1) Проблема: Не могу настроить автозапуск деманов flow tools (flow-capture и softflowd).
2) Исходные данне:
- freebsd использую меньше недели. До этого работал в дебиан. Хочу перейти на freebsd, система весьма симпатична.
- хост находица на вм машине. Является тестовой площаткой для разработки шлюза
- установил следующее: freebsd 8.2 + mpd5 (впн сервер) + ipf + ipnat - связка замечательно работает.
3) Решаемая задача: на внешнем интерфейсе (em0) собирать статистику по трафику.
И так. Решил ставить flow tools + iptraf. Реализация сенсора и хранилища flow tools на одном хосте.
Поставил из портов flow-capture и softflowd. Юзал ресурсы : http://xgu.ru/wiki/NetFlow http://subnets.ru/blog/?p=1632 http://vova-zms.blogspot.com/2009_04_01_archive.html .
Связка flow-capture и softflowd у меня замечательно стартует из командной строки с толкача так сказать в ручную путем:
router# /usr/local/bin/flow-capture -p /var/run/flow-capture.pid -n 287 -N 0 -w /var/netflow/ -S 5 0/0/8787
softflowd -i em0 -n 127.0.0.1:8787
начинает логии класть куда надо. Все замечательно. Проверял.
Но я столкнулся с проблемой когда логично захотел чтобы у меня стартовали деманы. В силу своих познаний и наития отконфигурировал /etc/rc.conf , но счастья нет.
В мануалах, которыми я пользовался, в одних написано что нужно какой то скрипт запуска редактировать, в других ничего не пишется толком. Инфа неоднозначная и еще не понят для каких версий ПО и ОС.
Прошу помочь настроить автозапуск деманов flow-capture и softflowd.
Ниже привожу конфиг(/etc/rc.conf ег оуже по всякому перевертел, всеравно не стартует автоматом) и скрипты(руками не трогал).
/etc/rc.conf
Код: Выделить всё
# -- sysinstall generated deltas -- # Mon Jun 6 16:34:29 2011
# Created: Mon Jun 6 16:34:29 2011
# Enable network daemons for user convenience.
# Please make all changes to this file, not to /etc/defaults/rc.conf.
# This file now contains just the overrides from /etc/defaults/rc.conf.
defaultrouter="172.21.2.101"
gateway_enable="YES"
hostname="router"
ifconfig_em0="inet 172.21.2.2 netmask 255.255.255.0"
ifconfig_em1="inet 192.168.33.2 netmask 255.255.0.0"
#static_routes="net1"
#route_net1="-net 192.168.33.0 172.21.2.101"
#firewall_enable="YES"
#firewall_type="OPEN"
#tcp_drop_synfin="YES"
keymap="ru.koi8-r"
sshd_enable="YES"
mpd_enable="YES"
# -- IPF http://www.linuxcenter.ru/lib/articles/networking/freebsd_gateway.phtml
ipfilter_enable="YES" # Start ipf firewall
ipfilter_rules="/etc/ipf.rules" # loads rules definition text file
ipmon_enable="YES" # Start IP monitor log
ipmon_flags="-Ds" # D = start as daemon
# s = log to syslog
# v = log tcp window, ack, seq
# n = map IP & port to names
ipnat_enable="YES" # Start ipnat function
ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat
flowcapture_enable="YES"
flowcapture_port="8787"
#flowcapture_remoteip="127.0.0.1"
flowcapture_datadir="/var/netflow"
#flow_capture_localip="127.0.0.1"
#flow_capture_pid="/var/run/flow-capture/flow-capture.pid"
flowcapture_flags="-n 287 -N 0 -w -S 5"
softflowd_enable="YES"
softflowd_interfaces="em0"
softflowd_netflow_host="127.0.0.1"
softflowd_netflow_port="8787"
