diff options
author | yar <yar@FreeBSD.org> | 2001-08-11 17:38:05 +0000 |
---|---|---|
committer | yar <yar@FreeBSD.org> | 2001-08-11 17:38:05 +0000 |
commit | e2e6614a3cee57f5ca4ba5f590cb0829810ec41f (patch) | |
tree | c1801228839af0cb31faa3fa1d4947f4e874037d /net/ehnt/files | |
parent | 36e3b0e0e44c6cca7e130967640a01b4614d12fd (diff) | |
download | FreeBSD-ports-e2e6614a3cee57f5ca4ba5f590cb0829810ec41f.zip FreeBSD-ports-e2e6614a3cee57f5ca4ba5f590cb0829810ec41f.tar.gz |
New port: net/ehnt - A simple Cisco NetFlow data collector
This is a lightweight but well-featured tool for collecting
NetFlow version 5 packets from Cisco routers.
The implementation includes a simple UDP-to-TCP converting server,
which may be used to replicate NetFlow data to multiple clients.
WWW: http://ehnt.sourceforge.net/
PR: ports/29459
Submitted by: Dmitry Morozovsky <marck@rinet.ru>
Diffstat (limited to 'net/ehnt/files')
-rw-r--r-- | net/ehnt/files/ehnt.1 | 111 | ||||
-rw-r--r-- | net/ehnt/files/ehntserv.8 | 72 | ||||
-rw-r--r-- | net/ehnt/files/ehntserv.sh.sample | 25 | ||||
-rw-r--r-- | net/ehnt/files/patch-Makefile | 50 | ||||
-rw-r--r-- | net/ehnt/files/patch-config-h | 11 | ||||
-rw-r--r-- | net/ehnt/files/patch-ehnt-lookup | 11 |
6 files changed, 280 insertions, 0 deletions
diff --git a/net/ehnt/files/ehnt.1 b/net/ehnt/files/ehnt.1 new file mode 100644 index 0000000..dfc44d7 --- /dev/null +++ b/net/ehnt/files/ehnt.1 @@ -0,0 +1,111 @@ +.\" Copyright (c) 2000-2001 Nik Weidenbacher nikw@martnet.com +.\" Portions Copyright (c) 2001 Dmitry Morozovsky marck@rinet.ru +.\" +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd Aug 04, 2001 +.Dt EHNT 1 +.\" .Os BSD 4.4 +.Sh NAME +.Nm ehnt +.Nd Extreme Happy Netflow Tool. Client part +.Sh SYNOPSIS +.Nm +.Op Fl 0 Ar ASN +.Op Fl a Ar ASN +.Op Fl b +.Op Fl c Ar count +.Op Fl i Ar mins +.Op Fl m Ar mode +.Op Fl n Ar intidx +.Op Fl p Ar port +.Op Fl P Ar proto +.Op Fl r Ar addr +.Op Fl s Ar server:port +.Op Fl x Ar prefix +.Sh DESCRIPTION +The +.Nm +command starts +.Xr ehnt 1 +client which connects to +.Xr ehntserv 8 +server and converts raw flow of NetFlow version 5 packets into +somewhat human-readable (or machine-readable) form. +.Pp +The options are as follows: +.Bl -tag -width ".Fl n Ar intidx" +.It Fl 0 Ar ASN +Replace AS number 0 occurences with this AS number +.It Fl a Ar ASN +Only display flows to/from this AS number +.It Fl b +Display big flows (only shows flows with the most bytes +or packets received so far) +.It Fl c Ar count +Exit after <count> flows are received +.It Fl i Ar mins +How long to wait between report generations (in minutes) +.It Fl m Ar mode +The name of the mode of operation to use: +.Cm dump +displays flow detail; +.Cm shortdump +shows flow details in a more compact fashion; +.Cm top +generates reports of top average utilization +.It Fl n Ar intidx +Specify the interface by SNMP ifIndex number +.It Fl p Ar port +Only display flows to/from this tcp or udp port number +.It Fl P Ar proto +Only display flows using this IP protocol number +.It Fl r Ar addr +Only display flows reported by this router IP address +.It Fl s Ar server:port +The hostname or IP address and port number of the +.Xr ehntserv 8 +.It Fl x Ar prefix +Only display flows to/from this IP prefix. The format for <prefix> +is 'address/length', for example 1.2.3.4/30 or 127.0.0.0/8. +.El +.Sh FILES +.Bl -tag -width /usr/local/share/ehnt/asnc.txt -compact +.It Pa /usr/local/share/ehnt/asnc.txt +Autonomous Systems Number-to-Name Convertion table +.El +.Sh SEE ALSO +.Xr ehntserv 8 +.Sh AUTHORS +.An Nik Weidenbacher Aq nikw@martnet.com +.An Dmitry Morozovsky Aq marck@rinet.ru + diff --git a/net/ehnt/files/ehntserv.8 b/net/ehnt/files/ehntserv.8 new file mode 100644 index 0000000..d43849e --- /dev/null +++ b/net/ehnt/files/ehntserv.8 @@ -0,0 +1,72 @@ +.\" Copyright (c) 2000-2001 Nik Weidenbacher nikw@martnet.com +.