aboutsummaryrefslogtreecommitdiff
path: root/net-mgmt/ng_ipacct
diff options
context:
space:
mode:
authorSergey Skvortsov <skv@FreeBSD.org>2005-02-28 12:34:58 +0000
committerSergey Skvortsov <skv@FreeBSD.org>2005-02-28 12:34:58 +0000
commitacde01090d700a1eb3902f996d53a6874ace3046 (patch)
tree25d700d31c76315133e779919feca3a804a87e39 /net-mgmt/ng_ipacct
parent2e7775777bf08addd7e9c8d8fcf34cad2f9fb673 (diff)
downloadports-acde01090d700a1eb3902f996d53a6874ace3046.tar.gz
ports-acde01090d700a1eb3902f996d53a6874ace3046.zip
Notes
Diffstat (limited to 'net-mgmt/ng_ipacct')
-rw-r--r--net-mgmt/ng_ipacct/Makefile44
-rw-r--r--net-mgmt/ng_ipacct/distinfo2
-rw-r--r--net-mgmt/ng_ipacct/files/ng_ipacct.conf106
-rw-r--r--net-mgmt/ng_ipacct/files/ng_ipacct.sh.in160
-rw-r--r--net-mgmt/ng_ipacct/files/pkg-message.in13
-rw-r--r--net-mgmt/ng_ipacct/pkg-descr19
-rw-r--r--net-mgmt/ng_ipacct/pkg-plist6
7 files changed, 350 insertions, 0 deletions
diff --git a/net-mgmt/ng_ipacct/Makefile b/net-mgmt/ng_ipacct/Makefile
new file mode 100644
index 000000000000..b6d22935349e
--- /dev/null
+++ b/net-mgmt/ng_ipacct/Makefile
@@ -0,0 +1,44 @@
+# New ports collection makefile for: ng_ipacct
+# Date created: 30 Nov 2004
+# Whom: Sergey Skvortsov <skv@protey.ru>
+#
+# $FreeBSD$
+#
+
+PORTNAME= ng_ipacct
+PORTVERSION= 20050228
+CATEGORIES= net-mgmt
+MASTER_SITES= ftp://ftp.wuppy.net.ru/pub/FreeBSD/local/kernel/ng_ipacct/
+
+MAINTAINER= skv@FreeBSD.org
+COMMENT= Netgraph IP accounting
+
+NO_PACKAGE= "Depends on kernel"
+
+OPTIONS= MEM_ZONE "Use UMA zone allocator (5.x only)" off
+
+PLIST_SUB+= KMODDIR=${KMODDIR}
+
+WRKSRC= ${WRKDIR}/${PORTNAME}
+MAKE_ENV= BINDIR="${PREFIX}/sbin"
+
+MAN8= ipacctctl.8
+MANLANG= ru.KOI8-R
+MANCOMPRESSED= yes
+
+USE_RC_SUBR= ng_ipacct.sh
+SUB_FILES= pkg-message
+
+.include <bsd.port.pre.mk>
+
+.ifdef WITH_MEM_ZONE
+CFLAGS+= -DMEM_USE_ZONE
+.endif
+
+post-install:
+ @${MKDIR} ${PREFIX}/include/netgraph
+ ${INSTALL_DATA} ${WRKSRC}/ng_ipacct/ng_ipacct.h ${PREFIX}/include/netgraph
+ ${INSTALL_DATA} ${FILESDIR}/${PORTNAME}.conf ${PREFIX}/etc/
+ @${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.post.mk>
diff --git a/net-mgmt/ng_ipacct/distinfo b/net-mgmt/ng_ipacct/distinfo
new file mode 100644
index 000000000000..a567c8a0d968
--- /dev/null
+++ b/net-mgmt/ng_ipacct/distinfo
@@ -0,0 +1,2 @@
+MD5 (ng_ipacct-20050228.tar.gz) = 881f05c5c4745128b45275af6b82f93f
+SIZE (ng_ipacct-20050228.tar.gz) = 24970
diff --git a/net-mgmt/ng_ipacct/files/ng_ipacct.conf b/net-mgmt/ng_ipacct/files/ng_ipacct.conf
new file mode 100644
index 000000000000..819f1c6f06a8
--- /dev/null
+++ b/net-mgmt/ng_ipacct/files/ng_ipacct.conf
@@ -0,0 +1,106 @@
+# $FreeBSD$
+#
+# Please read and meditate on netgraph(4), ipacctctl(8) and ngctl(8).
