Difference between revisions of "Seon Core configuration"
(→take ALL server IDs into account) |
(→root certificate file & root certificate path) |
||
Line 134: | Line 134: | ||
|} | |} | ||
− | The root certificates are used to authentificate partners which have certificates of unknown signers. At least one of these fields must be filled (even if the root certificate path doesn't contain any root certificates). The certificates must be in PEM format. | + | The root certificates are used to authentificate partners which have certificates of unknown signers. At least one of these fields must be filled (even if the root certificate path doesn't contain any root certificates). The certificates must be in PEM format. |
+ | |||
+ | These variables are (if set) available to processes started by Seon via the environment variables "<code>CA_FILE</code>" and "<code>CA_PATH</code>" (see also [[Seon Core environment variables]]). | ||
==== Diffie-Hellman parameter files ==== | ==== Diffie-Hellman parameter files ==== |
Revision as of 18:33, 4 November 2007
Contents
- 1 Accessing configuration
- 2 Configurable values
- 2.1 TCP/IP
- 2.2 SSL/TLS parameters
- 2.3 ISDN parameters
- 2.4 Odette parameters
- 2.5 Directories
- 2.5.1 data incoming directory
- 2.5.2 data outgoing directory
- 2.5.3 temporary directory
- 2.5.4 database backup directory
- 2.5.5 binary installation directory
- 2.5.6 script installation directory
- 2.5.7 absolute path to 'openssl'
- 2.5.8 absolute path to 'rrdtool'
- 2.5.9 RRDB data path
- 2.5.10 absolute path to RRDtool TTF file
- 2.5.11 SQL lost messages file
- 2.5.12 MySQL dump tool
- 2.5.13 send test file
- 2.6 Event scripts
- 2.6.1 event script usage
- 2.6.2 event script sleep time
- 2.6.3 start send script
- 2.6.4 end send script
- 2.6.5 xERP script
- 2.6.6 start receive script
- 2.6.7 end receive script
- 2.6.8 start session script
- 2.6.9 end session script
- 2.6.10 send queue entry blocked script
- 2.6.11 debug daemon log script
- 2.6.12 license script & trigger level
- 2.6.13 Enable automatic update mechanism & Seon automatic software update script
- 2.7 Daemon parameters
- 2.7.1 run Seon programs as user
- 2.7.2 run Seon update program as user
- 2.7.3 time slice for send queue daemon
- 2.7.4 time slice for receive daemon
- 2.7.5 delete send queue entries
- 2.7.6 let all files of send queue be fetchable
- 2.7.7 overwrite existing incoming files
- 2.7.8 default maximum send tries for send queue daemon
- 2.7.9 additional sleeping time for send queue daemon & additional sleeping time factor for send queue daemon
- 2.7.10 progress bar refresh time
- 2.7.11 default maximum parallel send processes
- 2.7.12 allow unsecure OFTP 2 authentification
- 2.7.13 delete temporary created files of OFTP 2 session
- 2.7.14 disable database schema check
- 2.7.15 local character set
- 2.7.16 illegal characters for virtual filenames
- 2.7.17 enable CAPI keep-alive monitor
- 2.7.18 enable OFTP message checker
- 2.7.19 send queue entry status after abort
- 2.7.20 enable statistics & RRDtools refresh time
- 2.7.21 append timestamp to received file
- 2.7.22 OFTPv1: Don't wait for EERP message
- 2.7.23 Enable continuous write of Seon debug daemon output?
- 2.7.24 Enable automatic update mechanism?
- 2.7.25 Send queue daemon partner organizing mechanism
- 2.7.26 is Seon Enterprise installed?
- 2.7.27 default receive plugin group
- 2.7.28 default country for partner entries
- 2.8 Logging
- 2.9 Partner table parameters
- 2.9.1 partner table name
- 2.9.2 active column
- 2.9.3 partner index column
- 2.9.4 partner shortname column
- 2.9.5 partner additional description column
- 2.9.6 partner's SSID column, partner's SFID column & partner's password column
- 2.9.7 partner's TCP/IP address column (IP or hostname) & partner's ISDN number column
- 2.9.8 partner's TCP/IP port number column
- 2.9.9 partner's TCP/IP TLS port number column
- 2.9.10 partner's ISDN number column
- 2.9.11 column defining connection type (ISDN, TCP/IP or TCP/IP TLS secured)
- 2.9.12 value for connection type in above defined colum defining ISDN connection, value for connection type in above defined colum defining TCP/IP connection & value for connection type in above defined column defining TLS over TCP/IP connection
- 2.9.13 my SSID column, my SFID colum & my password column
- 2.9.14 partner's X.25 number column
- 2.9.15 TCP/IP receive/send acceleration column
- 2.9.16 amount of parallel sendings
- 2.9.17 partner's OFTP version column
- 2.9.18 partner's OFTP 2 cipher suite column
- 2.9.19 partner's OFTP 2 compression column
- 2.9.20 partner's OFTP 2 signing column
- 2.9.21 partner's OFTP 2 encryption column
- 2.9.22 partner's OFTP 2 secure authentification column
- 2.9.23 partner's OFTP 2 signed EERP/NERP column
- 2.10 GUI niceup parameters
- 2.10.1 progressbar in send and rec queue will be displayed using the following media type
- 2.10.2 relative path in web interface for success soundfile & relative path in web interface for abort soundfile
- 2.10.3 lines per page
- 2.10.4 truncate strings
- 2.10.5 gray out (dim) send queue entries
- 2.10.6 show hashes in xERP list
- 2.10.7 show partners with unknown medium
- 2.10.8 progressbar refresh time
- 2.10.9 enable automatic reload of send queue overview
- 2.10.10 locale used in date formatting
- 2.10.11 default language for Seon webaccess
- 2.10.12 only show active partners in logs
- 2.10.13 reload send queue
- 2.10.14 reload receive queue
- 2.10.15 display render time?
