Okra is the monitoring server. Uses Cacti to do the monitoring, which currently operates questionably.
Currently has ethernet cable to switch, accessing outside world via the VLAN functions of the switch.
# Realtek|RTL-8169 Gigabit Ethernet HWADDR=00:09:5B:BC:EC:C9 DEVICE=eth0 BOOTPROTO=none IPADDR=10.0.0.246 NETMASK=255.255.255.0 ONBOOT=yes TYPE=Ethernet USERCTL=no PEERDNS=yes IPV6INIT=no
# UNH network VLAN=yes DEVICE=eth0.2 BOOTPROTO=none BROADCAST=188.8.131.52 IPADDR=184.108.40.206 NETMASK=255.255.252.0 NETWORK=220.127.116.11 ONBOOT=yes REORDER_HDR=no GATEWAY=18.104.22.168 TYPE=Ethernet USERCTL=no PEERDNS=yes IPV6INIT=no
DEVICE=lo IPADDR=127.0.0.1 NETMASK=255.0.0.0 NETWORK=127.0.0.0 # If you're having problems with gated making 127.0.0.0/8 a martian, # you can change this to something else (255.255.255.255, for example) BROADCAST=127.255.255.255 ONBOOT=yes NAME=loopback
# NPG Config: # Allow direct root logins only from console and einstein + : root : LOCAL einstein.unh.edu einstein.farm.physics.unh.edu lentil.unh.edu lentil.farm.physics.unh.edu # Allow only NPG users and administrators - : ALL EXCEPT npg domain_admins : ALL
# Backups are 'pull' only. Too bad there isn't a better way to enforce this. read only = yes # Oh for the ability to retain CAP_DAC_READ_SEARCH, and no other. #uid = root # XXX There seems to be an obscure bug with pam_ldap and rsync whereby # getpwnam(3) segfaults when (and only when) archiving /etc. Using a numeric # uid avoids this bug. Only verified on Fedora Core 2. uid = 0 # There's not much point in putting the superuser in a chroot jail # use chroot = yes # This isn't really an effective "lock" per se, since the value is per-module, # but there really ought never be more than one, and it would at least # ensure serialized backups. max connections = 1 [usr_local] path = /usr/local comment = unpackaged software [opt] path = /opt comment = unpackaged software [etc] path = /etc comment = conf files [var] path = /var comment = user and system storage