### Local Variables: ***
### mode:perl ***
### comment-column:0 ***
### comment-start: "### " ***
### comment-end: "***" ***
### End: ***
#
# ****************DO NOT MOVE OR CHANGE LINES ABOVE THIS*********************
#
# The first set of lines runs perl from any shell. The second set of lines
# identifies the rest of the file as PERL for EMACS autoformatting.
# See end of copyright for more information.
#
#
# -------------------------------------------------------------------
# X-BONE
#
# http://www.isi.edu/xbone
# USC Information Sciences Institute (USC/ISI)
# Marina del Rey, California 90292, USA
# Copyright (c) 1998-2005
#
# -------------------------------------------------------------------
#
# Copyright (c) 1998-2005 by the University of Southern California.
# All rights reserved.
#
# Permission to use, copy, modify, and distribute this software and
# its documentation in source and binary forms for non-commercial
# purposes and without fee is hereby granted, provided that the above
# copyright notice appear in all copies and that both the copyright
# notice and this permission notice appear in supporting
# documentation, and that any documentation, advertising materials,
# and other materials related to such distribution and use acknowledge
# that the software was developed by the University of Southern
# California, Information Sciences Institute. The name of the
# University may not be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THE UNIVERSITY OF SOUTHERN CALIFORNIA MAKES NO REPRESENTATIONS ABOUT
# THE SUITABILITY OF THIS SOFTWARE FOR ANY PURPOSE. THIS SOFTWARE IS
# PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES,
# INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
#
# Other copyrights might apply to parts of this software and are so
# noted when applicable.
#
# -------------------------------------------------------------------
#
# Effort partly sponsored by the Defense Advanced Research Projects
# Agency (DARPA) and Air Force Research Laboratory, Air Force Materiel
# Command, USAF, under agreement numbers F30602-98-1-0200 (X-Bone) and
# F30602-01-2-0529 (DynaBone). The views and conclusions contained
# herein are those of the authors and should not be interpreted as
# necessarily representing the official policies or endorsements,
# either expressed or implied, of the Defense Advanced Research
# Projects Agency (DARPA), the Air Force Research Laboratory, or the
# U.S. Government.
#
# This work was partly supported by the NSF STI-XTEND (ANI-0230789)
# and NETFS (ANI-0129689) projects. Any opinions, findings, and
# conclusions or recommendations expressed in this material are those
# of the authors and do not necessarily reflect the views of the
# National Science Foundation.
#
# -------------------------------------------------------------------
# $RCSfile: XB_Defs.pm,v $
#
# $Revision: 1.117 $
# $Author: pingali $
# $Date: 2005/03/31 07:03:54 $
# $State: Exp $
# ----------------------------------------------------------------------------
#
#
#############################################
#
# Common definitions used by XBONE Perl modules.
#
# Principal authors: Gregory Finn, Anindo Bannerjea
#
#############################################
package XB_Defs;
require Exporter;
@ISA = qw(Exporter);
@EXPORT = qw();
@EXPORT_OK = qw(NODEOS ALLOWED_NODEOS XBONE_NET
DNS_FILE_FORWARD DNS_FILE_REVERSE NAMED_PID XBONE_HOME
XBONE_PROTOCOL DNS_SERVER DNS_SERVER_SECONDARY
DNS_UPDATE_MODE SECURITY_CA_CERT SECURITY_SERVER_CERT
SECURITY_SERVER_KEY MAX_MCAST_RADIUS XB_CTL_PORT
MCAST_ADDR CA_EMAIL XB_API_PORT IPSEC_ENABLE_RANDOM_PADDING
NODEOS_LABEL IP_MULTICAST_IF IP_MULTICAST_TTL
IP_MULTICAST_LOOP IP_ADD_MEMBERSHIP IP_DROP_MEMBERSHIP
IP_MULTICAST_VIF SOL_IP NET_TIMEOUT SO_RCVBUF
ACTUATOR_MSG_LIMIT ACTUATOR_TIMEOUT
LOG_DEST LOG_MASK LOG_FILE DUPLICATE_DETECTION_INTERVAL
XBONE_RELEASE XBONE_OVLMGR_BACKCOMPAT XBONE_DAEMON_BACKCOMPAT
IPSEC_DISABLE_REPLAY_PROTECTION
LOOPBACK_IP_ADDRESS IP_ADDRESS_LENGTH REVISITATION
ENABLE_FIREWALL_FORWARDING NODE_ASSIGNMENT_POLICY);
use strict;
use sigtrap;
use FindBin;
use Config;
