diff options
| author | skv <skv@FreeBSD.org> | 2005-04-03 00:34:45 +0800 |
|---|---|---|
| committer | skv <skv@FreeBSD.org> | 2005-04-03 00:34:45 +0800 |
| commit | f588931de8c5a23cc0e03f15db4e54291696131e (patch) | |
| tree | a9ade0f6d5ce170f2be960a4a8caf61c895ebc36 /net-mgmt | |
| parent | 7d8ef312a844a504896408101cd9869ea1482048 (diff) | |
| download | freebsd-ports-gnome-f588931de8c5a23cc0e03f15db4e54291696131e.tar.gz freebsd-ports-gnome-f588931de8c5a23cc0e03f15db4e54291696131e.tar.zst freebsd-ports-gnome-f588931de8c5a23cc0e03f15db4e54291696131e.zip | |
* fix "missed DLT initialization" issue
* add "ng_ipacct_%%iface%%_checkpoint_script" feature
(and target "checkpoint" for rc.d/ng_ipacct.sh)
* add example "PPTP (via mpd), divert traffic to ng_ksocket"
Diffstat (limited to 'net-mgmt')
| -rw-r--r-- | net-mgmt/ng_ipacct/Makefile | 1 | ||||
| -rw-r--r-- | net-mgmt/ng_ipacct/files/ng_ipacct.conf | 45 | ||||
| -rw-r--r-- | net-mgmt/ng_ipacct/files/ng_ipacct.sh.in | 26 |
3 files changed, 71 insertions, 1 deletions
diff --git a/net-mgmt/ng_ipacct/Makefile b/net-mgmt/ng_ipacct/Makefile index b6d22935349e..f05a9975f48a 100644 --- a/net-mgmt/ng_ipacct/Makefile +++ b/net-mgmt/ng_ipacct/Makefile @@ -7,6 +7,7 @@ PORTNAME= ng_ipacct PORTVERSION= 20050228 +PORTREVISION= 1 CATEGORIES= net-mgmt MASTER_SITES= ftp://ftp.wuppy.net.ru/pub/FreeBSD/local/kernel/ng_ipacct/ diff --git a/net-mgmt/ng_ipacct/files/ng_ipacct.conf b/net-mgmt/ng_ipacct/files/ng_ipacct.conf index 819f1c6f06a8..3cde3a2034f3 100644 --- a/net-mgmt/ng_ipacct/files/ng_ipacct.conf +++ b/net-mgmt/ng_ipacct/files/ng_ipacct.conf @@ -20,7 +20,7 @@ ng_ipacct_modules_list="netgraph ng_ether ng_ipacct" # List of monitored interfaces. For each interface additional vars must be # specified in corresponding variables 'ng_ipacct_IFACE_*'. # See examples below. -#ng_ipacct_interfaces="xl0 cx0" +#ng_ipacct_interfaces="xl0 cx0 vpn0" # Default start/stop scripts. # @@ -69,6 +69,9 @@ ng_ipacct_xl0_saveuid="yes" # 'no' by default ng_ipacct_xl0_savetime="no" # 'no' by default ng_ipacct_xl0_start=${ng_ipacct_default_ether_start} ng_ipacct_xl0_stop=${ng_ipacct_default_ether_stop} +ng_ipacct_xl0_checkpoint_script="path/to/your/script --checkpoint-and-save xl0" + # this script is called on stop (to save accumulated + # data) or via "rc.d/ng_ipacct.sh checkpoint" # EXAMPLE 2. Cronyx Sigma WAN adapter with HDLC encapsulation @@ -104,3 +107,43 @@ ng_ipacct_cx0_stop=' shutdown %%iface%%_tee: shutdown %%iface%%_hdlc: ' + +# EXAMPLE 3. PPTP (via mpd), divert traffic to ng_ksocket + +# ipfw add divert 4001 ip from any to any via ng0 in +# ipfw add divert 4002 ip from any to any via ng0 out + +# USER-LEVEL | KERNEL-LEVEL +# | +# div4 *.4001 ------> | ----> ks_vpn0_in +# | | +# | (inet/raw/divert)------(vpn0_in) +# | | +# | vpn0_ip_acct +# | | +# | (inet/raw/divert)------(vpn0_out) +# | | +# div4 *.4002 ------> | ----> ks_vpn0_out +# +# ks_vpn0_in - ng_ksocket +# ks_vpn0_out - ng_ksocket +# vpn0_ip_acct - ng_ipacct + +ng_ipacct_vpn0_dlt="RAW" +ng_ipacct_vpn0_start=' + mkpeer ipacct dummy dummy + name .:dummy %%iface%%_ip_acct + + mkpeer %%iface%%_ip_acct: ksocket %%iface%%_in inet/raw/divert + name %%iface%%_ip_acct:%%iface%%_in ks_%%iface%%_in + msg ks_%%iface%%_in: bind inet/0.0.0.0:4001 + + mkpeer %%iface%%_ip_acct: ksocket %%iface%%_out inet/raw/divert + name %%iface%%_ip_acct:%%iface%%_out ks_%%iface%%_out + msg ks_%%iface%%_out: bind inet/0.0.0.0:4002 + + rmhook .:dummy +' +ng_ipacct_vpn0_stop=' + shutdown %%iface%%_ip_acct: +' diff --git a/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in b/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in index cc41066477fb..8ef364535eaa 100644 --- a/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in +++ b/net-mgmt/ng_ipacct/files/ng_ipacct.sh.in @@ -36,8 +36,10 @@ ipacctctl="%%PREFIX%%/sbin/ipacctctl" #ipacctctl="echo %%PREFIX%%/sbin/ipacctctl" sed="/usr/bin/sed" +extra_commands="checkpoint" start_cmd="start_cmd" stop_cmd="stop_cmd" +checkpoint_cmd="checkpoint_cmd" bool2int() { @@ -107,6 +109,7 @@ EOF if ! ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then warn "netgraph node '${iface}_ip_acct' did not created!" else + ${ipacctctl} ${iface}_ip_acct:${iface} dlt ${dlt} ${ipacctctl} ${iface}_ip_acct:${iface} threshold ${threshold} ${ipacctctl} ${iface}_ip_acct:${iface} verbose ${verbose} ${ipacctctl} ${iface}_ip_acct:${iface} saveuid ${saveuid} @@ -115,6 +118,22 @@ EOF done } +checkpoint_cmd() +{ + local iface + + for iface in ${ng_ipacct_interfaces}; do + debug "checlpoint ng_ipacct interface ${iface}" + eval checkpoint_script=\$ng_ipacct_${iface}_checkpoint_script + + if [ -n "${checkpoint_script}" ]; then + (set -T + trap 'exit 1' 2 + ${checkpoint_script}) + fi + done +} + stop_cmd() { local iface @@ -124,11 +143,18 @@ stop_cmd() local stop_script eval stop_script=\$ng_ipacct_${iface}_stop + eval checkpoint_script=\$ng_ipacct_${iface}_checkpoint_script if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then ${sed} "s!%%iface%%!${iface}!g" <<-EOF | ${ngctl_batch} $stop_script EOF + if [ -n "${checkpoint_script}" ]; then + (set -T + trap 'exit 1' 2 + ${checkpoint_script}) + fi + if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then warn "netgraph node '${iface}_ip_acct' did not destroyed!" fi |