diff options
| author | Sergey Skvortsov <skv@FreeBSD.org> | 2006-09-03 19:41:45 +0000 |
|---|---|---|
| committer | Sergey Skvortsov <skv@FreeBSD.org> | 2006-09-03 19:41:45 +0000 |
| commit | 073078f05affa574110a61729c181e65f14fc1ea (patch) | |
| tree | 90d115caca042d6f20e62e18044939cde57fe1bb /net-mgmt/ng_ipacct | |
| parent | 7c5971d897186e3c767b89464722860fe6b1d8da (diff) | |
| download | ports-073078f05affa574110a61729c181e65f14fc1ea.tar.gz ports-073078f05affa574110a61729c181e65f14fc1ea.zip | |
Notes
Diffstat (limited to 'net-mgmt/ng_ipacct')
| -rw-r--r-- | net-mgmt/ng_ipacct/Makefile | 6 | ||||
| -rw-r--r-- | net-mgmt/ng_ipacct/files/ng_ipacct.conf | 54 | ||||
| -rw-r--r-- | net-mgmt/ng_ipacct/files/ng_ipacct.sh.in | 14 |
3 files changed, 68 insertions, 6 deletions
diff --git a/net-mgmt/ng_ipacct/Makefile b/net-mgmt/ng_ipacct/Makefile index 01d98d2be225..9ea2f99b7c78 100644 --- a/net-mgmt/ng_ipacct/Makefile +++ b/net-mgmt/ng_ipacct/Makefile @@ -7,14 +7,14 @@ PORTNAME= ng_ipacct PORTVERSION= 20050731 +PORTREVISION= 1 CATEGORIES= net-mgmt -MASTER_SITES= ftp://ftp.wuppy.net.ru/pub/FreeBSD/local/kernel/ng_ipacct/ +MASTER_SITES= ${MASTER_SITE_LOCAL:S!$!skv/!} \ + ftp://ftp.wuppy.net.ru/pub/FreeBSD/local/kernel/ng_ipacct/ MAINTAINER= skv@FreeBSD.org COMMENT= Netgraph IP accounting -BROKEN= Unfetchable - NO_PACKAGE= "Depends on kernel" OPTIONS= MEM_ZONE "Use UMA zone allocator (5.x only)" off diff --git a/net-mgmt/ng_ipacct/files/ng_ipacct.conf b/net-mgmt/ng_ipacct/files/ng_ipacct.conf index e76599811807..d02a42b0b9f9 100644 --- a/net-mgmt/ng_ipacct/files/ng_ipacct.conf +++ b/net-mgmt/ng_ipacct/files/ng_ipacct.conf @@ -44,6 +44,27 @@ ng_ipacct_default_ether_stop=' shutdown %%iface%%: ' +ng_ipacct_bpf_ether_start=' + mkpeer %%iface%%: tee lower right + name %%iface%%:lower %%iface%%_tee + connect %%iface%%: lower upper left + + mkpeer %%iface%%_tee: bpf right2left %%iface%%_in + name %%iface%%_tee:right2left %%iface%%_bpf + connect %%iface%%_tee: right2left left2right %%iface%%_out + + mkpeer %%iface%%_bpf: ipacct %%iface%%_match_in %%iface%%_in + name %%iface%%_bpf:%%iface%%_match_in %%iface%%_ip_acct + connect %%iface%%_bpf: %%iface%%_ip_acct: %%iface%%_match_out %%iface%%_out +' + +ng_ipacct_bpf_ether_stop=' + shutdown %%iface%%_ip_acct: + shutdown %%iface%%_bpf: + shutdown %%iface%%_tee: + shutdown %%iface%%: +' + # EXAMPLE 1. Ethernet interface # +-------------------------------+ @@ -147,3 +168,36 @@ ng_ipacct_vpn0_start=' ng_ipacct_vpn0_stop=' shutdown %%iface%%_ip_acct: ' + +# EXAMPLE 4. Ethernet interface with BPF + +# +-------------------------------+ +# | | +# (upper) (left2right)-----(xl0_in) (xl0_match_in)----(xl0_in) +# | | | | | | +# xl0 +--(left)-xl0_tee-(right) xl0_bpf xl0_ip_acct +# | | | | | | +# (lower) | (right2left)----(xl0_out) (xl0_match_out)--(xl0_out) +# | | +# +----------+ +# +# xl0 - ng_ether +# xl0_tee - ng_tee +# xl0_bpf - ng_bpf +# xl0_ip_acct - ng_ipacct + +# Configuration for 'xl0_ip_acct' node: + +ng_ipacct_xl0_dlt="EN10MB" # required line; see ipacctctl(8) +ng_ipacct_xl0_threshold="15000" # '5000' by default +ng_ipacct_xl0_verbose="yes" # 'yes' by default +ng_ipacct_xl0_saveuid="yes" # 'no' by default +ng_ipacct_xl0_savetime="no" # 'no' by default +ng_ipacct_xl0_start=${ng_ipacct_bpf_ether_start} +ng_ipacct_xl0_stop=${ng_ipacct_bpf_ether_stop} +ng_ipacct_xl0_checkpoint_script="path/to/your/script --checkpoint-and-save xl0" + # this script is called on stop (to save accumulated + # data) or via "rc.d/ng_ipacct.sh checkpoint" +ng_ipacct_xl0_afterstart_script="path/to/your/script --load-bpf-filters xl0" + # this script is called just after initialization + # of nodes to load filters into xl0_bpf diff --git a/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in b/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in index 8ef364535eaa..9683fcd976c0 100644 --- a/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in +++ b/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in @@ -114,6 +114,13 @@ EOF ${ipacctctl} ${iface}_ip_acct:${iface} verbose ${verbose} ${ipacctctl} ${iface}_ip_acct:${iface} saveuid ${saveuid} ${ipacctctl} ${iface}_ip_acct:${iface} savetime ${savetime} + + eval afterstart_script=\$ng_ipacct_${iface}_afterstart_script + if [ -n "${afterstart_script}" ]; then + (set -T + trap 'exit 1' 2 + ${afterstart_script} ${iface}) + fi fi done } @@ -146,15 +153,16 @@ stop_cmd() eval checkpoint_script=\$ng_ipacct_${iface}_checkpoint_script if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then - ${sed} "s!%%iface%%!${iface}!g" <<-EOF | ${ngctl_batch} -$stop_script -EOF if [ -n "${checkpoint_script}" ]; then (set -T trap 'exit 1' 2 ${checkpoint_script}) fi + ${sed} "s!%%iface%%!${iface}!g" <<-EOF | ${ngctl_batch} +$stop_script +EOF + if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then warn "netgraph node '${iface}_ip_acct' did not destroyed!" fi |