+
+# Enable ng_ipacct (i.e. enable run startup script "ng_ipacct.sh")
+#ng_ipacct_enable="YES"
+
+# Enable kernel modules loading.
+# On "ng_ipacct.sh start" all kernel modules specified
+# in ${ng_ipacct_modules_list} will be loaded.
+# Note: on "ng_ipacct.sh stop" only "ng_ipacct" will be unloaded.
+ng_ipacct_modules_load="YES"
+
+# Netgraph can load required ng_* modules automatically on the hook creation
+# - except for "ng_ether". Generally, preloading modules is recommended.
+# Do not add to this list modules which are statically compiled into kernel.
+#ng_ipacct_modules_list="netgraph ng_ether ng_cisco ng_socket ng_tee ng_ipacct"
+ng_ipacct_modules_list="netgraph ng_ether ng_ipacct"
+
+# List of monitored interfaces. For each interface additional vars must be
+# specified in corresponding variables 'ng_ipacct_IFACE_*'.
+# See examples below.
+#ng_ipacct_interfaces="xl0 cx0"
+
+# Default start/stop scripts.
+#
+# Single quotes is required to preserve newlines.
+# '%%iface%%' will be automatically expanded with relevant interface.
+# This feature should be applied to reuse indentical rules
+# for similar interfaces.
+ng_ipacct_default_ether_start='
+ mkpeer %%iface%%: tee lower right
+ name %%iface%%:lower %%iface%%_tee
+ connect %%iface%%: lower upper left
+
+ mkpeer %%iface%%_tee: ipacct right2left %%iface%%_in
+ name %%iface%%_tee:right2left %%iface%%_ip_acct
+ connect %%iface%%_tee: %%iface%%_ip_acct: left2right %%iface%%_out
+'
+
+ng_ipacct_default_ether_stop='
+ shutdown %%iface%%_ip_acct:
+ shutdown %%iface%%_tee:
+ shutdown %%iface%%:
+'
+
+# EXAMPLE 1. Ethernet interface
+
+# +-------------------------------+
+# | |
+# (upper) (left2right)-----------(xl0_in)
+# | | | |
+# xl0 +--(left)-xl0_tee-(right) xl0_ip_acct
+# | | | |
+# (lower) | (right2left)-----------(xl0_out)
+# | |
+# +----------+
+#
+# xl0 - ng_ether
+# xl0_tee - ng_tee
+# xl0_ip_acct - ng_ipacct
+
+# Configuration for 'xl0_ip_acct' node:
+
+ng_ipacct_xl0_dlt="EN10MB" # required line; see ipacctctl(8)
+ng_ipacct_xl0_threshold="15000" # '5000' by default
+ng_ipacct_xl0_verbose="yes" # 'yes' by default
+ng_ipacct_xl0_saveuid="yes" # 'no' by default
+ng_ipacct_xl0_savetime="no" # 'no' by default
+ng_ipacct_xl0_start=${ng_ipacct_default_ether_start}
+ng_ipacct_xl0_stop=${ng_ipacct_default_ether_stop}
+
+# EXAMPLE 2. Cronyx Sigma WAN adapter with HDLC encapsulation
+
+# cx0_hdlc-(downstream)----(rawdata)-cx0
+# |
+# (inet) (left2right)--------------------(cx0_in)
+# | | |
+# (left)-cx0_tee-(right)---(inet)-ng0 cx0_ip_acct
+# | |
+# (right2left)--------------------(cx0_out)
+#
+# cx0 - ng_cx
+# cx0_hdlc - ng_cisco
+# cx0_tee - ng_tee
+# cx0_ip_acct - ng_ipacct
+
+# Configuration for 'cx0_ip_acct' node:
+
+ng_ipacct_cx0_dlt="RAW"
+ng_ipacct_cx0_start='
+ mkpeer %%iface%%: cisco rawdata downstream
+ name %%iface%%:rawdata %%iface%%_hdlc
+ mkpeer %%iface%%_hdlc: tee inet left
+ name %%iface%%_hdlc:inet %%iface%%_tee
+ mkpeer %%iface%%_tee: iface right inet
+
