New port: net/exaddos:

ExaDDOS is an application able to gather different data sources to present a
real time unified view of your network.

It can gather:
* SNMP information at your edge
* IPFIX export from your routers

And present it using a web interface. Our goal is to very quickly integrate
it with ExaBGP to allow a "one click" anti-DDOS solution.

Features include:
* An RRD based solution for interface traffic graphing
* AS-STATS to find which peers are our top talkers
* NFSEN to collect, store and search flows
* An ExaDDOS like internal solution, to quickly identify which IPs are
  causing an attack

WWW: https://github.com/Exa-Networks/exaddos

net/Makefile

@@ -131,6 +131,7 @@
     SUBDIR += etherboot
     SUBDIR += etrace
     SUBDIR += exabgp
+    SUBDIR += exaddos
     SUBDIR += findmtu
     SUBDIR += flowgrep
     SUBDIR += fonulator

net/exaddos/Makefile

@@ -0,0 +1,46 @@
+# Created by: Ryan Steinmetz <zi@FreeBSD.org>
+# $FreeBSD$
+
+PORTNAME=	exaddos
+PORTVERSION=	0.4.0
+CATEGORIES=	net
+MASTER_SITES=	GH GHC \
+		http://mirrors.rit.edu/zi/
+EXTRACT_SUFX=	.tgz
+
+MAINTAINER=	zi@FreeBSD.org
+COMMENT=	Monitor your network for DDoS
+
+LICENSE=	BSD
+
+RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}snmp4-mibs>=0.1.4:${PORTSDIR}/net-mgmt/py-snmp4-mibs \
+    		${PYTHON_PKGNAMEPREFIX}snmp4>=4.2.3:${PORTSDIR}/net-mgmt/py-snmp4
+
+USE_GITHUB=	yes
+GH_ACCOUNT=	Exa-Networks
+GH_TAGNAME=	${PORTVERSION}
+GH_COMMIT=	4e93fc1
+USE_PYTHON=	yes
+SUB_FILES=	pkg-message exaddos.sh exaddos.conf.sample
+SUB_LIST=	PYTHON_LIBDIR=${PYTHON_LIBDIR} PYTHON_CMD=${PYTHON_CMD} \
+		PYTHON_SITELIBDIR=${PYTHON_SITELIBDIR}
+USE_RC_SUBR=	${PORTNAME}
+
+USERS=		${PORTNAME}
+GROUPS=		${PORTNAME}
+
+do-build:
+	@${PYTHON_CMD} -m compileall ${WRKSRC}/lib
+
+do-install:
+	@${INSTALL_SCRIPT} ${WRKDIR}/${PORTNAME}.sh ${STAGEDIR}${PREFIX}/sbin/${PORTNAME}
+	@${MKDIR} ${STAGEDIR}${PYTHON_SITELIBDIR}/${PORTNAME} ${STAGEDIR}${ETCDIR}
+	@(cd ${WRKSRC}/lib && ${COPYTREE_SHARE} . ${STAGEDIR}${PYTHON_SITELIBDIR})
+	@(cd ${WRKSRC}/data/${PORTNAME} && ${COPYTREE_SHARE} . ${STAGEDIR}${PREFIX}/www/${PORTNAME})
+	@${INSTALL_DATA} ${WRKDIR}/exaddos.conf.sample \
+		${STAGEDIR}${ETCDIR}
+
+post-install:
+	@${CAT} ${PKGMESSAGE}
+
+.include <bsd.port.mk>

net/exaddos/distinfo

@@ -0,0 +1,2 @@
+SHA256 (exaddos-0.4.0.tgz) = e13b4746f089fb13774ac96fcfd4c62e19df94f2491673a50dd0f4145ac1e399
+SIZE (exaddos-0.4.0.tgz) = 358330