- 2.11 other interesting configurable values
Accessing configuration
Seon stores its core configuration in one simple database table. The configuration can therefor be changed in two ways:
- using the comfortable web interface
- using a database client program to change the values manually.
Because of the quite non-understandable names of the configuration values, all configuration value names are listed in each block of configuration for manual editing.
web interface method
The Seon web interface includes an entry in the left menu for the core configuration. Its name is "Configuration
". The configuration web interface is segmentated into the following blocks:
- TCP/IP
- SSL/TLS
- ISDN
- Odette
- Directories
- Event scripts
- Daemon
- Partner table
- GUI niceup
Each block is accessible with a link in the head of the configuration panel. Also, each block is entitled with its name and a link to access the top of the form.
database method
The table "[tableprefix]configuration
" (default: "seon_configuration
") contains two columns:
- name
- value
The column "name
" is the name of the configuration which is affected.
The column "value
" reflects the configuration value, limited to 255 characters.
All boolean values react that the a value of zero ("0
") if false and all other values are true.
Configurable values
Seon is highly configurable. The following configuration parameters show the position in the web GUI, beginning in the top. Each configuration name as used in all binaries, web interface, scripts etc. are listed in each block and explained as needed.
TCP/IP
This block contains all basic TCP/IP parameters, such as port numbers, timeout values etc.
TCP/IP port of OFTP server
DB configuration name: | tcp_port |
This numeric value between 1 and 65535 describes the TCP/IP port the OFTP server is watching for incoming connections. The maximum of parallel incoming connections is limited by the operating system kernel and can be influenced by the kernel parameter "SOMAXCONN
".
TCP/IP port of OFTP server (TLS)
DB configuration name: | tcp_port_tls |
This numeric value between 1 and 65535 describes the TCP/IP port the OFTP server is watching for incoming OFTP2 connections which are secured by TLS. The maximum of parallel incoming connections is limited by the operating system kernel and can be influenced by the kernel parameter "SOMAXCONN
". This port must not be the same as the OFTP server port from above.
TCP/IP port of Seon debug daemon
DB configuration name: | debugd_port |
This numeric value between 1 and 65535 describes the TCP/IP port the OFTP server is watching for debug output. Every Seon program generates this output. The daemon collects this data and is able to dump this data in an encrypted file. This must not be the same as OFTP or OFTP 2 server ports.
TCP/IP timeout
DB configuration name: | tcp_timeout |
This numeric value defines the maxmimum number of seconds between two TCP/IP packages to arrive. If this value is too low you might get network disconnects, setting this value very high means that a network disconnect will be discovered very late.
TCP/IP OFTP maximum buffersize
DB configuration name: | oftp_default_buffersize_tcpip |
During the OFTP handshake, the maximum size of a data buffer will be commited. This value reflects the maximum size of such data buffers. The minimum value is 128, the maximum can be should not be over 65535 (because of TCP/IP packaging). The higher the value, the faster the data transfer rate will be (but it depends on the partner side). On unreliable connections, use the default value of 2048 bytes. For configurations with problemous partners like old Seeburger products, please use 800 bytes as buffersize.
TCP/IP OFTP maximum credit count
DB configuration name: | oftp_default_creditcount_tcpip |
As the OFTP maximum buffersize, this value will be commited with the partner during a OFTP handshake. The number defines the amount of uncommited data buffers send to the receiver during file transfers. Increasing this value also increases the throughput. On unreliable connections you should use the default of 20. This is a different value than used for ISDN connections. For configurations with problemous partners like old Seeburger products, please use 20 as credit count.
use receiving acceleration?
DB configuration name: | oftp_tcpip_rec_acceleration |
This technique is used to accelerate incoming TCP/IP connection by pre-sending the so-called "OFTP credits" (which are used for handshaking OFTP data buffers) during file transfers. If your partner doesn't like this type of acceleration (i.e. partners who use Seeburger products), you have to disable it. You also have the chance to define a row in the partner table to define partner based acceleration.
Acceleration is incompatible with the following partner software solutions:
- Seeburger WinElke
- Bartsch Software
use send acceleration?
DB configuration name: | oftp_tcpip_send_acceleration |
Enabling this feature turns on code to ignore the first OFTP credit messages during file transfer. This tunes up transfer speed up to factor 100. The number of "ignored" OFTP credits is calculated dynamically via the agreed value of the buffersize during protocol handshake, based on a maximum TCP/IP package size of 60000 bytes (where 65536 bytes are possible). If you experience transfer aborts, disable this feature. Acceleration is incompatible with the following partner software solutions:
- Seeburger WinElke
- Bartsch Software
SSL/TLS parameters
For securing TLS sessions over TCP/IP networks (such as internet), you need to give some information about your local certificates. These information don't have to be the same as for file based security.
local certificate file & local certificate password
DB configuration name: | tls_local_certificate & tls_server_cert_password |
Absolute path to the OFTP server certificate (in PEM format) for OFTP over TCP/IP (TLS secured). If the certificate is password-protected, you may enter it in the password field.
local client certificate file & client certificate password
DB configuration name: | tls_default_client_certificate & tls_client_cert_password |
Absolute path to the OFTP server certificate (in PEM format) for OFTP over TCP/IP (TLS secured). If the certificate is password-protected, you may enter it in the password field.
root certificate file & root certificate path
DB configuration name: | tls_root_certificate & tls_root_certpath |
The root certificates are used to authentificate partners which have certificates of unknown signers. At least one of these fields must be filled (even if the root certificate path doesn't contain any root certificates). The certificates must be in PEM format.