+ mkpeer %%iface%%_tee: ipacct right2left %%iface%%_in
+ name %%iface%%_tee:right2left %%iface%%_ip_acct
+ connect %%iface%%_tee: %%iface%%_ip_acct: left2right %%iface%%_out
+'
+ng_ipacct_cx0_stop='
+ shutdown %%iface%%_ip_acct:
+ shutdown %%iface%%_tee:
+ shutdown %%iface%%_hdlc:
+'
diff --git a/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in b/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in
new file mode 100644
index 000000000000..cc41066477fb
--- /dev/null
+++ b/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in
@@ -0,0 +1,160 @@
+#!/bin/sh
+#
+# $FreeBSD$
+#
+
+# PROVIDE: ng_ipacct
+# REQUIRE: LOGIN abi
+# BEFORE: securelevel
+# KEYWORD: shutdown
+
+#
+# Define these ng_ipacct_* variables in one of these files:
+#
+# /etc/rc.conf
+# /etc/rc.conf.local
+# /etc/rc.conf.d/ng_ipacct
+# %%PREFIX%%/etc/ng_ipacct.conf
+#
+# Add the following line to enable `ng_ipacct':
+#
+#ng_ipacct_enable="YES"
+#
+# See %%PREFIX%%/etc/ng_ipacct.conf for futher reference.
+
+. "%%RC_SUBR%%"
+
+name="ng_ipacct"
+rcvar=`set_rcvar`
+
+# for debugging purpose you can append flag "-d" to these cmds
+# or even use dumb stubs.
+ngctl="/usr/sbin/ngctl"
+ngctl_batch="/usr/sbin/ngctl -f-"
+#ngctl_batch="cat"
+ipacctctl="%%PREFIX%%/sbin/ipacctctl"
+#ipacctctl="echo %%PREFIX%%/sbin/ipacctctl"
+sed="/usr/bin/sed"
+
+start_cmd="start_cmd"
+stop_cmd="stop_cmd"
+
+bool2int()
+{
+ eval _value=\$${1}
+ case $_value in
+ # "yes", "true", "on", or "1"
+ [Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
+ eval $1=1
+ ;;
+ # "no", "false", "off", or "0"
+ [Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
+ eval $1=0
+ ;;
+ *)
+ echo "\$${1} is not set properly - see rc.conf(5)."
+ exit 1
+ ;;
+ esac
+}
+
+start_cmd()
+{
+ if checkyesno ng_ipacct_modules_load; then
+ debug "Load kld modules '${ng_ipacct_modules_list}'"
+ local module
+ for module in ${ng_ipacct_modules_list}; do
+ if ! /sbin/kldstat -n ${module} >/dev/null 2>&1; then
+ if ! /sbin/kldload ${module} >/dev/null; then
+ warn "can not load kld module ${module}"
+ fi
+ fi
+ done
+ fi
+
+ local iface
+
+ for iface in ${ng_ipacct_interfaces}; do
+ debug "start ng_ipacct interface ${iface}"
+ local dlt threshold verbose saveuid savetime start_script
+
+ eval dlt=\$ng_ipacct_${iface}_dlt
+ if [ -z "$dlt" ]; then
+ echo " you must define 'ng_ipacct_${iface}_dlt'"
+ exit 1
+ fi
+
+ eval start_script=\$ng_ipacct_${iface}_start
+ if [ -z "$start_script" ]; then
+ echo " you must define 'ng_ipacct_${iface}_start'"
+ exit 1
+ fi
+
+ eval threshold=\${ng_ipacct_${iface}_threshold:-"5000"}
+
+ eval verbose=\${ng_ipacct_${iface}_verbose:-"yes"}
+ bool2int verbose
+
+ eval saveuid=\${ng_ipacct_${iface}_saveuid:-"no"}
+ bool2int saveuid
+
+ eval savetime=\${ng_ipacct_${iface}_savetime:-"no"}
+ bool2int savetime
+
+ ${sed} "s!%%iface%%!${iface}!g" <<-EOF | ${ngctl_batch}
+$start_script
+EOF
+ if ! ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then
+ warn "netgraph node '${iface}_ip_acct' did not created!"
