Configuration
Configuration
Files and Directory Structure of Netify
The default Linux-base directory structure is provided below. For BSD sytems, the root folder is located in /usr/local.
/
├── etc/
│ ├── netifyd.conf
│ └── netifyd/
│ ├── interfaces.d/
│ │ ├── 10.lan.conf
│ │ └── 10.wan.conf
│ ├── categories.d/
│ │ ├── 10.adult.conf
│ │ ├── 10.vpn.conf
│ │ └── 10.malware.conf
│ ├── plugins.d/
│ │ ├── 10-netify-sink-log.conf
│ │ ├── 10-netify-sink-socket.conf
│ │ ├── 10-netify-proc-aggregator.conf
│ │ ├── 10-netify-proc-core.conf
│ │ ├── 10-netify-sink-http.conf
│ │ ├── 10-netify-sink-mqtt.conf
│ │ ├── 10-netify-proc-flow-actions.conf
│ │ ├── 10-netify-proc-lua.conf
│ │ └── 10-netify-proc-dev-discovery.conf
│ └── nfa-block.d
├── usr/
│ └── sbin/
│ └── netifyd
└── var/
└── run/
└── netifyd/
├── netifyd.pid
├── status.json
└── netifyd.sock (ex. Netify Sink Socket Plugin)
If you are coming from Netify version 3 or 4, take note ofthe main directory name change in /etc from netify.d to netifyd.
In version 5, domain list mappings to categories was renamed from domains.d to categories.d.
Using Defined Variable Inside Netify
The Netify agent and plugins support a number of defined variables inside configuration files to provide flexibility and make cross-platform configuration more portable. The following table provides valid configuration names and their use.
| Variable Name | Expands To | Description |
|---|---|---|
| Applicable to: Netify Agent | ||
| ${path_state_persistent} | /etc/netifyd |
Path to persistent state data |
| ${path_state_volatile} | /var/run/netifyd |
Path to folder used for persistent state data |
| ${path_app_config} | /etc/netifyd/netify-apps.conf |
Location to the Netify application signature file |
| ${path_category_config} | /etc/netifyd/netify-categories.json |
Location to the Netify category JSON file |
| ${path_plugins} | /etc/netifyd/plugins.d |
Path to plugins folder |
| ${path_categories} | /etc/netifyd/plugins.d |
Path to plugins folder |
| ${path_interfaces} | /etc/netifyd/interfaces.d |
Path to interfaces folder |
| Applicable to: HTTP Sink, MQTT Sink | ||
| ${uuid_agent} | cat /etc/netifyd/agent.uuid |
Agent UUID used for identification |
| ${uuid_serial} | /path/to/script.sh |
Alternative to Agent UUID used for identification |
| ${uuid_site} | cat /etc/netifyd/site.uuid |
Agent UUID used for identification |
| Applicable to: MQTT Sink | ||
| ${channel} | Variable | The name the processor plugin that dispatched the payload sets as the channel |