AMarqueed is the "server" portion of the AMarquee system. Its job is
to act as the client program's "proxy" or representative on the
server computer. It stores data that the client uploads, and returns
data that the client has requested, either directly or in response
to "subscribed" data having been changed.
Once you have AMarqueed installed, it should mostly take care of
itself. However, you can (and probably should) specify some
parameters for AMarqueed to use. AMarqueed looks for the following
ENV variables on startup:
- AMARQUEED_MAXMEM
If set, the value of this variable will be taken as the maximum number
of kilobytes each daemon is allowed to allocate. For example, typing
"setenv AMARQUEED_MAXMEM 45" limits each connection to allocating
no more than 45K of memory for data storage.
- AMARQUEED_MINFREE
If set, the value of this variable will be taken as the size of a
"safety buffer" of free memory. No AMarqueed process will be able to
allocate more memory unless at least this much free memory exists in
the system. For example, entering "setenv AMARQUEED_MINFREE 100"
ensures that AMarqueed processes will never use up the last 100K
of system memory.
- AMARQUEED_MAXCONN
If set, this variable determines the maximum number of simultaneous
connections that will be allowed from any given host. This can be
used to prevent any one computer from "hogging" the server's capacity.
- AMARQUEED_TOTALMAXCONN
If set, this variable determines the maximum number of simultaneous
AMarqueed connections allowed. For example, entering
"setenv AMARQUEED_TOTALMAXCONN 5" will ensure that there are never
more than 5 AMarqueed processes running at once.
- AMARQUEED_PRIORITY
If you wish the AMarqueed server tasks to run at a particular
priority, you can set this variable to the priority you want
them to run at. If this is not set, AMarqueed daemons will run
at the priority AmiTCP launches them with (-10 on my system).
- AMARQUEED_PINGRATE
In order to keep the shared data tree free of clutter, AMarqueed
makes sure each client is still there by sending it an empty
transaction every so often. While these transactions are transparent
to user programs, they do have a slight impact on network and
CPU usage. This ENV variable allows you to set the number of
minutes of idle time that will elapse before a null transaction
is sent. For example, setting AMARQUEED_PINGRATE to 5 will cause
a null transaction be sent to each client after 5 minutes
of idle time. Then, if the client has not responded to the
transaction within 5 more minutes, it will be removed from the system.
The default rate is every 3 minutes.
- AMARQUEED_DEBUG
If set, each AMarqueed session will open a debug console on startup,
showing various state information. [Note that you must do something
like "setenv AMARQUEED_DEBUG 1" for this to take effect, just entering
"setenv AMARQUEED_DEBUG" won't do it.]
- AMARQUEED_FAKECLIENT
This option may be set to a host/program name path (e.g.
"/fakehost/fakeprogram", in which case the AMarquee server
will attempt to give incoming connections this designation
instead of their actual one. This feature allows you to
easily simulate connections from various hosts when debugging
an AMarquee program. It should not be set during normal
use.
- AMARQUEED_MAXQUEUEDMESSAGES
This option allows you to set a limit on the number of
(internal) messages that an AMarqueed client may have
pending at any one time. If an AMarqueed daemon exceeds
this limit, it will immediately quit and disconnect its client.
This is useful in situations where some clients are connecting
over TCP connections that are too slow or lossy to carry the
amount of data they are being sent by other clients. When this
happens, their server daemon's outgoing message queue
can grow quite large, unless you limit it with this
variable. The default setting is unlimited. If you do
set this variable, it's a good idea to set it to at least 50,
so that clients aren't knocked off too easily.
==============================================================
==== ====
==== PRIVILEGE SETTINGS ====
==== ====
==============================================================
Below is the list of environment variables that are used to
specify which clients are allowed which privileges. You can
use these to specify how much access any given computer or
client type may have on your server.
All of these variables should be set to values of the same
format. The format looks like this:
/hostExp/progExp
Where hostExp is a standard Amiga wildcard expression designating
an Internet hostname (or group of hostnames), and progExp is a
standard Amiga wildcard expression designating a client name
(or group of client names). This format can be used to designate
arbitrarily complex groups of connection types. Here are some
examples of how this format can be used:
/#?.com/QAmiTrack -- means all connections coming from hostnames
ending in .com, where the program is logging
in with the ID "QAmiTrack".