# XXX THE XBONE DIRECTORY MUST BE NAMED "xbone" FOR THIS TO WORK!
$XB_Defs::XBONE_HOME = $FindBin::RealBin;
if($XB_Defs::XBONE_HOME =~ /(.*\/xbone)/) { $XB_Defs::XBONE_HOME = $1; }
#------------------------------------------------------------------------------
# NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW NEW
#------------------------------------------------------------------------------
# Default values for XBone node configuration options:
#
# Notes:
# - Precedence: command line > configuration file > XB_Defs (default)
# - Do not change this file unless it's site- or network-specific.
# Use command line or configuration file to override default values
# with node-specific properties.
#
$XB_Defs::xol_ver = "1.6";
$XB_Defs::XOL_PROTOCOL="1.5";
$XB_Defs::XBONE_RELEASE="3.0";
# conf: XBone node configuration file, full or relative path
$XB_Defs::conf = "xbone.conf";
# cert & key: node certificate & key files
$XB_Defs::node_cert = "cert/xbone-node-cert.pem";
$XB_Defs::node_key = "cert/xbone-node-key.pem";
# CAcert: CA cert file:
$XB_Defs::ca_cert = "cert/xbone-ca-cert.pem";
$XB_Defs::ca_path = "cert";
# daemon type: specifies the role of a node in virtual networks
# host host
# router router
# node host or router
# network s/node/network|AS/
# meta-node s/node/virtual network/
# manager network + meta-node
# manager+node manager + node
# om old XBone OM
# rd old XBone RD
#
$XB_Defs::daemon_type = "node";
#=============================
#=> Network-Related Parameters
# multicast address/group
$XB_Defs::xbone_mcast_addr = "224.192.0.1";
# ports:
# xbone_api_port: XBone API -> manage virtual networks
# official IANA port: x-bone-api 2165
# xbone_ctl_port: XBone CTL -> configure nodes in a virtual network
# official IANA port: x-bone-ctl 265
$XB_Defs::xbone_api_port = 2165;
$XB_Defs::xbone_ctl_port = 265;
# RTT:
# Rough estimate on the timeout for RTT in seconds
# Note that all timeout values are derived from RTT as listed below:
$XB_Defs::xbone_rtt = 15;
# logging:
# log_dest: log destination(s), combine the chosen ones with logic OR '|'
# operation: SYSLOG, ERR, OUT, FILE.
# log_mask: log mask (copied from syslog(3)), list & suggested usages
# emerg: (panic)
# alert: (should be corrected immediately)
# crit: (critical conditions)
# err: errors
# warning: warning messages
# notice: not error conditions, but should be handled
# info: enter/exit subroutines
# debug: misc logs: stop points, traces, etc.
# debug3: dump variables
# debug4: dump data structure
# debug5: dump pkts/messages
# debug6: dump data structure
# debug7: dump pkts/messages
# debug0-128: gory details not suitable for human being
# log_file: log file, only effective if FILE is included in LOG_DEST
$XB_Defs::SYSLOG = (2**0); # log to syslog
$XB_Defs::ERR = (2**1); # log to STDERR
$XB_Defs::OUT = (2**2); # log to STDOUT
$XB_Defs::FILE = (2**3); # log to file
$XB_Defs::log_dest = $XB_Defs::FILE | $XB_Defs::OUT;
$XB_Defs::log_mask =
# For release:
"emerg alert crit err warning notice";
# --------------------------------------------------------------
# For development:
# "emerg alert crit err warning notice info debug debug0 debug1 ".
# "debug2 debug3 debug4 debug5";
$XB_Defs::log_file = "/var/xbone/xbone.log";
# List of allowed parent Overlay Managers
@XB_Defs::ovl_manager = ();
# List of user ACL
%XB_Defs::user_acl = ();
# Node Resource
# DEBUGGING
$XB_Defs::DEBUGGING = 1; # main switch, turn on the following
$XB_Defs::SSL_DEBUG = 2; # 0=none, 1=errors, 2=1+cipher
# 3=2+progress, 4=3+data
# XBone message delimiters
$XB_Defs::msg_delimiter = "XBoneEOC";
