Promiscuous mode IP Accounting
http://www.pmacct.net/
pmacct is a small set of passive network monitoring tools to measure, account, classify and aggregate IPv4 and IPv6 traffic; a pluggable and flexible architecture allows to store the collected traffic data into memory tables or SQL (MySQL, SQLite, PostgreSQL) databases. pmacct supports fully customizable historical data breakdown, flow sampling, filtering and tagging, recovery actions, and triggers. Libpcap, sFlow v2/v4/v5 and NetFlow v1/v5/v7/v8/v9 are supported, both unicast and multicast. Also, a client program makes it easy to export data to tools like RRDtool, GNUPlot, Net-SNMP, MRTG, and Cacti.
- Links to server:monitoring / pmacct
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:dirkmueller:Factory/pmacct && cd $_ - Create Badge
Refresh
Refresh
Source Files
| Filename | Size | Changed |
|---|---|---|
| nfacctd.conf | 0000000688 688 Bytes | |
| pmacct-1.7.8.tar.gz | 0002175335 2.07 MB | |
| pmacct.1 | 0000003869 3.78 KB | |
| pmacct.changes | 0000102879 100 KB | |
| pmacct.nfacctd.service | 0000000563 563 Bytes | |
| pmacct.nfacctd.sysconfig | 0000000193 193 Bytes | |
| pmacct.pmacctd.service | 0000000572 572 Bytes | |
| pmacct.pmacctd.sysconfig | 0000000285 285 Bytes | |
| pmacct.sfacctd.service | 0000000561 561 Bytes | |
| pmacct.sfacctd.sysconfig | 0000000193 193 Bytes | |
| pmacct.spec | 0000005457 5.33 KB | |
| pmacctd.conf | 0000000688 688 Bytes | |
| sfacctd.conf | 0000000688 688 Bytes |
Revision 2 (latest revision is 3)
Dirk Mueller (dirkmueller)
committed
(revision 2)
- update to 1.7.8:
+ Introduced support for eBPF for all daemons: if SO_REUSEPORT is
supported by the OS and eBPF support is compiled in, this allows
to load a custom load-balancer. To load-share, daemons have to
be part of the same cluster_name and each be configured with a
distinct cluster_id.
+ Introduced support for listening on VRF interfaces on Linux for
all daemons. The feature can be enabled via nfacctd_interface,
bgp_daemon_interface and equivalent knobs. Many thanks to
Marcel Menzel ( @WRMSRwasTaken ) for this contribution.
+ pre_tag_map: introduced limited tagging / labelling support for
BGP (pmbgpd), BMP (pmbmpd), Streaming Telemetry (pmtelemetryd)
daemons. ip, set_tag, set_label keys being currently supported.
+ pre_tag_map: defined a new pre_tag_label_encode_as_map config
knob to encode the output 'label' value as a map for JSON and
Apache Avro encodings, ie. in JSON "label": { "key1": "value1",
"key2": "value2" }. For keys and values to be correctly mapped,
the '%' delimiter is used when composing a pre_tag_map, ie.
"set_label=key1%value1,key2%value2 ip=0.0.0.0/0". Thanks to
Salvatore Cuzzilla ( @scuzzilla ) for this contribution.
+ pre_tag_map: introduced support for IP prefixes for src_net
and dst_net keys for indexed maps (maps_index set to true).
Indexing being an hash map, this feature currently tests data
against all defined IP prefix lenghts in the map for a match
(first defined matching prefix wins).
+ pre_tag_map: introduced two new 'is_nsel', 'is_nel' keys to
check for the presence of firewallEvent field (233) and
natEvent field (230) in NetFlow/IPFIX respectively in order
to infer whether data is NSEL / NEL. If set to 'true' this
does match NSEL / NEL data, if set to 'false' it does match
Comments 0