#!/bin/sh # PROVIDE: flow_capture # REQUIRE: LOGIN # KEYWORD: shutdown # # Add the following line to /etc/rc.conf to enable flow-capture: # flow_capture_enable (bool): Set it to "YES" to enable flow-capture daemon. # Set to "NO" by default. # flow_capture_datadir (str): Base flow data directory. # Default is "/var/db/flows" # flow_capture_localip (str): IP address to bind to # Default is "0.0.0.0" # flow_capture_remoteip (str): IP address to accept flows from # Default is "0.0.0.0" or all IPs # flow_capture_port (int): Port to accept flow data on # Default is "8787" # flow_capture_flags (str): Custom additional arguments to be passed # to flow-collector (default "-E 128M"). # flow_capture_profiles (str): A list of configuration profiles to enable. # This allows you to run several instances of # flow-capture with different parameters. # Consider the following example: # flow_capture_enable="YES" # flow_capture_localip="85.172.168.9" # flow_capture_profiles="r1 r2" # flow_capture_r1_datadir="/var/db/flows/r1" # flow_capture_r1_port="4444" # flow_capture_r1_flags="-E20G -n287 -N-2" # flow_capture_r2_datadir="/var/db/flows/r2" # flow_capture_r2_port="4445" # flow_capture_r2_flags="-E5G -n287 -N-2" # # This will run two instances of the flow-capture # with parameters taken from appropriate # flow_capture_PROFILENAME_xxx variables. For # unspecified parameters flow_capture_xxx # variables will be used. . /etc/rc.subr name="flow_capture" rcvar=flow_capture_enable setup_profile_vars() { name=flow_capture_$1 eval ": \${flow_capture_${1}_datadir=${flow_capture_datadir}}" eval ": \${flow_capture_${1}_localip=${flow_capture_localip}}" eval ": \${flow_capture_${1}_remoteip=${flow_capture_remoteip}}" eval ": \${flow_capture_${1}_port=${flow_capture_port}}" eval ": \${flow_capture_${1}_user=${flow_capture_user}}" eval ": \${flow_capture_${1}_group=${flow_capture_group}}" eval ": \${flow_capture_${1}_flags=${flow_capture_flags}}" eval "pidfile=${flow_capture_pid}.\${flow_capture_${1}_port}" eval "command_args=\"-w \${flow_capture_${1}_datadir} -p ${flow_capture_pid} \${flow_capture_${1}_localip}/\${flow_capture_${1}_remoteip}/\${flow_capture_${1}_port}\"" } start_profiles() { unset start_cmd for _profile in ${flow_capture_profiles}; do setup_profile_vars $_profile run_rc_command "${rc_arg}" done } stop_profiles() { unset stop_cmd for _profile in ${flow_capture_profiles}; do setup_profile_vars $_profile run_rc_command "${rc_arg}" done } status_profiles() { unset status_cmd for _profile in ${flow_capture_profiles}; do setup_profile_vars $_profile run_rc_command "${rc_arg}" done } load_rc_config $name : ${flow_capture_enable="NO"} : ${flow_capture_datadir="%%FLOW_CAPTURE_SPOOL%%"} : ${flow_capture_localip="0.0.0.0"} : ${flow_capture_remoteip="0.0.0.0"} : ${flow_capture_port="8787"} : ${flow_capture_pid="%%FLOW_CAPTURE_PIDDIR%%/flow-capture.pid"} : ${flow_capture_user="flowtools"} : ${flow_capture_group="flowtools"} : ${flow_capture_flags="-E 128M"} pidfile="${flow_capture_pid}.${flow_capture_port}" command="%%PREFIX%%/bin/flow-capture" command_args="-w ${flow_capture_datadir} -p ${flow_capture_pid} ${flow_capture_localip}/${flow_capture_remoteip}/${flow_capture_port}" cmd="$1" if [ $# -gt 0 ]; then shift fi [ -n "$*" ] && flow_capture_profiles="$*" if [ "${flow_capture_profiles}" ]; then start_cmd="start_profiles" stop_cmd="stop_profiles" status_cmd="status_profiles" fi run_rc_command "$cmd"