Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
RADIUM.CONF(1)		    General Commands Manual		RADIUM.CONF(1)

NAME
       radium.conf - radium resource file.

SYNOPSIS
       radium.conf

DESCRIPTION
       Radium will open	this radium.conf if its	installed as /etc/radium.conf.
       It will also search for this file as radium.conf	in directories	speci-
       fied   in  $RADIUMPATH,	or  $RADIUMHOME,  $RADIUMHOME/lib,  or	$HOME,
       $HOME/lib, and parse it to set common configuration options.  All  val-
       ues  in	this  file  can	be overriden by	command	line options, or other
       files of	this format that can be	read in	using the -F option.

Variable Syntax
       Variable	assignments must be of the form:
	 VARIABLE=
       with no white space between the VARIABLE	and the	'=' sign.  Quotes  are
       optional	 for string arguments, but if you want to embed	comments, then
       quotes are required.

RADIUM_DAEMON
       Radium is capable of running as a daemon, doing all  the	 right	things
       that daemons do.	 When this configuration is used for the system	daemon
       process,	say for	/etc/radium.conf,  this	 variable  should  be  set  to
       "yes".

       The default value is to not run as a daemon.

       This  example  is  to support the ./support/Startup/radium script which
       requires	that this variable be set to "yes".

       Commandline equivalent  -d

       RADIUM_DAEMON=no

RADIUM_MONITOR_ID
       Radium Monitor Data is uniquely identifiable based on the source	 iden-
       tifier that is included in each output record.  This is to allow	you to
       work with Argus Data from multiple monitors at the same time.   The  ID
       is 32 bits long,	and supports a number of formats as legitimate values.
       Radium supports unsigned	ints, IPv4 addresses and 4 bytes  strings,  as
       values.

       The formats are discerned from the values provided.  Double-quoted val-
       ues are treated as strings, and are truncated to	 4  characters.	  Non-
       quoted  values  are  tested for whether they are	hostnames, and if not,
       then they are tested wheter they	are numbers.

       The configuration allows	for you	to use host names,  however,  do  have
       some  understanding  how	 `hostname` will be resolved by	the nameserver
       before commiting	to this	strategy completely.

       For convenience,	argus supports the notion of "`hostname`" for  assign-
       ing  the	 probe's  id.	This is	to support management of large deploy-
       ments, so you can have one argus.conf file that	works  for  a  lot  of
       probes.

       For  security, argus does not rely on system programs, like hostname.1.
       It implements the logic of hostname itself, so don't try	to  run	 arbi-
       trary programs using this method, because it won't work.

       Commandline equivalent	-e

       RADIUM_MONITOR_ID=`hostname`	//  IPv4 address returned RADIUM_MONI-
       TOR_ID=10.2.45.3	    // IPv4 address RADIUM_MONITOR_ID=2435	    //
       Number RADIUM_MONITOR_ID="en0"	      // String

RADIUM_ARGUS_SERVER
       Radium  can  attach  to any number of remote argus servers, and collect
       argus data in real time.	 The syntax for	this variable is a hostname or
       a  dot  notation	 IP address, followed by an optional port value, sepa-
       rated by	a ':'.	If the port is not specified, the default value	of 561
       is used.

       Commandline equivalent	-S <host[:port]>

       RADIUM_ARGUS_SERVER=localhost:561

RADIUM_CISCONETFLOW_PORT
       Radium  can  read  Cicso	 Netflow  records directly from	Cisco routers.
       Specifying this value will alert	Radium to open a UDP based socket lis-
       tening for data from this name or address.

       Commandline equivalent	-C

       RADIUM_CISCONETFLOW_PORT=9996

RADIUM_USER_AUTH, RADIUM_AUTH_PASS
       When  argus  is compiled	with SASL support, ra* clients may be required
       to authenticate to the argus server before the argus  will  accept  the
       connection.   This  variable  will allow	one to set the user and	autho-
       rization	id's, if needed.  Although not recommended you can  provide  a
       password	 through  the  RADIUM_AUTH_PASS	variable.  The format for this
       variable	is:

       Commandline equivalent	-U

       RADIUM_USER_AUTH=user_id/authorization_id RADIUM_AUTH_PASS=the_password

RADIUM_ACCESS_PORT
       Radium monitors can provide a real-time remote access port for collect-
       ing Radium data.	 This is a TCP based port service and the default port
       number is tcp/561, the "experimental monitor" service.  This feature is
       disabled	by default, and	can be forced off by setting it	to zero	(0).

       When  you  do want to enable this service, 561 is a good	choice,	as all
       ra* clients are configured to try this port by default.

       Commandline equivalent  -P

       RADIUM_ACCESS_PORT=561

RADIUM_BIND_IP
       When remote access is enabled (see above), you can specify that	Radium
       should  bind  only to a specific	IP address.  This is useful, for exam-
       ple, in restricting access to the local host, or	binding	to  a  private
       interface  while	 capturing from	another. The default is	to bind	to any
       IP address.

       Commandline equivalent  -B

       RADIUM_BIND_IP="127.0.0.1"

RADIUM_OUTPUT_FILE
       Radium can write	its output to one or a number of files,	default	 limit
       is 5 concurrent files, each with	their own independant filters.

       The format is:
	    RADIUM_OUTPUT_FILE=/full/path/file/name
	    RADIUM_OUTPUT_FILE=/full/path/file/name "filter"

       Most sites will have radium write to a file, for	reliablity and perfor-
       mance.  The example file	name is	used here as supporting	programs, such
       as ./support/Archive/radiumarchive are configured to use	this file.