#------------------------------------------------------------------------------
# OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD OLD
#------------------------------------------------------------------------------
############################################################
# The following are used only by xb-overlay-manager
# They are provided here because
# - xb-overlay-manager has no config file
# - this is the place for changeable constants
############################################################
$XB_Defs::XBONE_OVERLAY_MANAGER = # Hostname used by the OM to
"www.xbone.net"; # identify itself in heartbeats
$XB_Defs::SECURITY_SERVER_CERT = # used by the OM as its public key
"$XB_Defs::XBONE_HOME/..."; # XXX no idea where this goes after reorg
$XB_Defs::SECURITY_SERVER_KEY = # used by the OM as its private key
"$XB_Defs::XBONE_HOME/..."; # XXX no idea where this goes after reorg
$XB_Defs::DEMO_MODE = 0; # Flag for demo mode. Set this to 1 to
# force the OM to pick nodes in the
# reverse order. 0 is normal operation.
$XB_Defs::XBONE_OVLMGR_BACKCOMPAT = # Overlay Manager is backward compatible
""; # with these XBONE_RELEASE release versions
# (separated by "|", eg, "1.3|1.2")
$XB_Defs::OVLMGR_PING_INTERVAL = 60*15;
# Overlay Manager sweeps all hosts in
# all overlays, issuing heartbeat
# messages to each of them. This sweep
# is performed as once every interval.
# Value is seconds.
############################################################
# The following are used only by xb-daemon
# This may also go into the XB_daemon.conf.
# all these are valid only with REVISITATION enabled.
############################################################
$XB_Defs::ENABLE_FIREWALL_FORWARDING = 1;
$XB_Defs::ACCEPT_RULE_START = 2500;
$XB_Defs::ACCEPT_RULE_END = 3499;
$XB_Defs::FWD_RULE_START = 3500;
$XB_Defs::FWD_RULE_END = 4499;
$XB_Defs::OUT_RULE_START = 4500;
$XB_Defs::OUT_RULE_END = 5499;
# node allocation policy. options are BLOCKED or RR (round robin).
$XB_Defs::NODE_ASSIGNMENT_POLICY = "BLOCKED";
############################################################
# The following are used only by nearly everybody :-)
############################################################
$XB_Defs::XBONE_VERSION_DATE = # Date this version was created.
# "30/10/2001"; # "<day_num>/<month_num>/<year_num>"
"01/01/2005"; # <- for development
$XB_Defs::XBONE_OBSOLETE_LIMIT = # Seconds after the version date
60*60*24*30*6; # when the version should be obsolete.
$XB_Defs::API_PROTOCOL = "2.0"; # Protocol version of the XBone API
$XB_Defs::XBONE_PROTOCOL = "1.5"; # Protocol version of the XBone internal
# communication (OM <-> RD)
$XB_Defs::XBONE_RELEASE = "2.0"; # Version number of the XBone software
# release
#$XB_Defs::XBONE_RELEASE = "2.0rc1";# <- for development
$XB_Defs::XBONE_NET = # The domain name associated with this
"xbone.net"; # particular Xbone overlay network.
$XB_Defs::NODEOS = ""; # Holds OS name read from daemon
# configuration file.
@XB_Defs::ALLOWED_NODEOS = # List of allowed OS names for
qw(freebsd linux solaris sunos kame nist netbsd ); # Resource Daemon (RD) hosts.
@XB_Defs::ALLOWED_DNS_NODEOS = # List of allowed OS names for the one
qw(freebsd linux solaris sunos kame nist ); # RD host that manipulates the Xbone
# DNS domain.
%XB_Defs::NODEOS_LABEL = # labels (textual representation) of
( freebsd => "FreeBSD", # allowed NODEOS tags - use these when
kame => "FreeBSD/KAME", # printing (e.g. web pages)
linux => "Linux",
nist => "Linux/NIST",
sunos => "SunOS",
solaris => "Solaris",
netbsd => "NetBSD"
);
$XB_Defs::SYSLOG = (2**0);
$XB_Defs::ERR = (2**1);
$XB_Defs::OUT = (2**2);
$XB_Defs::FILE = (2**3);
$XB_Defs::LOG_DEST = # Log to both the log file and stderr.
# $XB_Defs::FILE; # Also see XB_Log.pm.
$XB_Defs::FILE|$XB_Defs::OUT;
# Specify the set of things to log.
$XB_Defs::LOG_MASK = # emerg, alert, crit, err, warning, notice
# info, debug0, debug1, ...
# For debugging, info, debug, & debug1 are
# useful, but very noisy.
# uncomment one of the following two groups for release or coding/debugging
# "emerg alert crit err warning notice"; # for release, log critical ones only
"emerg alert crit err warning ". # for internal coding/debugging, show
"notice info debug debug0 debug1 ". # everything
"debug2 debug3 debug4 debug5";
$XB_Defs::LOG_FILE = # File name where logging data is written.