These variables are (if set) available to processes started by Seon via the environment variables "CA_FILE
" and "CA_PATH
" (see also Seon Core environment variables).
Diffie-Hellman parameter files
DB configuration name: | dh128_file, dh256_file, dh512_file & dh1024_file |
These files (128bit, 256bit, 512bit and 1024bit) contain prime numbers, which are the basis for TLS encrypted connections. If the file is writable, or the file doesn't exist and the directory is writable, you can generate a new file from the web interface by using the link "Recalculate" or "Generate" in the web interface, which opens a new window which executes the command. Don't close this window until you can read the message "You can close this window now"!
Allow self-signed certificates
DB configuration name: | oftpv2_allow_selfsigned_cert |
Enabling this checkbox disables the rejection of incoming TLS connections which are secured via a self signed certificate. The default should be on.
Entropy file for random data
DB configuration name: | tls_entropy_file |
In order to use TLS, you have to specify a random data source. This is a kernel based character file (like "/dev/urandom
" or "/dev/random
"). If your operating system doesn't support such a random file (like AIX 5.1), you can generate such a file on your own (i.e. with the tool "ssh-rand-helper" from any openSSL installation). At least 256 bytes of random data must exist in this file.
ISDN parameters
Basic ISDN parameters for OFTP connections have to be defined here.
ISDN OFTP maximum buffersize
DB configuration name: | oftp_default_buffersize_isdn |
As the TCP/IP maximum buffersize (as mentioned above), this numeric value reflects the maximum size of a OFTP data buffer. It may result to problems if this is set to values higher than your ISDN controllers can use for maximum transfer size, which is limited by CAPI2.0 to 4096 bytes. The minimum is 128 bytes. For configurations with problemous partners like old Seeburger products, please use 800 bytes as buffersize.
ISDN OFTP maximum credit count
DB configuration name: | oftp_default_creditcount_isdn |
Same as the TCP/IP maximum credit count, this numeric value reflects the number of OFTP data exchange buffers before a little handshake will be done by the OFTP protocol. For configurations with problemous partners like old Seeburger products, please use 20 as credit count.
Odette parameters
Default OFTP parameters for authentifications are configurable here. If no special columns are defined in the partner table below, these values will be used.
my default SSID, my default SFID, my default OFTP password, change every partner entry
DB configuration name: | default_ssid, default_sfid & default_password |
These elements are only used for the web interface for creating new partners or for changing all partner values. If the checkbox is enabled, all partners in the partner table will get the new values for SSID, SFID and password on your side. If you don't configure columns in the partner table configuration below, these values are used for OFTP authentification.
Directories
In order to let Seon know where to find directories and files, these values have to be defined.
data incoming directory
DB configuration name: | incoming_directory |
After successful file transfers (receiving), this directory defines where the incoming files will be stored. This directory must be on the same filesystem as the temporary directory (see below), otherwise you will get an error message in syslog (if enabled) that moving incoming files cannot be done. The filesystem must be dimensioned big enough to store a file with at most the maximum transfer size. I.e., if you receive a file of 200MB, you will need to have 200MB free on this filesystem, otherwise an error message will be sent to the partner (that the local filesystem is not big enough) and an entry to the receive log will be added.
data outgoing directory
DB configuration name: | outgoing_directory |
In order to enqueue a new file, the file selector of the web interface (in the send queue) will point to this directory first. Also, Seon Enterprise uses this directory for outgoing files selected by a client.
temporary directory
DB configuration name: | tmp_directory |
During incoming file transfers, the file fragments will be stored in this directory. Keep in mind (as mentioned above) to set this directory to the same filesystem as the incoming directory. The filesystem must be dimensioned big enough to store a file with at most the maximum transfer size. I.e., if you receive a file of 200MB, you will need to have 200MB free on this filesystem, otherwise an error message will be sent to the partner (that the local filesystem is not big enough) and an entry to the receive log will be added.
database backup directory
DB configuration name: | backup_directory |
If you want to use the Seon backup mechamism, you need to define a directory where the SQL dump files will be stored. This directory is needed for the scripts "seonbackup" and "seonrestore".
binary installation directory
DB configuration name: | bin_directory |
This directory points to your binary installation of Seon. It also contains the license key, so if you receive a license error, first check the existence of this directory and the file "license.key" in it. This entry is also used for the web interface to start the daemons.
script installation directory
DB configuration name: | script_directory |
This directory points to your script installation of Seon. It contains helpful scripts, such as database backup and restore scripts and maybe other useful tools. The Seon web interface uses this definition.
absolute path to 'openssl'
DB configuration name: | tcp_timeout |
DB configuration name: openssl_binary_path
Seon uses openSSL as basis for all OFTP 2 file security functions. The configured binary must exist and be executable for the user running Seon processes.
absolute path to 'rrdtool'
DB configuration name: | rrdtool_binary_path |
In order to use statistics, you have to define the path to „rrdtool“, the Round Robin database tool by Tobias Oetiker. The standard Seon distribution contains a pre-compiled version which works within Seon. If the file configured isn't executable, statistics are disabled. The program is used to create databases within Seon binaries, push data in it and to display the results as graphical output in the web interface. The latest version of "rrdtool" can be found under http://oss.oetiker.ch/rrdtool/. On his website he has also Amazon wishlists, so if you want to support his great work, please donate some gifts.
RRDB data path
DB configuration name: | rrdb_datapath |
In this path, Seon creates, stores, modifies and searches the files for statistics. The directory must be writable by the user running Seon. If the path isn't writable or doesn't exists, statistics are disabled. For each partner, a file is generated for incoming transfer and for outgoing. The total consumption on the filessystem is about 315kB per partner.
absolute path to RRDtool TTF file
DB configuration name: | rrdtool_font_path |
The statistical overview needs a font file (as Truetype font). Without this font file, you won't get any textual information in the statistic graphs.
