). # if you would like to listen on many devices you have # to say 0.0.0.0 (or try something like 192.168.0.0, # maybe it works...) # TCP port 16007 is default # bind_to 192.168.0.1 # port 16007 #----------------------- # User Accounting #----------------------- # if you set 'user_accounting' to yes, only LCP3 (LineControl Protocol 3.x) # clients will have access (other clients don't support the neccessary # protocol) # If you compiled linesrv with neither PAM nor crypt you have # to say 'no' here... (or don't tell me you can't login! ;) # user_accounting yes # a password file of the /etc/passwd format. Probably /etc/shadow or else # /etc/passwd # if you have compiled in Linux-PAM support, just don't use the keyword # passwd_file and set 'user_accounting yes'. Then read ../pam.d/README. # DES / MD5: since version 2.1.11 the password file # (either /etc/passwd or /etc/shadow ) is automatically detected. # whether you're using DES (13 characters long) or MD5 encrypted # passwords doesn't matter, linesrv will detect it. # So the passwd_file keyword is still valid an get's parsed, # but we don't need it anymore. # passwd_file /etc/shadow #--------------------------- # online costs #--------------------------- # define 'tarif' if you want the online costs to be calculated # the keywords tarif and currency are not parsed by linesrv. # only lclog starting at linesrv 2.1.11 can calculate costs. # see <tarball>/linesrv-2.1/lclog/ for details. # tarif /etc/linesrv/tarif.conf # currency EUR #--------------------------- # logging #--------------------------- # with 'logfile' you can log the ip, "from" time, "to" time and the seconds # a client used the connection. Furthermore the server logs the same # without IP when the connection gets closed (either by 'server' or # 'manually') # remember that multiple clients can use the connection at the # same time. So the sum of the secs of the clients is not the # one of the 'line ...' entries! (evidentially... :) # You can parse the logfile with lclog. See ./linesrv/lclog/INSTALL # on how to use lclog (it's designed for use as cgi program with a # webserver) # If you're using mysql for logging and would like to disable logging # to the file (because you don't want to log everything twice) just # comment out the logfile keyword. # logfile /var/log/linesrv/dialsrv.log # linesrv can log its process id to a file. This file won't be removed # by linesrv on shutdown. It will be overwritten on startup. # (maybe a bug. But there are more important things right now!) # you can use 'kill -QUIT `cat /var/run/linesrv.pid`' to terminate # linesrv correctly. Afterwards do a 'rm /var/run/linesrv.pid'... # pidfile /var/run/linesrv.pid #----------------------- # MySQL logging #----------------------- # This feature logs everything that has been logged to the logfile # to a mysql database. Read ./mysqldb.linesrv.dump to get an idea # how the mysql database has to be prepared. # Use lclog-mysql (php scripts) to generate statistics. Get it from # http://linecontrol.sourceforge.net/ --> "Download" # To disable mysql logging either run configure with the option # '--disable-mysql' and compile again or comment out all 'db_*' # keywords below. # db_hostname localhost # db_port 3306 # db_user linesrv # db_pass yourpwd # db_name linesrv #-------------------------- # HTML server status report #-------------------------- # A new feature in version 2.1.0 is the html_status pipe. # use 'mkdir /var/lib/linesrv' and then for example # 'mknod /var/lib/linesrv/htmlstatus p' to create a pipe # then the following line tells the linesrv to use this pipe: # html_status /var/lib/linesrv/htmlstatus # linesrv has to be able to write/read to/from that named pipe. The # utility htmlstatus which you can find in ./htmlstatus # can read from that pipe. Attention: htmlstatus has to be run # with the same user id set as the linesrv process so it can # send a SIGUSR1 to linesrv. At home on the local network # I run it as root. htmlstatus will read /etc/linesrv.conf # (compiled in for security reasons) and then look for the # two keywords 'pid_file' and 'html_status'. Without these # it won't work. I use htmlstatus directly as a CGI program. # Therefore it has to have: 'chown root.www-data' 'chmod ug+rx htmlstatus' # 'chmod o-rwx htmlstatus' 'chmod u+s htmlstatus' #--------------------------------- # ISDN-Watcher #--------------------------------- # If you don't have ISDN or don't want the clients to display incoming # ISDN calls just set caller_nr_pos to 0 and start linesrv as you would # start any normal program :) ( '/<path>/linesrv'<enter> ) # If you want the clients to display incoming ISDN calls, start # isdnlog and linesrv so that isdnlog pipes its logging output # to stdin of linesrv: '/<path>/isdnlog <options> | /<path>/linesrv' # # in this section you have to configure the exact positions of a few strings # which appear in the isdnlog message if you have an incoming call. # # If these positions are wrong we cannot inform you when someone is # trying to call you. # # The file, where those positions are defined is /etc/isdn/isdn.conf. # The two interesting lines are "ILABEL" and "OLABEL"-line in the # [ISDNLOG] subsection. # # We recomend to put those two example lines there and remove the already # existing lines (if you do this, you do _not_ have to proceed setting # the variables in this file, they already match): # ILABEL = Incoming: %b %e %T %I Call to tei %t from %N0 on %n4 # OLABEL = Outgoing: %b %e %T %I tei %t calling %N2 with %n2 # # We need to know the first word after the '=' sign (so don't put a % there) # on the ILABEL line # caller_delimiter Incoming: # We need to know the first word after the '=' sign (so don't put a % there) # of the OLABEL line # receiver_delimiter Outgoing: # At which position do we find the '%b' in the ILABEL line ? # (start counting with 1, beginning after the 'caller_delimiter') # month_pos 1 # # At which position do we find the '%e' in the ILABEL line ? # (start counting with 1, beginning after the 'caller_delimiter') # day_pos 2 # # At which position do we find the '%T' in the ILABEL line ? # (start counting with 1, beginning after the 'caller_delimiter') # time_pos 3 # # At which position do we find the '%N0' in the ILABEL line ? # (start counting with 1, beginning after the 'caller_delimiter') # caller_nr_pos 0 # caller_nr_pos 10 # # At which position do we find the '%n4' in the ILABEL line ? # (start counting with 1, beginning after the 'caller_delimiter') # receiver_nr_pos 12 # You may configure your own addressbook. Your defined aliases will be # displayed instead of the caller number. # An example addressbook is part of this package (it's called "addr_book") # addressbook_location /etc/linesrv/addr_book # Alternate method: # We can also read from a special callers file which gets written # by isdnlog. The file has to have a format like the following # (or you'll have to change the functions in the file # 'linesrv-2.1/server/isdn_callerslog.c'): # 'Jun 22 17:00:54 +#* #* #* <more stuff may follow>' # That means a valid entry might look like # "Jun 23 12:04:10 +00 0 0000000 Zurich" Of how many characters # the number consists doesn't matter. Important is, that it's not # longer than 29 characters and consists of three groups. The # file may only contain such lines. Lines of an other format may # lead to strange caller reports or get ignored. # The functions in the file 'linesrv-2.1/server/isdn_callerslog.c' # aren't able to handle number lookups in the file # 'addressbook_location'. Though they're able to do lookups in the # mysql db specified by 'db_name' if mysql is set up correctly. # New lines in the file get reported to the client withhin 0 to # 3 seconds. We'll see how I can improve that. # if this method is enabled then all available other methods # get disabled. So say 'isdn_callerslog no' if you plan to use # isdnlog on stdin of linesrv directly. # isdn_callerslog yes # where to read from: # callerslog /var/log/isdn.caller.log # the table in which the number -> name mappings are listed # comment it out to disable mysql number-lookup # addrbook_table addrbook # name of the 'name' column which we map # the incoming numbers to (type 'varchar()'): # addrbook_namecol name # name of the phone number column: # addrbook_numcol phone #----------------------- # IP Filters #----------------------- # with filters you may decide whether a certain client may use dialsrv or not. # if filter_type is allow, all clients in the list have access to the server, # others don't. If it's deny, all but those in the list have access. # Remember that UDP/IP is extremely easy to spoof. Use Clients without # user accounting only on a trusted subnet and block the 'port' at # your firewall. # you have to use this filter. Even if you switched on user_accounting. # this is still old code from a previous version... # Most people wouldn't need ip filters. So leave the filter_* lines as # they are as long as you don't know what you're doing. # filter_type (allow|deny) # Defines what to do with ip addresses that match the filters you # will define below. # filter_type allow # Descriptions of a useful filter config see below. Most people blocking # the port of linesrv at the firewall and using user_accounting won't need # ip lists. So we just allow any ip (comment out the next line and read # further description of filter_mask/_ip keywords below to make real use # of the filter): # filter_mask 0.0.0.0 0.0.0.0 # if filter_type has been used (you must use it), the following keywords # may be used more than once: # filter_mask <ip> <bit-mask> # filter_ip <from> <to> # a range: # filter_ip 192.168.1.1 192.168.1.4 # a mask (subnet): # filter_mask 127.0.0.0 255.255.255.0 # filter_mask 192.168.1.0 255.255.255.0 # each keyword filter_* appends a new item to the list. # Continue as needed. # ex. # filter_ip 192.168.1.1 192.168.1.126 # filter_mask 192.168.2.0 255.255.255.0 # filter_mask 192.168.3.0 255.255.255.0 # filter_mask 192.168.4.0 255.255.255.0 #----------------------- # Shutdown features #----------------------- # to use 'script_shutdown', you have to change & recompile the server. # if you configured linesrv with shutdown support enabled (see # 'configure --help') and want to use the shutdown feature then # uncomment and change the line 'script_shutdown ...'