URL: https://www.opennet.me/cgi-bin/openforum/vsluhboard.cgi
Форум: vsluhforumID1
Нить номер: 23799
[ Назад ]
Исходное сообщение
"IPA"
Отправлено Kosta , 05-Дек-02 10:17 
Pomogite pozalujsta kto mozet..IPA rabotala.. perepisal ipfw rules i peredelal ipa.conf.. teper IPA prosto ne zapuskajetsia..prichem vse novije konfiguracii pravilni..mozet jest' kakoj kliuch otladki? v Manuale nicego:( nikakih logov, nicego:(vot moj ipa.conf:
global {
update_db_time = 1m 30s

maxchunk = 1G
}

rule lan {
ipfw = 100 100.1 100.2 100.3 200 200.1 200.2 200.3 200.4 200.5 200.6 200.7 500 500.1 800 800.1 800.2 800.3 1400 \
1400.1 1400.2 1400.3 1500 1500.1 1500.2 1500.3 1600 1600.1 1600.2 1600.3 1900 1900.1 1900.2 1900.3 2000 2000.1 \
2000.2 2000.3
info = total in/out
}

rule cs_in/out {
ipfw = 1900 1900.1 1900.2 1900.3
info = cs in/out
}

rule http_in/out {
ipfw = 1400 1400.1 1400.2 1400.3 2000 2000.1 2000.2 2000.3 1500 1500.1 1500.2 1500.3
info = http in/out
}

rule lan_in {
ipfw = 100 100.1 200 200.1 200.4 200.5 500 800 800.1 1400 1400.1 1500 1500.1 1600 1600.1 1700 1700.1 1900 1900.1 \
2000 2000.1
info = total in
}

rule lan_out {
ipfw = 100.2 100.3 200.2 200.3 200.6 200.7 500.1 800.2 800.3 1400.2 1400.3 1500.2 1500.3 1600.2 1600.3 1700.2 1700.3 \
1900.2 1900.3 2000.2 2000.3
info = total out
}
rule cs_in {
ipfw = 1900 1900.1
info = cs in
}

rule cs_out {
ipfw = 1900.2 1900.3
info = cs out
}

rule http_in {
ipfw = 1400 1400.1 1500 1500.1 2000 2000.1 1600 1600.1
info = http in
}

rule http_out {
ipfw = 1400.2 1400.3 1500.2 1500.3 1600.2 1600.3 2000.2 2000.3
info = http out
}

Содержание
Сообщения в этом обсуждении
"add IPA"
Отправлено Kosta , 05-Дек-02 10:36 
Prichem:
# ipastat -a
+------+--------------+
| Rule | Info         |
+------+--------------+
| lan  | total in/out |
+------+--------------+
* 1 rule *
rolsera# ipastat -R lan
+---------------------+---------------------+
| From                | To                  |
+---------------------+---------------------+
| 2002.12.01/00:00:00 | 2002.12.31/24:00:00 |
+---------------------+---------------------+

+------+--------------+-------+--------+
| Rule | Info         | Bytes | Mbytes |
+------+--------------+-------+--------+
| lan  | total in/out |     0 |      0 |
+------+--------------+-------+--------+
rolsera# ipa -k kill
ipa: file /var/run/ipa.pid is not locked, do not send any signals
tojest ona ne rabotajet....

"jesio infa"
Отправлено Kosta , 05-Дек-02 10:57 
prichem #ipa -t vse ok, parse prohodit bez oshibok..znachit .conf ok..nu togda gde problema? nu ne zapuskajetsia IPA i vse:(
"RE: jesio infa"
Отправлено LinaS , 05-Дек-02 11:16 
>prichem #ipa -t vse ok, parse prohodit bez oshibok..znachit .conf ok..nu togda
>gde problema? nu ne zapuskajetsia IPA i vse:(

а в логе что?
или лог не пишешь?

тогда в syslog.conf
добавь типа
!ipa
*.*     /var/log/ipa.log

touch /var/log/ipa.log
killall -HUP syslogd

запускай ipa и смотри в лог...

