Search
j0ke.net Open Build Service
>
Projects
>
server:monitoring
:
netflow
>
pmacct
> pmacct.spec
Sign Up
|
Log In
Username
Password
Cancel
Overview
Repositories
Revisions
Requests
Users
Advanced
Attributes
Meta
File pmacct.spec of Package pmacct
BuildRequires: -post-build-checks Summary: Promiscuous mode IP Accounting package Name: pmacct Version: 1.5.3 Release: 1 License: GPL Group: Productivity/Networking/Diagnostic Source0: %{name}-%{version}.tar.bz2 Source1: nfacctd.init Source2: pmacctd.init Source3: sfacctd.init Source4: nfacctd.init.rh Source5: pmacctd.init.rh Source6: sfacctd.init.rh URL: http://www.pmacct.net/ BuildRoot: %{_tmppath}/%{name}-root Requires: postgresql-libs sqlite BuildRequires: mysql-devel postgresql-devel libstdc++-devel libGeoIP-devel BuildRequires: -post-build-checks %if %{?suse_version:1}0 Requires: mysql-shared %if %suse_version > 920 BuildRequires: sqlite-devel %endif %else BuildRequires: sqlite-devel %endif %if %{?fedora_version:1}0 BuildRequires: kernel %endif %if %{?mandriva_version:1}0 Requires: libpcap0 mysql-shared BuildRequires: libpcap0-devel %else Requires: libpcap BuildRequires: libpcap %endif %if 0%{?suse_version} >= 1030 BuildRequires: libpcap-devel %endif %if 0%{?centos_version} || 0%{?rhel_version} Requires: mysql BuildRequires: libpcap-devel %endif %description pmacct is a small set of passive network monitoring tools to measure, account, classify and aggregate IPv4 and IPv6 traffic; a pluggable and flexible architecture allows to store the collected traffic data into memory tables or SQL (MySQL, SQLite, PostgreSQL) databases. pmacct supports fully customizable historical data breakdown, flow sampling, filtering and tagging, recovery actions, and triggers. Libpcap, sFlow v2/v4/v5 and NetFlow v1/v5/v7/v8/v9 are supported, both unicast and multicast. Also, a client program makes it easy to export data to tools like RRDtool, GNUPlot, Net-SNMP, MRTG, and Cacti. %prep %setup -q %build export CFLAGS="$RPM_OPT_FLAGS" export AM_CFLAGS="$RPM_OPT_FLAGS" PMACCT_BASE_CONFIG=" --prefix=%{_prefix} --bindir=%{_bindir} --sbindir=%{_sbindir} --sysconfdir=%{_sysconfdir}/%{name} --enable-64bit --enable-mysql --enable-pgsql --enable-ipv6 --enable-ulog --enable-threads %if %{?suse_version:1}0 %if %{suse_version} > 920 --enable-sqlite3 %endif --with-pgsql-includes=/usr/include/pgsql/ %endif %if %{?mandriva_version:1}0 --with-pgsql-includes=/usr/include/pgsql/ --with-pcap-includes=/usr/include/ %endif %if 0%{?centos_version} || 0%{?rhel_version} --with-mysql-libs=%{_libdir}/mysql %endif " ./configure $PMACCT_BASE_CONFIG make chmod -x docs/* examples/amqp/* examples/* sql/* chmod +x examples/amqp examples/kafka %install %{__rm} -rf %{buildroot} %makeinstall %if 0%{?suse_version} || 0%{?mandriva_version} %{__install} -Dpm555 %{SOURCE1} %{buildroot}/%{_sysconfdir}/init.d/nfacctd %{__install} -Dpm555 %{SOURCE2} %{buildroot}/%{_sysconfdir}/init.d/pmacctd %{__install} -Dpm555 %{SOURCE3} %{buildroot}/%{_sysconfdir}/init.d/sfacctd ln -sf ../../etc/init.d/nfacctd $RPM_BUILD_ROOT/usr/sbin/rcnfacctd ln -sf ../../etc/init.d/pmacctd $RPM_BUILD_ROOT/usr/sbin/rcpmacctd ln -sf ../../etc/init.d/sfacctd $RPM_BUILD_ROOT/usr/sbin/rcsfacctd %else %{__install} -Dpm555 %{SOURCE4} %{buildroot}/%{_sysconfdir}/init.d/nfacctd %{__install} -Dpm555 %{SOURCE5} %{buildroot}/%{_sysconfdir}/init.d/pmacctd %{__install} -Dpm555 %{SOURCE6} %{buildroot}/%{_sysconfdir}/init.d/sfacctd %endif %{__install} -Dpm555 examples/nfacctd-sql_v2.conf.example %{buildroot}/%{_sysconfdir}/pmacct/nfacctd.conf %{__install} -Dpm555 examples/pmacctd-sql_v2.conf.example %{buildroot}/%{_sysconfdir}/pmacct/pmacctd.conf touch %{buildroot}/%{_sysconfdir}/pmacct/sfacctd.conf strip %{buildroot}%{_bindir}/pmacct strip %{buildroot}%{_bindir}/pmmyplay strip %{buildroot}%{_bindir}/pmpgplay strip %{buildroot}%{_sbindir}/nfacctd strip %{buildroot}%{_sbindir}/pmacctd strip %{buildroot}%{_sbindir}/sfacctd %clean %{__rm} -rf %{buildroot} %postun %if 0%{?suse_version} %insserv_cleanup %endif %preun %if 0%{?suse_version} %stop_on_removal %endif %files %defattr(-, root, root) %doc AUTHORS ChangeLog CONFIG-KEYS COPYING FAQS INSTALL TOOLS UPGRADE docs examples sql %defattr(-, root, root, 0755) %{_bindir}/* %{_sbindir}/* %{_sysconfdir}/init.d/* %dir %{_sysconfdir}/pmacct %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/pmacct/nfacctd.conf %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/pmacct/pmacctd.conf %config(noreplace) %attr(0600,root,root) %{_sysconfdir}/pmacct/sfacctd.conf %changelog * Mon Aug 19 2013 Carsten Schoene <cs@linux-administrator.com> - 0.14.3-1 - update to release 0.14.3 * Wed Dec 29 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.5-1 - update to release 0.12.5 * Sun Oct 03 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.4-1 - update to release 0.12.4 * Mon Aug 09 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.3-2 - fix postun/preun * Sat Jul 31 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.3-1 - update to release 0.12.3 * Thu Jun 17 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.2-2 - added centos/redhat init scripts * Fri May 28 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.2-1 - update to release 0.12.2 + A new 'tee' plugin is introduced bringing both NetFlow and sFlow replication capabilities to pmacct. It supports transparent mode (tee_transparent), coarse-grained filtering capabilities via the Pre-Tagging infrastructure. Quickstart guide is included as part of the EXAMPLES file (chapter XII). + nfprobe, sfprobe: introduced support for export of the BGP next-hop information. Source data selection for BGP next-hop is being linked to [pmacctd_as|uacctd_as] configuration directive. Hence it must be set to 'bgp' in order for this feature to work. + nfprobe, sfprobe, BGP daemon: new set of features (nfprobe_ipprec, sfprobe_ipprec, bgp_daemon_ipprec) allows to mark self-originated sFlow, NetFlow and BGP datagrams with the supplied IP precedence value. + peer_src_ip (IP address of the NetFlow emitter, agent ID of the sFlow emitter) and peer_dst_ip (BGP next-hop) can now be filled from NetFlow/sFlow protocols data other than BGP. To activate the feature nfacctd_as_new/sfacctd_as_new have to be 'false' (default value), 'true' or 'file'. + print plugin: introduced support for Comma-Separated Values (CSV) output in addition to formatted-text. A new print_output feature allows to switch between the two. + pmacctd: improved 802.1ad support. While recursing, outer VLAN is always reported as value of the 'vlan' primitive. ! fix, pmacctd: 802.1p was kept integral part of the 'vlan' value. Now a 0x0FFF mask is applied in order to return only the VLAN ID. ! fix, pkt_handlers.c: added trailing '\0' symbol when truncating AS-PATH and BGP community strings due to length constraints. ! fix, sql_common.c: maximum SQL writers warning message was never reached unless a recovery method is specifited. Thanks to Sergio Charpinel Jr for reporting the issue. ! fix, MySQL and PostgreSQL plugins: PGRES_TUPLES_OK (PostgreSQL) and errno 1050 (MySQL) are now considered valid return codes when dynamic tables are involved (ie. sql_table_schema). Thanks to Sergio Charpinel Jr for his support. ! fix, BGP daemon: pkt_bgp_primitives struct has been explicitely 64-bit aligned. Mis-alignment was causing crashes when buffering was enabled (plugin_buffer_size). Verified on Solaris/sparc. * Thu Apr 08 