The Immunix ISP Appliance Server is WireX's product for ISPs who wish to supply servers to their customers. This includes WireX's Remote Network Administrator (RNA) software, a web-based administration tool for end customers to administrate their own domains. Its management is simple and intuitive, but scalable to a wide range of expertise and technical requirements.
The initial 1.0 release was a fully functional virtual hosting server that provided both web and mail services that work with multiple domains. This 2.0 release expands on the services by including full Domain Name Service (DNS) support. This service can be used by novice clients unfamiliar with traditional DNS services as well as by experienced network administrators (see the Features section below for details).
This document describes technical information about this product release (including bug fixes from the previous release). It is expected that the user has a copy of the "Installation and User's Guide" for directions on using this product.
1 About the 2.0.1 (May Day) Release. Some minor bug fixes have been fixed since the 2.0.0 release, so these Release Notes describe the general 2.0 features and enhancements, however, the bug fixes describe the fixes for the latest 2.0.1 release. This way, users will not have to have the 2.0.0 release notes as well.
This release includes new functionality and bug fixes (see the Bugs section for the list of open closed and workaround bugs). This section lists the improvements and features for this product.
RNA Integration with DNS services is the major feature enhancement for this release. Our approach to creating an administrative interface to DNS is somewhat novel because we do not assume the client user has prior DNS-specific knowledge. We expect that ISPs will be renting these servers to clients that know the concepts associated with DNS, but want to be able to administer their own domains without resorting to requesting help from their ISP system administrators.
The client user only needs to adjust their Preferences Level from simple to expert to increase his/her control over the DNS service, as well as increase the complexity of the product.
You will find all DNS settings under the Services | DNS Server. The first section of the menu items under this heading allow the user to create and manage DNS Domains, e.g. "Add Domain". Normally, when adding a domain, you can create some entries for individual hosts within the domain. Later, you can go under the Edit Domain Hosts menu item to further manage domain-specific hosts entries.
Important!
Keep in mind that doing any DNS domain work only affects the
name resolution for domains. You must also set up a
web or email server to answer requests for that domain.
For instance, once you create a DNS entry for the domain,
bobdog.com with a host of www.bobdog.com
that points to the server, 167.32.233.32, you will
need to to log onto the 167.32.233.32 server and set
up a virtually hosted web domain for bobdog.com if
you want the web pages to display when someone enters
http:\\www.bobdog.com in their browser.
This release includes MySQL built to work with our version of Apache and PHP. This database server is automatically installed, but does not automatically run. There is no RNA interface support for MySQL in this release, so it must also be manually configured in order for applications to access and work with it (see the Support section below for details on how to log onto the box for database configuration).
Web services, such as PHP, JSP and CGIs, all have access to this version of MySQL. To access the database server from each of these services, you first need to create a database and a role account (a type of database user) with a password that has access to the created database. This information will be necessary when creating CGI, PHP and JSP scripts.
Perl CGI. When building CGI's to access MySQL, you will need to use the DBI/DBD modules, for instance:
use DBI;
$dsn = "DBI::mSQL::database=datebase_name;host=localhost";
$dbh = DBI->connect($dsn, "rolename", "password");
$sth = $dbh->prepare("SELECT * FROM foo WHERE blah...");
PHP. PHP supports MySQL directly, so embedded scripts with commands like the following will work:
$db = mysql_connect("localhost", "rolename", "password");
mysql_select_db("database_name",$db);
$result = mysql_query("SELECT * FROM employees",$db);
Java Servlets and JSPs. A level 4 JDBC driver to access the MySQL server is included. This can be used by creating Java commands like the following:
Class.forName("org.gjt.mm.mysql.Driver").newInstance();
Connection con = DriverManager.getConnection("jdbc:mysql://localhost/database_name",
"rolename", "password");
Statement stmt = con.createStatement();
ResultSet rset = stmt.executeQuery("Select * from employees");
This release also includes the most recent production release of Tomcat, a Java servlet and JSP engine from the Apache Organization.
