Pandora: Documentation en: Tentacle: UserGuide

From Pandora FMS Wiki
Jump to: navigation, search

Go back to Tentacle documentation index


1 Documentation

2 Tentacle User Guide

2.1 Installing Tentacle

2.2 Installing the PERL version

2.2.1 Installing from SVN

The process consists on downloading the source code through Apache® Subversion® (svn) and compile it. To that end, you will need to have admin or root rights (in this documentation they are the lines that start with the numeral character # ). You are the sole responsible for said key.

To install both the client and the server version run:

$ svn co http://svn.code.sf.net/p/tentacled/code/trunk/perl/ tentacle
$ cd tentacle
$ perl Makefile.PL
$ make
# make install

To install just the client, run:

$ svn co http://svn.code.sf.net/p/tentacled/code/trunk/perl/client
$ cd client
$ perl Makefile.PL
$ make
# make install

To install just the server, run:

$ svn co http://svn.code.sf.net/p/tentacled/code/trunk/perl/server
$ cd server
$ perl Makefile.PL
$ make
# make install

If you want to install to a custom location, replace:

$ perl Makefile.PL

by:

$ perl Makefile.PL PREFIX=/custom/location


2.2.2 Manual Installation

If make is not available in your system, you can manually copy the files tentacle_client and tentacle_server to the appropriate place (for example, /usr/local/bin).

In this case, if the Perl binary is not located at /usr/bin/perl edit both files and change the first line so that it points to the right path where the Perl binary is. So, for instance, replace ubication by the Perl location in the system to be installed.

#!/ubication/perl


2.3 Installing the C version

2.3.1 Installing from SVN

Bearing in mind the prior section, to install the Tentacle client, run:

$ svn co http://svn.code.sf.net/p/tentacled/code/trunk/c/ tentacle
$ cd tentacle
$ ./configure
$ make
# make install

Make sure to check the configure output for errors, missing headers etc.

To disable OpenSSL support, enabled by default, replace:

$ ./configure

by:

$ ./configure --disable-ssl

2.4 Tentacle use examples

To see the available options, execute -h parameter, both in the client and server version:

$ tentacle_client -h
Usage: tentacle_client [options] [file] [file] ...

Tentacle client v0.4.0. 

Options:
       -a address      Server address (default 127.0.0.1).
       -b localaddress Local address to bind.
       -c              Enable SSL without a client certificate.
       -e cert         OpenSSL certificate file. Enables SSL.
       -f ca           Verify that the peer certificate is signed by a ca.
       -g              Get files from the server.
       -h              Show help.
       -k key          OpenSSL private key file.
       -p port         Server port (default 41121).
       -q              Quiet. Do now print error messages.
       -r number       Number of retries for network operations (default 3).
       -t time         Time-out for network operations in seconds (default 1s).
       -v              Be verbose.
       -w              Prompt for OpenSSL private key password.
       -x pwd          Server password.
       -y proxy        Proxy server string (user:password@address:port).
$ tentacle_server -h
Usage: tentacle_server -s <storage directory> [options]

Tentacle server v0.5.0.

Options:
       -a ip_addresses IP addresses to listen on (default 0,0.0.0.0).
                       (Multiple addresses separated by comma can be defined.)
       -c number       Maximum number of simultaneous connections (default 10).
       -d              Run as daemon.
       -e cert         OpenSSL certificate file. Enables SSL.
       -f ca_cert      Verify that the peer certificate is signed by a ca.
       -h              Show help.
       -i              Filters.
       -k key          OpenSSL private key file.
       -m size         Maximum file size in bytes (default 2000000b).
       -o              Enable file overwrite.
       -p port         Port to listen on (default 41121).
       -q              Quiet. Do now print error messages.
       -r number       Number of retries for network opertions (default 3).
       -S (install|uninstall|run) Manage the win32 service.
       -t time         Time-out for network operations in seconds (default 1s).
       -v              Be verbose.
       -w              Prompt for OpenSSL private key password.
       -x pwd          Server password.
       -b ip_address   Proxy requests to the given address.
       -g port         Proxy requests to the given port.
       -T              Enable tcpwrappers support.
                       (To use this option, 'Authen::Libwrap' should be installed.)