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.1-1 - update to release 0.12.1 + Input/output interfaces (SNMP indexes) have now been implemented natively; it's therefore not required anymore to pass through the (Pre-)tag infrastructure. As a result two aggregation primitives are being introduced: 'in_iface' and 'out_iface'. + Support for source/destination IP prefix masks is introduced via two new aggregation primitives: src_mask and dst_mask. These are populated as defined by the [nf|sf|pm|u]acctd_net directive: NetFlow/sFlow protocols, BGP, Network files (networks_file) or static (networks_mask) being valid data sources. + A generic tunnel inspection infrastructure has been developed to benefit both pmacctd and uacctd daemons. Handlers are defined via configuration file. Once enabled daemons will account basing upon tunnelled headers rather than the envelope. Currently the only supported tunnel protocol is GTP, the GPRS tunnelling protocol (which can be configured as: "tunnel_0: gtp, <UDP port>"). Up to 8 different tunnel stacks and up to 4 tunnel layers per stack are supported. First matching stack, first matching layer wins. + uacctd: support for the MAC layer has been added for the Netlink/ ULOG Linux packet capturing framework. + 'nfprobe_source_ip' feature introduced: it allows to select the IPv4/IPv6 address to be used to export NetFlow datagrams to the collector. + nfprobe, sfprobe: network masks are now exported via NetFlow and sFlow. 'pmacctd_net' and its equivalent directives define how to populate src_mask and dst_mask values. ! cleanup, nfprobe/sfprobe: data source for 'src_as' and 'dst_as' primitives is now expected to be always explicitely defined (in line with how 'src_net' and 'dst_net' primitives work). See the UPGRADE doc for the (limited) backward compatibility impact. ! Updated SQL documentation: sql/README.iface guides on 'in_iface' and 'out_iface' primitives; sql/README.mask guides on 'src_mask' and 'dst_mask' primitives; sql/README.is_symmetric guides on 'is_symmetric' primitive. ! fix, nfacctd.h: source and destination network masks were twisted in the NetFlow v5 export structure definition. Affected releases are: 0.12.0rc4 and 0.12.0. ! fix, nfprobe_plugin.c: l2_to_flowrec() was missing some variable declaration when the package was configured for compilation with --disable-l2. Thanks to Brent Van Dussen for reporting the issue. ! fix, bgp.c: bgp_attr_munge_as4path() return code was not defined for some cases. This was causing some BGP messages to be marked as malformed. ! fix, sfprobe: a dummy MAC layer was created whenever this was not included as part of the captured packet. This behaviour has been changed and header protocol is now set to 11 (IPv4) or 12 (IPv6) accordingly. Thanks to Neil McKee for pointing the issue. ! workaround, building sub-system: PF_RING enabled libpcap was not recognized due to missing of pcap_dispatch(). This is now fixed. * Wed Feb 17 2010 Carsten Schoene <cs@linux-administrator.com> - 0.12.0-1 - update to release 0.12.0 + 'is_symmetric' aggregation primitive has been implemented: aimed at easing detection of asymmetric traffic. It's based on rule definitions supplied in a 'bgp_is_symmetric_map' map, reloadable at runtime. + A new 'bgp_daemon_allow_file' configuration directive allows to specify IP addresses that can establish a BGP session with the collector's BGP thread. Many thanks to Erik van der Burg for contributing the idea. + 'nfacctd_ext_sampling_rate' and 'sfacctd_ext_sampling_rate' are introduced: they flag the daemon that captured traffic is being sampled. Useful to tackle corner cases, ie. the sampling rate reported by the NetFlow/sFlow agent is missing or incorrect. + The 'bgp_follow_nexthop' feature has been extended so that extra IPv4/IPv6 prefixes can be supplied. Up to 32 IP prefixes are now supported and a warning message is generated whenever a supplied string fails parsing. + Pre-Tagging: implemented 'src_local_pref' and 'src_comms' keys. These allow tagging based on source IP prefix local_pref (sourced from either a map or BGP, ie. 