Add support for ng_bpf to example scripts.

PR:		ports/102742
Submitted by:	Eugene Grosbein <eugen xx grosbein.pp.ru>

net-mgmt/ng_ipacct/Makefile

@@ -7,14 +7,14 @@
 
 PORTNAME=	ng_ipacct
 PORTVERSION=	20050731
+PORTREVISION=	1
 CATEGORIES=	net-mgmt
-MASTER_SITES=	ftp://ftp.wuppy.net.ru/pub/FreeBSD/local/kernel/ng_ipacct/
+MASTER_SITES=	${MASTER_SITE_LOCAL:S!$!skv/!} \
+		ftp://ftp.wuppy.net.ru/pub/FreeBSD/local/kernel/ng_ipacct/
 
 MAINTAINER=	skv@FreeBSD.org
 COMMENT=	Netgraph IP accounting
 
-BROKEN=		Unfetchable
-
 NO_PACKAGE=	"Depends on kernel"
 
 OPTIONS=	MEM_ZONE "Use UMA zone allocator (5.x only)" off

net-mgmt/ng_ipacct/files/ng_ipacct.conf

@@ -44,6 +44,27 @@ ng_ipacct_default_ether_stop='
 	shutdown %%iface%%:
 '
 
+ng_ipacct_bpf_ether_start='
+	mkpeer %%iface%%: tee lower right
+	name %%iface%%:lower %%iface%%_tee
+	connect %%iface%%: lower upper left
+
+	mkpeer %%iface%%_tee: bpf right2left %%iface%%_in
+	name %%iface%%_tee:right2left %%iface%%_bpf
+	connect %%iface%%_tee: right2left left2right %%iface%%_out
+	
+	mkpeer %%iface%%_bpf: ipacct %%iface%%_match_in %%iface%%_in
+	name %%iface%%_bpf:%%iface%%_match_in %%iface%%_ip_acct
+	connect %%iface%%_bpf: %%iface%%_ip_acct: %%iface%%_match_out %%iface%%_out
+'
+
+ng_ipacct_bpf_ether_stop='
+	shutdown %%iface%%_ip_acct:
+	shutdown %%iface%%_bpf:
+	shutdown %%iface%%_tee:
+	shutdown %%iface%%:
+'
+
 # EXAMPLE 1. Ethernet interface
 
 #        +-------------------------------+
@@ -147,3 +168,36 @@ ng_ipacct_vpn0_start='
 ng_ipacct_vpn0_stop='
 	shutdown %%iface%%_ip_acct:
 '
+
+# EXAMPLE 4. Ethernet interface with BPF
+
+#   +-------------------------------+
+#   |                               |
+# (upper)              (left2right)-----(xl0_in) (xl0_match_in)----(xl0_in)
+#   |                      |        |        |     |                    |
+#  xl0         +--(left)-xl0_tee-(right)     xl0_bpf               xl0_ip_acct
+#   |          |           |                 |     |                    |
+# (lower)      |       (right2left)----(xl0_out) (xl0_match_out)--(xl0_out)
+#   |          |
+#   +----------+
+#
+# xl0           - ng_ether
+# xl0_tee       - ng_tee
+# xl0_bpf       - ng_bpf
+# xl0_ip_acct   - ng_ipacct
+
+# Configuration for 'xl0_ip_acct' node:
+
+ng_ipacct_xl0_dlt="EN10MB"	# required line; see ipacctctl(8)
+ng_ipacct_xl0_threshold="15000"	# '5000' by default
+ng_ipacct_xl0_verbose="yes"	# 'yes' by default
+ng_ipacct_xl0_saveuid="yes"	# 'no' by default
+ng_ipacct_xl0_savetime="no"	# 'no' by default
+ng_ipacct_xl0_start=${ng_ipacct_bpf_ether_start}
+ng_ipacct_xl0_stop=${ng_ipacct_bpf_ether_stop}
+ng_ipacct_xl0_checkpoint_script="path/to/your/script --checkpoint-and-save xl0"
+			# this script is called on stop (to save accumulated 
+			# data) or via "rc.d/ng_ipacct.sh checkpoint"
+ng_ipacct_xl0_afterstart_script="path/to/your/script --load-bpf-filters xl0"
+			# this script is called just after initialization
+			# of nodes to load filters into xl0_bpf

net-mgmt/ng_ipacct/files/ng_ipacct.sh.in

@@ -114,6 +114,13 @@ EOF
 		${ipacctctl} ${iface}_ip_acct:${iface} verbose ${verbose}
 		${ipacctctl} ${iface}_ip_acct:${iface} saveuid ${saveuid}
 		${ipacctctl} ${iface}_ip_acct:${iface} savetime ${savetime}
+
+		eval afterstart_script=\$ng_ipacct_${iface}_afterstart_script
+		if [ -n "${afterstart_script}" ]; then
+		    (set -T
+		    trap 'exit 1' 2
+		    ${afterstart_script} ${iface})
+		fi
 	fi
    done
 }
@@ -146,15 +153,16 @@ stop_cmd()
 	eval checkpoint_script=\$ng_ipacct_${iface}_checkpoint_script
 
 	if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then
-		${sed} "s!%%iface%%!${iface}!g" <<-EOF | ${ngctl_batch}
-$stop_script
-EOF
 	    if [ -n "${checkpoint_script}" ]; then
 		(set -T
 		trap 'exit 1' 2
 		${checkpoint_script})
 	    fi
 
+	    ${sed} "s!%%iface%%!${iface}!g" <<-EOF | ${ngctl_batch}
+$stop_script
+EOF
+
 	    if ${ngctl} show ${iface}_ip_acct: >/dev/null 2>&1; then
 		warn "netgraph node '${iface}_ip_acct' did not destroyed!"
 	    fi