#author("2025-04-15T10:20:48+00:00","default:iseki","iseki")
#author("2025-04-15T10:21:13+00:00","default:iseki","iseki")
* sl_relay [#k8b98ddc]
[[日本語はこちら>sl_relay]]~

** Outline [#uf81341b]
-''sl_relay'' is a Packet Relay Server for Second Life running on Linux. It is aimed at connecting to Second Life Servers from a PC through a firewall such as might be found in a university.
-''sl_relay'' relays communication (UDP,HTTP/HTTPS) between the SIM Server and the Second Life viewer.
- Note: it not only relays but also scans inside each packet. Thus when the content of a packet (URL, IP address and port number) indicate another SIM is involved, a new relay process for that SIM can be started.

- ''[[sl_cache>sl_cache (E)]]'' can be used with ''sl_relay'' to provide a texture data cache.
- When caching UDP packets (''[[sl_cache>sl_cache (E)]]''), the sequence number of each UDP packet is rewritten to prevent contradictions.

- It is also possible to limit access to particular SIMs by using ''sl_relay'' with the Information Server (''[[sl_info>sl_info (E)]]'').

- ''sl_relay'' is part of ''[[sl_proxy>sl_proxy (E)]]''. 
- The current version is ''1.10.1'' (4 Oct. '11)


***''Outline of Functions.'' [#b28df040]
+ You can execute Second Life from a PC with private IP address behind a firewall.
+ You can specifiy the port number for firewall access.
+ Access to ''sl_relay'' can be controlled.
+ Full HTTPS access between Viewer and Relay Server is possible. (default is HTTP)
+ MusicURL and MediaURL(High 23) is supported. However, it is recommended that a Web proxy be used.
+ External Web Proxy (e.g. squid) connection is supported. Moreover, an internal Web Proxy function is included.
+ [[OpenSim]] is supported. (Test version)
+ ''[[sl_cache>sl_cache (E)]]'' connection is supported. (''[[sl_cache>sl_cache (E)]]'' is the texture cache server for ''sl_relay''.)
+ When ''[[sl_cache>sl_cache (E)]]'' is down or response is too slow, ''sl_relay'' automatically disconnects from the cache server after short delay.
+ Access to Second Life SIMs can be controlled, by Avatar, viewer machine IP or at the global SIM level through the use of white lists with ''[[sl_info>sl_info (E)]]''.

***''Annoyances or Bugs.'' [#dc53166d]
+ You might see the same message two or more times in IM or chat. The cause is unknown, sorry.
+ A stress test of ''sl_relay'' has not been carried out.

**''Explanation'' [#g7f1e55f]
+ [[Over the Firewall>./Firewall]]
+ [[Cooperation with the Cache Server>./Cooperation with the Cache Server]]
+ [[Cooperation with the Information Server>./Cooperation with the Information Server]] 
+ [[Communication by HTTPS>./Communication by HTTPS]]
+ [[Web Proxy Function>./WebProxy]]
+ [[When the server has two or more network interfaces>/sl_proxy (E)/two or more network interfaces]]
+ [[Rewrite Viewer Version>./Rewrite Viewer Version]]
+ [[Log and Debug Mode>./Log and Debug Mode]] 
+ [[Security>./Security]]
+ [[Get Grid Information>./Get Grid Information]]

** Configuration [#q6718feb]
- The default configuration file is ''/usr/local/etc/sl_proxy/sl_relay.conf''. 
- It is also possible to specify an alternate configuration file using the ''-f'' option of  ''sl_relay''.
- Because the configuration file is read before ''sl_relay'' does the switch to the effective user, exec user should be able to be read.
- The setting of each item is described in the configuration file. Empty lines or lines starting with # are not read.


*** Items [#mdd29c33]
**** Communication port with SIM Server [#p93e3cae]
-[[MinUdpExPort>./MinUdpExPort]]
-[[MaxUdpExPort>./MaxUdpExPort]]
-[[MinTcpExPort>./MinTcpExPort]]
-[[MaxTcpExPort>./MaxTcpExPort]]

**** Communication port with Viewer [#k3e77800]
-[[MinUdpImPort>./MinUdpImPort]]
-[[MaxUdpImPort>./MaxUdpImPort]]
-[[MinTcpImPort>./MinTcpImPort]]
-[[MaxTcpImPort>./MaxTcpImPort]]

**** Control port of Relay Controller [#veb796bb]
-[[MinControlPort>./MinControlPort]]
-[[MaxControlPort>./MaxControlPort]]