. # command line arguments are not supported. You probably have to # use the script 'halt-wrapper' that you can find in the # directory ./linesrv-2.1/server/config/complete_syntax/ # of the distribution tar-ball. #script_shutdown /var/lib/linesrv/halt-wrapper # you have to specify a filter list of IPs that are allowed to # execute the 'script_shutdown'. Remember that UDP is very easy # to spoof (just use IP-spoofing to get around the filter...). # Block the LineControl UDP+TCP ports at your firewall and use # LineControl only on a trusted subnet. # LineControl does also support TCP connections. They're much # harder to spoof... but some bad boy can just take your own IP... # You don't have to use filter_type or so again. The type of the # shutdown-filter is always 'allow'. Only listed IPs are allowed # to execute the script. The host has to pass the by filter_* # specified list. So this list is additional and doesn't replace # the other one. # a range ( from ... to ... inclusive): (uncomment/change following line) #limit_shutdown_ip 192.168.0.1 192.168.0.4 # a mask: (uncomment/change following line) #limit_shutdown_mask 127.0.0.0 255.255.255.0 # each limit_shutdown_* entry appends an item to the list of # for shutdown accepted hosts. Continue as needed. # ex. #limit_shutdown_ip 192.168.1.1 192.168.1.12 #---------------------------------- # LPT status #---------------------------------- # with the LPT-status feature and a few transistors and LEDs you can # monitor your linestatus using hardware. # There are 2 possibilities: # lines: the LPT ports databits (0-7) represent the lines 1-8 # HI ==> line established, LOW ==> line closed # clients: data bits 0-7 represent the number of clients that # are online on the default line (0). If the value is # decimal 255, that means 255 or more clients are online. # One day this should change to a BCD encoded number of clients. # If you're a bit confused about such special things: just don't use the # lpt* keywords... # lptstatus off # lptaddr 0x3bc # lptline some_linename_that_you_will_define_below # lptaddr 0x378 # lptaddr 0x278 #--------------------------------------- # until know, the keywords applied for the whole server process. # All coming keywords apply to the line defined by the previous # 'line <linename>' statement. If you use line dependent keywords # before you use the line keyword, those lines will be used as # default values for all lines. Default line values can be overwritten # in the appropriate line section. # You have to define at least one line. # You can also use global keywords in a line section... they won't # apply to the line but to the whole server process as they were # in the global section. #--------------------------------------- #----------------------- # Line Configuration #----------------------- # these may be used only once: # the script_up and script_dn scripts must be used to establish and # close the desired line / internet-connection. 'interface' specifies # the networkinterface where all the traffic of the line goes through. # We parse /proc/net/dev for this interface and generate the troughput # messages from the collected data. # LineControl doesn't query any modem or other hardware directly # to get information about the line. See the description of the # keyword 'con_type' below on how linesrv gets the line status. # line standard # script_up /usr/lib/linesrv/isdn_up # script_dn /usr/lib/linesrv/isdn_down # interface ippp0 # How can we determine the status of the connection (only up / down)? # The 3 possibilities: # 'con_type netdev': for analog modems, you probably need this if you're # working with pppd. The network device (ex. ppp0) tells # us about the connection status. If it's up, the connection # is considered as up. If not, we believe that the con # is closed. # 'con_type isdn' : the only good choice for systems with isdn4linux. linesrv # scans /dev/isdninfo for the connection status. You have # to supply some more information about your isdn configuration, # see below... # 'con_type file' : you have to supply 'con_status_file <filename>'. If this # file exists the connection is considered as established. # Let your script delete it after it closed the connection. # This should be useful for people with a quite special # internet connection. # # ADSL / Cable modem users: take 'con_type netdev' and don't let linesrv manage # the connection (set script_up/_dn to '/bin/true' or so...). Like that your # line will show up as manually established or down. As long as it show up as # manually established people won't be able to shut it down or dial. Of course # people can go online/offline so times get logged and you're able to modify # the firewall using client_online / client_offline scripts. The problem is # that until know (2002-03-09) none of my clients (wlc, wlc2, lcc, xlc) # supports this (buttons disabled when linestatus is "manually established"). # linesrv 3 will have better support for lines where we only # want to do monitoring than this linesrv version. # con_type isdn # logging: with 'mklog no' you can disable logging for certain # lines (user log entries