1ss5.ha(5) File Formats Manual ss5.ha(5)
2
3
4
6 ss5.ha - Contains directives for centralized configuration management
7
9 ss5 usually reads the HA file, ss5.ha, in the /etc/opt/ss5 directory.
10
12 To enable centralized configuration management, ss5 opens and reads
13 peers list from ss5.ha file and propagate local configuration to them
14 after load/reload command is received, using a propagate key as secu‐
15 rity mechanism. HA file contains also directives that must not be prop‐
16 agated to peers, such as <route>.
17
18 In the HA file, add one line for each peer. Each line should contain
19 <peer> directive with the internet address of peer.
20
21
22 Adding centralized configuration management feature to ss5 requires 3
23 steps:
24
25 1. Create the HA file with one entry per line. To create an entry
26 for the peer 172.16.0.1, add this line to the ss5.ha file:
27
28 peer 172.16.0.1
29
30 2. Set the environment variable SS5_PROPAGATE_KEY on master and
31 peers with a key value before launch ss5 binary. The startup
32 file may contain two lines such as:
33
34 SS5_PROPAGATE_KEY=123456789
35
36 export SS5_PROPAGATE_KEY
37
38 3. Set the environment variable SS5_ROLE_SLAVE=YES on peers to
39 enable slave role and accept replica from master.
40
42 Route entries describe the addresses ss5 must bind to before CONNECT,
43 BIND and UPSTREAM operations.
44
45 route source/destination-host bind-address group flag
46
47 source Could be host address or network address (source or des‐
48 tination if flag 's' o 'd')
49
50 bind-address Must be host address
51
52 group Could be filename in the /etc/ss5 directory containing user‐
53 names, a DN into a directory server or - (None). Not available
54 for UDP requests.
55
56 flag Could be 's' or 'd'. If =s, route is evaluated as source; if =d,
57 route is evaluated as destination.
58
60 ss5(1), ss5.conf(5), ss5.pam(5) ss5.passwd(5)
61
63 Matteo Ricchetti
64
65 Send comments to matteo.ricchetti@libero.it
66
67
68
69 13 Mar 2006 ss5.ha(5)