net/exaddos/files/exaddos.conf.sample.in

@@ -0,0 +1,75 @@
+[exaddos.daemon]
+daemonize = true
+user = 'exaddos'
+pidfile = '/var/run/exaddos/exaddos.pid'
+
+[exaddos.http]
+host = '127.0.0.1'
+port = 8080
+
+[exaddos.ipfix]
+host = '127.0.0.1'
+port = 29300
+
+
+[exaddos.location]
+database = '/var/db/exaddos/exaddos.sqlite3'
+html = '%%PREFIX%%/www/exaddos/html'
+
+[exaddos.profile]
+destination = 'stdout'
+enable = false
+
+# threshold: expressed in pps
+
+[exaddos.PEER1]
+router = '127.0.0.2'
+snmp_version = 2
+snmp_password = 'secret'
+snmp_frequency = 10
+snmp_index_port = 120
+snmp_index_vlan = 100
+threshold_bandwidth = 104857600
+threshold_unicast = 120000
+threshold_notunicast = 1500
+
+
+[exaddos.PEER2]
+router = '127.0.0.2'
+snmp_version = 2
+snmp_password = 'secret'
+snmp_frequency = 10
+snmp_index_port = 120
+snmp_index_vlan = 110
+threshold_bandwidth = 104857600
+threshold_unicast = 120000
+threshold_notunicast = 1500
+
+
+[exaddos.TRANSIT1]
+router = '127.0.0.3'
+location = 'datacenter'
+snmp_version = 2
+snmp_password = 'secret'
+snmp_frequency = 10
+snmp_index_port = 220
+snmp_index_vlan = 140
+threshold_bandwidth = 104857600
+threshold_unicast = 120000
+threshold_notunicast = 1500
+
+
+[exaddos.router]
+router = '192.0.2.123'
+snmp_version = 3
+snmp_user = 'exaddos'
+snmp_auth_method = 'SHA'
+snmp_auth_key = 'pass7faYDFagREF6DasdG'
+snmp_privacy_method = 'AES-128'
+snmp_privacy_key = 'privTasvRT3gfg4GFsGHV'
+snmp_frequency = 10
+snmp_index_port = 520
+snmp_index_vlan = 573
+threshold_bandwidth = 524288000
+threshold_unicast = 120000
+threshold_notunicast = 1500

net/exaddos/files/exaddos.in

@@ -0,0 +1,58 @@
+#!/bin/sh
+
+# $FreeBSD$
+#
+# PROVIDE: exaddos
+# REQUIRE: LOGIN
+# KEYWORD: shutdown
+#
+# Add the following line(s) to /etc/rc.conf to enable exaddos:
+#
+# exaddos_enable="YES"
+
+. /etc/rc.subr
+
+name=exaddos
+rcvar=exaddos_enable
+
+load_rc_config $name
+
+exaddos_enable=${exaddos_enable:-"NO"}
+exaddos_conf=${exaddos_conf:-"%%ETCDIR%%/exaddos.conf"}
+
+pidfile=/var/run/${name}/${name}.pid
+
+required_files=${exaddos_conf}
+
+command="%%PYTHON_SITELIBDIR%%/${name}/application.py"
+procname="%%PYTHON_CMD%%"
+
+start_cmd="exaddos_start"
+reload_all_cmd="exaddos_reload_all"
+extra_commands="reload reload_all"
+sig_reload="USR1"
+
+exaddos_start()
+{
+	if [ -z "$rc_fast" -a -n "$rc_pid" ]; then
+		echo 1>&2 "${name} already running? (pid=$rc_pid)."
+		return 1
+	fi
+
+	echo "Starting ${name}."
+
+	install -d -o exaddos -g exaddos -m 755 /var/run/${name}
+	install -d -o exaddos -g exaddos -m 750 /var/db/${name}
+	rm -f ${pidfile}
+
+	${procname} -m exaddos.debug ${command} -c ${exaddos_conf}
+}
+
+exaddos_reload_all()
+{
+    	echo "Reloading exaddos configuration and processes."
+	kill -USR2 $rc_pid
+}
+
+
+run_rc_command "$1"

net/exaddos/files/exaddos.sh.in

@@ -0,0 +1,16 @@
+#!/bin/sh
+
+export PYTHONPATH=%%PYTHON_LIBDIR%%:%%PYTHON_SITELIBDIR%%/exaddos:%%PYTHON_SITELIBDIR%%/exaddos/lib
+
+INTERPRETER=%%PYTHON_CMD%%
+
+APPLICATIONS=`$INTERPRETER -c "import sys,os; print ' '.join(os.path.join(_,'exaddos','application.py') for _ in sys.path if os.path.isfile('/'.join((_,'exaddos','application.py'))))"`
+APPLICATION=`echo $APPLICATIONS | awk '{ print $1; }'`
+
+if [ $# -eq 0 ]; then
+	$INTERPRETER -m exaddos.debug $APPLICATION -c %%PREFIX%%/etc/exaddos.conf --help
+	echo "===> To start exaddos, you should use:"
+	echo "===>   service exaddos start"
+else
+	exec $INTERPRETER -m exaddos.debug $APPLICATION -c %%PREFIX%%/etc/exaddos.conf $*
+fi