"RE: jesio infa"
Отправлено Kosta , 05-Дек-02 11:26 
Dec  5 10:25:46 rolsera ipa[20957]: creating rule directory /var/ipa/cs_in/out
Dec  5 10:25:46 rolsera ipa[20957]: mkdir(/var/ipa/cs_in/out, 0500): No such file or directory
Dec  5 10:25:46 rolsera ipa[20957]: abnormal termination
"RE: jesio infa"
Отправлено Kosta , 05-Дек-02 11:28 
rolsera# cd /var/ipa
rolsera# ls
## lock ##      lan
rolsera# ls -l
total 2
-r--r--r--  1 root  wheel    0 Dec  5 08:37 ## lock ##
dr-x------  3 root  wheel  512 Dec  5 08:37 lan
a polnij log:
Dec  5 10:25:46 rolsera ipa[20957]: ------------------------------------------------
Dec  5 10:25:46 rolsera ipa[20957]: IPA: version 1.2.9 started by UID 0 GID 0
Dec  5 10:25:46 rolsera ipa[20957]: current umask is 0227
Dec  5 10:25:46 rolsera ipa[20957]: use configuration file /usr/local/etc/ipa.conf, parsing...
Dec  5 10:25:46 rolsera ipa[20957]: file /usr/local/etc/ipa.conf is readable by group and/or other users
Dec  5 10:25:46 rolsera ipa[20957]: loaded 9 accounting rules
Dec  5 10:25:46 rolsera ipa[20957]: creating rule directory /var/ipa/cs_in/out
Dec  5 10:25:46 rolsera ipa[20957]: mkdir(/var/ipa/cs_in/out, 0500): No such file or directory
Dec  5 10:25:46 rolsera ipa[20957]: abnormal termination
"RE: jesio infa"
Отправлено LinaS , 05-Дек-02 11:39 
>rolsera# cd /var/ipa
>rolsera# ls
>## lock ##      lan
>rolsera# ls -l
>total 2
>-r--r--r--  1 root  wheel    0 Dec  
>5 08:37 ## lock ##
>dr-x------  3 root  wheel  512 Dec  5 08:37
>lan
> a polnij log:
>Dec  5 10:25:46 rolsera ipa[20957]: ------------------------------------------------
>Dec  5 10:25:46 rolsera ipa[20957]: IPA: version 1.2.9 started by UID
>0 GID 0
>Dec  5 10:25:46 rolsera ipa[20957]: current umask is 0227
>Dec  5 10:25:46 rolsera ipa[20957]: use configuration file /usr/local/etc/ipa.conf, parsing...
>Dec  5 10:25:46 rolsera ipa[20957]: file /usr/local/etc/ipa.conf is readable by group
>and/or other users
>Dec  5 10:25:46 rolsera ipa[20957]: loaded 9 accounting rules
>Dec  5 10:25:46 rolsera ipa[20957]: creating rule directory /var/ipa/cs_in/out
>Dec  5 10:25:46 rolsera ipa[20957]: mkdir(/var/ipa/cs_in/out, 0500): No such file or
>directory
>Dec  5 10:25:46 rolsera ipa[20957]: abnormal termination

оооопс:

rule cs_in/out
        ~~~~~~

так не пойдет я думаю...
убери / из названий правил...

"RE: jesio infa"
Отправлено Kosta , 05-Дек-02 11:37 
Vot ja tozmozu:)))))))))  Vse ok..u menia nazvanije pravila bilo neadekvatnoje:))  Linas-spasibo..ti kstate ne iz Litvi? ja iz klaipedi.. vsegda na Undernet #freebsd :) Spasibo jesio raz
"RE: jesio infa"
Отправлено LinaS , 05-Дек-02 11:41 
>Vot ja tozmozu:)))))))))  Vse ok..u menia nazvanije pravila bilo neadekvatnoje:))  
>Linas-spasibo..ti kstate ne iz Litvi? ja iz klaipedi.. vsegda na Undernet
>#freebsd :) Spasibo jesio raz

не за что :)
нет, не из Литвы... я из Питера