SQL lost messages file
DB configuration name: | sql_lost_messages_file |
If the configured MySQL server isn't reachable at any time, the SQL statements which are being sent to the MySQL server are logged into this file. If the file doesn't exists it will be created, so the directory must be writable for the user running Seon. The file itself (if it exists) must also be writable by the user running Seon.
MySQL dump tool
DB configuration name: | mysqldump |
As a useful tool from each MySQL distribution, the tool "mysqldump
" is used in the Seon backup script for doing its job.
send test file
If configured correctly, Seon displays a link for test purposes for a partner. A given file can be sent with a given virtual filename to that partner for checking the OFTP connection.
absolute path to a file for send test purposes
DB configuration name: | send_testfile |
The absolute path to a file that will be sent to a partner.
virtual filename for the given test file
DB configuration name: | send_testfile_virtname |
The above file will be sent with this virtual filename (which is then seen at the remote side).
Event scripts
First some words about the global behaviour of scripts:
event script usage
Every time the configuration of Seon is checked by a binary (which is at start time or when processing the signal 1 - SIGHUP), the event script configuration is checked. If a script is non-existant and/or the execute permissions don't allow the execution of a configured script, it won't get executed. No warning will be printed out or logged somewhere.
event script sleep time
Sometimes it is very handy if the event scripts are started with a little lag. This can be especially interesting if the „end receive“ or „end send“ scripts are called very fast because of small transfer files (i.e. ENGDAT abstract file). If you experience problems with your EDI system (i.e. it doesn't catch all files), try to increase the appropriate value. Keep in mind that the OFTP session waits that time you configured the sleep time. Setting the values very high increases the risk of a disconnect if the remote site has very little timeouts configured! More than 5 seconds should not be normal!
start send script
DB configuration name: | start_send_script & sleep_start_send_script |
If a file is getting sent, this script or program will be started with the documented parameters.
end send script
DB configuration name: | end_send_script & sleep_end_send_script |
If a file has finished (successfully or not) sending, this script or program will be started with the documented parameters.
xERP script
DB configuration name: | xerp_script & sleep_xerp_script |
If an EERP or NERP (OFTP 2 only) message is received, this script will be started. Seon tries to find a send queue entry which conforms to the given parameters in order to set the values for comment, absolute path etc. If no send queue entry can be found that matches the given parameters in the EERP or NERP message, the script won't be executed. This script receives the same parameters as the end send script script.
start receive script
DB configuration name: | start_receive_script & sleep_start_receive_script |
If a file is getting received, this script or program will be started with the documented parameters.
end receive script
DB configuration name: | end_receive_script & sleep_end_receive_script |
If a file has finished (successfully or not) receiving, this script or program will be started with the documented parameters.
start session script
DB configuration name: | start_session_script & sleep_start_session_script |
After a positive OFTP handshake, this script or program will be started with the documented parameters.
end session script
DB configuration name: | end_session_script & sleep_end_session_script |
After a positive OFTP session, this script or program will be started with the documented parameters.
send queue entry blocked script
DB configuration name: | blocked_script & sleep_blocked_script |
If a send queue entry gets blocked (i.e. wrong authentification, unsupported virtual filename at the remote site, connection problems), this scripts will be started. If more than one entry for a partner gets blocked, each send queue entry will start its own blocked script.
debug daemon log script
DB configuration name: | seondebugd_log_script |
After a debug log has been written, this script will be started. This can be the case when asking for a debug log interactively (or with starting the appropriate program manually) or, if configured, when automatically created debug logs are written.
license script & trigger level
DB configuration name: | license_script & license_script_hwm |
This script will be started after a configurable trigger level (in percent) is exceeded. Its main porpuse is to inform a responsible person that a new license should be obtained or other actions should be taken.
Enable automatic update mechanism & Seon automatic software update script
DB configuration name: | run_updates_automatically & seonupdate_script |
If the value of run_updates_automatically is non-zero (if the checkbox is enabled), the automatic update script is started with the received file with the reserved virtual filename "Seon_UPDATE
". This is normally a program of the Seon distribution in order to update the installation via signed files. This program changes its user context to the configured user (see: run Seon update program as user).
Daemon parameters
The behaviour of all binaries and Seon programs can be influenced here.
run Seon programs as user
DB configuration name: | running_as_user |
When starting as user "root
", all Seon binaries will try to switch to this configured user, if available on the running system. Subsequent calls of scripts and other programs are also done in the context of this user. This is extremely useful for runlevel scripts.
run Seon update program as user
DB configuration name: | running_update_as_user |
If enabled below, automatic software update are being run using this specific username. If changing to the context of this given user fails, the whole update procedure fails. If no username is configured, superuser "root
" is used.
time slice for send queue daemon
DB configuration name: | seonsqd_sleep_time |
The send queue daemon „seonsqd2“ waits this amount of seconds before looking at the send queue table and react as needed (send one more entry, wait more time etc.).
time slice for receive daemon
DB configuration name: | seonrd_sleep_time |
The receiving daemon „seonrd2“ waits this amount of seconds before looking at the configuration table and react as needed (wait more time or stop itself).
delete send queue entries
DB configuration name: | delete_after_transfer |
This checkbox defines if the send queue table entries should be deleted (not the files itself, only the entry!) after a successful send. (If you need to delete the file itself, you should use the end send script, which gets the absolute filename as a parameter).
let all files of send queue be fetchable
DB configuration name: | fetch_all_from_remote |
Since polling is supported from remote systems, you can define files to be pollable. If you enable this checkbox, all files in your send queue which are in state of "new in queue" and "ready for remote fetch" will be sent in an OFTP session to the partner (otherwise, only entries "ready for remote fetch" are fetchable).
