Here's a major update to pfstat. The most important changes:
* Add a small daemon 'pfstatd' which listens on a TCP port and, when
connected to, sends the statistical pf data in plain text to the
peer. This program has no dependancies (gd, X11, etc.), so it can
be easily installed on a small firewall, and the main 'pfstat'
program can be installed on a different machine. Many users
complained that they had to install xbase39.tgz on a firewall,
this is now no longer required. Querying the local packet filter
through /dev/pf (without running pfstatd) is still supported and
the default.
* Switch the data storage from the simple text file to a DBT_BTREE
database (dbopen(3), no additional dependancies). Do MRTG-style
compression on insertion, so plotting graphs over large time periods
does not take longer anymore. Graph plotting is very fast now.
Expiry/purging of older data will be supported soon.
* Support for arbitrary interface and queue statistics. Label support
coming soon. This requires that values that should be stored must
be declared in advance (i.e. storing all values is possible, but
storing only user-specified values keeps the database smaller).
* The pfstat.conf syntax has therefore changed slightly, and example
is
collect 1 = interface "sis0" pass bytes in ipv4 diff
collect 2 = interface "sis0" pass bytes out ipv4 diff
image "/var/www/htdocs/benzedrine.cx/pfstat.jpg" {
from 72 hours to now
width 1000 height 400
left
graph 1 "in" "bits/s" color 0 192 0 filled
right
graph 2 "out" "bits/s" color 0 0 255
}
The 'collect' lines declare units to be collected, and the 'graph'
line reference units through the declaration numbers (1 and 2, in
the example).
* Fix several bugs. In particular one that affected scaling of values.
Before, the axis were sometimes wrongly labeled (like the maximum
value was labeled as '40 mbits/s' when it was really much higher.
The patch below is against the 3.9 ports tree. Apply it (to
ports/net/pfstat), delete the existing patches subdirectory.
NOTE: this won't work as-is on a pre-3.9 system. While it's not
complicated to get building there, I'd rather get feedback from 3.9
users at this time.
If someone with ports-foo has any suggestions about how to split pfstatd
into a separate package (so a package containing only pfstatd could be
installed on firewalls without any dependancies), please speak up ;)
Daniel
Index: Makefile
===================================================================
RCS file: /cvs/ports/net/pfstat/Makefile,v
retrieving revision 1.11
diff -u -r1.11 Makefile
--- Makefile 24 Oct 2005 05:09:59 -0000 1.11
+++ Makefile 14 May 2006 10:11:09 -0000
@@ -2,8 +2,8 @@
COMMENT= "packet filter statistics visualization"
-DISTNAME= pfstat-1.7
-PKGNAME= ${DISTNAME}p1
+DISTNAME= pfstat-2.0
+PKGNAME= ${DISTNAME}
CATEGORIES= net
MASTER_SITES= http://www.benzedrine.cx/
@@ -24,5 +24,7 @@
do-install:
${INSTALL_PROGRAM} ${WRKSRC}/pfstat ${PREFIX}/bin
${INSTALL_MAN} ${WRKSRC}/pfstat.8 ${PREFIX}/man/man8
+ ${INSTALL_PROGRAM} ${WRKSRC}/pfstatd/pfstatd ${PREFIX}/bin
+ ${INSTALL_MAN} ${WRKSRC}/pfstatd/pfstatd.8 ${PREFIX}/man/man8
.include <bsd.port.mk>
Index: distinfo
===================================================================
RCS file: /cvs/ports/net/pfstat/distinfo,v
retrieving revision 1.9
diff -u -r1.9 distinfo
--- distinfo 5 Jan 2005 17:14:57 -0000 1.9
+++ distinfo 14 May 2006 10:11:09 -0000
@@ -1,4 +1,4 @@
-MD5 (pfstat-1.7.tar.gz) = bd58864b56774aa10aa763258de8b625
-RMD160 (pfstat-1.7.tar.gz) = d15ebd14a42ddbdacf326b4ad59c2fcf4f7d8b07
-SHA1 (pfstat-1.7.tar.gz) = 7bd125039c130a56a4dda3040d309d0f445d88b5
-SIZE (pfstat-1.7.tar.gz) = 9610
+MD5 (pfstat-2.0.tar.gz) = c15416c16062da39500bb7822c71fcf1
+RMD160 (pfstat-2.0.tar.gz) = ae6d7f2db52df21282e05e45d0c8458ac0865433
+SHA1 (pfstat-2.0.tar.gz) = 798449440e1c8ac9a9eb33792a7fd49afee3def3
+SIZE (pfstat-2.0.tar.gz) = 16625
Index: pkg/PLIST
===================================================================
RCS file: /cvs/ports/net/pfstat/pkg/PLIST,v
retrieving revision 1.2
diff -u -r1.2 PLIST
--- pkg/PLIST 15 Sep 2004 18:17:44 -0000 1.2
+++ pkg/PLIST 14 May 2006 10:11:09 -0000
@@ -1,3 +1,5 @@
@comment $OpenBSD: PLIST,v 1.2 2004/09/15 18:17:44 espie Exp $
bin/pfstat
+bin/pfstatd
@man man/man8/pfstat.8
[EMAIL PROTECTED] man/man8/pfstatd.8
