Installing Nfsen and plugins on CentOS

Recently do flow analysis, with the next Nfsen, in the installation process encountered some problems, recorded.
First, the most typical problem is that after the installation is complete, Nfsen cannot start, prompting:
Starting NFCAPD: (route) open () error existing PID File:permission denied

The same installation steps are normal on another server. It took a while to find the reason (not Perl-.-), and finally it was solved by installing Nfsen in the Apache user directory.

Installation Requirements Package

-y httpd php wget gcc make rrdtool-devel rrdtool-perl perl-MailTools perl-Socket6 flex byacc perl php-mysql

Installing Nfdump

mkdir /root/soft/cd /root/soft/wget http://downloads.sourceforge.net/project/nfdump/stable/nfdump-1.6.11/nfdump-1.6.11.tar.gztar -zxvf nfdump-1.6.11.tar.gz cd nfdump-1.6.11./configure --enable-nfprofile --enable-nftrack --enable-sflow  --with-rrdpath=/usr/bin/makemake install

Installing Nfsen

mkdir /var/www/netflowchown apache:apache /var/www/netflowcd /root/soft/wget http://iweb.dl.sourceforge.net/project/nfsen/stable/nfsen-1.3.6p1/nfsen-1.3.6p1.tar.gztar zxvf nfsen-1.3.6p1.tar.gz cd nfsen-1.3.6p1/

CP etc/nfsen-dist.conf etc/nfsen.conf
Set the corresponding value in etc/nfsen.conf to the following value

 $BASEDIR = "/var/www/netflow";$USER    = "Apache";$WWWUSER  = "Apache";$WWWGROUP = "Apache";%Sources=(upstream1' = ' + {'Port' = '9995', 'Col' = '#0000Ff', 'type' = 'NetFlow'},);

To start the installation:
./install.pl etc/nfsen.conf

Start Nfsen:
/var/www/netflow/bin/nfsen start

Configuration under Apche
Vi/etc/httpd/conf/httpd.conf

<VirtualHost *:80>    ServerAdmin [email protected]    DocumentRoot /var/www/nfsen/    ServerName dummy-host.example.com</VirtualHost>

Launch Apache, and access http://ip/nfsen.php

Add Nfsen to/etc/init.d/
Touch/etc/init.d/nfsen
chmod +x/etc/init.d/nfsen
Vim/etc/init.d/nfsen
Add the following content

#!/bin/bash## chkconfig:-# Description:nfsenDaemon=/var/www/netflow/bin/nfsen Case "$" inchStart$DAEMONstart;; Stop$DAEMONstop;; Status$DAEMONstatus;; Restart$DAEMONStop sleep1        $DAEMONstart;; *)Echo "Usage:  $ {start|stop|status|restart}"        Exit 1;;EsacExit 0

Installing the Nfsight Plugin

cd /root/softwget http://sourceforge.net/projects/nfsight/files/nfsight-beta-20130323.tgz/downloadtar zxvf download cd nfsight-beta-20130323/

cp backend/nfsight.pm /var/www/netflow/plugins/mkdir  /var-R apache:apache /var/www/netflow/plugins/nfsightmkdir /var-r frontend/ /var/www/nfsen/nfsight/-R apache:apache /var/www/nfsen/nfsight

If MySQL is not installed, first install
Yum Install Mysql-server
Service mysqld Start
Chkconfig mysqld on
Set the root password of MySQL to root
mysqladmin-uroot-p password ' root '
Here the default password is empty, enter can be

New MySQL database nfsight:
Mysql-u root-proot-e "CREATE Database nfsight;"

Open the browser, access the following address, start the installation
http://ip/nfsight/installer.php

Back-end settings设置页中Path to data files设置为如下:/var/www/netflow/plugins/nfsight

Add the last step of the configuration file to the/var/www/netflow/etc/nfsen.conf corresponding option.