overwrite existing incoming files
DB configuration name: | seonrd_overwrite |
If the incoming file exists in the "incoming directory", you can define to overwrite it. Otherwise, the partner will receive an error message saying that the local file already exists. (this might be useful for partners who don't like to reiceive an EEPR [end-to-end- response] message right after a successful filetransfer).
default maximum send tries for send queue daemon
DB configuration name: | seonsqd_max_tries |
The send queue daemon "seonsqd2" will try to send one or all entries this amount of times. After this amount of unsuccessful tries, one or all send queue entries for that partner will be blocked (which will also get logged into the send log). All entries for a partner get blocked, if a connection problem occurs (i.e. invalid SSID/SFID or password, no physical connection to partner, wrong ISDN number or TCP/IP address etc.). One entry will be blocked if the partner doesn't accept this file. The other files are not affected by that error (i.e. wrong virtual filename, wrong alternative SFID of originator or destination).
additional sleeping time for send queue daemon & additional sleeping time factor for send queue daemon
DB configuration name: | seonsqd_add_time & seonsqd_add_time_factor |
You can influence the time the send queue daemon „seonsqd2“ will sleep before it tries to send an send queue entry. The formula for calculating the additional sleep is as follows:
(add. waiting time) = (connect try)*(add. sleeping time)*(add. sleeping time factor)
progress bar refresh time
DB configuration name: | progressbar_refresh |
Seon will update all file transfer progress information after this value (in seconds). Because it is database driven, some MySQL server will crash if you have too many connects to a database in a very short time (which could occur if you transfer very little files with a combination of a small exchange buffer size). If you experience problems with your database server, try increasing this value.
default maximum parallel send processes
DB configuration name: | default_max_sendq_sendings_per_partner |
You can define the amount of parallel sending processes globally here. There is also a definable column in the partner table (see below) to set this value on a per-partner base. If you don't have such a column, this default value will be used.
allow unsecure OFTP 2 authentification
DB configuration name: | oftpv2_allow_unsecure_auth |
If an OFTP 2 partner is requested to use OFTP 2 authentification but he doesn't support this feature, you may allow to authentificate this partner with the OFTP 1 methods by enabling this checkbox. If you insist to use OFTP 2 authentification, disable the checkbox, so the partner will receive an error message that OFTP 2 secure authentification is needed.
delete temporary created files of OFTP 2 session
DB configuration name: | oftpv2_delete_temp_created_files |
Seon creates temporary files by enqueueing files to the send queue or by directly sending a file to an OFTP 2 partner (if the partner is configured to use signing, compression and/or encryption). These temporary files can be deleted by Seon automatically, but you may also want to keep them for later archiving.
disable database schema check
DB configuration name: | disable_check_seon_tables |
Seon checks the database schema with every start of any Seon binary program. This is very useful for verifying that the Seon database tables are really up to date. If any table doesn't exists or a column is missing Seon will try to create the item. The database user therefore needs privileges to create and modify the schema. Leave this checkbox disabled if you want to be on the safe side. Enable the checkbox to disable the schema checks and updates if you encounter database server problems or your database user has no privileges to modify the database.
local character set
DB configuration name: | oftpv2_original_charset |
OFTP 2 supports UTF-8 formatted information and error messages within the protocol and also extended virtual filenames (up to 999 bytes of UTF-8 formatted text). To translate the UTF-8 text into your local character set and to translate command line interaction from your local character set to UTF-8, you have to define your local character set here. If your local character set isn't listed here, you can define it in the database (table: "seon_configuration") manually by entering the character set descriptor in the line where „name“ is "oftpv2_original_charset". All character sets which are supported by "iconv" are supported by Seon. You get a list of supported character sets on the command line with the program:
iconv -l
if installed.
illegal characters for virtual filenames
DB configuration name: | illegal_virt_filename_chars |
In order to reject the receipt of files with irregular characters in its names, you can define a list of characters which are not allowed. If you keep this list empty, all files are accepted. If any of the configured characters is found in the announced virtual filename, the file is rejected and the partner receives the message "illegal character in virtual filename".
enable CAPI keep-alive monitor
DB configuration name: | capi_check_alive_monitor |
In order to use a Brick R4x00 or above, you have to enable this feature. Also, if you don't want to watch for Seon after a reboot of the Brick device, enable this feature.
enable OFTP message checker
DB configuration name: | oftp_message_checker |
To secure your server, an OFTP message checker examines each transfered package for validity. This suppresses protocol attacks from remote and helps to avoid NULL pointer exceptions and other well-known attacks.
send queue entry status after abort
DB configuration name: | sendq_entry_status_after_abort |
You can define the status of a send queue entry after manual abort here. It may be useful to avoid a race between an administrator and the send queue daemon if he aborts the file transfer but the send queue daemon grabs it afterwards because the time slice has taken account. Valid options are "new in queue", "successfully sent", "blocked" and "ready for remote fetch".
enable statistics & RRDtools refresh time
DB configuration name: | enable_statistics & rrd_refresh |
As configured above with the RRDtool paths and directories, you have the possibility to activate or deactivate the scripting functionality here. The statistics contain the average transfer speed of a partner (incoming and outgoing as separate databases). If any of the above configured RRDtool path or binary is unavailable, scripting is disabled, even if you enable it here. The refresh time is the time is seconds when statistical data is transfered into the Round Robin database. This time period depends also on the database configuration of the RRDB and is closely dependant from the creation process which is intergrated into Seon (if an RRDB file doesn't exist). The default of 10 seconds should not be changed!
append timestamp to received file
DB configuration name: | rec_append_timestamp_to_filename |
Some partners may send you files with the same virtual filename, but different timestamps. In order to receive these files properly, an appendix is added to the filename containing the announced timestamp of the file. This also helps to receive the same file from different partners at the same time. Beware: the timestamp syntax has changed from OFTP 1 to OFTP 2!
