Add ./tarball_archive/mon-2.3.tar.gz

mon/CHANGELOG

@@ -0,0 +1,104 @@
+31/08/2002 - 2.3
+
+    Makefiles, mon/mon.c: 
+     - Environment variable KVM will enable the building of a setgid kmem
+       version of the monitor. If this environment variable is not present, a
+       non priviledged monitor will be built. (Note that all kvm dependant
+       modules will fail during operation)
+
+       After today's changes, only the io probe needs kvm.
+
+    mon/if.c:
+     - obtain ifdata as per h1kari's suggestion.
+
+    mon/pf.c: 
+     - global naming in sync with other probes
+     - repeated initialisation would eat up fds
+
+    Jan Sipke van der Veen
+     - version number inconcistencies (main pkg/syslog)
+
+    Daniel Hartmeier
+     - shmat usage in monmux/share.c != 64 bit safe
+     - some cpp macros missed precendence parenthesis
+
+
+29/08/2002 - 2.2
+
+    Merged contributions by Daniel Hartmeier:
+     - cpu probe had a nasty va_arg bug that only showed up on big-endian
+       machines.
+    
+29/08/2002 - 2.1
+
+    Merged contributions by Daniel Hartmeier:
+     - pf probe
+     - changes to make mon compile on macppc and sparc64
+
+28/08/2002 - released 2.0
+
+    monitoring behaviour (mon) separated from storage/forwarding (monmux) and
+    picture display (mon2web). Only mon has to run with kmem priviledges
+    because of the if and io probes. Although the entire package was built with
+    portability to other OpenBSD architectures in mind, it was never tested.
+
+==== unreleased ====
+
+25/07/2002 - rewrite stringptr functions in monmux to snprintf ones
+           - package it for openbsd
+           - added a crc32 algorithm in netmon and netmux
+           - added DEBUG handling in Makefiles
+           - removed a bug in monmux that made it reprocess already processed data.
+
+22/06/2002 - added shared code, upgraded networking code
+
+04/04/2002 - changed mon/monmux.conf format
+	     written manual pages
+             look at mon/cpu.c/percentages, give appropriate people credits.
+
+01/04/2002 - changed all memsets into bzero
+             all output messages have the same format now
+             write pids in /var/run 
+             SIGHUP = reload configuration
+
+31/03/2002 - cleaned up source
+
+             added error reporting routines. 
+
+29/03/2002 - mon and monmux no use monpacket to communicate with each
+             other. This format defines: version, lenght and crc of the traffic
+             exchanged.
+
+             mon no longer connects. monmux and mon can be started and stopped
+             independently.
+
+             monmux now checks if incoming traffic is allowed from a certain host.             
+
+             added rrd write support to monmux
+
+             made c_monrrds.sh determine what files to build from environment
+
+             got mon2web up to date with mon1. changed interface layout to
+             have output as a negative area - i'm not finished with this.
+
+22/03/2002 - Added get/set preamble, still tinkering with those s(u)(n)pack
+             functions. Added one that translates it into text.
+
+06/01/2002 - Removed init and get functions from the monlib. (init functions
+             were also required in non-mon applications, not like it is
+             supposed to be :)
+
+             Next step is to rewrite the get functions into using the pack
+             function.
+
+05/01/2002 - Wrote spack and sunpack; endianess agnostic values to bytestream
+             (and back) functions. The packet format has almost been defined
+             now.
+
+24/11/2001 - Rewrote lib to KNF, OpCodes removed
+03/11/2001 - Added datatypes and rewrote readconf to use SLISTs.
+01/10/2001 - Mon configuration is read from a mon.conf. 
+29/09/2001 - Lexer had trouble dealing with ip-addresses. Cleaned up the number	
+             parsing code and removed a second comment reader.
+
+$Id: CHANGELOG,v 1.1 2002/08/31 15:54:57 dijkstra Exp $

mon/INSTALL

@@ -27,6 +27,9 @@ Slightly less quick but with pretty pictures
      + SHRDIR = Where are the example configurations to be installed. Defaults
                 to 'share/mon'.
 