net/exaddos/files/pkg-message.in

@@ -0,0 +1,4 @@
+===========================================================================
+Please edit %%ETCDIR%%/exaddos.conf based on one of the examples and
+add exaddos_enable="YES" to /etc/rc.conf
+===========================================================================

net/exaddos/pkg-descr

@@ -0,0 +1,18 @@
+ExaDDOS is an application able to gather different data sources to present a
+real time unified view of your network.
+
+It can gather:
+* SNMP information at your edge
+* IPFIX export from your routers
+
+And present it using a web interface. Our goal is to very quickly integrate
+it with ExaBGP to allow a "one click" anti-DDOS solution.
+
+Features include:
+* An RRD based solution for interface traffic graphing
+* AS-STATS to find which peers are our top talkers
+* NFSEN to collect, store and search flows
+* An ExaDDOS like internal solution, to quickly identify which IPs are
+  causing an attack
+
+WWW: https://github.com/Exa-Networks/exaddos

net/exaddos/pkg-plist

@@ -0,0 +1,57 @@
+@comment $FreeBSD$
+sbin/exaddos
+%%PYTHON_SITELIBDIR%%/exaddos/__init__.py
+%%PYTHON_SITELIBDIR%%/exaddos/__init__.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/application.py
+%%PYTHON_SITELIBDIR%%/exaddos/application.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/configuration.py
+%%PYTHON_SITELIBDIR%%/exaddos/configuration.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/container.py
+%%PYTHON_SITELIBDIR%%/exaddos/container.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/debug.py
+%%PYTHON_SITELIBDIR%%/exaddos/debug.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/flow.py
+%%PYTHON_SITELIBDIR%%/exaddos/flow.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/http.py
+%%PYTHON_SITELIBDIR%%/exaddos/http.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/ipfix.py
+%%PYTHON_SITELIBDIR%%/exaddos/ipfix.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/leak/__init__.py
+%%PYTHON_SITELIBDIR%%/exaddos/leak/__init__.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/leak/gcdump.py
+%%PYTHON_SITELIBDIR%%/exaddos/leak/gcdump.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/leak/objgraph.py
+%%PYTHON_SITELIBDIR%%/exaddos/leak/objgraph.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/log.py
+%%PYTHON_SITELIBDIR%%/exaddos/log.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/q.py
+%%PYTHON_SITELIBDIR%%/exaddos/q.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/reactor.py
+%%PYTHON_SITELIBDIR%%/exaddos/reactor.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/snmp.py
+%%PYTHON_SITELIBDIR%%/exaddos/snmp.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/thread.py
+%%PYTHON_SITELIBDIR%%/exaddos/thread.pyc
+%%PYTHON_SITELIBDIR%%/exaddos/warning.py
+%%PYTHON_SITELIBDIR%%/exaddos/warning.pyc
+www/exaddos/html/exa.jpg
+www/exaddos/html/favicon.ico
+www/exaddos/html/inc/jquery-1.10.2.js
+www/exaddos/html/inc/jquery.tablesorter.js
+www/exaddos/html/inc/jquery.tmpl.min.js
+www/exaddos/html/index.html
+www/exaddos/html/overview.html
+www/exaddos/html/talkers.html
+www/exaddos/html/talker.html
+@dirrm www/exaddos/html/inc
+@dirrm www/exaddos/html
+@dirrm www/exaddos
+@dirrm %%PYTHON_SITELIBDIR%%/exaddos/leak
+@dirrm %%PYTHON_SITELIBDIR%%/exaddos
+@dirrmtry %%PYTHON_SITELIBDIR%%
+@dirrmtry %%PYTHON_LIBDIR%%
+@unexec if cmp -s %D/etc/exaddos/exaddos.conf %D/etc/exaddos/exaddos.conf.sample ; then rm -f %D/etc/exaddos/exaddos.conf ; fi
+etc/exaddos/exaddos.conf.sample
+@exec if [ ! -f %D/etc/exaddos/exaddos.conf ]; then cp -p %D/%F %B/exaddos.conf; fi
+@dirrmtry etc/exaddos
+@unexec if [ -d %D/%%ETCDIR%% ]; then echo "==> If you are permanently removing this port, you should do a ``rm -rf ${PKG_PREFIX}/etc/exaddos`` to remove any configuration files left."; fi