OpenCALEA
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
Re: [OpenCALEA] Recent updates
- From: Mario Antonio
- Date: Tue May 22 10:44:17 2007
Jesse,
Thanks for your answers.
using one box (Linux debian 2.6.8-3-686-smp) for testing and the commands:
controllerd -f /home/calea/opencalea.conf &
df_collector -f /home/calea/opencalea.conf &
tap -f /home/calea/opencalea.conf -x 003 -y 003 -z 003 -c ias-cmc host
1.1.1.1 &
OR
tap -f /home/calea/opencalea.conf -x 004 -y 004 -z 004 -c pcap host 1.1.1.1
&
I verified that
If lea_collector is not running, df_collector saves the files CmC and CmII
in the corresponding subfolders.
If lea_collector is running, CmC files are saved but remain empty.
I used the IAS_CmCC_converter and IAS_CmII_converter to verify ber/xer
formats of the corresponding df_collector and lea_collector files, and as
far as I can see, things seem to be working fine.
Just one question, in the new design, how can I make the df_collector to
connect to a remote host running the lea_collector?
In the old design, tap was connecting to the lea_collector (no problem)
But now, df_collector connects to localhost, which is the default behavior.
The df_collector usage says:
Usage: df_collector [-f config-file] [-u user] [-g group] [-b bind-addr]
[-p df-port] [-v [...]] [-D debug-file] [-l log-level ] [-L logfile] [-h]
It seems that there is no option to connect to a remote host, or as you said
"the docs don't often line up with what's currently possible."
Regards,
Mario Antonio
----- Original Message -----
From: "Jesse Norell" <jesse@kci.net>
To: "Mario Antonio" <dino@webjogger.net>
Cc: <opencalea@merit.edu>
Sent: Tuesday, May 15, 2007 5:59 PM
Subject: Re: [OpenCALEA] Recent updates
>
> Hello Mario,
>
> Right now things are changing a lot .. the docs don't often line up
> with what's currently possible. Pcap format is being worked on / added
> back, but currently isn't there (though the man page and command line
> parser have been updated for it). ias-cmc, ias-cmii and vop-cc may
> work .. I've not actually tested them since adding the -c option the
> other day. I'm not sure exactly where the file support in df_collector
> is .. I think it only saves data if it's undeliverable to lea_collector?
> That may not be the case, and in any case will change in the future.
> lea_collector is falling quite a bit behind, and is what I intend to
> start updating next (including pcap support), though I don't know if
> I'll get to it this week (I'm out Thurs. on). I have no idea where
> controllerd is, but it was just started last week or so, and I don't
> believe actually does anything yet (Norm's working on the controlling ui
> at the moment).
>
>
> See replies inline:
>
>
> On Tue, 2007-05-15 at 17:23 -0400, Mario Antonio wrote:
> > See attached conf file (basically make /home/calea the default folder
for
> > everything)
> >
> > I issue the following secuence of commands (so far, I am avoiding the
> > controller interface)
> >
> > controllerd -f /home/calea/opencalea.conf &
> > df_collector -f /home/calea/opencalea.conf &
> > lea_collector -f /home/calea/opencalea.conf -b 127.0.0.1 -t li4 -f lf4
&
> > tap -f /home/calea/opencalea.conf -x 001 -y 001 -z 001 -c pcap host
1.1.1.1
> > &
> > and (Killing the previous tap process)
> > tap -f /home/calea/opencalea.conf -x 002 -y 002 -z 002 -c ias-cmc host
> > 1.1.1.1 &
> >
> > Two folders were created in /home/calea 001 and 002 with the following
> > files: CmC ,CmII , and Log
> >
> > I noticed that the CmC file remained empty for both tapping process
> > I have the following questions:
> > 1) Am I missing something since the CmC files do not show up any
content?
> > (both lea_collector files show content, though)
>
> See above notes.
>
> > 2) Is there an easy way/tool to verify the resulting files format?
>
> A few svn revisions back, Norm had tap -> df_collector ->
> lea_collector working and tested the output was readable. It's
> asn/ber .. I don't know exactly what tool he used to read it (I think
> maybe a "convert" utility that asn1cc generates or something).
