1#!/bin/sh 2 3. ${STREAMBOOST_CFGDIR:-/etc/appflow}/rc.appflow 4 5# 6# Environment config 7# 8BINARY="drflocs" 9NAME=${BINARY} 10DISPLAY_NAME=drflocs 11 12# path to redis socket 13REDIS_SOCK="/var/run/appflow/redis.sock" 14 15# 16# Redis output channels config 17# 18REDIS_MAC_TO_IP_CHAN="nodes.ipaddr.drflocs" 19 20# 21# Drflocs config 22# 23# classification messages output path 24FIFO_TO_POLICY_ENGINE="${RUNDIR}/${BINARY}_out" 25 26# monitored interface 27INTERFACE="$LAN_IFACE" 28 29# path to wopr.yaml 30if [ -e "${RUNDIR}/wopr.yaml" ]; then 31 WOPRDEF_PATH="${RUNDIR}/wopr.yaml" 32else 33 WOPRDEF_PATH="${CFGDIR}/wopr.yaml" 34fi 35 36# pidfile written during daemonization 37PIDFILE="${RUNDIR}/${BINARY}.pid" 38 39# path to drflocs binary 40DRFLOCS_BIN="${BINDIR}/${BINARY}" 41 42# max number of tracked 5-tuples 43MAX_CONNECTIONS=16384 44 45# max number of connections that drflocs can actively be classifying 46MAX_FINGERPRINTS=832 47 48# timeouts specified in seconds 49MAX_CONNECTION_TIMEOUT=120 50TCP_TIMEOUT=120 51UDP_TIMEOUT=60 52 53# if the debug file exists, drflocs is not started at boot 54KROUTER_DEBUG_FILE=${KROUTER_DEBUG_FILE:-"/etc/krouter_debug"} 55 56# Format the command line parameters 57CMDLINE_OPTS="\ 58--no-fde \ 59--daemon \ 60--run-dir=${RUNDIR} \ 61--pid-file=${PIDFILE} \ 62--enable-offload \ 63--redis-unixsocket=${REDIS_SOCK} \ 64--redis-macip=${REDIS_MAC_TO_IP_CHAN} \ 65-i ${INTERFACE} \ 66--fcap=${FCAP_CMD_FIFO} \ 67-w ${WOPRDEF_PATH} \ 68--con-limit=${MAX_CONNECTIONS} \ 69--cls-limit=${MAX_FINGERPRINTS} \ 70--max-timeout=${MAX_CONNECTION_TIMEOUT} \ 71--tcp-timeout=${TCP_TIMEOUT} \ 72--udp-timeout=${UDP_TIMEOUT}" 73 74# 75# Functions 76# 77 78# drflocs won't start unless $IFACE has an ip address 79# wait for the ip address here 80wait_for_iface() { 81 while ! ifconfig ${INTERFACE} | grep "inet addr" > /dev/null 82 do 83 echo "waiting for ${INTERFACE}" 84 sleep 1 85 done 86} 87 88start() { 89 wait_for_iface 90 91 [ ! -d "${RUNDIR}" ] && { 92 mkdir ${RUNDIR} 93 } 94 95 [ ! -e "${FIFO_TO_POLICY_ENGINE}" ] && { 96 mkfifo ${FIFO_TO_POLICY_ENGINE} 97 } 98 99 [ -x ${DRFLOCS_BIN} ] || { 100 echo "${BINARY} not found: ${DRFLOCS_BIN}" 101 exit 2 102 } 103 104 [ "${FCAP_CMD_FIFO}" != "" -a ! -e "${FCAP_CMD_FIFO}" ] && { 105 mkfifo ${FCAP_CMD_FIFO} 106 } 107 108 echo -n "Starting ${NAME}: " 109 # hack hack hack 110 # under extreme pressure from a high number of connection open/close 111 # events per second, the streamboost pipeline cannot keep pace with 112 # drflocs published messages. the result is a backlog of unprocessed 113 # messages in redis for slow clients. if the size of a client's 114 # backlog passes a threshold, the client is forcefully disconnected by 115 # redis, resulting in the loss of all messages in the backlog, which 116 # creates a memory leak because the client misses messages that 117 # indicate that resources should be freed for a particular connection 118 # or flow. to help this situation, we nice drflocs so that it is given 119 # less CPU time than the other streamboost processes. 120 nice -n 20 ${DRFLOCS_BIN} ${CMDLINE_OPTS} "$@" 121 retval=$? 122 echo 123 return ${retval} 124} 125 126boot() { 127 if [ -n "${KROUTER_DEBUG_FILE}" ] && [ -e "${KROUTER_DEBUG_FILE}" ] 128 then 129 # If the debug file is present, don't start 130 echo "debug mode requested, drflocs refusing to start" 131 else 132 start "$@" 133 fi 134} 135 136action "$@" 137exit $? 138