Installing IPAcco on MacOS X Server 10.4.x
Introduction
We were looking for a way to track our utilisation of leased line so that we could get stats on whether we needed to upgrade our bandwidth. We use a Cisco 2600 on an SDSL circuit and wanted to track usage on that router. I found IPAcco as a free web based product that could be used to collect statistics from any router that support IP Accounting, including all Cisco IOS routers.
IPAcco is written in TCL and PHP and uses MySQL as a datastore. Originally we installed it on Linux but we centralised on Mac OS X Server so migrated to that platform. IPAcco uses some TCL and PHP extensions not present in the standard Mac OS X Server build so I also cover installing these extensions.
Overview
IPAcco is a free software package that helps a network admin to collect, visualize and analyze IP accounting data from the Cisco routers. Cisco routers themselves are capable of collecting IP accounting information ‚Äì i.e. an unordered set of IP source-destination pairs along with a byte and packet counters corresponding to all network traffic flows that passed through the router’s interfaces. This data can be a useful source for various analysis procedures and billing systems but by itself, in its raw form it is rather difficult to read and understand. In addition, a router cannot keep a lot of data ‚Äì its memory is needed for purposes other than remembering what traffic, from what sources and where it forwarded two month ago.
Requirements
This guide assumes you have OS X Server 10.4.x or greater installed.
You must also have Developer Tools already installed (that grey CD that came with Mac OS X). You can download the Developer Tools at http://connect.apple.com
Finally you must be comfortable with the command line and familiar with pico and sudo
Installing IPAcco
Use /Applications/Server/MySQL Manager to start MySQL if you have not already done so. You will also need to set a database root password
cd /tmp curl -O http://www.maxlyth.com/wp-content/uploads/2008/01/ipaccostarttar.gz curl -O http://heanet.dl.sourceforge.net/sourceforge/ipacco/ipacco-0.2.0.1.tar.gz tar xzpf ipaccostart.tar.gz tar xzpf ipacco-0.2.0.1.tar.gz sudo mv ipacco /Library/StartupItems/ipacco sudo cp /tmp/ipacco-0.2.0.1/html /Library/WebServer/Documents/ipacco sudo cp /tmp/ipacco-0.2.0.1/datapump/tc* /Library/StartupItems/ipacco/ sudo pico /Library/StartupItems/ipacco/ipacco-datapump.cfg
Edit the config file for the data pump. You probably will only need to change the hostname or ip address of your router.
Setting up your router
This is pretty well covered in the documentation that comes with IPAcco. The only gotcha I came across was that you need to disable the Mac OS firewall for the IP address of your router. This is because the rsh protocol tries to make a connection back to the initiating host, if a firewall blocks that connection you will get an error along the lines of ‘select: protocol failure in circuit setup’.
I resolved this by creating a new network in the Apple firewall setup that consisted of just my routers IP and allowed all access from that IP. Obviously I’d prefer to just open the ports necessary for rsh but according to the documentation I could find, the connection back could come in any port from 0 to 1023. If anyone knows any different then please let me know.
You will know you have got it right if you issue the following command in the terminal:
rsh ciscohost show IP accounting
If it’s working then you will get back a stream of IP address pairs.