+- Decide if you want to monitor disk usage. Define KVM as an environment
+  variable before you run make if you do.
+
 - Run make && make install
 
 - Create an '/etc/mon.conf'. Note that there is an example configuration in
@@ -55,7 +58,7 @@ Installing mon on many machines
   cd ~mon/ports/mon
   make package
 - The binary package can be found at 
-  /usr/ports/packages/<arch>/All/mon-2.0.tgz
+  /usr/ports/packages/<arch>/All/mon-version.tgz
 
 - You can transfer the resulting package to many machines and install it by
   pkg_add it.
@@ -66,5 +69,5 @@ mon2web run on POSIX compliant unixes, but the monitoring application itself
 
 Willem Dijkstra <wpd@xs4all.nl>
 
-$Id: INSTALL,v 1.2 2002/08/29 19:37:38 dijkstra Exp $
+$Id: INSTALL,v 1.3 2002/08/31 15:54:57 dijkstra Exp $
 

mon/Makefile

@@ -1,7 +1,7 @@
-# $Id: Makefile,v 1.5 2002/08/29 19:37:38 dijkstra Exp $
+# $Id: Makefile,v 1.6 2002/08/31 15:54:57 dijkstra Exp $
 
 SUBDIR=	lib mon monmux 
-V=2.2
+V=2.3
 
 .if make(clean)
 SUBDIR+= ports/mon
@@ -18,7 +18,7 @@ dist: clean
 	@workdir=`basename ${.CURDIR}`; \
 	cd ..; \
 	echo Exporting mon-${V}.tar.gz; \
-	find $${workdir} -type f -print | egrep -v 'CVS|doc|clients|README|TODO|regress|#'| \
+	find $${workdir} -type f -print | egrep -v 'CVS|doc|clients|README|regress|#'| \
 		tar -czvf mon-${V}.tar.gz -I -
 
 

mon/Makefile.inc

@@ -1,4 +1,4 @@
-# $Id: Makefile.inc,v 1.2 2002/07/25 09:51:41 dijkstra Exp $
+# $Id: Makefile.inc,v 1.3 2002/08/31 14:59:57 dijkstra Exp $
 
 AR=	ar
 CC=	cc
@@ -7,6 +7,9 @@ CFLAGS= -g -Wall
 .else
 CFLAGS= -O2 -Wall
 .endif
+.ifdef KVM
+CFLAGS+=-DMON_KVM
+.endif
 INSTALL=install
 LORDER=	lorder
 NROFF=	nroff

mon/TODO

@@ -0,0 +1,17 @@
+TODO:
+
+== current problems / short term
+- rework sending struct
+- rework port makefile, current version contains both (mon|monmux) on a host
+  and that does not make sense for a probe only host. flavors should be
+  default, kvm, no-pf (3.1 and up dep)
+- add pf graphs
+- rework io to use sysctl
+(- build sysctl to get disk structure)
+
+== longer term
+- change rrd to accommodate batch updates
+- write a muxer that supports unix pipes
+- write a client that drives a crystal fontz lcd
+
+$Id: TODO,v 1.15 2002/08/31 16:18:09 dijkstra Exp $

mon/lib/data.h

@@ -1,4 +1,4 @@
-/* $Id: data.h,v 1.13 2002/08/29 19:38:52 dijkstra Exp $ */
+/* $Id: data.h,v 1.14 2002/08/31 16:09:55 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -52,8 +52,8 @@
 #define MON_CRCPOLY  0x04c11db7
 