+ else
+ ${ipacctctl} ${iface}_ip_acct:${iface} threshold ${threshold}
+ ${ipacctctl} ${iface}_ip_acct:${iface} verbose ${verbose}
+ ${ipacctctl} ${iface}_ip_acct:${iface} saveuid ${saveuid}
+ ${ipacctctl} ${iface}_ip_acct:${iface} savetime ${savetime}
+ fi
+ done
+}
+
+stop_cmd()
+{
+ local iface
+
+ for iface in ${ng_ipacct_interfaces}; do
+ debug "stop ng_ipacct interface ${iface}"
+
+ local stop_script
+ eval stop_script=\$ng_ipacct_${iface}_stop
+
+ if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then
+ ${sed} "s!%%iface%%!${iface}!g" <<-EOF | ${ngctl_batch}
+$stop_script
+EOF
+ if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then
+ warn "netgraph node '${iface}_ip_acct' did not destroyed!"
+ fi
+ fi
+ done
+
+ if checkyesno ng_ipacct_modules_load; then
+ debug "Unload kld module 'ng_ipacct'"
+ local module
+ for module in ng_ipacct; do
+ if /sbin/kldstat -n ${module} >/dev/null 2>&1; then
+ /sbin/kldunload ${module}
+ fi
+ done
+ fi
+}
+
+# read settings, set default values
+if [ -f %%PREFIX%%/etc/${name}.conf ]; then
+ debug "Sourcing %%PREFIX%%/etc/${name}.conf"
+ . %%PREFIX%%/etc/${name}.conf
+fi
+
+load_rc_config $name
+
+: ${ng_ipacct_enable="NO"}
+: ${ng_ipacct_flags=""}
+
+run_rc_command "$1"
diff --git a/net-mgmt/ng_ipacct/files/pkg-message.in b/net-mgmt/ng_ipacct/files/pkg-message.in
new file mode 100644
index 000000000000..7f0bab834cf8
--- /dev/null
+++ b/net-mgmt/ng_ipacct/files/pkg-message.in
@@ -0,0 +1,13 @@
+
+*******************************************************************************
+* This port contains a prebuilt kernel module. Due to the ever changing *
+* nature of FreeBSD it may be necessary to rebuild the module after a kernel *
+* source update. To do this rebuild and reinstall the port. *
+*******************************************************************************
+
+===> CONFIGURATION NOTE:
+
+ To setup ng_ipacct, you may have to edit %%PREFIX%%/etc/ng_ipacct.conf.
+
+ To run ng_ipacct from startup, add ng_ipacct_enable="YES"
+ in your /etc/rc.conf or activate it in %%PREFIX%%/etc/ng_ipacct.conf.
diff --git a/net-mgmt/ng_ipacct/pkg-descr b/net-mgmt/ng_ipacct/pkg-descr
new file mode 100644
index 000000000000..d56ba59a8851
--- /dev/null
+++ b/net-mgmt/ng_ipacct/pkg-descr
@@ -0,0 +1,19 @@
+The ng_ipacct is Netgraph IP accounting node intended to gather
+IP traffic informations.
+
+IP accounting is collected in both simple and extended modes.
+Output format is similar to the one used in Cisco IOS (command
+"show ip accounting").
+
+In simple mode output format is:
+ ip_from ip_to packets bytes
+
+and in verbose mode:
+ ip_from s_port ip_to d_port proto packets bytes
+
+Also, effective user ID of relevant process and timestamp can be saved.
+
+CPU overhead is minimal because ng_ipacct works at kernel level.
+
+Author: Roman V. Palagin <romanp@unshadow.net>
+FTP: ftp://ftp.wuppy.net.ru/pub/FreeBSD/local/kernel/ng_ipacct/
diff --git a/net-mgmt/ng_ipacct/pkg-plist b/net-mgmt/ng_ipacct/pkg-plist
new file mode 100644
index 000000000000..5e24ce8b1465
--- /dev/null
+++ b/net-mgmt/ng_ipacct/pkg-plist
@@ -0,0 +1,6 @@
+include/netgraph/ng_ipacct.h
+etc/ng_ipacct.conf
+sbin/ipacctctl
+@unexec rmdir %D/include/netgraph 2>/dev/null || true
+@cwd /
+%%KMODDIR%%/ng_ipacct.ko