Install the mysqltcl client
The part of IPAcco that reads the accounting information from the router and pushes it into the database is called the datapump and is written in TCL. Fortunately MacOS X already contains a comprehensive TCL interpreter however it does not include the mysqltcl module that the datapump uses to communicate with MySQL. The installation of the module is a little tricky as the MySQL that comes with Mac OS X Server is not entirely complete but the following instructions should get it working:
cd /tmp curl -O http://www.xdobry.de/mysqltcl/mysqltcl-3.03.tar.gz tar xzpf mysqltcl-3.03.tar.gz cd mysqltcl-3.03/ ./configure CC=gcc --with-mysql-include=/usr/include/mysql --with-mysql-lib=/usr/lib/mysql --enable-mysqlstatic --with-tcl=/usr/lib --with-tclinclude=/usr/include pico Makefile
search for line: LIBS = /usr/lib/mysql/libmysqlclient.a -lz -lcrypt -lnsl -lm
edit it to look like LIBS = /usr/lib/mysql/libmysqlclient.a -lz -lm
make sudo make install
Now to do a quick test to see if the TCL setup is working. If your MySQL database has a non-blank root password you need to edit the test suite config file
pico tests/test.test
Now run the test suite
sudo make test
I got about 11 failures out of 46 tests, mostly because I think some of teh tests assume the root password to be blank however this si not a problem as long as you don’t get predomiantly failures all should be OK
Now create the database
IPAcco comes with a SQL script to create the database but I found it caused authentication errors so I modified it with a text editor to change every instance of % in CreateDB.sql to Localhost
cd /tmp/ipacco-0.2.0.1 mysql -uroot -p < CreateDB.sql
Test that the account works and is authorised for the database
mysql -uipacco-pump -pipacco=pump mysql> use ipacco; show tables; exit;
You should see a list of 9 tables
Now build GD libraries
The PHP that comes with Mac OS X Server is crippled in the number of modules that it was compiled with. We need at least the GD module as it is used to generate the graphs. In order to build a new PHP we first need to install the GD coded so we can include it
cd /tmp curl -O http://www.zlib.net/zlib-1.2.3.tar.gz curl -O http://superb-east.dl.sourceforge.net/sourceforge/libpng/libpng-1.2.12.tar.gz curl -O ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.gz curl -O http://www.boutell.com/gd/http/gd-2.0.33.tar.gz tar xzpf zlib-1.2.3.tar.gz tar xzpf libpng-1.2.12.tar.gz tar xzpf jpegsrc.v6b.tar.gz tar xzpf gd-2.0.33.tar.gz cd /tmp/zlib-1.2.3 ./configure --shared make sudo make install cd /tmp/libpng-1.2.12 cp scripts/makefile.darwin Makefile pico Makefile
Search for a line beginning ZLIBLIB= and change the comments so the section reads:
ZLIBLIB=/usr/local/lib ZLIBINC=/usr/local/include #ZLIBLIB=../zlib #ZLIBINC=../zlib
make sudo make install cd /tmp/gd-2.0.33 ./configure cp libtool /tmp/jpeg-6b cd /tmp/jpeg-6b ./configure --enable-shared make sudo mkdir -p /usr/local/include sudo mkdir -p /usr/local/bin sudo mkdir -p /usr/local/lib sudo mkdir -p /usr/local/man/man1 sudo make install
Now install GD libraries which we need for PHP
ln -s /usr/X11R6/include/fontconfig /usr/local/include cd /tmp/gd-2.0.33 ./configure --with-freetype=/usr/X11R6 make sudo make install
Now build a new PHP that supports GD
Here we build a new PHP. I am sticking with php 4.4.7 as that is version that is tested and working on Mac OS X 10.4. The purpose of this excercise is to add the GD features, not to change the php version. You could use one of the prebuilt PHP replacements like the excellent 5.2 built from Marc Liyanage over at www.entropy.ch however IPAcco does not seem to be compatible with PHP 5.2.
cd /tmpcurl -O http://uk.php.net/distributions/php-4.4.7.tar.gz tar xzpf php-4.4.7.tar.gz cd php-4.4.7 sh CFLAGS=-DBIND_8_COMPAT export CFLAGS ./configure --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info --disable-dependency-tracking --with-apxs --with-ldap=/usr --with-kerberos=/usr --enable-cli --with-zlib-dir=/usr --enable-trans-sid --with-xml --enable-exif --enable-ftp --enable-mbstring --enable-mbregex --enable-dbx --enable-sockets --with-iodbc=/usr --with-curl=/usr --with-config-file-path=/etc --sysconfdir=/private/etc --with-mysql=/usr --with-mysql-sock=/var/mysql/mysql.sock --without-pear --with-jpeg-dir=/usr/local --with-png-dir=/usr/local --with-freetype-dir=/usr/X11R6 --with-gd=/usr/local make sudo make install sudo apachectl graceful restart
We now want to check that it is working. If you have not already done so you need to enable the php4_module in the web settings section of server admin.
echo "<?php phpinfo(); phpinfo(INFO_MODULES); ?>" > /Library/WebServer/Documents/ipacco/phpinfo.php
Now surf to http://localhost/ipacco/phpinfo.php if all is well then you should get a php status page and if you scroll down you will see a GD module that shows it’s status as enabled.
You are now ready to test IPAcco itself.
Surf to http://localhost/ipacco/ and enjoy!
Recent Comments