OFTPv1: Don't wait for EERP message
DB configuration name: | oftpv1_dont_wait_for_eerp |
The normal behaviour of a send queue item is as follows:
- new in queue: waiting for transfer
- taken by send queue: session active, waiting for transfer
- send in progress: active transfer
- waiting for remote acknowledge: waiting for EERP or NERP from partner
- successfully sent: partner acknowleged file (entry may be deleted if configured)
If an partner doesn't send an EERP message, the send queue entry will exist forever. In order to avoid this, the send queue entry may get the status „successfully sent“ after successful send by enabling this checkbox (and may be deleted if the above checkbox „delete send queue entries“ is enabled). Beware: the xERP scripts won't be executed any more because no send queue entry will be found matching the parameters given in any EERP or NERP message. This feature just affects OFTP v1 partners, not OFTP 2!
Enable continuous write of Seon debug daemon output?
DB configuration name: | seondebugd_continuous_write |
When enabling this feature, the Seon debug daemon creates a debug log file (and starts the configured event script if existant) after the ring buffer is full. In this case, no message is lost.
Enable automatic update mechanism?
DB configuration name: | run_updates_automatically |
Activating this feature enables the usage of automatic software and lowers the administrative tasks to keep the software up-to-date.
Send queue daemon partner organizing mechanism
DB configuration name: | sqd_partner_organizing |
If you want to configure a massive parallel installation to be handled by the send queue daemon without shared memory segments for information handling which partner has how many lines online, you may want to switch this configuration value to "database values". The default of "shared memory segments" works perfectly for single instances of Seon and should be set only this way. CAVEAT: when using database values only for parallel channel information on send queue partners, there exists a timeframe when the information is invalid (this is when the send queue daemon forks a new process up to the database update command execution). During this little amount of time, more parallel processes may exist than configured for this partner.
take ALL server IDs into account
DB configuration name: | sqd_db_partner_organizing_all |
If the above configuration of "Send queue daemon partner organizing mechanism" is set to "database values", then only this server ID could be inspected or ALL used servers can be inspected for parallel channels. Enabling this checkbox is the recommended value for this configuration!
is Seon Enterprise installed?
DB configuration name: | seon_enterprise |
If you enable this checkbox, the web interface expands its funtionality needed to administrate Seon Enterprise, an enhanced version of Seon. Disabling this checkbox turns Seon into its default configuration of Seon Core. If you are interested in features of Seon Enterprise, contact your software dealer or write an email to info@seon.de .
default receive plugin group
DB configuration name: | default_rec_plugin_pkg |
This pulldownmenu contains all defined plugin packages. You should select a plugin package which will be run after a job is completely received (i.e. after the receive file sorter has collected all needed files). This configuration is only visible if Seon Enterprise is installed (and the above checkbox is enabled).
default country for partner entries
DB configuration name: | default_country_idx |
When creating a new company entry in the Seon partner database and using Seon Enterprise, a country has to be selected for this partner. For easy administration, a default country is configurable with with configuration. This configuration is only visible if Seon Enterprise is installed (and the above checkbox is enabled).
Logging
Logging enables Seon to insert human readable messages into log tables. You may turn some features on or off to suite your needs.
use syslog
DB configuration name: | use_syslog |
If you turn on this checkbox, major errors will be logged to the server's syslog facility with the severity LOG_ERR. Major errors are table misconfigurations or process dependant messages (fork failures, memory allocation problems etc.).
enable log vault
DB configuration name: | enable_log_vault |
Enabling this feature activates code to move log entries from the direct access log tables to slower log vault tables, where all messages (older than a configurable amount of days) are kept. This enhances the access to the online logs.
maximum age for fast logs
DB configuration name: | logvault_days |
After this amount of days, log entries will be moved from one log to the vault.
move send logs every x timeslices
DB configuration name: | logvault_sendq_timeslices |
The entries older than the above configured value ('maximum age') of the send log will be moved to the slower vault every this amount of time slices of the send queue daemon. This configuration value cooperates with the configuration value 'time slice for send queue daemon'. Only logs belonging to that server ID will be moved to the vault!
move receive logs every x timeslices
DB configuration name: | logvault_recq_timeslices |
The entries older than the above configured value ('maximum age') of the receive log will be moved to the slower vault every this amount of time slices of the receive queue daemon. This configuration value cooperates with the configuration value 'time slice for receive daemon'. Only logs belonging to that server ID will be moved to the vault!
archive received xERP messages & archive sent xERP messages
DB configuration name: | oftpv2_archive_received_xerp & oftpv2_archive_sent_xerp |
It may be useful archive positive and/or negative end-to-end responses. These xERP messages can be seen as acknowledgements from the partner (received xERP) or from yourself (sent xERP). The web interface contains a archive viewer on the left hand: "xERP log". This feature may be needed in some countries for legal issues.
enable script logging
DB configuration name: | enable_script_logging |
Enabling this feature logs all script calls, parameters, returncodes and output to the script logs. In the web interface, you can take a look at the script logs with the link „Script log“. In this interface, you can also restart event scripts (even if they have changed in the configuration: you can then execute the original or the new one, depending on executability of the script file).
Partner table parameters
The main advantage of Seon is the configurable partner table definition. With this feature, you can set up Seon to use your partner definition table (or if using MySQL 5: even views are supported). With this feature, Seon is successfully connected to SWAN, for which also presets exist.
