1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-11 02:50:24 +00:00

* add new example to ng_ipacct.conf [1]

* skip NO_PACKAGE if PACKAGE_BUILDING is defined [1]
* minor clean

PR:		ports/105597
Submitted by:	Eugene Grosbein <eugen xx kuzbass.ru>
This commit is contained in:
Sergey Skvortsov 2008-06-02 16:27:40 +00:00
parent 0513d9f43b
commit db26f4a06d
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=214189
2 changed files with 79 additions and 8 deletions

View File

@ -14,14 +14,17 @@ MASTER_SITES= ${MASTER_SITE_LOCAL:S!$!skv/!} \
MAINTAINER= skv@FreeBSD.org
COMMENT= Netgraph IP accounting
.ifndef PACKAGE_BUILDING
NO_PACKAGE= "Depends on kernel"
.endif
OPTIONS= MEM_ZONE "Use UMA zone allocator (>= 5.x only)" on
PLIST_SUB+= KMODDIR=${KMODDIR}
KMODDIR= /boot/modules
PLIST_SUB+= KMODDIR=${KMODDIR:S!^/!!}
WRKSRC= ${WRKDIR}/${PORTNAME}
MAKE_ENV= BINDIR="${PREFIX}/sbin"
MAKE_ENV= BINDIR="${PREFIX}/sbin" KMODDIR=${KMODDIR}
MAN8= ipacctctl.8
MANLANG= ru.KOI8-R

View File

@ -12,7 +12,7 @@
ng_ipacct_modules_load="YES"
# Netgraph can load required ng_* modules automatically on the hook creation
# - except for "ng_ether". Generally, preloading modules is recommended.
# - except for "ng_ether". Generally, modules preloading is recommended.
# Do not add to this list modules which are statically compiled into kernel.
#ng_ipacct_modules_list="netgraph ng_ether ng_cisco ng_socket ng_tee ng_ipacct"
ng_ipacct_modules_list="netgraph ng_ether ng_ipacct"
@ -24,9 +24,9 @@ ng_ipacct_modules_list="netgraph ng_ether ng_ipacct"
# Default start/stop scripts.
#
# Single quotes is required to preserve newlines.
# '%%iface%%' will be automatically expanded with relevant interface.
# This feature should be applied to reuse indentical rules
# Single quotes are required to preserve newlines.
# '%%iface%%' will be automatically expanded with a relevant interface.
# This feature should be applied to use indentical rules
# for similar interfaces.
ng_ipacct_default_ether_start='
mkpeer %%iface%%: tee lower right
@ -91,7 +91,7 @@ ng_ipacct_xl0_savetime="no" # 'no' by default
ng_ipacct_xl0_start=${ng_ipacct_default_ether_start}
ng_ipacct_xl0_stop=${ng_ipacct_default_ether_stop}
ng_ipacct_xl0_checkpoint_script="path/to/your/script --checkpoint-and-save xl0"
# this script is called on stop (to save accumulated
# this script is called on "stop" (to save accumulated
# data) or via "rc.d/ng_ipacct.sh checkpoint"
# EXAMPLE 2. Cronyx Sigma WAN adapter with HDLC encapsulation
@ -196,8 +196,76 @@ ng_ipacct_xl0_savetime="no" # 'no' by default
ng_ipacct_xl0_start=${ng_ipacct_bpf_ether_start}
ng_ipacct_xl0_stop=${ng_ipacct_bpf_ether_stop}
ng_ipacct_xl0_checkpoint_script="path/to/your/script --checkpoint-and-save xl0"
# this script is called on stop (to save accumulated
# this script is called on "stop" (to save accumulated
# data) or via "rc.d/ng_ipacct.sh checkpoint"
ng_ipacct_xl0_afterstart_script="path/to/your/script --load-bpf-filters xl0"
# this script is called just after initialization
# of nodes to load filters into xl0_bpf
# EXAMPLE 5. Really _divert_ traffic to ng_ksocket
# ipfw add divert 4001 ip from any to any via em0 in
# ipfw add divert 4002 ip from any to any via em0 out
# USER-LEVEL | KERNEL-LEVEL
# |
# div4 *.4001 ->|-> ipfw_ks_in in-(ipfw_echo_in)
# | | |
# | (inet/raw/divert)---(left)-(ipfw_tee_in)-right
# | |
# | left2right---(ipfw_in)
# | |
# | ipfw_ip_acct
# | |
# | left2right---(ipfw_out)
# | |
# | (inet/raw/divert)---(left)-(ipfw_tee_out)-right
# | | |
# div4 *.4002 ->|-> ipfw_ks_out out-(ipfw_echo_out)
#
# ipfw_ks_in - ng_ksocket
# ipfw_ks_out - ng_ksocket
# ipfw_tee_in - ng_tee
# ipfw_tee_out - ng_tee
# ipfw_ip_acct - ng_ipacct
# ipfw_echo_in - ng_echo
# ipfw_echo_out - ng_echo
ng_ipacct_ks_start='
mkpeer ipacct dummy dummy
name .:dummy %%iface%%_ip_acct
mkpeer %%iface%%_ip_acct: tee %%iface%%_in left2right
name %%iface%%_ip_acct:%%iface%%_in %%iface%%_tee_in
mkpeer %%iface%%_ip_acct: tee %%iface%%_out left2right
name %%iface%%_ip_acct:%%iface%%_out %%iface%%_tee_out
mkpeer %%iface%%_tee_in: echo right in
name %%iface%%_tee_in:right %%iface%%_echo_in
mkpeer %%iface%%_tee_out: echo right out
name %%iface%%_tee_out:right %%iface%%_echo_out
mkpeer %%iface%%_tee_in: ksocket left inet/raw/divert
name %%iface%%_tee_in:left %%iface%%_ks_in
msg %%iface%%_ks_in: bind inet/0.0.0.0:4001
mkpeer %%iface%%_tee_out: ksocket left inet/raw/divert
name %%iface%%_tee_out:left %%iface%%_ks_out
msg %%iface%%_ks_out: bind inet/0.0.0.0:4002
rmhook .:dummy
'
ng_ipacct_ks_stop='
shutdown %%iface%%_ks_in:
shutdown %%iface%%_ks_out:
shutdown %%iface%%_tee_in:
shutdown %%iface%%_tee_out:
'
ng_ipacct_ks_dlt="RAW" # required line; see ipacctctl(8)
ng_ipacct_ks_threshold="15000" # '5000' by default
ng_ipacct_ks_verbose="yes" # 'yes' by default
ng_ipacct_ks_saveuid="yes" # 'no' by default
ng_ipacct_ks_savetime="no" # 'no' by default
ng_ipacct_ks_checkpoint_script="path/to/your/script --checkpoint-and-save ks"
# this script is called on stop (to save accumulated
# data) or via "rc.d/ng_ipacct.sh checkpoint"