For When You Can't Have The Real Thing
[ start | index | login ]
start > Fedora > Server > 25 > Install nfsen 1.3.6p1

Install nfsen 1.3.6p1

Created by dave. Last edited by dave, 6 years and 356 days ago. Viewed 2,298 times. #5
[diff] [history] [edit] [rdf]
labels
attachments
(2016-12-02)

Problem

How do I get nfsen 1.3.6p1 running on Fedora Server 25?

Disclaimer

Works for me, your milage may vary, some cars not for use with some sets, if this doesn't work then the only thing I'll do for you is feel bad for you on a best-effort basis, yadda yadda…

Solution

Prerequisites:

# dnf groupinstall 'web server'
# dnf install nfdump libpcap-devel perl-Sys-Syslog rrdtool-perl.x86_64 perl-IPC-SysV perl-MailTools perl-Socket6.x86_64

Get, build and install >>fprobe.

Set up symlinks that nfsen wants: 

# ln -s /usr/bin/nfcapd /usr/local/bin
# ln -s `which nfdump` /usr/local/bin
# ln -s `which nfprofile` /usr/local/bin

Set up the user account for nfsen: 

# sudo useradd -G apache -d /var/lib/netflow netflow
# sudo chown netflow:apache ~netflow
# sudo chmod 750 ~netflow

Set a timezone in /etc/php.ini, the line will look something like 

date.timezone = 'America/New_York'

Configure httpd:

  • create the file /etc/httpd/conf.d/nfsen.conf:
Alias /nfsen /var/www/nfsen
<Directory /var/www/nfsen/>
    DirectoryIndex nfsen.php
    Options -Indexes
    AllowOverride all
    order allow,deny
    allow from all
    AuthType Basic
    AuthUserFile /etc/httpd/conf/htpasswd.nfsen
    AuthName "Access"
    require valid-user
    AddType application/x-httpd-php .php
    php_flag magic_quotes_gpc on
    php_flag track_vars on
</Directory>

Create the htpasswd.nfsen file: 

# htpasswd -c /etc/httpd/conf/htpasswd.nfsen nfsen

Get >>nfsen.

Configure nfsen.conf:

  • $BASEDIR (I change it to live in /var/lib/netflow/nfsen-1.3 so that if I ever have multiple versions I can keep them separate)
  • $WWWUSER/$WWWGROUP (change both to apache)
  • %sources (remove the two samples, add your flow(s)); example to match the fprobe example above: 
    %sources = ( 'ns25-lan'    => { 'port'    => '999', 'col' => '#0000ff', 'type' => 'netflow' }, );
Edit the nfsen-provided file libexec/NfSenRRD.pm:
  • on line 76, change the $rrd_version from 1.5 to 1.6
Install nfsen:

# install.pl <your-nfsen.conf-file>

Make nfsen start at boot time:

Create /etc/systemd/system/nfsen.service:

[Unit]
Description=NfSen Service
After=network.target
[Service]
Type=forking
PIDFile=/var/lib/netflow/nfsen-1.3/var/run/nfsend.pid
ExecStart=/var/lib/netflow/nfsen-1.3/bin/nfsen start
ExecStop=/var/lib/netflow/nfsen-1.3/bin/nfsen stop
Restart=on-abort
[Install]
WantedBy=multi-user.target

...and enable it:

# systemctl enable nfsen

Set httpd to start at boot time:

# systemctl enable httpd

Start httpd:

# service httpd start

Start nfsen:

# systemctl start nfsen

Note that for me it spits out a whole barf-load of perl warnings, but it still appears to work.

Start fprobe (making sure it is aimed at the right port):

# /usr/local/sbin/fprobe -fip -i eno1 -e 120 -q 10240 127.0.0.1:9999

...you should see something in 5 or 10 minutes.

More advanced

Create a /usr/local/sbin/start-fprobe script:

(Note: you may need to install vconfig if you are going to mess with vlans in this way!)

#!/bin/bash
# Note that destination ports have to match what is in ~netflow/nfsen/etc/nfsen.conf
INTER=ens224
HOME=nfsen3.gridwayit.local
ifup $INTER
vconfig add $INTER 57
ifconfig $INTER.57 up
/usr/local/sbin/fprobe -f"ip" -i $INTER.57 -e 120 -q 10240 $HOME:992
vconfig add $INTER 60
ifconfig $INTER.60 up
/usr/local/sbin/fprobe -f"ip" -i $INTER.60 -e 120 -q 10240 $HOME:991

...make it executable:

# chmod 744 /usr/local/sbin/start-fprobe

Create /etc/systemd/system/fprobe.service:

[Unit]
Description=fprobe
After=network-online.target
Wants=network-online.target
[Service]
Type=forking
ExecStart=/usr/local/sbin/start-fprobe
[Install]
WantedBy=multi-user.target

...and enable and start it: 

# systemctl enable fprobe
# systemctl start fprobe
no comments | post comment
see also:
snipsnap-index Linux snipsnap-search Start...
dave Dual-WAN G... DHCP Reser... Installing nfsen
Linux snmp+on... snmp on...
Site to ... Java Web In... Graph Titles Inc...
Test SMTP-AUT... check_snmp queue management cobbl...

Virtual Dave Megaplex:

(read this note about local search)

Logged in Users: (0)
… and 8 Guests.

Recently Changed

Editing: snipsnap-help, Image Macro

(Et auditum est, et idcirco ego nunc simulare)

This is a collection of techical information, much of it learned the hard way. Consider it a lab book or a /info directory. I doubt much of it will be of use to anyone else.

Useful:

snipsnap.org | Copyright 2000-2002 Matthias L. Jugel and Stephan J. Schmidt