Код: Выделить всё
#!/bin/sh
#
# $FreeBSD: ports/net-mgmt/flow-tools/files/flow_capture.in,v 1.3 2006/12/19 22:44:25 stas Exp $
#
# PROVIDE: flow_capture
# REQUIRE: LOGIN
# KEYWORD: shutdown
#
# Add the following line to /etc/rc.conf to enable flow-capture:
# flow_capture_enable (bool): Set it to "YES" to enable flow-capture daemon.
# Set to "NO" by default.
# flow_capture_datadir (str): Base flow data directory.
# Default is "/var/db/flows"
# flow_capture_localip (str): IP address to bind to
# Default to "0.0.0.0"
# flow_capture_remoteip (str): IP address to accept flows from
# Default to "0.0.0.0" or all IPs
# flow_capture_port (int): Port to accept flow data on
# Default is "8787"
# flow_capture_flags (str): Custom additional arguments to be passed
# to flow-collector (default "-E 128M").
# flow_capture_profiles (str): A list of configuration profiles to enable.
# This allows you to run several instances of
# flow-capture with different parameters.
# Consider the following example:
# flow_capture_enable="YES"
# flow_capture_localip="85.172.168.9"
# flow_capture_profiles="r1 r2"
# flow_capture_r1_datadir="/var/db/flows/r1"
# flow_capture_r1_port="4444"
# flow_capture_r1_flags="-E20G -n287 -N-2"
# flow_capture_r2_datadir="/var/db/flows/r2"
# flow_capture_r2_port="4445"
# flow_capture_r2_flags="-E5G -n287 -N-2"
#
# This will run two instances of the flow-capture
# with parameters taken from appropriate
# flow_capture_PROFILENAME_xxx variables. For
# unspecified parameters flow_capture_xxx
# varialbes will be used.
. /etc/rc.subr
name="flow_capture"
rcvar=`set_rcvar`
setup_profile_vars()
{
name=flow_capture_$1
eval ": \${flow_capture_${1}_datadir=${flow_capture_datadir}}"
eval ": \${flow_capture_${1}_localip=${flow_capture_localip}}"
eval ": \${flow_capture_${1}_remoteip=${flow_capture_remoteip}}"
eval ": \${flow_capture_${1}_port=${flow_capture_port}}"
eval ": \${flow_capture_${1}_user=${flow_capture_user}}"
eval ": \${flow_capture_${1}_group=${flow_capture_group}}"
eval ": \${flow_capture_${1}_flags=${flow_capture_flags}}"
eval "pidfile=${flow_capture_pid}.\${flow_capture_${1}_port}"
eval "command_args=\"-w \${flow_capture_${1}_datadir} -p ${flow_capture_pid} \${flow_capture_${1}_localip}/\${flow_capture_${1}_remoteip}/\${flow_capture_${1}_port}\""
}
start_profiles()
{
unset start_cmd
for _profile in ${flow_capture_profiles}; do
setup_profile_vars $_profile
run_rc_command "${rc_arg}"
done
}
stop_profiles()
{
unset stop_cmd
for _profile in ${flow_capture_profiles}; do
setup_profile_vars $_profile
run_rc_command "${rc_arg}"
done
}
load_rc_config $name
: ${flow_capture_enable="NO"}
: ${flow_capture_datadir="/var/db/flows"}
: ${flow_capture_localip="0.0.0.0"}
: ${flow_capture_remoteip="0.0.0.0"}
: ${flow_capture_port="8787"}
: ${flow_capture_pid="/var/run/flow-capture/flow-capture.pid"}
: ${flow_capture_user="flowtools"}
: ${flow_capture_group="flowtools"}
: ${flow_capture_flags="-E 128M"}
pidfile="${flow_capture_pid}.${flow_capture_port}"
command="/usr/local/bin/flow-capture"
command_args="-w ${flow_capture_datadir} -p ${flow_capture_pid} ${flow_capture_localip}/${flow_capture_remoteip}/${flow_capture_port}"
cmd="$1"
if [ $# -gt 0 ]; then
shift
fi
[ -n "$*" ] && flow_capture_profiles="$*"
if [ "${flow_capture_profiles}" ]; then
start_cmd="start_profiles"
stop_cmd="stop_profiles"
fi
run_rc_command "$cmd"
Код: Выделить всё
#!/bin/sh
# $FreeBSD: ports/net-mgmt/softflowd/files/softflowd.in,v 1.3 2011/05/15 02:49:12 dougb Exp $
# (c) 2010 Tom Judge
# PROVIDE: softflowd
# REQUIRE: LOGIN
# KEYWORD: shutdown
# softflowd_enable="YES"
# softflowd_interfaces="em0 em1"
# softflowd_em0_collector="collector:1234"
# softflowd_em1_collector="collector:1235"
# softflowd_em0_timeouts="-t maxlife=300"
# softflowd_em1_timeouts="-t maxlife=600"
# softflowd_em0_max_states="16000"
# softflowd_em1_max_states="17000"
# softflowd_em0_extra_args
# softflowd_em1_extra_args
. /etc/rc.subr
name=softflowd
rcvar=`set_rcvar`
start_precmd="softflowd_precommand $@"
stop_precmd="softflowd_precommand $@"
status_precmd="softflowd_precommand $@"
poll_precmd="softflowd_precommand $@"
rcvar_precmd="softflowd_precommand $@"
stop_cmd="softflowd_stop"
command="/usr/local/sbin/softflowd"
_pidprefix="/var/run/softflowd"
if [ -n $2 ]; then
pidfile="${_pidprefix}.${2}.pid"
fi
load_rc_config $name
softflowd_enable=${softflowd_enable:-"NO"}
softflowd_timeouts="-t maxlife=300"
softflowd_max_states="16000"
softflowd_precommand ()
{
if [ -n "$2" ]; then
profile="$2"
ctlfile="${_pidprefix}.${profile}.ctl"
eval apache22_flags="\${apache22_${profile}_flags:-${apache22_flags}}"
eval softflowd_collector="\${softflowd_${profile}_collector}"
if [ "x${softflowd_collector}" = "x" ]; then
echo "ERROR: You must specify a collector to send data to."
