[netflow-tools] Flowd unable to use FIFO

Jason Dixon jason at dixongroup.net
Mon May 16 21:36:07 EST 2005


Forwarding to netflow-tools where it belongs...

I'm trying to get flowd to write to FIFO so I can read it in with a 
perl script and output to my choice of storage (file, db, etc).  The 
patch below from djm allows flowd to write to fifo, but Flowd.pm fails 
on init() with a "bad magic" error.

Thanks,
Jason

> From: Damien Miller <djm at mindrot.org>
> Date: May 16, 2005 2:42:59 AM EDT
> To: ports at openbsd.org
> Subject: Re: Netflow collector on OpenBSD
>
> Jason Dixon wrote:
>> I'm looking for a Netflow collector on OpenBSD that can dump to 
>> database.  I would prefer to use djm's flowd, but it doesn't support 
>> database output.  I've tried having it log to fifo for reading in 
>> with a Perl script, but it dies trying to perform a seek on startup:
>
> This is probably best taken to the flowd mailing list[1], but 
> interested
> users can try the attached patch.
>
> -d
>
> [1] http://www.mindrot.org/mailman/listinfo/netflow-tools
> ? build
> ? buildit.sh
> ? filter.day
> ? flowd.conf.test
> ? flowd.log
> ? flowd.log.v46
> ? flowd.pyc
> ? netflow-v9
> ? testwrite.py
> ? x.conf
> ? xxx.conf
> ? tools/stats.py
> ? tools/stats.pyc
> Index: flowd.c
> ===================================================================
> RCS file: /var/cvs/flowd/flowd.c,v
> retrieving revision 1.56
> diff -u -p -r1.56 flowd.c
> --- flowd.c	28 Apr 2005 09:02:58 -0000	1.56
> +++ flowd.c	16 May 2005 04:16:30 -0000
> @@ -121,9 +121,19 @@ start_log(int monitor_fd)
>  	int fd;
>  	off_t pos;
>  	char ebuf[512];
> +	struct stat sb;
>
>  	if ((fd = client_open_log(monitor_fd)) == -1)
>  		logerrx("Logfile open failed, exiting");
> +
> +	if (fstat(fd, &sb) == -1)
> +		logerr("log fstat");
> +
> +	/* Don't bother writing header to FIFOs */
> +	if (S_ISFIFO(sb.st_mode)) {
> +		logit(LOG_DEBUG, "logfile is FIFO, skipping header write");
> +		return (fd);
> +	}
>
>  	/* Only write out the header if we are at the start of the file */
>  	switch ((pos = lseek(fd, 0, SEEK_END))) {
> Index: privsep.c
> ===================================================================
> RCS file: /var/cvs/flowd/privsep.c,v
> retrieving revision 1.26
> diff -u -p -r1.26 privsep.c
> --- privsep.c	14 May 2005 06:04:18 -0000	1.26
> +++ privsep.c	16 May 2005 04:16:30 -0000
> @@ -712,12 +712,22 @@ static int
>  answer_open_log(struct flowd_config *conf, int client_fd)
>  {
>  	int fd;
> +	struct stat sb;
>
>  	logit(LOG_DEBUG, "%s: entering", __func__);
>
>  	fd = open(conf->log_file, O_RDWR|O_APPEND|O_CREAT, 0600);
>  	if (fd == -1) {
> -		logitm(LOG_ERR, "%s: open", __func__);
> +		logitm(LOG_ERR, "%s: open(%.100s)", __func__, conf->log_file);
> +		return (-1);
> +	}
> +	if (fstat(fd, &sb) == -1) {
> +		logitm(LOG_ERR, "%s: fstat(%.100s)", __func__, conf->log_file);
> +		return (-1);
> +	}
> +	if (!S_ISREG(sb.st_mode) && !S_ISFIFO(sb.st_mode)) {
> +		logit(LOG_ERR, "%s: log file \"%.100s\" is neither a regular "
> +		    "file nor a FIFO", __func__, conf->log_file);
>  		return (-1);
>  	}
>  	if (send_fd(client_fd, fd) == -1)
>

--
Jason Dixon
DixonGroup Consulting
http://www.dixongroup.net





More information about the netflow-tools mailing list