SOURCES: argus.init (NEW), argus.sysconfig (NEW), argus.conf (NEW)...

alucard alucard at pld-linux.org
Tue Feb 27 14:28:20 CET 2007


Author: alucard                      Date: Tue Feb 27 13:28:20 2007 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- initial PLD release

---- Files affected:
SOURCES:
   argus.init (NONE -> 1.1)  (NEW), argus.sysconfig (NONE -> 1.1)  (NEW), argus.conf (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/argus.init
diff -u /dev/null SOURCES/argus.init:1.1
--- /dev/null	Tue Feb 27 14:28:20 2007
+++ SOURCES/argus.init	Tue Feb 27 14:28:14 2007
@@ -0,0 +1,66 @@
+#!/bin/sh
+# Startup script for argus
+#
+# chkconfig: 2345 97 01
+# description: Run argus
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Get service config
+if [ -f /etc/sysconfig/argus ]; then
+        . /etc/sysconfig/argus
+else
+	nls "Error: %s not found" /etc/sysconfig/argus
+	nls "argus daemon can't be run."
+        exit 1
+fi
+
+case "$1" in
+    start)
+	    if [ ! -f /var/lock/subsys/argus ]; then
+		msg_starting "argus"
+		daemon --user argus argus -d -w /var/log/argus/argus.log
+		RETVAL=$?
+		[ $RETVAL -eq 0 ] && touch /var/lock/subsys/argus
+	    else
+		msg_already_running "argus"
+	    fi
+	    ;;
+
+    stop)
+	    if [ -f /var/lock/subsys/argus ]; then
+		msg_stopping "argus"
+		killproc argus
+		rm -f /var/lock/subsys/argus
+	    fi
+	    ;;
+
+    restart)
+	    $0 stop
+	    $0 start
+	    exit $?
+	    ;;
+
+    reload|force-reload)
+	    if [ -f /var/lock/subsys/argus ]; then
+		msg_reloading "argus"
+		killproc argus -HUP
+		RETVAL=$?
+	    else
+		msg_not_running argus >&2
+		exit 7
+	    fi
+	    ;;
+
+    status)
+	    status argus
+    ;;
+
+    *)
+    echo $"Usage: $0 {start|stop|reload|force-reload|status}"
+    exit 1
+
+esac
+
+exit 0

================================================================
Index: SOURCES/argus.sysconfig
diff -u /dev/null SOURCES/argus.sysconfig:1.1
--- /dev/null	Tue Feb 27 14:28:20 2007
+++ SOURCES/argus.sysconfig	Tue Feb 27 14:28:14 2007
@@ -0,0 +1,5 @@
+# argus daemon startup configuration file
+
+# Try to define nice-level for running argus
+SERVICE_RUN_NICE_LEVEL="+0"
+

