Tuesday, July 3, 2018

Install NFSEN & NFDUMP on Ubuntu 16.04

install depedency :

apt install make gcc flex rrdtool librrd-dev libpcap-dev php librrds-perl libsocket6-perl apache2 libapache2-mod-php7.0

install nfdump :

masuk ke folder nfdump >
./configure --enable-nsel --enable-nfprofile --enable-sflow --enable-readpcap --enable-nfpcapd

make
make install
nfdump -V

cd ../nfsen-1.3.8

cpan  App::cpanminus
cpann Mail::Header
cpann Mail::Internet
nano ./etc/nfsen-dist.conf
>
# user and group of the web server process
# All netflow processing will be done with this user
$WWWUSER  = "www-data";
$WWWGROUP = "www-data";

# number of nfprofile processes to spawn during the profiling phase
# depends on how busy your system is and how many CPUs you have
# on very busy systems increase it to a higher value
#$PROFILERS = 2;

useradd -M -s /bin/false -G www-data netflow
mkdir -p /data/nfsen
./install.pl ./etc/nfsen-dist.conf


nano /etc/apache2/sites-enabled/000-default.conf
>
<VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com

        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/nfsen
        DirectoryIndex nfsen.php

service apache2 restart
/data/nfsen/bin/nfsen start

#############################################
Testing >>> on Mikrotik

nano /data/nfsen/etc/nfsen.conf
%sources = (
'MIKROTIK NOC'    => { 'port' => '2055', 'col' => '#00ff00', 'type' => 'netflow' },
#    'upstream1'    => { 'port' => '9995', 'col' => '#0000ff', 'type' => 'netflow' },
#    'peer1'        => { 'port' => '9996', 'IP' => '172.16.17.18' },
#    'peer2'        => { 'port' => '9996', 'IP' => '172.16.17.19' },
);

/etc/init.d/nfsen reconfig


Ref :
 https://www.youtube.com/watch?v=rge1mBvzj5E
https://www.youtube.com/watch?v=Lfrvjbc_QtA
at
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)