Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  IPCAD.CONF (5)


ipcad.conf - ipcad configuration file


     Global configuration
     Interface configuration
     Interface options:
     IP aggregation
     RSH server configuration
     NetFlow export configuration
     Other options:
See Also




The file /usr/local/etc/ipcad.conf contains configuration information for the ipcad(8) daemon. The ipcad.conf file consists of a series of configuration options describing the interfaces on which ipcad should be listening and other configuration data.

    Global configuration

capture-ports { enable | disable };

Make ipcad account for UDP/TCP ports, IP protocol and ICMP types
on a per-interface basis.
This setting is relevant for RSH and interactive export methods only.
Capturing UDP and TCP is disabled by default to maintain historic
RSH output format compatibility.
To selectively enable capturing ports on certain interfaces, specify

between the appropriate

configuration statements.

buffers = <number> [{ k | m }] ;

Defines a buffer size to use for transferring the data from the kernel. Using
larger buffers may increase the performance by lowering the number
of expensive context switches, whereas using smaller values improves responsiveness.

NOTE: This option has no effect on NetFlow operation.

    Interface configuration

interface <face> [promisc] [input-only] [netflow-sampled] [netflow-disable] [filter <pcap_filter> ] ;

Listen on specified interface using BPF or PCAP packet source. (Please refer to the

 Interface options
section below).

interface ulog group <group> [,group <group> ...] [netflow-sampled] [netflow-disable] ;

Use Linux iptables’ ULOG interface for packet capturing. You should configure
the iptables to forward the packets into the appropriate group:

iptables -A OUTPUT -j ULOG --ulog-nlgroup <group>

    Interface options:

promisc: Put interface into promiscuous mode. This enables listening for the packets which are not destined for this host and thus ipcad will count and display all the traffic within the local network. Note that the interface might be in promiscuous mode for some other reason.

input-only: Use kernel feature of counting only incoming packets.

NOTE: "input-only" directive must be supported by kernel. Probably, you were noticed about it during the compilation process if it was not supported. FreeBSD 3.x and elder kernels do not support this feature.

netflow-sampled: If the NetFlow export mechanism is used, this option instructs the interface to supply only one out of N packets to the NetFlow accounting code, thus lowering the CPU and memory requirements. The value of N is configured explicitly in a NetFlow configuration section.

NOTE: This option is NOT used to enable NetFlow on the interface, it just modifies the NetFlow behavior on this interface.

netflow-disable: By default, all interfaces are included into NetFlow accounting. This option is used to disable NetFlow accounting on a particular interface.

filter: Install a custom filter on packets instead of basic IP protocol filter. Requires libpcap (even if BPF is being used). May be employed to eliminate CPU overhead on passing unnecessary data between the kernel and user space (by installing the filter directly into the kernel).

    IP aggregation

aggregate <ip>/<masklen> strip <maskbits>;

Aggregate addresses from the specified network (<ip>/<masklen>),
by AND’ing with specified mask (<maskbits>). Use of aggregation
helps to save memory space and recomendeed for efficiency.

aggregate <port_from>-<port_to> into <port>;

aggregate <port> into <port>;

Aggregate specified UDP/TCP ports range into a given port number.
Use of aggregation helps to save memory space and recomendeed for efficiency.

    RSH server configuration

rsh { enable | disable } [at <listen_ip>];

Enable/disable RSH server (disabled by default). Optionally, a server’s
IP address may be specified.

rsh [[<user>@]<host_addr>] [ access] ;

Specifies an rsh access list entry.

values are:

admin Can shutdown ipcad
backup Can dump/restore/import accounting tables
default Can view and modify accounting tables
view-only Can view accounting tables
deny Deny all activity

rsh ttl = <ttl>;

Keep the IP time to live (TTL) value reasonably low to lower the possibility
of remote attacks. Default is 3. This means that if you are trying to
gather IP accounting from a distant
(a few network "hops", see traceroute(1))
ipcad server using RSH, such attempts may fail.

rsh timeout = <seconds>;

Set rsh timeout for the same purpose.

dumpfile = <filename>;

Dump memory table to this file on exit and read on startup (refer to

and read about -s and -r options).

NOTE: This setting has no effect on NetFlow operation. The contents of the flow cache are flushed to the collector upon ipcad termination.

    NetFlow export configuration

netflow export destination <collector-ip> <collector-port>;

Enable NetFlow information export to the specified destination.
By default, ipcad does not export NetFlow information.

netflow export version { 1 | 5 };

Specify the NetFlow export format version. By default, version 5 is used.

netflow export timeout active <time-minutes>;

Configure the timer to expire active flows after the given value in minutes.

netflow export timeout inactive <time-seconds>;

Configure the timer to expire inactive flows after the given value in seconds.

    Other options:

memory_limit = <number> [{ k | m | e }] ;

Defines a memory limit for storing the per-stream associations.
Shortcuts are for kilobytes, megabytes or entries respectively.

chroot = </path>;

Chroot to this directory before processing.

uid = <number>;

Set this uid to be safe in the long run. Please change it if you’re
aware of the consequences. RSH service will NOT work if process
is not privileged. Default is to not to change privileges.

gid = <number>;

Set this gid to be safe in the long run. Default is not to change privileges.

pidfile = <filename>;

File to keep the process PID in it. ipcad will also hold a lock.
Creation of the PID file is done after chroot()’ing.




.An Lev Walkin <>
Search for    or go to Top of page |  Section 5 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.