Commit 5dce41b0 authored by 's avatar

some updates in mapi tutorial


git-svn-id: file:///home/svn/mapi/trunk@727 8d5bb341-7cf1-0310-8cf6-ba355fef3186
parent abb3f0d5
No preview for this file type
......@@ -392,7 +392,68 @@ LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/usr/local/lib
\end{code}
%\subsection{Monitoring Sensor Configuration}
\subsection{Monitoring Sensor Configuration}
In order to setup a monitoring sensor, the MAPI daemon (\textit{mapid}) has to
be configured and run to the monitoring machine.
\textit{mapid} is configured via the \textit{mapi.conf} configuration file, located in the
installation directory (usually \textit{/usr/local/etc/mapi/mapi.conf}).
In this file we can configure the network interfaces that can provide \textit{mapid} with network packets,
their corresponding MAPI drivers, the MAPI function libraries that we want to support in
this \textit{mapid}, the libraries and drivers path and other.
A typical example of this file is given below:
\begin{scriptsize}
\begin{verbatim}
libpath=/usr/local/share/mapi
drvpath=/usr/local/share/mapi
libs=stdflib.so:extraflib.so
debug=2
dimapi_port=2233
[driver]
device=eth0
driver=mapinicdrv.so
[driver]
device=eth1
driver=mapinicdrv.so
[driver]
device=lo
driver=mapinicdrv.so
description=This is a driver for local capture
[format]
format=MFF_PCAP
driver=mapinicdrv.so
description=Offline pcap-capture
\end{verbatim}
\end{scriptsize}
For DiMAPI, the MAPI communication daemon (\textit{mapicommd}) must also run to the
monitoring machine.
\textit{mapicommd} is responsible for accepting requests for all the MAPI calls from remote hosts,
forward them to the local \textit{mapid} and return the answers and results from the local
\textit{mapid} back to the remote application.
\textit{mapicommd} uses TCP sockets with SSL encryption for the communication.
The port number that \textit{mapicommd} uses to listen for incoming connections is defined in
\textit{mapi.conf} located in the installation directory.
\subsection{Compiling new MAPI applications}
Any user is able to write its own MAPI applications and programs, using the basic
functions described above and the several function libraries that is also provided.
In order to compile a MAPI program, the flag \textit{-lmapi} should be used.
For example:
\begin{verbatim}
gcc my_mapi_program.c -o my_mapi_program -lmapi
\end{verbatim}
\section{Examples}
......@@ -861,6 +922,9 @@ The user is verified to belong in the VO specified, and then the
password is checked for matching. When the user connect to
the flow (line 38), the mapi daemon further checks if the flow is authenticated
If it does not, an error is returned to the user.
For this example, the DiMAPI support is needed, so MAPI should be configured with the
\textit{--enable-dimapi} configuration option.
\subsection{Using DiMAPI}
......@@ -957,6 +1021,8 @@ The actual result of the \textit{PKR\_COUNTER} function
for the monitoring sensor \textit{i} is retrieved from \textit{dres[i].res} field.
Finally, we close the network flow in order to free all the
resources allocated in every monitoring sensor.
For this example, MAPI should be configured with the \textit{--enable-dimapi} configuration option
for DiMAPI support.
\subsection{Using Anonymization}
......@@ -1005,7 +1071,7 @@ int main(int argc, char *argv[]) {
mapi_apply_function(fd,"ANONYMIZE", "TCP,PAYLOAD,STRIP,0");
//checksum fix in IP fixes checksums in TCP and UDP as well
mapi_apply_function(fd,"ANONYMIZE", "IP,CHECKSUM,CHECKSUM_ADJUST");
mapi_apply_function(fd, "TO_BUFFER");
fid = mapi_apply_function(fd, "TO_BUFFER");
/* connect to the flow */
connect_status = mapi_connect(fd);
......@@ -1033,6 +1099,8 @@ is provided in the {\tt anonflib} man page, included in
Appendix~\ref{sec:mananonflib}.
The listing of the {\tt print\_IP\_pkt()} function
is included in Appendix~\ref{sec:misccode}.
For this example, the \textit{anonflib} library should be used.
So, MAPI should be configured with \textit{--enable-anonflib}.
\appendix
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment