relecture nfsen
This commit is contained in:
parent
d539525f82
commit
8fc5d67bc5
|
@ -96,38 +96,40 @@ Quelques exemples utiles :
|
||||||
# nfdump -M /var/cache/nfdump -R . 'proto tcp and dst host 192.0.2.1 and dst port 80' -s srcip/flows
|
# nfdump -M /var/cache/nfdump -R . 'proto tcp and dst host 192.0.2.1 and dst port 80' -s srcip/flows
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
## NfSen & nfdump
|
## NfSen
|
||||||
|
|
||||||
### Installer le module PERL Socket6
|
**NfSen** est un outil pour gérer les _Netflow_ via une interface web, il permet notamment :
|
||||||
|
|
||||||
|
* de lancer plusieurs **nfcapd** pour collecter les _Netflow_ de plusieurs routeurs
|
||||||
|
* de lancer la commande _nfdump_ avec des options de manière « graphique »
|
||||||
|
* d'avoir des graphes par flows/paquets/octets par seconde avec des filtres tcpdump
|
||||||
|
* de créer des alertes en fonction de seuils / filtres tcpdump
|
||||||
|
|
||||||
|
### Installation NfSen
|
||||||
|
|
||||||
|
On installe NfSen **et** nfdump à partir des sources :
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
perl -MCPAN -e 'install Socket6'
|
# perl -MCPAN -e 'install Socket6'
|
||||||
~~~
|
|
||||||
|
|
||||||
### Installer nfdump
|
$ wget https://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.13/nfdump-1.6.13.tar.gz/download
|
||||||
|
$ tar zxvf nfdump-1.6.13.tar.gz
|
||||||
|
$ cd nfdump-1.6.13
|
||||||
|
$ ./configure --enable-nfprofile --enable-nftrack
|
||||||
|
$ make
|
||||||
|
# make install
|
||||||
|
|
||||||
~~~
|
$ wget https://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.8/nfsen-1.3.8.tar.gz/download
|
||||||
wget https://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.13/nfdump-1.6.13.tar.gz/download
|
$ tar zxvf nfsen-1.3.8.tar.gz
|
||||||
tar zxvf nfdump-1.6.13.tar.gz
|
$ cd ./nfsen-1.3.8
|
||||||
cd nfdump-1.6.13
|
# cp etc/nfsen-dist.conf /etc/nfsen.conf
|
||||||
./configure --enable-nfprofile --enable-nftrack
|
# vim /etc/nfsen.conf
|
||||||
make && make install
|
# mkdir -p /opt/nfsen/data/nfsen
|
||||||
~~~
|
# mkdir -p /opt/nfsen/www
|
||||||
|
# adduser nfsen
|
||||||
### Installer nfsen
|
# adduser nfsen www-data
|
||||||
|
# chown -R nfsen:www-data /opt/nfsen
|
||||||
~~~
|
# ./install.pl /etc/nfsen.conf
|
||||||
wget https://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.8/nfsen-1.3.8.tar.gz/download
|
# cd /opt/nfsen/data/nfsen/bin/
|
||||||
tar zxvf nfsen-1.3.8.tar.gz
|
#./nfsen start
|
||||||
cd ./nfsen-1.3.8
|
|
||||||
cp etc/nfsen-dist.conf /etc/nfsen.conf
|
|
||||||
vim /etc/nfsen.conf
|
|
||||||
mkdir -p /opt/nfsen/data/nfsen
|
|
||||||
mkdir -p /opt/nfsen/www
|
|
||||||
adduser nfsen
|
|
||||||
adduser nfsen www-data
|
|
||||||
chown -R nfsen:www-data /opt/nfsen
|
|
||||||
./install.pl /etc/nfsen.conf
|
|
||||||
cd /opt/nfsen/data/nfsen/bin/
|
|
||||||
./nfsen start
|
|
||||||
~~~
|
~~~
|
||||||
|
|
Loading…
Reference in a new issue