For easy administration, presets exist for the own Seon internal partner table setup (where all features of Seon are supported) and SWAN presets in the web interface.
partner table name
DB configuration name: | partnerdb_tablename |
This alphanumeric field describes the table name of your partners. All SQL statements will be done using this table. (Note: the defined tableprefix doesn't affect this table name!)
active column
DB configuration name: | partnerdb_active |
If your partner table schema support enabled and/or disabled entries, this column defined the availability of a partner. If a non-zero is found in this column, a partner is seen as "active", otherwise (in case of zero) as "inactive". "inactive" partner entries are not taken into account for license purpose.
If this column isn't configured, all entries are used as active entries.
partner index column
DB configuration name: | partnerdb_index |
Each partner needs a numeric value (big integer as a maximum data type) for identifying the partner internally. This number will be re-used in all other tables refering to a partner entry.
partner shortname column
DB configuration name: | partnerdb_shortname |
A partner must have a so called shortname, which will be referenced by all binaries. Also, the shortname is used in logs and displaying the send and receive queue. The maximum length of the field is 255 characters.
partner additional description column
DB configuration name: | partnerdb_longname |
Additional field used only in the partner list web interface of Seon. This settings has no effect to any daemon or program of Seon, it's just for free information. If set and the column exists, the content of this column is printed in the partner list.
partner's SSID column, partner's SFID column & partner's password column
DB configuration name: | partnerdb_his_ssid, partnerdb_his_sfid & partnerdb_his_password |
In order to identify an incoming connection, these columns will be used for authentification. Also, the send queue is using these columns if no alternative values are given. The maximum length of SSID and SFID is 25 characters, the password has a size of 8 characters.
partner's TCP/IP address column (IP or hostname) & partner's ISDN number column
DB configuration name: | partnerdb_his_tcp_address |
These columns are used for defining the TCP/IP hostname or IP address (for TCP/IP or ENX connections) or ISDN number for that partner. The columns can be the same. This (or these) column(s) are/is used also for identifying partners.
partner's TCP/IP port number column
DB configuration name: | partnerdb_his_tcp_port & partnerdb_his_tcp_default_port |
If a column exists which reflects the partner's TCP/IP port of the remote OFTP system, you can define it here. If it doesn't exist in your partner table, you can disable it by enabling the checkbox: the default value of 3305 will be used instead. If the row is defined and also the checkbox is active, the default value will be used.
partner's TCP/IP TLS port number column
DB configuration name: | partnerdb_his_tcp_port_tls & partnerdb_his_tcp_default_port_tls |
If a column exists which reflects the partner's TCP/IP TLS port of the remote OFTP system, you can define it here. If it doesn't exist in your partner table, you can disable it by enabling the checkbox: the default value of 6619 will be used instead. If the row is defined and also the checkbox is active, the default value will be used.
partner's ISDN number column
DB configuration name: | partnerdb_his_isdn_number |
Configure the column containing the ISDN number of the partner here. This may also be the same column as the TCP/IP address, Seon is clever enough to interpret this value on-the-fly.
column defining connection type (ISDN, TCP/IP or TCP/IP TLS secured)
DB configuration name: | partnerdb_his_addresstype |
In order to check if the remote system has a connection type of ISDN, TCP/IP (ENX) or TLS secured TCP/IP connection, you have to define a column which reflects this value. This is also important if the columns for TCP/IP address and ISDN number are the same.
value for connection type in above defined colum defining ISDN connection, value for connection type in above defined colum defining TCP/IP connection & value for connection type in above defined column defining TLS over TCP/IP connection
DB configuration name: | partnerdb_his_connect_isdn_value, partnerdb_his_connect_tcp_value & partnerdb_his_connect_tcp_tls_value |
The above configured column contains values defining which partner has a connection type of ISDN and which one uses TCP/IP or TLS secured TCP/IP. These numeric values define which value should be interpreted as an ISDN, TCP/IP or TCP/IP (TLS) connection type. The value must be unsigned integer, values 0-255.
my SSID column, my SFID colum & my password column
DB configuration name: | partnerdb_my_ssid & partnerdb_my_default_ssid, partnerdb_my_sfid & partnerdb_my_default_sfid, partnerdb_my_password & partnerdb_my_default_password |
In order to use different SSID, SFID and password for default authentification with a partner, you can define here columns which reflect your values. If your partner table doesn't support this type of columns, you can disable these ones with enabling the corresponding checkbox which will result in using the default values above. The Seon send queue daemon behaves the way that the alternative values in the send queue can overwrite these values (if set to a non NULL value).
partner's X.25 number column
DB configuration name: | partnerdb_his_x25_number |
Mostly french partners use non-default X.25 address for ISDN connections. Therefor, a column must be defined which reflects the X.25 address used during connections with these partners. If the value of the column is empty (NULL, an empty string or non-numeric), the value will not be used.
TCP/IP receive/send acceleration column
DB configuration name: | partnerdb_tcpip_rec_accel_column & partnerdb_tcpip_rec_accel_use_defaults, partnerdb_tcpip_send_accel_column & partnerdb_tcpip_send_accel_use_defaults |
This technique is used to accelerate TCP/IP transfers. If your partner doesn't like this type of acceleration (i.e. partners who use Seeburger products), you can define a column which reflects to use the acceleration or not. A value of zero („0“) means disabling the acceleration, non-zero means enabling this feature. If your partner table doesn't have such a feature column, you can disable it by using the default value. If the colum is defined and the checkbox for using default value is enabled, the default will be used.
Acceleration is incompatible with the following partner software solutions:
- Seeburger WinElke
- Bartsch Software
amount of parallel sendings
DB configuration name: | partnerdb_parallel_sendings_column & partnerdb_parallel_sendings_use_defaults |
The default amount of parallel sending processes can be defined per each partner seperately, if you define a table column here. The numerical value (integer) is used to open that many parallel connections. If not such a column is present, you can use the default value defined above (in the „daemon parameters“ section) by enabling the "use default" checkbox.
partner's OFTP version column
DB configuration name: | partnerdb_used_oftp_version |
This numeric column (float) must have the value „1“ for OFTPv1 partners of "2" for OFTP 2 partners. If no value is in the column, OFTPv1.4 will be used.