/evil.hackers.com/#? -- denotes all connections coming from
host evil.hackers.com (no matter what
the login name of the program is)
/#?/~(EvilApp) -- specifies connections from any computer,
as long as the client isn't logging in as
"EvilApp"
/(computer1.ucsd.edu|computer2.ucsd.edu|computer3.ucsd.edu)/#?
-- This specifies only connections coming from the hosts
computer1.ucsd.edu, computer2.ucsd.edu, or computer3.ucsd.edu
Note the initial '/' character! It is required.
Below are the environment variables that may be set as
described above.
- AMARQUEED_BANNED
With this parameter, you can indicate which clients should not
be allowed to connect to your AMarqueed daemon at all. (For example,
a friend of mine was getting too much Netris traffic on his server,
so he did a "setenv AMARQUEED_BANNED /#?/#?Netris" to ban Netris
from his machine.
If one BANNED variable isn't enough for you, v1.46+ of AMarqueed will
also look at the env variables AMARQUEED_BANNED0, AMARQUEED_BANNED1,
..., AMARQUEED_BANNED9. Clients that match any of the BANNED env
variables will not be allowed to connect.
- AMARQUEED_KILLCLIENTS
An AMarquee server is a law-and-order sort of place, and clients
are discouraged from doing mean things to other clients. Sometimes,
however, a little cruelty is justified and a client needs to die.
This variable lets you give some clients a licence to kill the
server daemons, and hence the AMarquee connections of other clients.
- AMARQUEED_SENDSYSMESSAGES
New in v1.45 of AMarquee is the ability to send "system messages".
System messages are a special type of message, in that they should
consist of ASCII text (256 chars or less), and may be sent to any
client at any time (as long as that client has requested the
QPRIV_GETSYSMESSAGES privilege). They are to be used to notify
users of server events (such as imminent shutdown, etc). This
variable lets you specify which clients may send system messages.
- AMARQUEED_ADMIN
This env variable lets you specify which clients may dynamically
reconfigure the AMarquee server, by remotely setting many of the
AMARQUEED_* environment variables. This is a very powerful
privilege, since it can be used to gain all other privileges!
There are some restrictions on what clients with AMARQUEED_ADMIN
access can do, but nonetheless you should be very cautious in
giving out this privilege!
- AMARQUEED_ALLPRIVILEGES
Specifying a client under this variable is the same as specifying
that client in ALL the above variables. This one immediately
gives its clients EVERY PRIVILEGE! So be careful with this
one, too!
- AMARQUEED_RESTRICTBROWSE
This is used together with AMARQUEED_ALLOWBROWSE to set an access
restriction on a hostpath's root node.
Use this to set which programs and hosts that shall be affected by
the restriction you set in the AMARQUEED_ALLOWBROWSE variable.
e.g. setenv AMARQUEED_RESTRICTBROWSE /#?/SecretProgram
This would affect the program named 'SecretProgram' connected from
any host.
Default is /~#?/~#? (no restriction).
- AMARQUEED_ALLOWBROWSE
This is used together with AMARQUEED_RESTRICTBROWSE to set an access
restriction on the hostpath set in the AMARQUEED_RESTRICTBROWSE variable.
Use this to set which hosts and program that are allowed access to the
root node of the path set in the AMARQUEED_RESTRICTBROWSE variable.
e.g. setenv AMARQUEED_ALLOWBROWSE /amarquee.server.com/AdminProgram
This together with the setenv above would only let the program AdminProgram
running on the host amarquee.server.com to access the root node of
'SecretProgram'.
Default is /~#?/~#? (full restriction).
Those two settings make it possible to hide the precence of all or certain
hosts connecting to the server. So nobody can get a full list of all hosts
and programs connected to a server.
Note:
If you need to do a QSubscribeOp() on the root node it's not a good idea to restrict
the access to the root node!
Converted on 24 Mar 2002 with RexxDoesAmigaGuide2HTML 2.1e(private) by Michael Ranner.