-
Notifications
You must be signed in to change notification settings - Fork 0
/
flowd.8.in
105 lines (105 loc) · 2.76 KB
/
flowd.8.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
.\" $Id$
.\"
.\" Copyright (c) 2004 Damien Miller <[email protected]>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd July 30, 2004
.Dt FLOWD 8
.Os
.Sh NAME
.Nm flowd
.Nd NetFlow collector daemon
.Sh SYNOPSIS
.Nm flowd
.Op Fl hdg
.Oo Fl D
.Ar macro Ns = Ns Ar value Oc
.Op Fl f Ar config_file
.Ar command
.Sh DESCRIPTION
.Nm
is a small NetFlow collector daemon capable of understanding Cisco NetFlow
version 1, version 5 and version 9 packet formats.
.Nm
supports filtering and tagging of received flows before they are stored on
disk, using a filter syntax similar to the OpenBSD PF packet filter.
The on-disk format is flexible in that it allows selection of which packet
fields are recorded, so logs may be made very compact.
.Pp
By default,
.Nm
will obtain its configuration from the
.Xr flowd.conf 5
file, which typically resides in
.Pa @CONFPATH@/flowd.conf .
However, a different configuration file may be specified on the commandline
using the
.Fl d
option.
.Pp
.Nm
may be terminated by sending it a
.Dv SIGTERM
signal.
Upon receipt of a
.Dv SIGUSR1
.Nm
will close and reopen its logfile.
This is useful for rotating logs.
When
.Nm
receives a
.Dv SIGHUP
it will re-read its configuration and re-open its logfile.
Some basic runtime statistics will be logged when
.Nm
is signalled with
.Dv SIGUSR2
or
.Dv SIGINFO .
.Pp
The command-line options are as follows:
.Bl -tag -width Ds
.It Fl D Ar macro Ns = Ns Ar value
defines the name macro, which can then be used later in the config file.
Refer to the
.Cm MACROS
section in
.Xr flowd.conf 5
for more information on the use of macros.
.It Fl d
Places
.Nm
in debugging mode.
In this mode,
.Nm
will not fork to the background and will print verbose diagnostics, including
details of each flow received.
.It Fl g
Causes
.Nm
not to fork and background itself.
Logging will be reported to stderr instead of syslog.
.It Fl f Ar config_file
Specify an alternate location for the configuration file
Default is
.Pa @CONFPATH@/flowd.conf
.It Fl h
Displays commandline usage information.
.El
.Sh AUTHORS
Damien Miller <[email protected]>
.Sh SEE ALSO
.Xr flowd-reader 8
.Xr flowd.conf 5