 #if BYTE_ORDER == BIG_ENDIAN
-#define htonq(n) n
-#define ntohq(n) n
+#define htonq(n) (n)
+#define ntohq(n) (n)
 #else
 static inline u_int64_t
 htonq (u_int64_t v)

mon/mon/Makefile

@@ -1,10 +1,13 @@
-# $Id: Makefile,v 1.23 2002/08/29 19:38:53 dijkstra Exp $
+# $Id: Makefile,v 1.24 2002/08/31 15:00:25 dijkstra Exp $
 .include "../Makefile.inc"
 
-SRCS=	mon.c cpu.c mem.c if.c io.c pf.c readconf.c monnet.c
+LIBS=	-L../lib -lmon
+SRCS=	mon.c cpu.c mem.c if.c pf.c readconf.c monnet.c io.c
+.ifdef KVM
+LIBS+=	-lkvm
+.endif
 OBJS+=	${SRCS:R:S/$/.o/g}
-LIBS=  -lkvm -L../lib -lmon
-CFLAGS+=-DMON_KVM -DNET_INET6 -I../lib
+CFLAGS+=-DNET_INET6 -I../lib
 
 all: mon mon.cat8
 
@@ -18,7 +21,11 @@ clean:
 	rm -f mon mon.cat8 ${OBJS}
 
 install: mon mon.cat8 mon.conf
+.ifdef KVM
 	${INSTALL} -c -m 2555 -g kmem  -o root mon      ${PREFIX}/${BINDIR}
+.else
+	${INSTALL} -c -m 555  -g wheel -o root mon      ${PREFIX}/${BINDIR}
+.endif
 	${INSTALL} -c -m 444  -g wheel -o root mon.cat8 ${PREFIX}/${MANDIR}/cat8/mon.0
 	${INSTALL} -d -m 555  -g bin   -o root ${PREFIX}/${SHRDIR}
 	${INSTALL} -c -m 444  -g bin   -o root mon.conf ${PREFIX}/${SHRDIR}

mon/mon/if.c

@@ -1,4 +1,4 @@
-/* $Id: if.c,v 1.4 2002/08/09 08:21:31 dijkstra Exp $ */
+/* $Id: if.c,v 1.5 2002/08/31 15:01:04 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -33,19 +33,15 @@
 /*
  * Get current interface statistics from kernel and return them in mon_buf as
  *
- * ipackets : opackets : ibytes : obytes : imcasts : omcasts : ierrors : oerrors : colls : drops
- *
- * This module uses the kvm interface to read kernel values directly. It needs
- * a valid kvm handle and will only work if this has been obtained by someone
- * belonging to group kmem. Note that these priviledges (sgid kmem) can be
- * dropped right after the handle has been obtained.  
+ * ipackets : opackets : ibytes : obytes : imcasts : omcasts : ierrors :
+ * oerrors : colls : drops
  * 
- * Re-entrant code: globals are used to speedup calculations for all interfaces.
  */
 
 #include <sys/types.h>
-#include <sys/protosw.h>
+#include <sys/ioctl.h>
 #include <sys/socket.h>
+#include <sys/sockio.h>
 
 #include <net/if.h>
 #include <net/if_dl.h>
@@ -59,34 +55,23 @@
 #include <netiso/iso.h>
 #include <netiso/iso_var.h>
 
-#include <string.h>
+#include <errno.h>
 #include <limits.h>
+#include <string.h>
 
 #include "error.h"
 #include "mon.h"
 
 /* Globals for this module start with if_ */
-struct ifnet if_ifnet;
-size_t if_size_ifnet;
-struct ifnet_head if_ifhead;   
-size_t if_size_ifhead;
-union {
-    struct ifaddr   ifa;
-    struct in_ifaddr in;
-    struct in6_ifaddr in6;
-    struct ns_ifaddr ns;
-    struct ipx_ifaddr ipx;
-    struct iso_ifaddr iso;
-} if_ifaddr;
-size_t if_size_ifaddr;
-char if_name[IFNAMSIZ];
+int if_s = -1;
 /* Prepare if module for first use */
 void 
 init_if(char *s) 
 {
-    if_size_ifnet = sizeof if_ifnet;
-    if_size_ifhead = sizeof if_ifhead;
-    if_size_ifaddr = sizeof if_ifaddr;
+    if (if_s == -1)
+	if ((if_s = socket(AF_INET, SOCK_DGRAM, 0)) < 0)
+	    fatal("%s:%d: socket failed, %.200", 
+		  __FILE__, __LINE__, strerror(errno));
 
