Provided by: openipmi_2.0.18-0ubuntu11_i386 bug

NAME

       ipmilan - IPMI LAN to System Interface Converter

SYNOPSIS

       ipmilan [-c configfile] [-i ipmidevice] [-d] [-n]

DESCRIPTION

       The  ipmilan  daemon allows an IPMI system interface using the OpenIPMI
       device driver to be accessed using the IPMI 1.5 LAN protocol.

       ipmilan supports the full authentication capabilities of the  IPMI  LAN
       protocol.

       ipmilan  supports multiple IP addresses for fault-tolerance.  Note that
       messages coming in on an address are always sent back out on  the  same
       address they came in.

OPTIONS

       -c config-file
              Set  the  configuration  file  to  one other than the default of
              /etc/ipmi_lan.conf

       -n     Stops  the  daemon  from   forking   and   detaching   from  the
              controlling terminal. This is useful for running from init.

       -d     Turns  on  debugging  to standard output.  You generally have to
              use -n with this.

CONFIGURATION

       Configuration is accomplished through the file  /etc/ipmi_lan.conf.   A
       file with another name or path may be specified using the -c option.

       The following fields are used in many commands:

       boolean May be "true", "false", "on" or "off".

       priv  An  IPMI  privilege  level.   This  may  be  "callback",  "user",
       "operator", or "admin".

       auth  An  IPMI  authorization  type.   This  may  be  "none"   for   no
       authentication,   "straight"   for   straight,   in-the-clear  password
       authentication, "md2" for use MD2  message  digest  authentication,  or
       "md5" for using MD5 message digest authentication.

       addr IP-address [UDP-port]
              IP-address specifies the IP address to use for an IP port. Up to
              4 addresses may be specified.  If no address  is  specified,  it
              defaults  to  one  port  at  0.0.0.0  (for  every address on the
              machine) at port 623.

              UDP-port specifies an optional port to listen on. It defaults to
              623 (the standard port).

       PEF_alerting boolean
              Turn PEF alerting on or off (not currently supported).

       per_msg_auth boolean
              Turn per-message authentication on or off.

       priv_limit priv
              The maximum privilege allowed on this interface.

       allowed_auths_callback [auth [auth [...]]]
              auth  specifies  allowed  authorization  levels for the callback
              privilege level.  Only the levels specified  on  this  line  are
              allowed  for  the  authorization  level.   If  this  line is not
              present, callback authorization cannot be used.

       allowed_auths_user [auth [auth [...]]]
              auth  specifies  allowed  authorization  levels  for  the   user
              privilege  level.   Only  the  levels specified on this line are
              allowed for the  authorization  level.   If  this  line  is  not
              present, user authorization cannot be used.

       allowed_auths_operator [auth [auth [...]]]
              auth  specifies  allowed  authorization  levels for the operator
              privilege level.  Only the levels specified  on  this  line  are
              allowed  for  the  authorization  level.   If  this  line is not
              present, operator authorization cannot be used.

       allowed_auths_admin [auth [auth [...]]]
              auth  specifies  allowed  authorization  levels  for  the  admin
              privilege  level.   Only  the  levels specified on this line are
              allowed for the  authorization  level.   If  this  line  is  not
              present, user authorization cannot be used.

       user usernum enabled username password max-priv max-session [auth [auth
       [...]]]
              usernum specifies the user number for the user.  Note that  user
              number   0  is  invalid,  and  user  number  1  is  the  special
              "anonymous" user, whose username is ignored.  This value may  be
              up to 63, the maximum possible IPMI user.  If you want anonymous
              access, you must have a user number 1.

              enabled is a boolean that specified whether the user is  enabled
              or not.

              username specifies the name of the user, specified as a name.

              password  specifies  the  password  of  the user, specified as a
              name.

              max-priv specifies the maximum privilege level allowed  for  the
              user.

              max.sessions  specifies  the  maximum number of session the user
              may open.

              auth specifies the allowed authorization  types  for  the  user.
              Only  the  specified ones are allowed, so if none are specified,
              the user will be disabled.

       guid name
              Allows the 16-byte GUID  for  the  IPMI  LAN  connection  to  be
              specified.   If  this is not specified, then the GUID command is
              not supported.

       Blank lines and lines starting with `#' are ignored.

SECURITY

       ipmilan implements normal IPMI security.  The default is no access  for
       anyone,  so  the  default  is pretty safe, but be careful what you add,
       because this  is  access  to  control  your  box.   straight  and  none
       authorizations  are not recommended, you should probably stick with md2
       or md5.

SIGNALS

       SIGHUP
            ipmilan should handle SIGHUP and reread it's configuration  files.
            However,  it  doesn't  right now.  It might in the future, for now
            you will have to kill it and restart it.   Clients  should  handle
            reconnecting in this case.  If they don't, they are broken.

ERROR OUTPUT

       At  startup,  all  error  output goes to stderr.  After that, all error
       output goes to syslog.

FILES

       /etc/ipmi_lan.conf

SEE ALSO

       ipmi_ui(1)

KNOWN PROBLEMS

       Currently, ipmilan does not implement writing the  config  file.   IPMI
       commands   to  change  configuration  options  are  accepted,  but  the
       permanent writing of the changes does not currently work.

AUTHOR

       Corey Minyard <cminyard@mvista.org>