| Subject: | Re: [Xen-devel] Xend port |
|---|---|
| Date: | Thu, 03 Mar 2005 17:32:40 -0700 |
| From: | Ted Hilts <thilts@help-for-you.com> |
| To: | Rich Persaud <rich.p@xensource.com>, xen-devel@lists.sourceforge.net |
| CC: | Mark Williamson <maw48@cl.cam.ac.uk>, Tim.Deegan@cl.cam.ac.uk |
| References: | <42268544.3060201@help-for-you.com> <200503031533.49342.maw48@cl.cam.ac.uk> <42273EE1.1050905@xensource.com> |
netstat -anp excerpt of Xen 2.0.4 on CentOS 3.4:My next question:
What exactly is an HTTP/S server -- apparently it is a requirement for
browser administration access to a Xen-based system? Is Apache such a
server and if not can it be turned into such a server???
HTTPS? It's a secured version of HTTP. I don't think you shouldn't need to install anything extra to make this work - Twisted includes its own HTTP server.
(btw, Apache can serve over HTTPS but we don't use it in Xen)
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 17856/python tcp 0 0 0.0.0.0:8001 0.0.0.0:* LISTEN 17856/python tcp 0 0 0.0.0.0:8002 0.0.0.0:* LISTEN 17855/xfrd tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 17977/python
User manual says this can be configured via /usr/lib/python2.3/site-packages/xen/sv/params.py. This file does not exist in the /usr/lib/python*, but /etc/xen/xend-config.sxp includes:
# Port xend should use for the HTTP interface.
(xend-port 8000)
Questions:
1) xend web interface appears on port 8080 (non SSL). Is the xend-config.sxp parameter not honored?
2) Does Twisted natively support SSL? I found conflicting statements in my brief research.
3) What is listening on ports 8000 and 8001?
4) Related subject, how is xfrd (port 8002) secured against malicious domain transfers?
Rich