     info("started module if(%s)", s);
 }
@@ -94,36 +79,29 @@ init_if(char *s)
 int 
 get_if(char *mon_buf, int maxlen, char *interface) 
 {
-    u_long ifnetptr;
+    struct ifreq ifr;
+    struct if_data ifdata;
 
-    ifnetptr = mon_nl[MON_IFNET].n_value;
-    if (ifnetptr == 0)
-	fatal("%s:%d: ifnet = symbol not defined", __FILE__, __LINE__);
-
-    /* obtain first ifnet structure in kernel memory */
-    if (kread(ifnetptr, (char *) &if_ifhead, if_size_ifhead)) {
-	warning("if(%s) failed", interface);
+    strncpy(ifr.ifr_name, interface, IFNAMSIZ-1);
+    ifr.ifr_name[IFNAMSIZ - 1] = '\0';
+    ifr.ifr_data = (caddr_t)&ifdata;
+    
+    if (ioctl(if_s, SIOCGIFDATA, &ifr)) {
+	warning("if(%s) failed (ioctl error)", interface);
 	return 0;
     }
-
-    ifnetptr = (u_long) if_ifhead.tqh_first;
-  
-    while (ifnetptr) {
-	kread(ifnetptr, (char *) &if_ifnet, if_size_ifnet);
-	bcopy(if_ifnet.if_xname, (char *) &if_name, IFNAMSIZ);
-	if_name[IFNAMSIZ - 1] = '\0';
-	ifnetptr = (u_long) if_ifnet.if_list.tqe_next;
-
-	if (interface != 0 && strncmp(if_name, interface, IFNAMSIZ) == 0) {
-	    return snpack(mon_buf, maxlen, interface, MT_IF,
-		      if_ifnet.if_ipackets, if_ifnet.if_opackets, 
-		      if_ifnet.if_ibytes, if_ifnet.if_obytes, 
-		      if_ifnet.if_imcasts, if_ifnet.if_omcasts, 
-		      if_ifnet.if_ierrors, if_ifnet.if_oerrors, 
-		      if_ifnet.if_collisions, if_ifnet.if_iqdrops);
-	}
-    }
-
-    return 0;
+    
+    return snpack(mon_buf, maxlen, interface, MT_IF,
+		  ifdata.ifi_ipackets, 
+		  ifdata.ifi_opackets, 
+		  ifdata.ifi_ibytes, 
+		  ifdata.ifi_obytes, 
+		  ifdata.ifi_imcasts, 
+		  ifdata.ifi_omcasts, 
+		  ifdata.ifi_ierrors, 
+		  ifdata.ifi_oerrors, 
+		  ifdata.ifi_collisions, 
+		  ifdata.ifi_iqdrops);
 }
 
+

mon/mon/io.c

@@ -1,4 +1,4 @@
-/* $Id: io.c,v 1.4 2002/08/09 08:21:31 dijkstra Exp $ */
+/* $Id: io.c,v 1.5 2002/08/31 15:00:25 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -71,12 +71,9 @@ init_io(char *s)
 int 
 get_io(char *mon_buf, int maxlen, char *disk) 
 {
+#ifdef MON_KVM
     u_long diskptr;
 
