Changes between Version 12 and Version 13 of netmon2017netflow
- Timestamp:
- Nov 21, 2017, 5:19:19 PM (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
netmon2017netflow
v12 v13 17 17 libmailtools-perl bison flex 18 18 }}} 19 20 You might get a box asking '''Make /etc/mrtg.cnf owned by and readable only by root?''' select '''yes'''. 19 21 20 22 Now proceed to download and build. Note that only the last step (make install) has to be done as root. … … 115 117 116 118 === For a netflow router === 119 {{{ 117 120 $ mkdir /tmp/nfcap-test 118 121 $ nfcapd -E -p 9001 -l /tmp/nfcap-test 122 }}} 123 119 124 ... after a while, a series of flows should be dumped on your screen. 120 125 121 126 Stop the tool with CTRL+C, then look at the contents of /tmp/nfcap-test 122 127 {{{ 123 128 $ ls -l /tmp/nfcap-test 129 }}} 130 124 131 You should see one or more files called nfcapd.<YEAR><MON><DAY><HR><MIN> 125 132 126 133 Process the file(s) with nfdump: 127 134 {{{ 128 135 nfdump -r /tmp/nfcap-test/nfcapd.201Ywwxxyyzz | less 129 136 nfdump -r /tmp/nfcap-test/nfcapd.201Ywwxxyyzz -s srcip/bytes 130 131 === For a slow router === 137 }}} 138 w,x,y,z indicate year, month, day and time. 139 140 === For a sflow router === 141 {{{ 132 142 $ mkdir /tmp/sfcap-test 133 143 $ sfcapd -E -p 9001 -l /tmp/sfcap-test 144 }}} 145 134 146 ... after a while, a series of flows should be dumped on your screen. 135 147 136 148 Stop the tool with CTRL+C, then look at the contents of /tmp/nfcap-test 137 149 {{{ 138 150 $ ls -l /tmp/sfcap-test 139 You should see one or more files called nfcapd.<YEAR><MON><DAY><HR><MIN> 151 }}} 152 153 You should see one or more files called sfcapd.<YEAR><MON><DAY><HR><MIN> 140 154 141 155 Process the file(s) with nfdump: 142 156 157 {{{ 143 158 nfdump -r /tmp/sfcap-test/sfcapd.201Ywwxxyyzz | less 144 159 nfdump -r /tmp/sfcap-test/sfcapd.201Ywwxxyyzz -s srcip/bytes 160 }}} 161 w,x,y,z indicate year, month, day and time. 145 162 146 163 == Installing and setting up NfSen == … … 149 166 {{{ 150 167 $ cd 151 $ wget http://wget http://192.248.4.49/N otMon/nfsen-1.3.6p1.tar.gz168 $ wget http://wget http://192.248.4.49/NetMon/nfsen-1.3.6p1.tar.gz 152 169 $ tar xvzf nfsen-1.3.6p1.tar.gz 153 170 $ cd nfsen-1.3.6p1 154 171 $ perl -MCPAN -e 'install Socket6' 172 Would you like to configure as much as possible automatically? [yes] 173 What approach do you want? (Choose local::lib, sudo or manual) 174 [local::lib] 155 175 $ cd etc 156 176 $ cp nfsen-dist.conf nfsen.conf … … 192 212 }}} 193 213 194 (substitute your group's router for rtrX, and either remove or comment out the existing sample sources).214 (substitute your group's router for accessrtr, and either remove or comment out the existing sample sources). 195 215 196 216 Change the HTMLDIR from /var/www/nfsen/ to /var/www/html/nfsen/ … … 200 220 Now save and exit from the file. 201 221 202 Deafault rrd tool version for nfsen is 1.5 but the latest version 1.6 therefore a slight configuration is needed 203 {{{ 204 vi libexec/NfSenRRD.pm 222 Default rrd tool version for nfsen is 1.5 but the latest version 1.6 therefore a slight configuration is needed 223 {{{ 224 cd 225 vi nfsen-1.3.6p1/libexec/NfSenRRD.pm 205 226 }}} 206 227