Predefined values for all options will also be shown in the help section.

For all of the following examples. the server is located at the address 192.168.1.1 and the client private key is not protected by pasword.

  • Simple transfer of a file limeted to a maximum of 1 megabyte and placed in /tmp:
$ tentacle_server -m 1048576 -s /tmp -v
$ tentacle_client -a 192.168.1.1 -v /home/user/myfile.dat
  • Transferencia simple en el puerto 65000 con el modo de sobreescritura activado:
$ tentacle_server -o -p 65000 -s /tmp -v
$ tentacle_client -a 192.168.1.1 -p 65000 -v /home/user/myfile.dat
  • Simple transfer with authentication based on password:
$ tentacle_server -x password -s /tmp -v
$ tentacle_client -a 192.168.1.1 -x password -v /home/user/myfile.dat
  • Safe transfer, with no client certificate:
$ tentacle_server -e cert.pem -k key.pem -w -s /tmp -v
$ tentacle_client -a 192.168.1.1 -c -v /home/user/myfile.dat
  • Safe transfer with client certificate:
$ tentacle_server -e cert.pem -k key.pem -f cacert.pem -w -s /tmp -v
$ tentacle_client -a 192.168.1.1 -e cert.pem -k key.pem -v /home/user/myfile.dat
  • Safe transfer with client certificate and additional authentication with password (notice the use of the connector \ to make parameter writing easier):
$ tentacle_server -x password -e cert.pem -k key.pem -f cacert.pem -w -s /tmp -v
$ tentacle_client \
  -a 192.168.1.1 \
  -x password \
  -e cert.pem \
  -k key.pem \
  -v /home/user/myfile.dat

The Tentacle server allows its configuration through a plain text file. All command line options are available through said file. If the same configuration option is specified both in the file and the command line, the value indicated in the latter will have preference. The full path to the configuration file is indicated with the option -F.

$ tentacle_server -F /etc/tentacle/tentacle_server.conf

2.5 Tentacle Proxy

Tentacle server can run as a proxy communicating a lot of tentacle clients to an unaccessible tentacle server.

The next diagram shows how tentacle proxy works.

+-----------------+                     +-----------------+                     +-----------------+
| Tentacle client |                     | Tentacle Proxy  |                     | Tentacle server |
+-----------------+                     +-----------------+                     +-----------------+
         |                                       |                                       |
         +-------'SEND <file> SIZE size\n'---->>>+-------'SEND <file> SIZE size\n'---->>>+
         |                                       |                                       |
         +<<<-----------'SEND OK\n'--------------+<<<-----------'SEND OK\n'--------------+
         |                                       |                                       |
         +-----------------data--------------->>>+-----------------data--------------->>>+
         |                                       |                                       |
         +-----------------data--------------->>>+-----------------data--------------->>>+
         |                                       |                                       |
         +-----------------data--------------->>>+-----------------data--------------->>>+
         |                                       |                                       |
         +<<<-----------'SEND OK\n'--------------+<<<-----------'SEND OK\n'--------------+
         |                                       |                                       |
         +---------------'QUIT\n'------------->>>+---------------'QUIT\n'------------->>>+
         |                                       |                                       |
         .                                       .                                       .

As you can see the proxy does not have any information it only forward data from the clients to the tentacle server.

To launch tentacle server in proxy mode you should type:

$ tentacle_server -b 192.168.200.200 -g 65000

These new parameters are IP address (-b) and port (-g) of unaccessible tentacle server. In addition, add the normal parameters in a single line:

$ tentacle_server -a 192.168.100.100 -p 45000 -b 192.168.200.200 -g 65000

Info.png

Tentacle in proxy mode also supports authentication and encryption parameters.

 


Go back to Tentacle documentation index