-    diskptr = mon_nl[MON_DL].n_value;
-    if (diskptr == 0)
-	fatal("%s:%d: dl = symbol not defined", __FILE__, __LINE__);
-
     /* obtain first disk structure in kernel memory */
     if (kread(mon_nl[MON_DL].n_value, (char *) &io_dihead, io_size_dihead)) {
 	warning("io(%s) failed", disk);
@@ -102,5 +99,9 @@ get_io(char *mon_buf, int maxlen, char *disk)
     }
 
     return 0;
+#else
+    warning("io(%s) requires kvm support which was disabled at compile time", disk);
+    return 0;
+#endif
 }
 

mon/mon/mon.8

@@ -54,9 +54,17 @@ should live on a different system and collect data from several
 instances in a LAN. 
 .Lp
 .Nm
-needs
+priviledge needs depend on the probes used. The cpu, mem and interface probes will work even when mon runs as 
+.Ar "nobody" . 
+For pf, read and write access to 
+.Pa /dev/pf
+is needed, so 
+.Nm 
+will have to run as
+.Ar "root".
+Only the io probe requires 
 .Ar kmem
-priviledges in order to obtain it's data.
+priviledges. All other probes use ioctls and sysctls to obtain their data.
 .Lp
 The options:
 .Bl -tag -width Ds
@@ -80,7 +88,7 @@ Multiple monitor statements to different muxes are allowed. Whitespace, newlines
 .nf
 monitor-rule = "monitor" "{" resources "}" "stream" ["to"] host [ port ]
 resources    = resource ["(" argument ")"] [ ","|" " resources ]
-resource     = "cpu" | "mem" | "if" | "io"
+resource     = "cpu" | "mem" | "if" | "io" | "pf"
 host         = ip4addr | hostname
 port         = [ "port" | ":" | "," ] portnumber
 argument     = number | interfacename | diskname
@@ -88,11 +96,11 @@ argument     = number | interfacename | diskname
 .Sh EXAMPLE
 Here is an example 
 .Ar mon.conf
-that monitors cpu, memory, interfaces xl0/de0/lo0/wi0, disks wd[0-3]/cd[0-1]
+that monitors cpu, memory, pf, interfaces xl0/de0/lo0/wi0, disks wd[0-3]/cd[0-1]
 and streams that information to localhost on port 2100.
 .Pp
 .nf
-monitor { cpu(0),  mem,     if(xl0), if(de0),
+monitor { cpu(0),  mem, pf, if(xl0), if(de0),
           if(lo0), if(wi0), io(wd0), io(wd1), 
           io(wd2), io(wd3), io(cd0), io(cd1), 
           io(ccd0)} stream to 127.0.0.1 2100
@@ -126,7 +134,8 @@ does not check whether resources mentioned in
 .Pa /etc/mon.conf
 exist. 
 .Sh AUTHOR
-Willem Dijkstra <wpd@xs4all.nl>
+Willem Dijkstra <wpd@xs4all.nl>. Daniel Hartmeier <daniel@benzedrine.cx>
+contributed the pf probe and helped to port to big-endian architectures.
 .Sh SEE ALSO
 .Xr monmux 8 
  

mon/mon/mon.c

@@ -1,4 +1,4 @@
-/* $Id: mon.c,v 1.20 2002/08/29 19:38:53 dijkstra Exp $ */
+/* $Id: mon.c,v 1.22 2002/08/31 16:09:55 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -60,8 +60,7 @@ int flag_hup = 0;
 #ifdef MON_KVM
 kvm_t *kvmd;
 struct nlist mon_nl[] = {
-    {"_ifnet"},      /* MON_IFNET = 0  (mon.h)*/
-    {"_disklist"},   /* MON_DL    = 1  (mon.h)*/
+    {"_disklist"},   /* MON_DL    = 0  (mon.h)*/
     {""},
 };
 /* Read kernel memory */
@@ -73,10 +72,17 @@ kread(u_long addr, char *buf, int size)
 	return 1;
     }
 