'bgp_src_local_pref_type: map', 'bgp_src_local_pref_type: bgp') and standard BGP communities. + Pre-Tagging: 'src_peer_as' key was extended in order to match on BGP-sourced data (bgp_peer_src_as_type: bgp). + Pre-Tagging: introduced 'comms' key to tag basing on up to 16 standard BGP communities attached to the destination IP prefix. The lookup is done against the BGP RIB of the exporting router. Comparisons can be done in either match-any or match-all fashion; xidDocumentation and examples updated. ! fix, util.c: load_allow_file(), empty allow file was granting a connection to everybody being confused with a 'no map' condition. Now this case is properly recognized and correctly translates in a reject all clause. ! fix, sql_common.c: log of NetFlow micro-flows to a SQL database (nfacctd_sql_log directive) was not correctly getting committed to the backend, when sql_history was disabled. ! fix, mysql|pgsql|sqlite_plugin.c: 'flows' aggregation primitive was not suitable to mix-and-match with BGP related primitives (ie. peer_dst_as, etc.) due to an incorrect check. Many thanks to Zenon Mousmoulas for the bug report. ! fix, pretag_handlers.c: tagging against NetFlow v9 4-bytes in/out interfaces was not working properly. Thanks to Zenon Mousmoulas for reporting the issue. * Wed Apr 08 2009 Carsten Schoene <cs@linux-administrator.com> - 0.11.6-1 - update to release 0.11.6 - This release introduces support for tag ranges into the Pre-Tagging infrastructure. - tcpdump-style filters, e.g. 'aggregate_filter', now support indexing within a packet, e.g. 'ether[12:2]', to allow more flexible separation of the traffic. - There are fixes to libpcap, sFlow, and NetFlow collectors, the MySQL plugin, stream classification, and IPv6 code. * Thu Jul 24 2008 Carsten Schoene <cs@linux-administrator.com> - 0.11.5-1 - update to release 0.11.5 * Fri Nov 17 2006 Peter Nixon <peter+rpmspam@suntel.com.tr> 0.10.1 - Changed the permissions of the conf files to writable * Tue May 16 2006 Peter Nixon <peter+rpmspam@suntel.com.tr> 0.10.1 - Cleaned up SPEC file a some more and updated to 0.10.1 * Wed May 10 2006 Peter Nixon <peter+rpmspam@suntel.com.tr> 0.10.0 - Fixup spec file to work properly on SUSE Build system * Tue Dec 27 2005 Douglas E. Warner <silfreed@silfreed.net> 0.9.6-2 - fixed package descriptions and conflicts for alldb * Tue Dec 27 2005 Douglas E. Warner <silfreed@silfreed.net> 0.9.6-1 - upgraded to 0.9.6 - split database backends into separate binaries - added 64bit counter support by default * Fri Dec 08 2005 Douglas E. Warner <silfreed@silfreed.net> 0.9.5-1 - upgraded to 0.9.5 - removed shortver * Mon Nov 13 2005 Douglas E. Warner <silfreed@silfreed.net> 0.9.4p1-1 - upgraded to 0.9.4p1 - defined shortver since directory didn't change * Mon Nov 13 2005 Douglas E. Warner <silfreed@silfreed.net> 0.9.4-1 - upgraded to 0.9.4 * Tue Oct 12 2005 Douglas E. Warner <silfreed@silfreed.net> 0.9.3-1 - upgraded to 0.9.3 * Tue Aug 23 2005 Douglas E. Warner <silfreed@silfreed.net> 0.9.1-1 - upgraded to 0.9.1 * Tue May 24 2005 Douglas E. Warner <silfreed@silfreed.net> 0.8.6-2 - changed 'libmysqlclient' Require to 'mysql' * Mon May 23 2005 Douglas E. Warner <silfreed@silfreed.net> 0.8.6-1 - removed epoch (old versions won't upgrade correctly) - upgraded to 0.8.6 * Sat Apr 10 2004 Douglas E. Warner <dwarner@ctinetworks.com> - Initial RPM release.
