Ultra-tiny HOWTO: coordinating smoothwall events between systems       04/2001

	(copyleft) 2001 by Brian Coyle	brianc@magicnet.net
    	This document may be freely distributed under the FDL.
	http://www.gnu.org/copyleft/fdl.html

This HOWTO demonstrates a method to coordinate events between a Smoothwall
firewall [0] and another system in the local network.


Sometime back, I posted a one-liner to check the dialing status of a Smoothwall
modem from another system [1]. This is useful for things you want to place into
a cron job, but don't want to run unless the modem is connected.

There are also times when the smoothwall box should initiate an action on
another box.  For example, when the modem connects I like to fetch my mail.
This way, I don't have to wait for the next cron job to check.  Besides, it's
possible the connection will time-out (I'm using dial-on-demand [2] ) before 
the cron triggers...

Of course, I'm not running the mail server on the smoothwall firewall, so
I needed a way to trigger the event on my 'inside' server.

Since my inside server is running Apache, it made sense to use CGI to 
communicate between the boxes.  Installing wget on smoothwall allows
the firewall to send CGI requests from script to the inside server as 
necessary.

Here's an example (using my getmail script):

On the smoothwall box:

	1. Install wget into /usr/local/bin (or /usr/bin if you wish).
	2. modify the /etc/ppp/ip-up script to trigger the CGI.  I've added
	   this as the last line:

            system "/usr/local/bin/wget -q -t1   \
                -O /dev/null http://hank/cgi-bin/getmail.cgi";

           NOTE: hank is the name of my inside server.
 
On the inside server:

	1. Create the $CGI_ROOT/cgi-bin/getmail.cgi script:
	  
	    $ more /home/httpd/cgi-bin/getmail.cgi 
	    #!/usr/bin/perl -w

	    print "Content-type: text/html\n\n";
	    print "<HTML><TITLE>Request new mail</TITLE><BODY>\n\n";


	    system '/home/brian/bin/getmail';

	    print <<END
            <DIV ALIGN='CENTER'>
            <BR>
            <FONT SIZE='6'>getmail has started</FONT>
            </DIV>
            END
	    ;
            print "</BODY></HTML>\n\n";

	I chose to use perl and echo some feedback, so it can be
	tested, debugged, run manually.  With a little work, this
	single script could be generalized to provide service to
	many scripts, based on a parameter.

	2. Since the Apache server runs as user 'nobody', a 
	   slight modification to my original getmail script is
           necessary (to override the fetchmail rc file):

		:
		:
		fetchmail -s -f /home/brian/.fetchmailrc

	   You will of course want to specify _your_ .fetchmailrc path...




[0]  http://www.smoothwall.org
[1]  http://www.matrixlist.com/pipermail/leaplist/2001-January/009112.html
[2]  http://www.geocrawler.com/archives/3/8259/2001/1/250/4948802/