-    return (0);
+    return 0;
 }
-#endif /* MON_KVM */
+#else /* MON_KVM */
+int 
+kread(u_long addr, char *buf, int size)
+{
+    warning("kvm_read not compiled in, calling probe will signal failure");
 
+    return 0;
+}
+#endif
 /* map stream types to inits and getters */
 struct funcmap streamfunc[] = {
     {MT_IO,  init_io,  get_io},
@@ -125,9 +131,9 @@ main(int argc, char *argv[])
     struct itimerval alarminterval;
     struct stream *stream;
     struct mux *mux;
-    char mon_buf[_POSIX2_LINE_MAX];
     FILE *f;
 #ifdef MON_KVM
+    char mon_buf[_POSIX2_LINE_MAX];
     char *nlistf = NULL, *memf = NULL;
 #endif
     int ch;

mon/mon/mon.h

@@ -1,4 +1,4 @@
-/* $Id: mon.h,v 1.15 2002/08/29 19:38:53 dijkstra Exp $ */
+/* $Id: mon.h,v 1.16 2002/08/31 15:00:25 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -35,15 +35,17 @@
 
 #include <sys/queue.h>
 
+#ifdef MON_KVM
 #include <kvm.h>
 #include <nlist.h>
+#endif
 
 #include "lex.h"
 #include "data.h"
 
 #define MON_CONFIG_FILE "/etc/mon.conf"
 #define MON_PID_FILE    "/var/run/mon.pid"
-#define MON_VERSION     "2.0"
+#define MON_VERSION     "2.3"
 #define MON_INTERVAL 5                           /* measurement interval */
 #define MON_WARN_SENDERR 50                      /* warn every x errors */
 
@@ -51,8 +53,7 @@
 #ifdef MON_KVM
 extern kvm_t *kvmd;
 extern struct nlist mon_nl[];
-#define MON_IFNET 0
-#define MON_DL    1
+#define MON_DL    0
 #endif /* MON_KVM */
 
 struct funcmap {
@@ -67,7 +68,12 @@ extern struct funcmap streamfunc[];
 __BEGIN_DECLS
 #ifdef MON_KVM
 extern int kread(u_long, char *, int);
-#endif 
+#else
+extern int kread(u_long, char *, int); /* This is a stub that reports an error
+					  when called. I included it so as not
+					  to miss any stuff when the time has
+					  come to rip all MON_KVM stuff out */
+#endif
 
 /* cpu.c */
 extern void init_cpu(char *);

mon/mon/pf.c

@@ -1,4 +1,4 @@
-/* $Id: pf.c,v 1.1 2002/08/29 19:42:32 dijkstra Exp $ */
+/* $Id: pf.c,v 1.2 2002/08/31 15:02:10 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2002 Daniel Hartmeier
@@ -30,40 +30,59 @@
  *
  */
 
+/*
+ * Get current pf statistics and return them in mon_buf as 
+ *
+ *   bytes_v4_in : bytes_v4_out : bytes_v6_in : bytes_v6_out :
+ *   packets_v4_in_pass : * packets_v4_in_drop : packets_v4_out_pass :
+ *   packets_v4_out_drop : * packets_v6_in_pass : packets_v6_in_drop :
+ *   packets_v6_out_pass : * packets_v6_out_drop : states_entries :
+ *   states_searches : states_inserts : * states_removals : counters_match :
+ *   counters_badoffset : counters_fragment : * counters_short :
+ *   counters_normalize : counters_memory 
+ *
+ */
 #include <sys/types.h>
 #include <sys/ioctl.h>
 #include <sys/socket.h>
+
 #include <netinet/in.h>
 #include <net/if.h>
 #include <net/pfvar.h>
+#include <errno.h>
 #include <fcntl.h>
+#include <string.h>
 
 #include "error.h"
 #include "mon.h"
 
-static int dev = -1;
+/* Globals for this module start with pf_ */
+static int pf_dev = -1;
 