exit 1
fi
eval softflowd_timeouts="\${softflowd_${profile}_timeouts:-${softflowd_timeouts}}"
eval softflowd_max_states="\${softflowd_${profile}_max_states:-${softflowd_max_states}}"
eval softflowd_extra_args="\${softflowd_${profile}_extra_args:-${softflowd_extra_args}}"
command_args="-i ${profile} -n ${softflowd_collector} -m ${softflowd_max_states} -p ${pidfile} -c ${ctlfile} ${softflowd_timeouts} ${softflowd_extra_args}"
else
if [ "x${softflowd_interfaces}" != "x" ]; then
for profile in ${softflowd_interfaces}; do
echo "===> softflowd profile: ${profile}"
/usr/local/etc/rc.d/softflowd $1 ${profile}
retcode="$?"
if [ "0${retcode}" -ne 0 ]; then
failed="${profile} (${retcode}) ${failed:-}"
else
success="${profile} ${success:-}"
fi
done
fi
exit 0
fi
}
softflowd_stop()
{
/usr/local/sbin/softflowctl -c ${ctlfile} shutdown
}
run_rc_command "$1"
Код: Выделить всё
Jun 17 17:42:30 router kernel: IP gateway=YES
Jun 17 17:42:30 router kernel: .
Jun 17 17:42:30 router kernel: Starting devd.
Jun 17 17:42:30 router kernel: filter sync'd
Jun 17 17:42:30 router kernel: ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib
Jun 17 17:42:30 router kernel: a.out ldconfig path: /usr/lib/aout /usr/lib/compat/aout
Jun 17 17:42:30 router kernel: Starting ipmon.
Jun 17 17:42:30 router kernel: Creating and/or trimming log files
Jun 17 17:42:30 router kernel: .
Jun 17 17:42:30 router kernel: Starting syslogd.
Jun 17 17:42:31 router kernel: Clearing /tmp (X related).
Jun 17 17:42:31 router kernel: Starting mpd5.
Jun 17 17:42:31 router mpd: Multi-link PPP daemon for FreeBSD
Jun 17 17:42:31 router kernel: Updating motd:
Jun 17 17:42:31 router mpd:
Jun 17 17:42:31 router mpd: process 879 started, version 5.5 (root@router 15:51 9-Jun-2011)
Jun 17 17:42:31 router mpd: CONSOLE: listening on 127.0.0.1 5005
Jun 17 17:42:31 router kernel: WARNING: attempt to domain_add(netgraph) after domainfinalize()
Jun 17 17:42:31 router kernel: .
Jun 17 17:42:31 router kernel: ===> softflowd profile: em0
Jun 17 17:42:31 router mpd: web: listening on 192.168.33.2 5006
Jun 17 17:42:31 router mpd: PPTP: waiting for connection on 192.168.33.2 1723
Jun 17 17:42:31 router kernel: ERROR: You must specify a collector to send data to.
Jun 17 17:42:31 router kernel: Starting flow_capture.
Jun 17 17:42:31 router root: /etc/rc: WARNING: failed to start flow_capture
Jun 17 17:42:31 router kernel: flow-capture: Specify localip/remoteip/port.
Jun 17 17:42:31 router kernel: /etc/rc: WARNING: failed to start flow_capture
Jun 17 17:42:31 router kernel: Configuring syscons:
Jun 17 17:42:31 router kernel: keymap
Jun 17 17:42:32 router kernel: blanktime
Jun 17 17:42:32 router kernel: .
Jun 17 17:42:32 router kernel: Starting sshd.