FreeBSD Manual Pages
NAME ipcad.conf -- ipcad configuration file SYNOPSIS /usr/local/etc/ipcad.conf DESCRIPTION The file /usr/local/etc/ipcad.conf contains configuration information for the ipcad(8) daemon. The ipcad.conf file consists of a series of configuration options describing the interfaces on which ipcad should be listening and other configuration data. Global configuration capture-ports { enable | disable }; Make ipcad account for UDP/TCP ports, IP protocol and ICMP types on a per-interface basis. This setting is relevant for RSH and interactive export methods only. Capturing UDP and TCP is dis- abled by default to maintain historic RSH output format compati- bility. To selectively enable capturing ports on certain inter- faces, specify the capture-ports between the appropriate interface configuration statements. buffers = <number> [{ k | m }] ; Defines a buffer size to use for transferring the data from the kernel. Using larger buffers may increase the performance by low- ering the number of expensive context switches, whereas using smaller values improves responsiveness. NOTE: This option has no effect on NetFlow operation. Interface configuration interface <face> [promisc] [input-only] [netflow-sampled] [netflow-disable] [filter "<pcap_filter>"] ; Listen on specified interface using BPF or PCAP packet source. (Please refer to the Interface options section below). interface ulog group <group> [, group <group> ...] [netflow-sampled] [netflow-disable] ; Use Linux iptables' ULOG interface for packet capturing. You should configure the iptables to forward the packets into the ap- propriate group: iptables -A OUTPUT -j ULOG --ulog-nlgroup <group> Interface options: promisc: Put interface into promiscuous mode. This enables listening for the packets which are not destined for this host and thus ipcad will count and display all the traffic within the local network. Note that the interface might be in promiscuous mode for some other reason. input-only: Use kernel feature of counting only incoming packets. NOTE: "input-only" directive must be supported by kernel. Probably, you were noticed about it during the compilation process if it was not supported. FreeBSD 3.x and elder kernels do not support this feature. netflow-sampled: If the NetFlow export mechanism is used, this option instructs the interface to supply only one out of N packets to the Net- Flow accounting code, thus lowering the CPU and memory requirements. The value of N is configured explicitly in a NetFlow configuration sec- tion. NOTE: This option is NOT used to enable NetFlow on the interface, it just modifies the NetFlow behavior on this interface. netflow-disable: By default, all interfaces are included into NetFlow accounting. This option is used to disable NetFlow accounting on a particular interface. filter: Install a custom filter on packets instead of basic IP protocol filter. Requires libpcap (even if BPF is being used). May be employed to eliminate CPU overhead on passing unnecessary data between the ker- nel and user space (by installing the filter directly into the kernel). IP aggregation aggregate <ip>/<masklen> strip <maskbits>; Aggregate addresses from the specified network (<ip>/<masklen>), by AND'ing with specified mask (<maskbits>). Use of aggregation helps to save memory space and recomendeed for efficiency. aggregate <port_from>-<port_to> into <port>; aggregate <port> into <port>; Aggregate specified UDP/TCP ports range into a given port number. Use of aggregation helps to save memory space and recomendeed for efficiency. RSH server configuration rsh { enable | disable } [at <listen_ip>]; Enable/disable RSH server (disabled by default). Optionally, a server's IP address may be specified. rsh [[<user>@]<host_addr>] [access] ; Specifies an rsh access list entry. access values are: admin Can shutdown ipcad backup Can dump/restore/import accounting tables default Can view and modify accounting tables view-only Can view accounting tables deny Deny all activity rsh ttl = <ttl>; Keep the IP time to live (TTL) value reasonably low to lower the possibility of remote attacks. Default is 3. This means that if you are trying to gather IP accounting from a distant (a few net- work "hops", see traceroute(1)) ipcad server using RSH, such at- tempts may fail. rsh timeout = <seconds>; Set rsh timeout for the same purpose. dumpfile = <filename>; Dump memory table to this file on exit and read on startup (refer to ipcad(8) and read about -s and -r options). NOTE: This setting has no effect on NetFlow operation. The con- tents of the flow cache are flushed to the collector upon ipcad termination. NetFlow export configuration netflow export destination <collector-ip> <collector-port>; Enable NetFlow information export to the specified destination. By default, ipcad does not export NetFlow information. netflow export version { 1 | 5 }; Specify the NetFlow export format version. By default, version 5 is used. netflow export timeout active <time-minutes>; Configure the timer to expire active flows after the given value in minutes. netflow export timeout inactive <time-seconds>; Configure the timer to expire inactive flows after the given value in seconds. Other options: memory_limit = <number> [{ k | m | e }] ; Defines a memory limit for storing the per-stream associations. Shortcuts are for kilobytes, megabytes or entries respectively. chroot = </path>; Chroot to this directory before processing. uid = <number>; Set this uid to be safe in the long run. Please change it if you're aware of the consequences. RSH service will NOT work if process is not privileged. Default is to not to change privi- leges. gid = <number>; Set this gid to be safe in the long run. Default is not to change privileges. pidfile = <filename>; File to keep the process PID in it. ipcad will also hold a lock. Creation of the PID file is done after chroot()'ing. SEE ALSO ipcad(8). AUTHORS Lev Walkin <vlm@lionet.info> May 25, 2001 IPCAD.CONF(5)
NAME | SYNOPSIS | DESCRIPTION | SEE ALSO | AUTHORS
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=ipcad.conf&sektion=5&manpath=FreeBSD+Ports+14.3.quarterly>