+/* Prepare if module for first use */
 void
 init_pf(char *s)
 {
-    dev = open("/dev/pf", O_RDWR);
-    if (dev == -1)
-	fatal("%s:%d: open(\"/dev/pf\") failed", __FILE__, __LINE__);
+    if (pf_dev == -1)
+	if ((pf_dev = open("/dev/pf", O_RDWR)) == -1)
+	    fatal("%s:%d: open(\"/dev/pf\") failed, %.200s", 
+		  __FILE__, __LINE__, strerror(errno));
+
     info("started module pf(%s)", s);
 }
-
+/* Get pf statistics */
 int
 get_pf(char *mon_buf, int maxlen, char *arg)
 {
     struct pf_status s;
     u_int64_t n;
     
-    if (dev == -1) {
+    if (pf_dev == -1) {
 	warning("pf(%s) failed (dev == -1)", arg);
 	return 0;
     }
     
-    if (ioctl(dev, DIOCGETSTATUS, &s)) {
+    if (ioctl(pf_dev, DIOCGETSTATUS, &s)) {
 	warning("pf(%s) failed (ioctl error)", arg);
 	return 0;
     }

mon/monmux/c_monrrds.sh

@@ -1,5 +1,5 @@
 #!/bin/sh
-# $Id: c_monrrds.sh,v 1.9 2002/08/29 19:38:56 dijkstra Exp $
+# $Id: c_monrrds.sh,v 1.10 2002/08/31 16:09:55 dijkstra Exp $
 
 #
 # Copyright (c) 2001-2002 Willem Dijkstra
@@ -191,7 +191,7 @@ io_*.rrd)
     # Default match
     cat <<EOF
 Usage: $0 all
-       $0 cpu0|mem|<if>|<io>
+       $0 cpu0|mem|pf|<if>|<io>
 
 Where:
 if=	`echo $INTERFACES|

mon/monmux/monmux.8

@@ -99,7 +99,7 @@ source-stmt  = "source" host "{" accept-stmts write-stmts "}"
 accept-stmts = accept-stmt [accept-stmts]
 accept-stmt  = "accept" "{" resources "}"
 resources    = resource ["(" argument ")"] [ ","|" " resources ]
-resource     = "cpu" | "mem" | "if" | "io"
+resource     = "cpu" | "mem" | "if" | "io" | "pf"
 argument     = number | interfacename | diskname
 write-stmts  = write-stmt [write-stmts]
 write-stmt   = "write" resource "in" filename
@@ -116,7 +116,7 @@ traffic) and the tcp port for incoming listeners.
 .Sh EXAMPLE
 Here is an example 
 .Ar monmux.conf
-that listens to udp port 2100 on lo0, and accepts cpu, memory, interfaces
+that listens to udp port 2100 on lo0, and accepts cpu, memory, pf, interfaces
 xl0/de0/lo0/wi0, disks wd[0-3]/cd[0-1] streams from a
 .Xr mon 8
 on localhost. 
@@ -126,7 +126,7 @@ will also listen on tcp port 2100 for incoming listeners.
 .nf
 mux 127.0.0.1:2100
 source 127.0.0.1 {
-    accept { cpu(0), mem, 
+    accept { cpu(0), mem, pf,
              if(xl0), if(de0),
              if(lo0), if(wi0), 
              io(wd0), io(wd1), io(wd2), 
@@ -134,6 +134,7 @@ source 127.0.0.1 {
 
     write cpu(0)   in "/export/mon/localhost/cpu0.rrd"
     write mem      in "/export/mon/localhost/mem.rrd"
+    write pf       in "/export/mon/localhost/pf.rrd"
 