"/var/log/xbone.log"; # Use only when XB_Defs::LOG_DEST & "FILE".
$XB_Defs::DAEMON_CONF_FILE = "/usr/local/etc/xbone/Xbone_daemon.conf";
# location of Xbone daemon's configuration
$XB_Defs::DAEMON_STATE_DIR = "/var/xbone";
$XB_Defs::REVISITATION = 0; # Should revisitation be enabled?
#== XBone Runtime Directories =================================================
# - XBONE_RUN_DIR: Base for other XBone runtime directories. Must be
# configurable from command line & config file.
#==============================================================================
$XB_Defs::XBONE_RUN_DIR = "/var/xbone";
$XB_Defs::DAEMON_STATE_FILE = "$XB_Defs::DAEMON_STATE_DIR/Xbone_daemon.state";
# File where Xbone daemon's overlay state
# is kept for daemon crash recovery.
%XB_Defs::DAEMON_STATE = (); # Hash of Xbone daemon's current state
$XB_Defs::ERASE_AT_STARTUP = 0; # Erase Xbone daemon's tunnel, IPSec
# and route state. NOTE: This should be
# non-zero only at ISI.
$XB_Defs::DAEMON_STATE_TIME = 1; # Last time that the Xbone daemon's state
# was dumped out to the state file.
$XB_Defs::OVERLAY_ALIVE_TIME = 60*120;
# Seconds that the resource daemon will
# allow an overlay to remain without
# receiving a keep-alive message from
# an overlay manager.
$XB_Defs::OVERLAY_SWEEP_INTERVAL = 60*10;
# Seconds that resource daemon waits
# between sweeps, looking for overlays
# that have not been kept alive.
$XB_Defs::NET_TIMEOUT = 120;
# Network timeout in seconds. Use one
# instead of 5 different timeouts before.
#------------------------------------------------------------
# OS dependent section to define NAMED_ZONE_PATH & NAMED_PID.
#------------------------------------------------------------
if ($Config{osname} eq "linux") {
$XB_Defs::NAMED_ZONE_PATH="/var/named/xbone"; # NEED VERIFICATION!
if(-d "/var/run/named"){
$XB_Defs::NAMED_PID="/var/run/named/named.pid";
}else{
$XB_Defs::NAMED_PID="/var/run/named.pid";
}
}
if ($Config{osname} eq "solaris") {
$XB_Defs::NAMED_ZONE_PATH="/var/adm/domain/xbone";
$XB_Defs::NAMED_PID="/var/adm/domain/named.pid";
}
if ($Config{osname} eq "freebsd") {
$XB_Defs::NAMED_ZONE_PATH="/etc/namedb/xbone";
$XB_Defs::NAMED_PID="/var/run/named.pid";
}
$XB_Defs::DNS_FILE_FORWARD = # Forward DNS database file for overlays.b
"$XB_Defs::NAMED_ZONE_PATH/xbone-forward.zone";
$XB_Defs::DNS_FILE_REVERSE = # Reverse DNS database file for overlays
"$XB_Defs::NAMED_ZONE_PATH/xbone-reverse.zone";
$XB_Defs::DNS_SERVER = # Primary Xbone DNS name server
"dns1.xbone.net";
$XB_Defs::DNS_SERVER_SECONDARY = # Secondary Xbone DNS server
"";
# "dns2.xbone.net";
###################################################################
# The only allowed values for the DNS update mode are:
#
# $DNS_UPDATE_MODE = "update_both";
# Update both assumes that the DNS is running in two primaries
# mode and that the DNS system will not update the second primary
#
# $DNS_UPDATE_MODE = "update_1_hup_2";
# Update 1 hup 2 assumes that we have one primary and one secondary
# so we update the primary and hup the secondary to get an instantaneous
# update.
#
# The current decision is to run as update_1_hup_2
###################################################################
$XB_Defs::DNS_UPDATE_MODE = # See above block comment.
"update_1_hup_2";
$XB_Defs::DNS_TIMEOUT = 15; # Fifteen second DNS cache time.