Seon interprets the following values of version encodings:
- '
1
' -> OFTP 1.4, OFTP release coded value:4
- '
1.0
' -> OFTP 1.0, OFTP release coded value:1
- '
1.1
' -> OFTP 1.1, OFTP release coded value:1
- '
1.2
' -> OFTP 1.2, OFTP release coded value:1
- '
1.3
' -> OFTP 1.3, OFTP release coded value:2
- '
1.4
' -> OFTP 1.4, OFTP release coded value:4
- '
2
' -> OFTP 2, OFTP release coded value:5
- '
2.0
' -> OFTP 2, OFTP release coded value:5
Any other value will fallback to OFTP 1.4, coded value: 4
partner's OFTP 2 cipher suite column
DB configuration name: | partnerdb_used_oftp2_ciphersuite |
The cipher suite used for outgoing files and connections is defined in this integer column. Valid values are 0-99.
partner's OFTP 2 compression column
DB configuration name: | partnerdb_oftp2_compression |
The compression algorithm for that partner for outgoing files is defined in this integer column. Valid values are zero („0“) or one („1“), but may vary on future implementations.
partner's OFTP 2 signing column
DB configuration name: | partnerdb_oftp2_sign |
partner's OFTP 2 encryption column
DB configuration name: | partnerdb_oftp2_encrypt |
partner's OFTP 2 secure authentification column
DB configuration name: | partnerdb_oftp2_sec_auth |
partner's OFTP 2 signed EERP/NERP column
DB configuration name: | partnerdb_oftp2_req_sig_eerp |
These numeric columns describes if a feature will be used for outgoing files to that partner (non-zero value) or not (zero value).
GUI niceup parameters
In order to make the Seon web interface more useful, some parameters can be defined to configure the web interface to your needs.
progressbar in send and rec queue will be displayed using the following media type
DB configuration name: | progressbar_flash |
You can select if you want to see the progress bar using plain HTML code (which needs a manual reload of the page to get the acual state) or a Flash based progress bar, which doesn't need a manual refresh of the page.
relative path in web interface for success soundfile & relative path in web interface for abort soundfile
DB configuration name: | pgbar_sucess_soundfile & pgbar_abort_soundfile |
If the progress bar is configured as Flash, you can define a sound file (valid formats: MP3, OGG or WAV) which will be played after a successful or unsuccessful file transfer. The file position is relative to the web interface!
lines per page
DB configuration name: | lines_per_page |
In order to support different display resolutions, you can define how many lines of results will be displayed on one page. This affects the partner administration and all logs.
truncate strings
DB configuration name: | truncate_strings_length |
To make send and receive queue more readable, you can define how many characters of a file will be displayed in the columns.
gray out (dim) send queue entries
DB configuration name: | dim_out_sendq |
If you enable this feature, send queue entries will become more and more gray the more send tries they have. Useful if you want to see which entries are old.
show hashes in xERP list
DB configuration name: | show_hashes_in_web_interface |
OFTP 2 supports file hashes in xERP messages. If you don't want to download them from the list and view them manually, Seon can display them in the xERP log directly as hexadecimal values.
show partners with unknown medium
DB configuration name: | display_partners_with_unknown_medium |
Escpecially useful for non-Seon partner table configuration. You can disable the occurance of partners in the partners list with unknown media types.
progressbar refresh time
DB configuration name: | progressbar_refresh_webinterface |
In order to lower database traffic, the time interval for progress information retrieval is configurable for the Flash progress bar plugin separately.
enable automatic reload of send queue overview
DB configuration name: | sendq_auto_reload |
A dynamic countdown is displayed for entries in the send queue which are in the state "taken by send queue". In order to reload the complete send queue overview when such entries reach an active state, enable this checkbox.
locale used in date formatting
DB configuration name: | sendq_auto_reload |
All listings containing dates (year, month, day, hour, minute and seconds) are being displayed via this locale setting. This influences Seon administrative web interface only.
default language for Seon webaccess
DB configuration name: | webaccess_default_lang |
The default language of Seon webaccess (v3) can be defined here. Possible values:
en
: englishde
: german
If not set, "en" (english) will be used.
only show active partners in logs
DB configuration name: | only_show_active |
If the partner table configuration contains a column for 'active' entries and this check is enabled, only active partners will be shown in receive logs, send logs and xERP logs.
reload send queue
DB configuration name: | webgui_reload_sendq |
If a value greater than zero i configureds here, the send queue overview (web GUI) will be reloaded every configured amount of seconds if it is empty.
reload receive queue
DB configuration name: | webgui_reload_recq |
If a value greater than zero is configured here, the receive queue overview (web GUI) will be reloaded every configured amount of seconds if it is empty.
display render time?
DB configuration name: | display_render_time |
Enabling this feature prints out rendering times on the webserver for this overview at the bottom of each page.
other interesting configurable values
Some values are not configurable via web interface, but also have a useful meaning when running Seon. These configuration value names are:
seonclientd_port
: TCP/IP port of the program Seon client daemonseonrd_stop_req
: When set to non-zero value, the Seon receive daemon will stop in the next iteration after the time slice. This feature can be used to stop the daemon when no permissions to kill the process are granted.seonsqd_stop_req
: When set to non-zero value, the Seon send queue daemon will stop in the next iteration after the time slice. This feature can be used to stop the daemon when no permissions to kill the process are granted.webinterface_path
: Absolute path of the web interface on the webserver. This is useful for upgrading processes in order to update the path correctly.