SOURCES: argus.init (NEW), argus.sysconfig (NEW), argus.conf (NEW)...
alucard
alucard at pld-linux.org
Tue Feb 27 14:28:20 CET 2007
Author: alucard Date: Tue Feb 27 13:28:20 2007 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- initial PLD release
---- Files affected:
SOURCES:
argus.init (NONE -> 1.1) (NEW), argus.sysconfig (NONE -> 1.1) (NEW), argus.conf (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/argus.init
diff -u /dev/null SOURCES/argus.init:1.1
--- /dev/null Tue Feb 27 14:28:20 2007
+++ SOURCES/argus.init Tue Feb 27 14:28:14 2007
@@ -0,0 +1,66 @@
+#!/bin/sh
+# Startup script for argus
+#
+# chkconfig: 2345 97 01
+# description: Run argus
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+# Get service config
+if [ -f /etc/sysconfig/argus ]; then
+ . /etc/sysconfig/argus
+else
+ nls "Error: %s not found" /etc/sysconfig/argus
+ nls "argus daemon can't be run."
+ exit 1
+fi
+
+case "$1" in
+ start)
+ if [ ! -f /var/lock/subsys/argus ]; then
+ msg_starting "argus"
+ daemon --user argus argus -d -w /var/log/argus/argus.log
+ RETVAL=$?
+ [ $RETVAL -eq 0 ] && touch /var/lock/subsys/argus
+ else
+ msg_already_running "argus"
+ fi
+ ;;
+
+ stop)
+ if [ -f /var/lock/subsys/argus ]; then
+ msg_stopping "argus"
+ killproc argus
+ rm -f /var/lock/subsys/argus
+ fi
+ ;;
+
+ restart)
+ $0 stop
+ $0 start
+ exit $?
+ ;;
+
+ reload|force-reload)
+ if [ -f /var/lock/subsys/argus ]; then
+ msg_reloading "argus"
+ killproc argus -HUP
+ RETVAL=$?
+ else
+ msg_not_running argus >&2
+ exit 7
+ fi
+ ;;
+
+ status)
+ status argus
+ ;;
+
+ *)
+ echo $"Usage: $0 {start|stop|reload|force-reload|status}"
+ exit 1
+
+esac
+
+exit 0
================================================================
Index: SOURCES/argus.sysconfig
diff -u /dev/null SOURCES/argus.sysconfig:1.1
--- /dev/null Tue Feb 27 14:28:20 2007
+++ SOURCES/argus.sysconfig Tue Feb 27 14:28:14 2007
@@ -0,0 +1,5 @@
+# argus daemon startup configuration file
+
+# Try to define nice-level for running argus
+SERVICE_RUN_NICE_LEVEL="+0"
+
================================================================
Index: SOURCES/argus.conf
diff -u /dev/null SOURCES/argus.conf:1.1
--- /dev/null Tue Feb 27 14:28:20 2007
+++ SOURCES/argus.conf Tue Feb 27 14:28:14 2007
@@ -0,0 +1,388 @@
+#
+# Argus Software
+# Copyright (c) 2000-2007 QoSient, LLC
+# All rights reserved.
+#
+# Example argus.conf
+#
+# Argus will open this argus.conf if its installed as /etc/argus.conf.
+# It will also search for this file as argus.conf in directories
+# specified in $ARGUSPATH, or $ARGUSHOME, $ARGUSHOME/lib,
+# or $HOME, $HOME/lib, and parse it to set common configuration
+# options. All values in this file can be overriden by command
+# line options, or other files of this format that can be read in
+# using the -F option.
+#
+#
+# Variable Syntax
+#
+# Variable assignments must be of the form:
+#
+# VARIABLE=
+#
+# with no white space between the VARIABLE and the '=' sign.
+# Quotes are optional for string arguements, but if you want
+# to embed comments, then quotes are required.
+#
+#
+# Variable Explanations
+#
+# The Argus can be configured to support a large number of
+# flow types. The Argus can provide either type, i.e.
+# uni-directional or bi-directional flow tracking and
+# the flow can be further defined by specifying the key.
+# The argus supports a set of well known key strategies,
+# such as 'CLASSIC_5_TUPLE', 'LAYER_3_MATRIX', 'LAYER_2_MATRIX',
+# 'MPLS', and/or 'VLAN', or the argus can be configured to
+# formulate key strategies from a list of the specific
+# objects that the Argus understands. See the man page for
+# a complete description.
+#
+# The default is the classic 5-tuple IP flow, CLASSIC_5_TUPLE.
+#
+
+ARGUS_FLOW_TYPE="Bidirectional"
+ARGUS_FLOW_KEY="CLASSIC_5_TUPLE"
+
+
+# Argus is capable of running as a daemon, doing all the right things
+# that daemons do. When this configuration is used for the system
+# daemon process, say for /etc/argus.conf, this variable should be
+# set to "yes".
+#
+# The default value is to not run as a daemon.