\" Portions Copyright (c) 2001 Dmitry Morozovsky marck@rinet.ru +.\" +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" $Id$ +.\" +.Dd Aug 04, 2001 +.Dt EHNTSERV 8 +.\" .Os BSD 4.4 +.Sh NAME +.Nm ehntserv +.Nd Extreme Happy Netflow Tool. Server part +.Sh SYNOPSIS +.Nm +.Op Fl u Ar udp-port +.Op Fl t Ar tcp-port +.Op Fl m Ar maxdata +.Op Fl d +.Sh DESCRIPTION +The +.Nm +command starts +.Xr ehnt 1 +server (udp to tcp translator) which listens to NetFlow version 5 +packets from Routers and translates them into TCP stream for +.Xr ehnt 1 +clients. +.Pp +The options are as follows: +.Bl -tag -width ".Fl u Ar udp-port" +.It Fl d +Debug. Don't become a daemon, displays all messages on stdout, +displays lots of extra information +.It Fl t Ar tcp-port +Listen on given TCP port (client connections) instead of the default 4444. +.It Fl u Ar udp-port +Listen on given UDP port (NetFlow packets from routers) instead of the default 4444. +.El +.Sh SEE ALSO +.Xr ehnt 1 +.Sh AUTHORS +.An Nik Weidenbacher Aq nikw@martnet.com +.An Dmitry Morozovsky Aq marck@rinet.ru + diff --git a/net/ehnt/files/ehntserv.sh.sample b/net/ehnt/files/ehntserv.sh.sample new file mode 100644 index 0000000..a9db95e --- /dev/null +++ b/net/ehnt/files/ehntserv.sh.sample @@ -0,0 +1,25 @@ +#!/bin/sh + +if ! PREFIX=$(expr $0 : "\(/.*\)/etc/rc\.d/$(basename $0)\$"); then + echo "$0: Cannot determine the PREFIX" >&2 + exit 1 +fi + +case "$1" in +start) + if [ -x ${PREFIX}/sbin/ehntserv ]; then + echo -n ' ehntserv' + ${PREFIX}/sbin/ehntserv + fi + ;; +stop) + echo -n ' ehntserv' + killall ehntserv + ;; +*) + echo "Usage: `basename $0` {start|stop}" >&2 + exit 2 + ;; +esac + +exit 0 diff --git a/net/ehnt/files/patch-Makefile b/net/ehnt/files/patch-Makefile new file mode 100644 index 0000000..fd1bdfd --- /dev/null +++ b/net/ehnt/files/patch-Makefile @@ -0,0 +1,50 @@ +--- Makefile.orig Thu Aug 9 12:55:44 2001 ++++ Makefile Thu Aug 9 13:04:50 2001 +@@ -1,19 +1,12 @@ +-PLATFORM = LINUX ++#PLATFORM = LINUX + #PLATFORM = SOLARIS +-#PLATFORM = FreeBSD +-CC = gcc ++PLATFORM = FreeBSD ++#CC = gcc + #DEBUG = yes + #CFLAGS = -g + #CFLAGS = -O6 + LIBS = -lm +- +-ifeq ($(PLATFORM),SOLARIS) +- LIBS += -lsocket -lnsl -lresolv +-endif +- +-ifeq ($(DEBUG),yes) +- CFLAGS += -g +-endif ++CFLAGS+= -DASNCDIR=\"${PREFIX}/share/ehnt\" + + + all: ehntserv ehnt asnc.txt +@@ -37,11 +30,6 @@ + + ehnt : ehnt_client.o ehnt_lookup.o ehnt_display.o ehnt_processflow.o ehnt_main.o + $(CC) -o ehnt ehnt_client.o ehnt_lookup.o ehnt_display.o ehnt_processflow.o ehnt_main.o $(LIBS) $(CFLAGS) +-ifeq ($(DEBUG),yes) +- @echo Debug mode - ehnt not stripped +-else +- strip ehnt +-endif + + + ehntserv.o : ehntserv.c ehnt.h netflowv5.h config.h +@@ -49,11 +37,6 @@ + + ehntserv : ehntserv.o + $(CC) $(CFLAGS) -o ehntserv ehntserv.o $(LIBS) $(CFLAGS) +-ifeq ($(DEBUG),yes) +- @echo Debug mode - ehnt not stripped +-else +- strip ehntserv +-endif + + asnc.txt : + perl ./ProcessASN.pl diff --git a/net/ehnt/files/patch-config-h b/net/ehnt/files/patch-config-h new file mode 100644 index 0000000..28d97560 --- /dev/null +++ b/net/ehnt/files/patch-config-h @@ -0,0 +1,11 @@ +--- config.h.orig Wed Jul 18 00:47:37 2001 ++++ config.h Fri Aug 3 19:57:51 2001 +@@ -27,3 +27,8 @@ + #define DEFAULT_UDP_PORT 4444 + /* The default mode of the client. Can be either EM_REPORT or EM_DUMP.*/ + #define EM_DEFAULT EM_REPORT ++ ++#ifndef ASNCDIR ++#define ASNCDIR "." ++#endif ++ diff --git a/net/ehnt/files/patch-ehnt-lookup b/net/ehnt/files/patch-ehnt-lookup new file mode 100644 index 0000000..d6f6d65 --- /dev/null +++ b/net/ehnt/files/patch-ehnt-lookup @@ -0,0 +1,11 @@ +--- ehnt_lookup.c.orig Wed Jul 18 00:47:37 2001 ++++ ehnt_lookup.c Fri Aug 3 19:54:34 2001 +@@ -36,7 +36,7 @@ + + memset(ASNs,0,sizeof(ASNs)); + +- if ( ! (f=fopen ("asnc.txt","r")) ) { ++ if ( ! (f=fopen (ASNCDIR "/asnc.txt","r")) ) { + perror("fopen"); + } else { + for ( ; ; ) { |