Nfsen-nfsdump-fprobe: Unterschied zwischen den Versionen

Aus Xinux Wiki
Zur Navigation springen Zur Suche springen
(Die Seite wurde neu angelegt: „=client= ==install== apt-get install fprobe ==config file== <pre> cat /etc/default/fprobe #fprobe default configuration file INTERFACE="eth0" FLOW_COLLECTOR="l…“)
 
Zeile 2: Zeile 2:
 
==install==
 
==install==
 
  apt-get install fprobe
 
  apt-get install fprobe
==config file==
+
==first test==
<pre>
+
fprobe -i eth0 192.168.244.152:23456
cat /etc/default/fprobe  
+
*/etc/default/fprobe  
#fprobe default configuration file
+
=server=
 
+
==nfdump==
INTERFACE="eth0"
+
===install===
FLOW_COLLECTOR="localhost:555"
+
apt-get install nfdump
 
+
mkdir /var/netflow
#fprobe can't distinguish IP packet from other (e.g. ARP)
+
nfcapd -w -D -p 23456 -B 200000 -S 1 -z -I Linux-Host-1-eth0 -l /var/netflow/
OTHER_ARGS="-fip"
+
==nfsen==
</pre>
+
===install needed packets===
 +
apt-get install apache2 libapache2-mod-php5 php5-common libmailtools-perl rrdtool librrds-perl
 +
===install nfsen source packets===
 +
cd /usr/src/
 +
wget http://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.8p1/nfdump-1.6.8p1.tar.gz
 +
tar zxvf nfdump-1.6.8p1.tar.gz
 +
cd nfdump-1.6.8p1
 +
perl -MCPAN -e 'install Socket6'

Version vom 20. November 2014, 14:08 Uhr

client

install

apt-get install fprobe

first test

fprobe -i eth0 192.168.244.152:23456
  • /etc/default/fprobe

server

nfdump

install

apt-get install nfdump
mkdir /var/netflow
nfcapd -w -D -p 23456 -B 200000 -S 1 -z -I Linux-Host-1-eth0 -l /var/netflow/

nfsen

install needed packets

apt-get install apache2 libapache2-mod-php5 php5-common libmailtools-perl rrdtool librrds-perl

install nfsen source packets

cd /usr/src/
wget http://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.8p1/nfdump-1.6.8p1.tar.gz
tar zxvf nfdump-1.6.8p1.tar.gz
cd nfdump-1.6.8p1
perl -MCPAN -e 'install Socket6'
Abgerufen von „http://wiki.ixheim.de/index.php?title=Nfsen-nfsdump-fprobe&oldid=5856