nfsen
NfSen - CentOS6
Install and configure NfSen on CentOS6.x
- NfSen 1.3.6
- nfdump 1.6.9
Prerequisites:
- EPEL Repository
Installation
- Download NfSen http://nfsen.sourceforge.net/.
- Download nfdump http://nfdump.sourceforge.net/.
- Extract files.
tar zxvf nfdump-1.6.12.tar.gz tar zxvf nfsen-1.3.6p1.tar.gz
- Install development tools.
sudo yum groupinstall development tools
- Install rrdtool.
sudo yum install rrdtool rrdtool-devel
- Install Apache, php and perl modules.
sudo yum install apache php perl-MailTools rrdtool-perl perl-Socket6
- Edit /etc/php.ini. Confgure date.timezone.
- Create user netflow.
useradd netflow
- Add user netflow to apache group.
sudo usermod -G apache netflow
- Compile and install nfdump.
cd nfdump-1.6.12 ./configure --prefix=/opt/nfdump --enable-nfprofile autoreconf make sudo make install
- Install nfsen.
cd nfsen-1.3.6p1 cd etc cp nfsen-dist.conf nfsen.conf vi nfsen.conf $BASEDIR = "/opt/nfsen"; $HTMLDIR = "/opt/nfsen/www/"; $PREFIX = '/opt/nfdump/bin'; $WWWUSER = "apache"; $WWWGROUP = "apache"; $MAIL_FROM = 'nfsen@yourdomain.tld'; $SMTP_SERVER = 'fqdn.mail.server'; %sources = ( 'source1' => { 'port' => '9995', 'col' => '#0000ff', 'type' => 'netflow' }, 'source2' => { 'port' => '9996', 'col' => '#cc3333', 'type' => 'netflow' }, 'source3' => { 'port' => '9997', 'col' => '#99ff33', 'type' => 'netflow' }, ); cd .. sudo ./install.pl etc/nfsen.conf
- Open port 80 and netflow ports. Edit /etc/sysconfig/iptables.
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 9995 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 9996 -j ACCEPT -A INPUT -m state --state NEW -m udp -p udp --dport 9997 -j ACCEPT
- Reload iptables.
service iptables restart
- Add apache config. Create /etc/httpd/conf.d/nfsen.conf
<Directory "/opt/nfsen/www"> AllowOverride None Order allow,deny Allow from all </Directory> Alias /nfsen "/opt/nfsen/www"
- Start apache at boot.
sudo chkconfig httpd on
- Start apache.
sudo service httpd start
- Create SELinux module. Important: Modules created with audit2allow may allow more access than required.
sudo yum install policycoreutils-python setenforce 0 /opt/nfsen/bin/nfsen start /opt/nfsen/bin/nfsen stop cp /var/log/audit/audit.log /var/tmp cd /var/tmp audit2allow -M mynfsen < audit.log semodule -i mynfsen.pp setenforce 1
- Start nfsen.
sudo /opt/nfsen/bin/nfsen start
- To start NfSen at boot, add the start script to /etc/rc.local. Or create a nice start/stop init script.
- Access NfSen at http://server/nfsen/nfsen.php.
nfsen.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1