To install the Immunix ISP Appliance Server operating system, refer to the Installation and Getting Started Guide. But simply booting off of the supplied CD will erase the computer's hard disks and install the server appliance software. No interaction is required at this time.
Note: During installation, an erroneous message displays stating that turning on user and group Disk Quotas fails because it cannot find the appropriate directory. You can ignore this message because the quotas are set up appropriately.
After installation, you should log into the Console in order to
initially configure the network settings. This is done using a
monitor or keyboard connected to the standard ports. The console
is accessible via a null-modem cable connected to first serial
port as well (see the Installation and Getting Started Guide for
details). The account name is root and the
password is wirex.
A series of dialog boxes will be displayed. Answer the questions requested to set up the server's network as well as changing the root password and setting up the date and time.
After going through the "Console" instructions, you should now be able to use a standard web browser, for example, Internet Explorer or Netscape Navigator, to connect to the box.
The following are necessary to use the RNA software:
Follow these steps to access the Remote Network Administrator (RNA):
http://system-name:6080/
Although this connection is not secure there is a small redirection script listening on port 6080 that redirects the browser to the secured port:
https://system-name:6081/Admin
The following is the current list of known bugs. All known bugs have workarounds.
The product sets up a "direct-connection console" on the first serial port. However, the kernel is sometimes unable to detect the serial port settings (like IRQ) on some hardware. This causes the kernel to output the following warning message:
ID s1 respawning too fast disabling for 5 minutes.
When this software is released to an OEM directly, we will configure the software to work on their specific hardware. (This bug is simply a problem with auto-detecting generic hardware).
Workaround: To get rid of these warnings on your demo, follow these steps:
- Log into the Console (see Support below)
- At the menu, select L for a Linux Shell
- At the prompt, type
setserial /dev/ttyS0 irq # port # uart # baud_rate +38400
Where the # characters are the following:For instance:
- The IRQ for the first serial port (i.e. 4)
- The I/O Port (i.e. 0x03f8)
- The UART (i.e. 16550A)
setserial /dev/ttyS0 irq 4 port 0x03f8 uart 16550A baud_rate 38400
For users who are upgrading from either the ISP 1.0 release or the ISP 2.0 beta release, there is a small bug that makes some users unable to log into the RNA.
Workaround: After upgrading your system, connect to the box (see the Support section below) and execute the following command:
perl -p -i -e 's/^password=.*$/password=/;' /home/web/wirex/rna/WEB-INF/users/*.user
If a user creates multiple host entries with the same name, i.e. the host216.99.213.80and216.99.213.81, removing one of the particular entries is not intuitive, as the list contains two like entries to select from. In any event, both are removed if either one is selected for removal.
Workaround: There is no workaround. The user will end up deleting both entries and then have to manually re-enter one of them. This bug will be fixed in the next release.
If a user creates a backup of their domains, and then reinstalls the appliance and attempt to restore the original domains, they will receive an error:usermod: unknown group 1003 Use of uninitialized value in concatenation (.) at /home/web/wirex/rna/WEB-INF/perl/WireX.pm line 673. must specify a domainWorkaround: A complete "System" level backup must be restored prior to restoring an individual (or group) of domains.
The following are a list of all bugs fixed since the previous release. For details on any of the following, please contact your WireX sales representative.