================================================================
Index: SOURCES/argus.conf
diff -u /dev/null SOURCES/argus.conf:1.1
--- /dev/null	Tue Feb 27 14:28:20 2007
+++ SOURCES/argus.conf	Tue Feb 27 14:28:14 2007
@@ -0,0 +1,388 @@
+# 
+# Argus Software
+# Copyright (c) 2000-2007 QoSient, LLC
+# All rights reserved.
+# 
+# Example  argus.conf
+#
+# Argus will open this argus.conf if its installed as /etc/argus.conf.
+# It will also search for this file as argus.conf in directories
+# specified in $ARGUSPATH, or $ARGUSHOME, $ARGUSHOME/lib,
+# or $HOME, $HOME/lib, and parse it to set common configuration
+# options.  All values in this file can be overriden by command
+# line options, or other files of this format that can be read in
+# using the -F option.
+#
+#
+# Variable Syntax
+# 
+# Variable assignments must be of the form:
+#
+#   VARIABLE=
+#
+# with no white space between the VARIABLE and the '=' sign.
+# Quotes are optional for string arguements, but if you want
+# to embed comments, then quotes are required.
+#
+#
+# Variable Explanations
+#
+# The Argus can be configured to support a large number of
+# flow types.  The Argus can provide either type, i.e.
+# uni-directional or bi-directional flow tracking and
+# the flow can be further defined by specifying the key.
+# The argus supports a set of well known key strategies,
+# such as 'CLASSIC_5_TUPLE', 'LAYER_3_MATRIX', 'LAYER_2_MATRIX',
+# 'MPLS', and/or 'VLAN', or the argus can be configured to
+# formulate key strategies from a list of the specific
+# objects that the Argus understands.  See the man page for
+# a complete description.
+#
+# The default is the classic 5-tuple IP flow, CLASSIC_5_TUPLE.
+#
+
+ARGUS_FLOW_TYPE="Bidirectional"
+ARGUS_FLOW_KEY="CLASSIC_5_TUPLE"
+
+
+# Argus is capable of running as a daemon, doing all the right things
+# that daemons do.  When this configuration is used for the system
+# daemon process, say for /etc/argus.conf, this variable should be
+# set to "yes".
+#
+# The default value is to not run as a daemon.
+#
+# This example is to support the ./support/Startup/argus script
+# which requires that this variable be set to "yes".
+#
+# Commandline equivalent   -d
+#
+
+ARGUS_DAEMON=yes
+
+
+# Argus Monitor Data is uniquely identifiable based on the source
+# identifier that is included in each output record.  This is to
+# allow you to work with Argus Data from multiple monitors at the
+# same time.  The ID is 32 bits long, and so legitimate values are
+# 0 - 4294967296 but argus also supports IP addresses as values.
+# The configuration allows for you to use host names, however, do
+# have some understanding how `hostname` will be resolved by the
+# nameserver before commiting to this strategy completely.
+#
+# Commandline equivalent   -e
+#
+                                          
+ARGUS_MONITOR_ID=`hostname`
+                                          
+
+# Argus monitors can provide a real-time remote access port
+# for collecting Argus data.  This is a TCP based port service and
+# the default port number is tcp/561, the "experimental monitor"
+# service.  This feature is disabled by default, and can be forced
+# off by setting it to zero (0).
+#
+# When you do want to enable this service, 561 is a good choice,
+# as all ra* clients are configured to try this port by default.
+#
+# Commandline equivalent   -P
+#
+
+ARGUS_ACCESS_PORT=561
+
+
+# When remote access is enabled (see above), you can specify that Argus
+# should bind only to a specific IP address. This is useful, for example,
+# in restricting access to the local host, or binding to a private
+# interface while capturing from another. The default is to bind to any
+# IP address.
+#
+# Commandline equivalent  -B
+#
+
+#ARGUS_BIND_IP="127.0.0.1"
+
+
+# By default, Argus will open the first appropriate interface on a
+# system that it encounters.  For systems that have only one network
+# interface, this is a reasonable thing to do.  But, when there are
+# more than one suitable interface, you should specify which
+# interface(s) Argus should read data from.
+#
+# Argus can read packets from multiple interfaces at the same time,
+# although this is limited to 2 interfaces at this time.  Specify
+# this in this file with multiple ARGUS_INTERFACE directives.
+#
+# Commandline equivalent   -i
+#
+
+#ARGUS_INTERFACE=
+
+
+# By default, Argus will put its interface in promiscuous mode
+# in order to monitor all the traffic that can be collected.
+# This can put an undo load on systems. 
+ 
+# If the intent is to monitor only the network activity of
+# the specific system, say to measure the performance of
+# an HTTP service or DNS service, you'll want to turn 
+# promiscuous mode off.
+#
+# The default value is go into prmiscuous mode.
+#
+# Commandline equivalent   -p
+#
+ 
+#ARGUS_GO_PROMISCUOUS=yes
+
+
+# By default, Argus will provide its own reliable output collection
+# functions, which include writing out to multiple files, supporting
+# multiple concurrent remote clients, independent output filtering and
+# strong authentication and encryption. The support for each of these
+# functions increases the CPU requirements of argus, and as such, in
+# high load environments, may not be desireable.
+# 
+# When argus's collection functions are disabled, the only way to access
+# data is through a socket, and as a result the ARGUS_ACCESS_PORT
+# and ARGUS_BIND_ADDRESS mechanisms may need to be used.
+#
+# Commandline equivalent   -c
+#
+ 
+#ARGUS_COLLECTOR=yes
+
+
+# Argus supports chroot(2) in order to control the file system that
+# argus exists in and can access.  Generally used when argus is running
+# with privileges, this limits the negative impacts that argus could
+# inflict on its host machine. 
+#
+# This option will cause the output file names to be relative to this
+# directory, and so consider this when trying to find your output files.
+#
+# Commandline equivalent   -C
+#
+
+#ARGUS_CHROOT_DIR=/chroot_dir
+
+
+# Argus can be directed to change its user id using the setuid() system