       Commandline equivalent  -w

       RADIUM_OUTPUT_FILE=/var/log/radium/radium.out

RADIUM_SET_PID
       When  Radium  is	configured to run as a daemon, with the	-d option, Ra-
       dium can	store its pid in a file, to aid	in managing the	 running  dae-
       mon.  However, creating a system	pid file requires priviledges that may
       not be appropriate for all cases.

       When configured to generate a pid file, if Radium cannot	create the pid
       file,  it will fail to run.  This variable is available to override the
       default,	in case	this gets in your way.

       The default value is to generate	a pid.

       No Commandline equivalent

       RADIUM_SET_PID=yes

RADIUM_ADJUST_TIME
       Radium can correct for time synchronization problems that may exist be-
       tween data sources.  If configured to do	so, radium will	adjust all the
       timestamps in records by	the calculated drift between  radium  and  its
       many  data sources.  Records whose timevalues have been 'corrected' are
       marked so that subsequent readers can differentiate between true	primi-
       tive time and modified time.

       Commandline equivalent	-T

       RADIUM_ADJUST_TIME=no

RADIUM_MAR_STATUS_INTERVAL
       Radium  will  periodically report on a its own health, providing	inter-
       face status, total packet and bytes counts, packet drop rates, and flow
       oriented	statistics.

       These records can be used as "keep alives" for periods when there is no
       network traffic to be monitored.

       The default value is 300	seconds, but a value of	 60  seconds  is  very
       common.

       Commandline equivalent	-M

       RADIUM_MAR_STATUS_INTERVAL=60

RADIUM_DEBUG_LEVEL
       If  compiled  to	support	this option, Radium is capable of generating a
       lot of debug information.

       The default value is zero (0).

       Commandline equivalent  -D

       RADIUM_DEBUG_LEVEL=0

RADIUM_FILTER_OPTIMIZER
       Radium uses the packet filter capabilities of libpcap.  If there	 is  a
       need to not use the libpcap filter optimizer, you can turn it off here.
       The default is to leave it on.

       Commandline equivalent  -O

       RADIUM_FILTER_OPTIMIZER=yes

RADIUM_FILTER
       You can provide a filter	expression here, if you	like.	It  should  be
       limited to 2K in	length.	 The default is	to not filter.

       No Commandline equivalent

       RADIUM_FILTER=""

RADIUM_CHROOT_DIR
       Radium  supports	chroot(2) in order to control the file system that ra-
       dium exists in and can access.  Generally used when radium  is  running
       with  privleges,	this limits the	negative impacts that radium could in-
       flict on	its host machine.

       This option will	cause the output file names to be relative to this di-
       rectory,	and so consider	this when trying to find your output files.

       Commandline equivalent	-C

       RADIUM_CHROOT_DIR=""

RADIUM_SETUSER_ID
       Radium  can be directed to change its user id using the setuid()	system
       call.  This is can used when radium is started as root, in order	to ac-
       cess privleged resources, but then after	the resources are opened, this
       directive will cause radium to change its user id value to  a  'lesser'
       capable account.	 Recommended when radium is running as a daemon.

       Commandline equivalent	-u

       RADIUM_SETUSER_ID="user"

RADIUM_SETGROUP_ID
       Radium can be directed to change	its group id using the setgid()	system
       call.  This is can used when radium is started as root, in order	to ac-
       cess privleged resources, but then after	the resources are opened, this
       directive can be	used to	change argu's group id value to	a 'lesser' ca-
       pable account.  Recommended when	radium is running as a daemon.

       Commandline equivalent	-g

       RADIUM_SETGROUP_ID="group"

RADIUM_CLASSIFIER_FILE
       Radium  can be used to label records as they are	distributed.  This can
       be used to classify flow	records, or simply to mark them	for post  pro-
       cessing purposes.

       When provided with a ralabel.conf formatted file, radium	will label all
       matching	records.

       Commandline equivalent	none

       RADIUM_CLASSIFIER_FILE=/usr/local/argus/ralabel.conf

RADIUM_CORRELATE
       Radium has a  correlation  function,  where  flow  data	from  multiple
       source's	can be compared	and 'correlateda.

       This function is	enabled	with a single radium configuration keyword RA-
       DIUM_CORRELATE="yes".  With this	variable set, radium().	  will	buffer
       incoming	 data to generate delay, and will correlate data from multiple
       sources with an event window of about 3 seconds.	 Data that  is	match-
       able,  which  means  that it has	the same flow identifiers, or the same
       hints, will treated as if they were "observed" by multiple probes,  and
       merged.

	Commandline equivalent	 none

       RADIUM_CORRELATE="no"

COPYRIGHT
       Copyright (c) 2000-2016 QoSient	All rights reserved.

SEE ALSO
       radium(8)

radium.conf 3.0.8	       07 November 2000			RADIUM.CONF(1)

NAME | SYNOPSIS | DESCRIPTION | Variable Syntax | RADIUM_DAEMON | RADIUM_MONITOR_ID | RADIUM_ARGUS_SERVER | RADIUM_CISCONETFLOW_PORT | RADIUM_USER_AUTH, RADIUM_AUTH_PASS | RADIUM_ACCESS_PORT | RADIUM_BIND_IP | RADIUM_OUTPUT_FILE | RADIUM_SET_PID | RADIUM_ADJUST_TIME | RADIUM_MAR_STATUS_INTERVAL | RADIUM_DEBUG_LEVEL | RADIUM_FILTER_OPTIMIZER | RADIUM_FILTER | RADIUM_CHROOT_DIR | RADIUM_SETUSER_ID | RADIUM_SETGROUP_ID | RADIUM_CLASSIFIER_FILE | RADIUM_CORRELATE | COPYRIGHT | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=radium.conf&sektion=5&manpath=FreeBSD+13.0-RELEASE+and+Ports>

home | help