# A value lower than 15 is undefined.
# used by both RD and OM when calling XB_SSL::init()
$XB_Defs::SECURITY_CA_CERT =
"$XB_Defs::XBONE_HOME/isi/ca/CAcert.pem";
# IPv6 peek: define mcast address
$XB_Defs::MCAST_ADDR = # Multicast address used by XBONE
"224.192.0.1";
$XB_Defs::XB_CTL_PORT = 265; # Multicast port used by XBone and alos
# the unicast TCP and UDP ports used.
# Official IANA port: x-bone-ctl
$XB_Defs::XB_API_PORT = 2165; # TCP port used by XBone API
# Official IANA port: x-bone-api
# IPv6 peek: define address blocks
$XB_Defs::XB_IP_EXTERNAL_BLOCK = # IP block for releases, from RFC 1918
"172.26.0.0/16"; # (breaks rev DNS w/o RD using XB DNS)
$XB_Defs::XB_IP_INTERNAL_BLOCK = # IP block for releases, from RFC 1918
"172.27.0.0/16"; # (breaks rev DNS w/o RD using XB DNS)
#$XB_Defs::XB_IP_EXTERNAL_BLOCK = # IP block owned by X-Bone project, for
# "198.32.6.0/24"; # local ISI use
#$XB_Defs::XB_IP_INTERNAL_BLOCK = # IP block owned by X-Bone project, for
# "198.32.7.0/24"; # local ISI use
# IPv6 peek: define subnet
$XB_Defs::XB_OVL_SUBNET_BITS = 8;
$XB_Defs::MAX_MCAST_RADIUS = 16; # The largest radius that should be used
$XB_Defs::DUPLICATE_DETECTION_INTERVAL # time interval in seconds we should
= 120; # keep msgs to prevent duplicates
$XB_Defs::ACTUATOR_MSG_LIMIT = # Maximum size of overlay mgr's reservation
65536; # datagram
$XB_Defs::ACTUATOR_TIMEOUT = 15; # Time OM waits during resource discovery
$XB_Defs::IP_MULTICAST_IF = 9;
$XB_Defs::IP_MULTICAST_TTL = 10;
$XB_Defs::IP_MULTICAST_LOOP = 11;
$XB_Defs::IP_ADD_MEMBERSHIP = 12;
$XB_Defs::IP_DROP_MEMBERSHIP = 13;
$XB_Defs::IP_MULTICAST_VIF = 14;
########################################################
# getsockopt() and setsockopt layer for IP protocol.
# Needed due to bug in Perl version of getprotobyname().
########################################################
$XB_Defs::SOL_IP = 0;
$XB_Defs::SO_RCVBUF = 128*1024;
#######################################
# Global variables used across modules
#######################################
@XB_Defs::DNS_ADD_FWD_PARMS = (); # Holds DNS forward addition parameters
@XB_Defs::DNS_DEL_FWD_PARMS = (); # " " forward deletion "
#== Application Deployment ====================================================
$XB_Defs::ENABLE_APP_DEPLOY = 1; # set to 1 to enable app deployment code
%XB_Defs::APP_LIST = (); # hash: AppName -> [ AppFile, LastTime ]
$XB_Defs::APP_RUN = # absolute path for application run-time
"$XB_Defs::XBONE_RUN_DIR/apps"; # directory
@XB_Defs::APP_KEYWORDS = # list of known keywords to replace
("REALHOST", "OVLHOST", "OVLNAME", "OVLSUFFIX", "REALIP", "IPLIST", "IP1",
"APPNAME", "APPSCRIPT");
#==============================================================================
# IPv6 peek: loopback
$XB_Defs::LOOPBACK_IP_ADDRESS # IP Loopback address
= "127.0.0.1";
# IPv6 peek: define address length
$XB_Defs::IP_ADDRESS_LENGTH # Length of IP Address
= 32;
$ENV{PATH} = "";
foreach my $thispath (qw(/usr/local/v6/ /usr/local/ / /usr/)) {
foreach my $subdir (qw(sbin bin)) {
if(-d $thispath.$subdir) { $ENV{PATH} .= ":".$thispath.$subdir; }
}
}
$ENV{PATH} =~ s/^://;
$XB_Defs::TEMP_DIR = "/tmp/"; # Temporary Directory to use
$XB_Defs::CA_EMAIL = # email address of the CA that signs
"X-Bone Certification Authority ".# certificates for this xbone installation
"<xbone\@isi.edu>"; # (this should go somewhere else)
1; # Insure TRUE return if module is interpreted.
syntax highlighted by Code2HTML, v. 0.9.1