[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netflow collector on OpenBSD

To: ports_(_at_)_openbsd_(_dot_)_org
Subject: Re: Netflow collector on OpenBSD
From: Damien Miller <djm_(_at_)_mindrot_(_dot_)_org>
Date: Mon, 16 May 2005 16:42:59 +1000

Jason Dixon wrote:

I'm looking for a Netflow collector on OpenBSD that can dump to database. I would prefer to use djm's flowd, but it doesn't support database output. I've tried having it log to fifo for reading in with a Perl script, but it dies trying to perform a seek on startup:


This is probably best taken to the flowd mailing list[1], but interested
users can try the attached patch.

-d

[1] http://www.mindrot.org/mailman/listinfo/netflow-tools

? build
? buildit.sh
? filter.day
? flowd.conf.test
? flowd.log
? flowd.log.v46
? flowd.pyc
? netflow-v9
? testwrite.py
? x.conf
? xxx.conf
? tools/stats.py
? tools/stats.pyc
Index: flowd.c
===================================================================
RCS file: /var/cvs/flowd/flowd.c,v
retrieving revision 1.56
diff -u -p -r1.56 flowd.c
--- flowd.c	28 Apr 2005 09:02:58 -0000	1.56
+++ flowd.c	16 May 2005 04:16:30 -0000
@@ -121,9 +121,19 @@ start_log(int monitor_fd)
 	int fd;
 	off_t pos;
 	char ebuf[512];
+	struct stat sb;
 
 	if ((fd = client_open_log(monitor_fd)) == -1)
 		logerrx("Logfile open failed, exiting");
+
+	if (fstat(fd, &sb) == -1)
+		logerr("log fstat");
+
+	/* Don't bother writing header to FIFOs */
+	if (S_ISFIFO(sb.st_mode)) {
+		logit(LOG_DEBUG, "logfile is FIFO, skipping header write");
+		return (fd);
+	}
 
 	/* Only write out the header if we are at the start of the file */
 	switch ((pos = lseek(fd, 0, SEEK_END))) {
Index: privsep.c
===================================================================
RCS file: /var/cvs/flowd/privsep.c,v
retrieving revision 1.26
diff -u -p -r1.26 privsep.c
--- privsep.c	14 May 2005 06:04:18 -0000	1.26
+++ privsep.c	16 May 2005 04:16:30 -0000
@@ -712,12 +712,22 @@ static int
 answer_open_log(struct flowd_config *conf, int client_fd)
 {
 	int fd;
+	struct stat sb;
 
 	logit(LOG_DEBUG, "%s: entering", __func__);
 
 	fd = open(conf->log_file, O_RDWR|O_APPEND|O_CREAT, 0600);
 	if (fd == -1) {
-		logitm(LOG_ERR, "%s: open", __func__);
+		logitm(LOG_ERR, "%s: open(%.100s)", __func__, conf->log_file);
+		return (-1);
+	}
+	if (fstat(fd, &sb) == -1) {
+		logitm(LOG_ERR, "%s: fstat(%.100s)", __func__, conf->log_file);
+		return (-1);
+	}
+	if (!S_ISREG(sb.st_mode) && !S_ISFIFO(sb.st_mode)) {
+		logit(LOG_ERR, "%s: log file \"%.100s\" is neither a regular "
+		    "file nor a FIFO", __func__, conf->log_file);
 		return (-1);
 	}
 	if (send_fd(client_fd, fd) == -1)

References:
- Netflow collector on OpenBSD
  - From: Jason Dixon

Prev by Date: UPDATE: fluxbox-0.9.13
Next by Date: Notification of Limited Account Access
Previous by thread: Netflow collector on OpenBSD
Next by thread: UPDATE: fluxbox-0.9.13
Index(es):
- Date
- Thread

Visit your host, monkey.org