**** HTTPS(SSL) [#c3106ca2]
-[[CERT_PEM_File>./CERT_PEM_File]]
-[[SKEY_PEM_File>./SKEY_PEM_File]]
-[[CA_PEM_File>./CA_PEM_File]]

**** Access control [#rf8a9f3c]
-[[Hosts_Allow_File>/sl_proxy (E)/Hosts_Allow_File]]
-[[ExternalWebProxy>./ExternalWebProxy]]
-[[Proxy_Allow_File>./Proxy_Allow_File]]

**** Etc. etc. [#s663b4ba]
- [[SL_GridInfo_File>/sl_proxy (E)/SL_GridInfo_File]]
- [[Temp_File_Dir>/sl_proxy (E)/Temp_File_Dir]]
- [[MaxIdleTime>/sl_proxy (E)/MaxIdleTime]]


**Execute Options [#p28613aa]
 sl_relay  [-s server_name[:port]] [-p port] [-f config_file] [-u user_name]
           [-i interface_address]
           [-pid pid_file] [-l [log_file]] [-v syslog_level]
           [-cs [cache_server:port]] [-cg] [-cp]
           [-is [info_server:port]] [-wf]
           [-vs [voice_relay_server:port]]
           [-as] [-aca] [-ano]
           [-xp [web_proxy_server:porti]] [-ip [port]] [-ipx [port]] [-mm]
           [-ver version]
           [-d] [-x] [-xt] [-xu] [-xuf]
           [--version] [--help] [-h]
 
 -s   : specify login server of Second Life. default is login.agni.lindenlab.com:443
 -p   : port number that Viewer connects. default is 8100.
 -f   : configuration file. default is /usr/local/etc/sl_proxy/sl_relay.conf
 -u   : specify effective user.
 -i   : specify Viewer side network interface IP address. 
       if your server has two or more network interfaces,
        you need to use this option.
 -pid : specify pid file.
 -l   : specify log file. default is /var/sl_proxy/sl_relay.log
 -v   : level of syslog. default is LOG_INFO (7).
 
 -cs  : specify sl_cache cache server. default is localhost:8200
 -cg  : only get cache data. do not save data.
 -cp  : only save cache data. do not get data.
                 
 -is  : specify sl_info infomation server. default is localhost:8086
 -wf  : The access limitation to SIM by the white list is done in cooperation with sl_info.
                 
 -vs  : specify sl_voice_relay server. default is localhost:8088
                  
 -as  : use HTTPS between Viewer and Relay Server.
 -aca : confirms Second Life Server by using C:\Program Files\SecondLife\app_settings\CA.pem
 -ano : no HTTPS communication. Do not use, usually. It is for OpenSim olny. (Experimental option)
                 
 -xp  : specify external web proxy server.
 -ip  : use internal web proxy function with full access mode. 
        excute internal web proxy process. port number can be specified.
 -ipx : use internal web proxy function with restricted mode. 
       excute internal web proxy process.  port number can be specified.
 -mm  : relay MusicURL and MediaURL(High 23). If it is possible, to use web proxy function of viewer.
        
 -ver : rewrite Viewer version. 
        Please use this temporarily only when you cannot immediately install new Viewer.
        It is dangerous to use this lasting long, and never do it!!
        
 -d   : debug mode. display debug information
 -x   : TCP(HTTP/HTTPS) packets are saved at working directory and UDP packet headers are printed.
 -xt  : TCP(HTTP/HTTPS) packets are saved at working directory.
 -xu  : UDP packet headers are printed.
 -xuf : UDP packet is full dumped.
        
 --version  : display Version information.
 --help, -h : display this Help messages.

**Processes [#f13647f7]

*** Relationship between Processes [#ece449c6]
#ref(sl_relay/sl_relay.png,,85%)

***Transformation of UDP and HTTP/HTTPS Packets [#cfd53c48]
http://www.nsl.tuis.ac.jp/xoops/modules/xpwiki/?plugin=ref&page=sl_relay&src=sl_relay2.png 
*** Transformation of UDP and HTTP/HTTPS Packets [#cfd53c48]
#ref(sl_relay/sl_relay2.png,,85%)
-[Proxy Process] is ''Relay Process''
-[Control Process] is ''Relay Controller''
トップ   編集 差分 履歴 添付 複製 名前変更 リロード   新規 ページ一覧 検索 最終更新   ヘルプ   最終更新のRSS