+# call.  This is can used when argus is started as root, in order to
+# access privileged resources, but then after the resources are opened,
+# this directive will cause argus to change its user id value to
+# a 'lesser' capable account.  Recommended when argus is running as
+# daemon.
+#
+# Commandline equivalent   -u
+#
+
+#ARGUS_SETUSER_ID=user
+
+
+# Argus can be directed to change its group id using the setgid() system
+# call.  This is can used when argus is started as root, in order to
+# access privileged resources, but then after the resources are opened,
+# this directive can be used to change argu's group id value to
+# a 'lesser' capable account.  Recommended when argus is running as
+# daemon.
+#
+# Commandline equivalent   -g
+#
+
+#ARGUS_SETGROUP_ID=group
+ 
+
+# Argus can write its output to one or a number of files.
+# The default limit is 5 concurrent files, each with their
+# own independant filters.
+#
+# The format is:
+#      ARGUS_OUTPUT_FILE=/full/path/file/name
+#      ARGUS_OUTPUT_FILE="/full/path/file/name filter"
+#
+# Most sites will have argus write to a file, for reliablity.
+# The example file name is used here as supporting programs,
+# such as ./support/Archive/argusarchive are configured to use
+# this file (with any chroot'd directory prepended).
+#
+# Commandline equivalent   -w
+#
+
+#ARGUS_OUTPUT_FILE=/var/log/argus/argus.out
+
+
+# When Argus is configured to run as a daemon, with the -d
+# option, Argus can store its pid in a file, to aid in
+# managing the running daemon.  However, creating a system
+# pid file requires priviledges that may not be appropriate
+# for all cases.
+#
+# When configured to generate a pid file, if Argus cannot
+# create the pid file, it will fail to run.  This variable
+# is available to override the default, in case this gets
+# in your way.
+#
+# The default value is to generate a pid.  The default
+# path for the pid file, is '/var/run'.
+#
+# No Commandline equivalent   
+#
+
+ARGUS_SET_PID=yes
+ARGUS_PID_PATH="/var/run"
+
+
+# Argus will periodically report on a flow's activity every
+# ARGUS_FLOW_STATUS_INTERVAL seconds, as long as there is
+# new activity on the flow.  This is so that you can get a
+# multiple status reports into the activity of a flow.  The
+# default is 5 seconds, but this number may be too low or
+# too high depending on your uses.  Argus does suppport
+# a minimum value of 0.000001 seconds.  Values under 1 sec
+# are very useful for doing measurements in a controlled
+# experimental environment where the number of flows is small.
+# 
+# Because the status interval affects the memory utilization
+# of the monitor, find the minimum acceptable value is 
+# recommended.
+#
+# Commandline equivalent   -S
+#
+
+ARGUS_FLOW_STATUS_INTERVAL=5
+
+
+# Argus will periodically report on a its own health, providing
+# interface status, total packet and bytes counts, packet drop
+# rates, and flow oriented statistics.
+#
+# These records can be used as "keep alives" for periods when
+# there is no network traffic to be monitored.
+#
+# The default value is 300 seconds, but a value of 60 seconds is
+# very common.
+#
+# Commandline equivalent   -M
+#
+
+ARGUS_MAR_STATUS_INTERVAL=60
+
+
+# If compiled to support this option, Argus is capable of
+# generating a lot of debug information.
+#
+# The default value is zero (0).
+#
+# Commandline equivalent   -D
+#
+
+ARGUS_DEBUG_LEVEL=0
+
+
+# Argus can be configured to report on flows in a manner than
+# provides the best information for calculating application
+# reponse times and network round trip times.
+#
+# The default value is to not generate this data.
+#
+# Commandline equivalent   -R
+#
+ 
+ARGUS_GENERATE_RESPONSE_TIME_DATA=no
+
+
+# Argus can be configured to generate packet jitter information
+# on a per flow basis.  The default value is to not generate
+# this data.
+#
+# Commandline equivalent   -J
+#
+ 
+ARGUS_GENERATE_JITTER_DATA=no 
+
+
+# Argus can be configured to provide MAC addresses in
+# it audit data. The default value is to not generate
+# this data.
+#
+# Commandline equivalent   -m
+#
+ 
+ARGUS_GENERATE_MAC_DATA=yes
+
+
+# Argus can be configured to generate metrics that include
+# the application byte counts as well as the packet count
+# and byte counters.
+#
+# No commandline equivalent
+#
+
+ARGUS_GENERATE_APPBYTE_METRIC=no
+
+
+# Argus by default, generates extended metrics for TCP
+# that include the connection setup time, window sizes,
+# base sequence numbers, and retransmission counters.
+# You can suppress this detailed information using this
+# variable.
+# 
+# No commandline equivalent
+# 
+
+#ARGUS_GENERATE_TCP_PERF_METRIC=yes
+
+
+# Argus can be configured to capture a number of user data
+# bytes from the packet stream.
+#
+# The default value is to not generate this data.
+#
+# Commandline equivalent   -U
+#
+ 
+ARGUS_CAPTURE_DATA_LEN=32
+
+
+# Argus uses the packet filter capabilities of libpcap.  If
+# there is a need to not use the libpcap filter optimizer,
+# you can turn it off here.  The default is to leave it on.
+#
+# Commandline equivalent   -O
+#
+
+ARGUS_FILTER_OPTIMIZER=yes
+
+
+# You can provide a filter expression here, if you like.
+# It should be limited to 2K in length.  The default is to
+# not filter.
+#
+# No Commandline equivalent
+#
+
+ARGUS_FILTER=""
+
+
+# Argus allows you to capture packets in tcpdump() format
+# if the source of the packets is a tcpdump() formatted
+# file or live packet source.
+#
+# Specify the path to the packet capture file here.
+#
+
+#ARGUS_PACKET_CAPTURE_FILE="/var/log/argus/packet.out"
+
+
+# Argus supports the use of SASL to provide strong 
+# authentication and confidentiality protection.
+#
+# The policy that argus uses is controlled through
+# the use of a minimum and maximum allowable protection
+# strength.  Set these variable to control this policy.
+#
+
+#ARGUS_MIN_SSF=40
+#ARGUS_MAX_SSF=128
+
================================================================


More information about the pld-cvs-commit mailing list