| ID | Severity | State | Summary |
|---|---|---|---|
| 1339 | RNA does not render correctly under Netscape 6 (Mozilla) | ||
| 1354 | Services that stop, fail to get restarted. | ||
| 1382 | linux limits users to 32 groups, which means 32 domains | ||
| 1418 | NullPointerException in RNA Help System | ||
| 1429 | the verify=ipaddress will allow a ip address formatted like 10.0.0. this is not a good ip address | ||
| 1434 | the latest-logins page truncates hostnames longer than 16 chars | ||
| 1470 | ntop doesn't display any network traffic | ||
| 1475 | Need DHCP error notification in console, when server does not respond | ||
| 1477 | Direct serial connection is setup even if serial port settings are incorrect | ||
| 1480 | users can use chfn to insert html into /etc/passwd, breaking rna functionality | ||
| 1483 | Edit domain allows selection of the reverse in-addr.arpa, but fails when edited | ||
| 1485 | Default hostmaster address for a domain uses "." instead of "@" | ||
| 1489 | named.conf contains invalid "allow query" line | ||
| 1490 | zone for domain added not being loaded in named.conf | ||
| 1491 | DNS forms allow creation of host that matches previously created alias | ||
| 1494 | changing the root password through the rna can cause password synchroniztion problems if a user later changes the password via the command shell | ||
| 1496 | List domains has column for master IP even when domain is master | ||
| 1499 | RNA does not correctly report status when performing a zone transfer | ||
| 1500 | all required fields need to be available even in simple mode | ||
| 1501 | Domain information should list server aliases | ||
| 1502 | Server name aliases text box too small | ||
| 1503 | Avoiding wizard headaches | ||
| 1504 | xfs not disabled | ||
| 1513 | Help system bringing up incorrect help doc (seemingly randomly) | ||
| 1514 | Want a "Add Domain Admin" under Shortcuts | ||
| 1515 | System|Network|Virtual Host IPs menu retooling | ||
| 1516 | Adding an IP-based virtual host is not intuitive. | ||
| 1517 | Form title when upgrading appliance is "Thanks" -this doesn't make sense | ||
| 1518 | Web and Email should default to "on" when adding a new virtual domain. | ||
| 1523 | listips.pl needs to be aware of multiple nics | ||
| 1524 | login screen doesn't pick up new language selection until after first login attempt | ||
| 1525 | Users upgrading to ISP 2.0 must remove the password entries from the user files | ||
| 1527 | tomcat_wirex restart upon network setup via rna, even when no changes made | ||
| 1528 | Small hyphens appear under rna menu icons when menu opened | ||
| 1530 | RNA menu does not automatically scroll down to active menu when expanded | ||
| 1531 | Help for "Serving Web Pages" contains reference to webwriters group | ||
| 1532 | List of Users does not display actual user name | ||
| 1533 | Tomcat_wirex restarts automatically upon restore (from backup) | ||
| 1534 | Admin user does not have a change password option upon login | ||
| 1535 | missing icons in RNA | ||
| 1536 | FTP transfer log for domains not logging correctly | ||
| 1537 | Re-enabled virtual domains are not really re-enabled | ||
| 1538 | Dynamic domain menus will not expand | ||
| 1540 | a field "name" is translatable in the frontpagerff.pl script | ||
| 1541 | DNS complains of pre-existing domain if multiple hosts share IP | ||
| 1542 | Global vs. Domain Frontpage issues | ||
| 1543 | create domain validation error | ||
| 1544 | Receive error when activating a disabled domain | ||
| 1545 | Editing a domain user as admin, user's full name appears as "root" | ||
| 1546 | When a zone transfer fails, junk files are left in /var/named | ||
| 1547 | Console date/time does not take into account daylight savings time. | ||
| 1548 | Receive error when restoring a domain | ||
| 1549 | Duplicate host records created are not deleted logically | ||
| 1550 | Both the DocumentRoot and Documentation links broken on index.html | ||
| 1551 | Help system contains many duplicate files, needs cleaning | ||
| 1552 | Backing up then restoring a domain breaks all email functionality for the domain | ||
| 1553 | Feature request: Domain users menu for admin needs "List Users" option | ||
| 1554 | When creating a domain, entering multiple server aliases creates an error | ||
| 1555 | restored domains show quota error on the info screen | ||
| 1556 | /etc/issue not being displayed correctly after appliance install | ||
| 1557 | Domain backup will not correctly restore domain on new clean system | ||
| 1558 | System user's email forwarding does not seem to work correctly | ||
| 1560 | when changing root password password should show up as ****** | ||
| 1561 | workaround for default (catchall) aliasing issue | ||
| 1568 | FrontPage does not have access to the main web page, index.html | ||
| 1569 | Java log is empty after turning on Java Servlets | ||
| 1570 | Domain disappears when zone transfer fails when changing from master to slave. | ||
| 1571 | Can only edit "localhost" after zone transfer from int.wirex.com | ||
| 1572 | list dns host doesn't show dhcp entries. | ||
| 1573 | adding host and saying that you're authoritative makes domain lists wrong. | ||
| 1574 | after setting up domain defaults, domain security not used. | ||
| 1577 | Cannot ftp to virtual domain as domain owner |
This section contains information concerning the following:
Disk quotas assigned to virtual domains currently only apply to web content and files owned by domain users. They do not apply to mail usage or to any other files created by the domain owner.