     write if(xl0)  in "/export/mon/localhost/if_xl0.rrd"
     write if(de0)  in "/export/mon/localhost/if_de0.rrd"
@@ -182,7 +183,7 @@ The format is
 :
 .Va mon-host-ip
 :
-.Va io|if|cpu|mem
+.Va io|if|cpu|mem|pf
 :
 .Va stream-argument
 :
@@ -206,6 +207,14 @@ bit unsigned integers internally.
 .It io
 Io/disk counters (total transfers, total seeks, total bytes). Values are 64 bit
 unsigned integers internally.
+.It pf
+Packet filter statistics ( bytes_v4_in : bytes_v4_out : bytes_v6_in :
+bytes_v6_out : packets_v4_in_pass : packets_v4_in_drop : packets_v4_out_pass :
+packets_v4_out_drop : packets_v6_in_pass : packets_v6_in_drop :
+packets_v6_out_pass : packets_v6_out_drop : states_entries : states_searches :
+states_inserts : states_removals : counters_match : counters_badoffset :
+counters_fragment : counters_short : counters_normalize : counters_memory
+). Values are 64 bit unsigned integers internally.
 .El
 .Sh SIGNALS
 .Bl -tag -width Ds
@@ -241,7 +250,7 @@ to lockup while rrdupdate is updating the rrd file.
 .Nm
 will be unresponsive during this process. 
 .Sh AUTHOR
-Willem Dijkstra <wpd@xs4all.nl>
+Willem Dijkstra <wpd@xs4all.nl>. Daniel Hartmeier <daniel@benzedrine.cx>
+contributed the pf probe and helped to port to big-endian architectures.
 .Sh SEE ALSO
 .Xr mon 8 
- 

mon/monmux/monmux.h

@@ -1,4 +1,4 @@
-/* $Id: monmux.h,v 1.10 2002/08/09 08:23:39 dijkstra Exp $ */
+/* $Id: monmux.h,v 1.11 2002/08/31 16:09:55 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -35,7 +35,7 @@
 
 #define MONMUX_CONFIG_FILE "/etc/monmux.conf"
 #define MONMUX_PID_FILE "/var/run/monmux.pid"
-#define MONMUX_VERSION "2.0"
+#define MONMUX_VERSION "2.3"
 
 /* Amount of connections allowed in listen backlog 
  * - note that more than 128 makes no sense in OpenBSD

mon/monmux/muxnet.h

@@ -1,4 +1,4 @@
-/* $Id: muxnet.h,v 1.3 2002/06/21 12:24:21 dijkstra Exp $ */
+/* $Id: muxnet.h,v 1.4 2002/08/31 16:09:55 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -35,6 +35,7 @@
 
 #include "data.h"
 
+/* Rewrite an ipadress uint32_t as 4 comma seperated bytes */
 #define IPAS4BYTES(x) \
         ((x) >> 24), ((x) >> 16) & 0xff, ((x) >> 8) & 0xff, (x) & 0xff
 

mon/monmux/share.c

@@ -1,4 +1,4 @@
-/* $Id: share.c,v 1.7 2002/08/29 05:38:39 dijkstra Exp $ */
+/* $Id: share.c,v 1.8 2002/08/31 16:09:56 dijkstra Exp $ */
 
 /*
  * Copyright (c) 2001-2002 Willem Dijkstra
@@ -271,7 +271,7 @@ initshare(int bufsize)
     
     shmstat = SIPC_KEYED;
 
-    if ((int)(shm = (struct sharedregion *)shmat(shmid, 0, 0)) < 0)
+    if ((shm = (struct sharedregion *)shmat(shmid, 0, 0)) == (void *)(-1))
 	fatal("Could not attach shared memory");
 
     shmstat = SIPC_ATTACHED;

mon/ports/mon/Makefile

@@ -2,8 +2,8 @@
 
 COMMENT=		"active monitoring tool"
 
-DISTNAME=		mon-2.1
-PKGNAME=		mon-2.1
+DISTNAME=		mon-2.3
+PKGNAME=		mon-2.3
 CATEGORIES=		net sysutils
 NEED_VERSION=		1.502