>
> > 3) Since I used -c pcap with tap, I was expecting that I could read the
CmC
> > file with tcpdump, is this correct?
>
> That will be the case when it's ready. I'm unsure what -p raw will
> be, or maybe we'll just abandon it and only have pcap format. "raw"
> makes sense for streaming, but not really for saving to disk.
>
>
> Hope that helps...
>
> Jesse
>
>
>
> > Regards,
> >
> > Mario Antonio
> >
> >
> >
> >
> >
> >
> > ----- Original Message -----
> > From: "Norman Brandinger" <norm@goes.com>
> > To: <opencalea@merit.edu>
> > Sent: Thursday, May 03, 2007 5:04 PM
> > Subject: [OpenCALEA] Recent updates
> >
> >
> > > There have been some interesting updates to the OpenCALEA software
base.
> > >
> > > It should be noted that the software is under heavy development and is
> > > not ready for a "load and go" installation.
> > >
> > > 1. The packet capture routine (tap) can now call T1.IAS and/or T1.678
> > > LAES routines to BER encode the captured packet.
> > > 2. Tap can then send the BER encoded packet (along with a control
> > > header) to the OpenCALEA delivery function (df_collection).
> > > 2a. Tap currently sends two "ROUTE ADD" control messages to
> > > df_collector. These messages instruct df_collector to open
connections
> > > to the LEA collector (lea_collector in our case).
> > > 3. The df_collector looks at the control header and routes the BER
> > > encoded data to the appropriate LEA.
> > >
> > > Actually, LEA for our testing purposes is the old lea_collector that
has
> > > been modified to "sink" data to files.
> > >
> > > The ASN.1 routines included in the OpenCALEA distribution contain
> > > "converter-sample" programs. These programs have been used to
validate
> > > that the BER encoded data that tap is sending matches the data that
the
> > > lea_collector recorded to its files.
> > >
> > > During the development of these recent changes, I've been more focused
> > > on getting a T1.IAS/T1.678 encoded packet sent to the lea_collector
than
> > > writing pretty code. I'm in the process of cleaning up and hardening
> > > what "mechanically" works.
> > >
> > > Regards,
> > > Norm
> > >
> > >
> > >
> >
> > ------=_NextPart_000_04FC_01C79715.BA646EC0
> > Content-Type: application/octet-stream;
> > name="opencalea.conf"
> > Content-Transfer-Encoding: 7bit
> > Content-Disposition: attachment;
> > filename="opencalea.conf"
> >
> >
> > [OpenCALEA]
> >
> > IAPSystemID = "IAP-1"
> >
> > Controller = localhost
> > Control_Port = 41800
> >
> > DF_Collector = localhost
> > DF_Port = 41805
> >
> > CmII_Port = 41810
> > CmC_Port = 41820
> >
> > User = calea
> > Group = calea
> >
> > Syslog_Facility = 8
> > Log_Level = 2
> > Log_File = /home/calea/opencalea.log
> > Debug_Level = 4
> > Debug_Destination = /home/calea/opencalea.debug
> >
> > PID_Dir = /home/calea
> > State_Dir = /home/calea
> >
> >
> > [TAP]
> > Program_Name = tap
> > Interface = eth0
> >
> > Debug_Level = 4
> > Debug_Destination = /home/calea/tap.debug
> >
> >
> > [TAP_CONTROLLER]
> > Program_Name = tap_controller
> > PID_File = tap_controller.pid
> > #Control_Socket = /var/run/opencalea/
> > Tap_Exe = /usr/local/bin/tap
> >
> >
> > [DF_COLLECTOR]
> > Program_Name = df_collector
> > CmII_Path = /home/calea
> > CmC_Path = /home/calea
> > Log_Path = /home/calea
> >
> >
> > [LEA_COLLECTOR]
> > Program_Name = lea_collector
> > CF_Data_Path = /home/calea
> > Log_File = /home/calea/lea_collector.log
> > Debug_Destination = /home/calea/lea_collector.debug
> >
> > ------=_NextPart_000_04FC_01C79715.BA646EC0--
> >
> >
> >
> >
> --
> Jesse Norell - jesse@kci.net
> Kentec Communications, Inc.
>
>
>
>
>
|