regarding the same line will be # affected too). # Default is enabled. But the stuff get's only logged if logging # (either mysql or to a file) is configured correctly above and # works (filepermissions, database setup). # mklog yes # inform the server about the line capabilities so it can report # this to the clients (baud == bits per second): # analog modem users: your connection speed can vary from time to # time. Enter here the values you usually expect (not the one you # would like ;). # line_baud_up 64000 # line_baud_down 64000 # allow_manually defines whether linesrv should close a connection that # got established without that linesrv called the script_up. So if you # have for example a cron job which checks for a running linesrv, you # can say "allow_manually no". This way linesrv will close a line that # it left open before a crash. So the line gets closed when linesrv # gets restarted. # attention: if you have two lines with the same con_type and the # same thing that tells us whether a line is up or down linesrv will # consider one line as established by the server and the other one # established manually. In this case you HAVE TO SET "allow_manually yes". # If not, linesrv won't work well (I know, it's a bug.). # allow_manually no # 'script_esc' get's called if 'script_up' failed to establish a connection # after 'con_timeout' seconds # This script should establish the basic constellation so we can call # script_up again. Don't use this keyword, if you don't like it :) # script_esc /etc/ippp/isdn.hangup # for 'con_type file' you need something like the following line: # con_status_file /var/lib/linesrv/con-is-up # your up/dn scripts will have to create/remove this file. Change # the filename to suit your needs. It doesn disturb as long as you're # not using 'con_type file'. # set con_timeout to something like 15 if you're using isdn # after # secs, the connection-establishment gets abortet # if the connection didn't get established. # (ADSL / Cable) monitoring only: if you have set script_up / _dn # to /bin/true, then set "con_timeout 1" and "script_esc /bin/false" # If you don't do that the chance the following to happen is higher: # 1. the line is down (e.g. bad provider ;) # 2. user X clicks 'online' (tries to dial) # 3. linesrv executes script_up # 4. the connection gets up before con_timeout is over, so linesrv # treats the lines as it had status 'established by server' # (it thinks that script_up has succeeded, but as we know it # didn't establish any connection). # --> Problem: wrong logfiles (not logged as 'manually estab.'). # con_timeout 15 # how long do we wait between calling script_dn and the closed state of # the device usually? If this times out, errors get logged & sent # con_down_timeout 10 # DON'T set the following to 'no'! (Your clients won't run well...) # probably this keyword will disapear in a coming version. # It's a relict from DialControl 1.0 # send_throughput yes # Linelocking: see WLC or an other client that supports it... # With line locking a client can set/remove a locked flag on an # established line. # If a line has set that flag it won't get closed even when there # aren't any connected clients at all. # line_locking no #----------------------- # Pinger utility # # send pings to avoid a hangup (use it if you've got ISDN and your # dialmode is AUTO or if you get kicked by your ISP) # pinger yes/no: to switch the whole thing on/off # pinger no # pinger_ip: who should we ping? --> probably your ISP, so change this! :) # pinger_ip 127.0.0.1 # I think you probably don't like IPs: # please change the hostname to the one of your provider. # pinger_hostname localhost # pinger_interval: all how many seconds? default is 120 # pinger_interval 120 # pinger_datasize: how many bytes of random-garbage to append # default is 10 as far as I remember... # pinger_datasize 60 #----------------------- # ISDN configuration # # It is important to set the correct isdn_id here, or else dialsrv won't be able # to get the infos about the connection and will always try to hangup after # con_timeout seconds. To get your isdn_id start imon and check what your LineID # is, this is your isdn_id! # isdn_id HiSax # isdn_channel is not the number of channels you want to use. It is the ID # of your base channel (the one when you're using only one). # isdn_channel 0 # isdn_channel_op will be called with 'add' (no quotes...) or 'remove' as # parameter $1. It should add or remove a secondary isdn-channel. Use # isdnctrl to do that. You [don't need|can't use] it for analog lines # isdn_channel_op /usr/lib/linesrv/isdn_2ch #----------------------- # Client specific Masquerading # # If you would like to run a script whenever a client goes online/offline, # try it with the following keywords. The scripts get called with the IP # of the client as first parameter. Remember that there can be more than # one client per IP. So 'client_has_gone_online 192.168.0.12' can be called # more than once without calling 'client_has_gone_offline 192.168.0.12' # in between. # client_online /usr/lib/linesrv/client_on # client_offline /usr/lib/linesrv/client_off # end of config-file