+#
+# This example is to support the ./support/Startup/argus script
+# which requires that this variable be set to "yes".
+#
+# Commandline equivalent -d
+#
+
+ARGUS_DAEMON=yes
+
+
+# Argus Monitor Data is uniquely identifiable based on the source
+# identifier that is included in each output record. This is to
+# allow you to work with Argus Data from multiple monitors at the
+# same time. The ID is 32 bits long, and so legitimate values are
+# 0 - 4294967296 but argus also supports IP addresses as values.
+# The configuration allows for you to use host names, however, do
+# have some understanding how `hostname` will be resolved by the
+# nameserver before commiting to this strategy completely.
+#
+# Commandline equivalent -e
+#
+
+ARGUS_MONITOR_ID=`hostname`
+
+
+# Argus monitors can provide a real-time remote access port
+# for collecting Argus data. This is a TCP based port service and
+# the default port number is tcp/561, the "experimental monitor"
+# service. This feature is disabled by default, and can be forced
+# off by setting it to zero (0).
+#
+# When you do want to enable this service, 561 is a good choice,
+# as all ra* clients are configured to try this port by default.
+#
+# Commandline equivalent -P
+#
+
+ARGUS_ACCESS_PORT=561
+
+
+# When remote access is enabled (see above), you can specify that Argus
+# should bind only to a specific IP address. This is useful, for example,
+# in restricting access to the local host, or binding to a private
+# interface while capturing from another. The default is to bind to any
+# IP address.
+#
+# Commandline equivalent -B
+#
+
+#ARGUS_BIND_IP="127.0.0.1"
+
+
+# By default, Argus will open the first appropriate interface on a
+# system that it encounters. For systems that have only one network
+# interface, this is a reasonable thing to do. But, when there are
+# more than one suitable interface, you should specify which
+# interface(s) Argus should read data from.
+#
+# Argus can read packets from multiple interfaces at the same time,
+# although this is limited to 2 interfaces at this time. Specify
+# this in this file with multiple ARGUS_INTERFACE directives.
+#
+# Commandline equivalent -i
+#
+
+#ARGUS_INTERFACE=
+
+
+# By default, Argus will put its interface in promiscuous mode
+# in order to monitor all the traffic that can be collected.
+# This can put an undo load on systems.
+
+# If the intent is to monitor only the network activity of
+# the specific system, say to measure the performance of
+# an HTTP service or DNS service, you'll want to turn
+# promiscuous mode off.
+#
+# The default value is go into prmiscuous mode.
+#
+# Commandline equivalent -p
+#
+
+#ARGUS_GO_PROMISCUOUS=yes
+
+
+# By default, Argus will provide its own reliable output collection
+# functions, which include writing out to multiple files, supporting
+# multiple concurrent remote clients, independent output filtering and
+# strong authentication and encryption. The support for each of these
+# functions increases the CPU requirements of argus, and as such, in
+# high load environments, may not be desireable.
+#
+# When argus's collection functions are disabled, the only way to access
+# data is through a socket, and as a result the ARGUS_ACCESS_PORT
+# and ARGUS_BIND_ADDRESS mechanisms may need to be used.
+#
+# Commandline equivalent -c
+#
+
+#ARGUS_COLLECTOR=yes
+
+
+# Argus supports chroot(2) in order to control the file system that
+# argus exists in and can access. Generally used when argus is running
+# with privileges, this limits the negative impacts that argus could
+# inflict on its host machine.
+#
+# This option will cause the output file names to be relative to this
+# directory, and so consider this when trying to find your output files.
+#
+# Commandline equivalent -C
+#
+
+#ARGUS_CHROOT_DIR=/chroot_dir
+
+
+# Argus can be directed to change its user id using the setuid() system
+# call. This is can used when argus is started as root, in order to
+# access privileged resources, but then after the resources are opened,
+# this directive will cause argus to change its user id value to
+# a 'lesser' capable account. Recommended when argus is running as
+# daemon.
+#
+# Commandline equivalent -u
+#
+
+#ARGUS_SETUSER_ID=user
+
+
+# Argus can be directed to change its group id using the setgid() system
+# call. This is can used when argus is started as root, in order to
+# access privileged resources, but then after the resources are opened,
+# this directive can be used to change argu's group id value to
+# a 'lesser' capable account. Recommended when argus is running as
+# daemon.
+#
+# Commandline equivalent -g
+#
+
+#ARGUS_SETGROUP_ID=group
+
+
+# Argus can write its output to one or a number of files.
+# The default limit is 5 concurrent files, each with their
+# own independant filters.
+#
+# The format is:
+# ARGUS_OUTPUT_FILE=/full/path/file/name
+# ARGUS_OUTPUT_FILE="/full/path/file/name filter"
+#
+# Most sites will have argus write to a file, for reliablity.
+# The example file name is used here as supporting programs,
+# such as ./support/Archive/argusarchive are configured to use
+# this file (with any chroot'd directory prepended).