A domain owner is limited to only owning 30 domains. If you assign more than 30 domains to a user, an error message will appear. This does not make the domain unusable, but there could possibly be unpredictable behavior. This limitation is due to a fundamental limitation of the Linux operating system, which limits a user to belonging to a maximum of 32 system groups. Since virtual domains are identified by their system group, a domain owner is limited to only 30 domains (the other two are taken up by default system groups which identify the user as a domain owner).
Refer to the Install and Getting Started Guide for detailed information about setting up email for your system.
Refer to the Install and Getting Started Guide for detailed information about backing up and restoring your system. RNA Immunix ISP Appliance Server has two separate types of backup functions, as follows:
Under certain conditions the restore may fail due to changes made to the system after the backup has been performed that make the restored data incompatible with the system.
The following steps show an example of how a failed restore could happen:
foo.com) using ipaddress 192.168.0.1.
bar.com, is created as an IP based
host and uses the same ipaddress 192.168.0.1, which is
now available as the domain that was using this address
previously has now been removed from the system.
foo.com. An error occurs as the restoration
process will attempt to configure the ipaddress that
foo.com wishes to use but it is being used by
bar.com.
The Remote Network Adminstrator (RNA) is designed to be easy to
use, and as such, it doesn't contain every possible
configuration that a user may need. WireX provides the following
two ways to access the underlying Linux architecture.
Both methods require a user to enter the "root" password in
order to login. This password defaults to
wirex until this is changed.
telnet
to access the server appliance remotely. You must use an SSH
client (like
PuTTY
for Windows).
Once you are working within a shell session, you can
type in Linux commands. Editors, like emacs,
vi and pico are installed and can be
used to edit files.
Keep in mind that most commonly used commands are accessible through the "Console" menus.
This product is being offered as a complete solution (a server appliance) and includes Immunix System7, the Remote Network Administration tool (a web-based system administration program) and some integrated services.
A complete list of packages would be beyond the scope of this document, but the following list the packages that extend what would be normally found in a standard server installation of the RedHat 7.0 distribution:
apache-1.3.12-25.8.i386.rpmapache-devel-1.3.12-25.8.i386.rpmapache-manual-1.3.12-25.8.i386.rpmjava-mods-1.0-10.noarch.rpmmod_ssl-2.6.6-25.8.i386.rpmperl-mods-1.0-8.noarch.rpmrna-1.0-30.noarch.rpmrna-anonftp-1.0-8.noarch.rpmrna-apache-1.0-14.noarch.rpmrna-courier-1.0-13.noarch.rpmrna-dns-1.0-16.noarch.rpmrna-init-1.0-30.noarch.rpmrna-isp_domains-1.0-38.noarch.rpmrna-net_dept-1.0-14.noarch.rpmrna-skel-1.0-2.noarch.rpmrna-utils-1.0-1.noarch.rpmtomcat-3.2-1.i386.rpmtomcat-wirex-3.2-1.i386.rpmunconsolable-1.0-9.noarch.rpm