+#
+# Commandline equivalent -w
+#
+
+#ARGUS_OUTPUT_FILE=/var/log/argus/argus.out
+
+
+# When Argus is configured to run as a daemon, with the -d
+# option, Argus can store its pid in a file, to aid in
+# managing the running daemon. However, creating a system
+# pid file requires priviledges that may not be appropriate
+# for all cases.
+#
+# When configured to generate a pid file, if Argus cannot
+# create the pid file, it will fail to run. This variable
+# is available to override the default, in case this gets
+# in your way.
+#
+# The default value is to generate a pid. The default
+# path for the pid file, is '/var/run'.
+#
+# No Commandline equivalent
+#
+
+ARGUS_SET_PID=yes
+ARGUS_PID_PATH="/var/run"
+
+
+# Argus will periodically report on a flow's activity every
+# ARGUS_FLOW_STATUS_INTERVAL seconds, as long as there is
+# new activity on the flow. This is so that you can get a
+# multiple status reports into the activity of a flow. The
+# default is 5 seconds, but this number may be too low or
+# too high depending on your uses. Argus does suppport
+# a minimum value of 0.000001 seconds. Values under 1 sec
+# are very useful for doing measurements in a controlled
+# experimental environment where the number of flows is small.
+#
+# Because the status interval affects the memory utilization
+# of the monitor, find the minimum acceptable value is
+# recommended.
+#
+# Commandline equivalent -S
+#
+
+ARGUS_FLOW_STATUS_INTERVAL=5
+
+
+# Argus will periodically report on a its own health, providing
+# interface status, total packet and bytes counts, packet drop
+# rates, and flow oriented statistics.
+#
+# These records can be used as "keep alives" for periods when
+# there is no network traffic to be monitored.
+#
+# The default value is 300 seconds, but a value of 60 seconds is
+# very common.
+#
+# Commandline equivalent -M
+#
+
+ARGUS_MAR_STATUS_INTERVAL=60
+
+
+# If compiled to support this option, Argus is capable of
+# generating a lot of debug information.
+#
+# The default value is zero (0).
+#
+# Commandline equivalent -D
+#
+
+ARGUS_DEBUG_LEVEL=0
+
+
+# Argus can be configured to report on flows in a manner than
+# provides the best information for calculating application
+# reponse times and network round trip times.
+#
+# The default value is to not generate this data.
+#
+# Commandline equivalent -R
+#
+
+ARGUS_GENERATE_RESPONSE_TIME_DATA=no
+
+
+# Argus can be configured to generate packet jitter information
+# on a per flow basis. The default value is to not generate
+# this data.
+#
+# Commandline equivalent -J
+#
+
+ARGUS_GENERATE_JITTER_DATA=no
+
+
+# Argus can be configured to provide MAC addresses in
+# it audit data. The default value is to not generate
+# this data.
+#
+# Commandline equivalent -m
+#
+
+ARGUS_GENERATE_MAC_DATA=yes
+
+
+# Argus can be configured to generate metrics that include
+# the application byte counts as well as the packet count
+# and byte counters.
+#
+# No commandline equivalent
+#
+
+ARGUS_GENERATE_APPBYTE_METRIC=no
+
+
+# Argus by default, generates extended metrics for TCP
+# that include the connection setup time, window sizes,
+# base sequence numbers, and retransmission counters.
+# You can suppress this detailed information using this
+# variable.
+#
+# No commandline equivalent
+#
+
+#ARGUS_GENERATE_TCP_PERF_METRIC=yes
+
+
+# Argus can be configured to capture a number of user data
+# bytes from the packet stream.
+#
+# The default value is to not generate this data.
+#
+# Commandline equivalent -U
+#
+
+ARGUS_CAPTURE_DATA_LEN=32
+
+
+# Argus uses the packet filter capabilities of libpcap. If
+# there is a need to not use the libpcap filter optimizer,
+# you can turn it off here. The default is to leave it on.
+#
+# Commandline equivalent -O
+#
+
+ARGUS_FILTER_OPTIMIZER=yes
+
+
+# You can provide a filter expression here, if you like.
+# It should be limited to 2K in length. The default is to
+# not filter.
+#
+# No Commandline equivalent
+#
+
+ARGUS_FILTER=""
+
+
+# Argus allows you to capture packets in tcpdump() format
+# if the source of the packets is a tcpdump() formatted
+# file or live packet source.
+#
+# Specify the path to the packet capture file here.
+#
+
+#ARGUS_PACKET_CAPTURE_FILE="/var/log/argus/packet.out"
+
+
+# Argus supports the use of SASL to provide strong
+# authentication and confidentiality protection.
+#
+# The policy that argus uses is controlled through
+# the use of a minimum and maximum allowable protection
+# strength. Set these variable to control this policy.
+#
+
+#ARGUS_MIN_SSF=40
+#ARGUS_MAX_SSF=128
+
================================================================
More information about the pld-cvs-commit
mailing list