@plugins= ([' * ',' Nfsight '],);%pluginconf = (nfsight={Path= "/data/nfsen/plugins/nfsight", expiration= " the", network={"10.2.1.0"= " the","10.1.200.0"= " the",}, Scanner_limit= "5", Print_int_scanner= "1", Print_ext_scanner= "1", print_int_client= "1", print_ext_client= "1", Print_int_server= "1", Print_ext_server= "1", Print_int_invalid= "1", Print_ext_invalid= "1", Sql_host= "localhost", Sql_port= "3306", Sql_user= "Nfsight", Sql_pass= "Nfsight", sql_db= "Nfsight",    },);

After the installation is complete, restart the service

/var/www/netflow/bin/nfsen stop
/var/www/netflow/bin/nfsen start

Add a Scheduled task
Cronta-e
* * * * * wget–no-check-certificate-q-o-http://management:[email protected]/nfsight/aggregate.php

Access
Http://ip/nfsight

Installing the PortTracker Plugin

Cd/root/soft/nfsen-1.3.6p1/contrib/porttracker
CP porttracker.pm/var/www/netflow/plugins/
CP porttracker.php/var/www/nfsen/plugins/

Create a PortTracker data storage directory
The directory path can be configured in the Portsdbdir parameter in the PORTTRACKER.PM configuration file
vim/var/www/netflow/plugins/porttracker.pm
Modify the Portsdbdir parameter to/var/www/netflow/ports-db/
mkdir/var/www/netflow/ports-db/
Chown-r apache:apache/var/www/netflow/ports-db/
chmod 775/var/www/netflow/ports-db/

To modify the Nfsen configuration file add plug-in information:
Vim/var/www/netflow/etc/nfsen.conf
@plugins = (
# profile # Module
# [' * ', ' demoplugin '],
[' * ', ' nfsight '],
[' Live ', ' PortTracker '],
);

Generate PortTracker Data:
Nftrack-i-d/var/www/netflow/ports-db/
If the virtual machine fails to connect and the system collapses, use the following command to generate
Sudo-u apache/usr/local/bin/nftrack-i-d/data/nfsen/ports-db/

Reload Nfsen:
/var/www/netflow/bin/nfsen Reload

Wait 5 minutes or so to access the Nfsen interface Select plugins can see the corresponding information

Installing Fprobe

The fprobe is used to guide the flow to the Nfsen

yum install libpcap-develcd /root/softwget http://jaist.dl.sourceforge.net/project/fprobe/fprobe/1.1/fprobe-1.1.tar.bz2tar jxvf fprobe-1.1.tar.bz2cd fprobe-1.1./configuremakemake install

After the installation is complete, use the following command to import the eth0 traffic to the 192.168.1.121
Fprobe-i eth0 192.168.1.121:9996

Installed Hoststats plug-in

With Hoststats, the flow status can be displayed according to the time.

Cd/root/softwget http://jaist.dl.sourceforge.net/project/hoststats/hoststats-1.1.5.tar.gzTar zxvf hoststats-1.1. 5.Tar.GZCD Hoststats-1.1. 5./install-libnfdump.Shmkdir/var/www/hoststats./configuremakemake install this time will prompt to confirm the installation path, enter/var/www/hoststatschown Apache:apache- R/var/www/hoststats Start/var/www/hoststats/hoststats start Add to/ETC/RC.Local, boot up the Echo'/var/www/hoststats/hoststats start ' >>/etc/rc.Local

When the above steps are complete, wait a few minutes to see the interface on the Plugins menu.

Installing Surfmap

Surfmap can show IP connectivity via Google Maps

install php-gd php-pdo sqlite php-mbstringservice httpd restartcd /root/softwarewget http://sourceforge.net/projects/surfmap/files/installinstall.sh./install.sh

The program by default with Http://maps.google.com/maps, do not turn over the wall words cannot open, so change into http://www.google.cn/maps/

‘s/maps.google.com/www.google.cn/g‘`grep ‘maps.google.com‘ -rl ./`

Restart Nfsen, wait a few minutes, then look at the interface.
/var/www/netflow/bin/nfsen Reload

Reference links

http://www.haiyun.me/archives/netflow-nfsight-nfsen.htmlhttp://sourceforge.net/p/nfsight/wiki/Installation/http://steronius.blogspot.kr/2013/05/install-nfsight-plugin-for-nfsen-on.htmlhttp://blog.hackroad.com/operations-engineer/linux_server/3327.htmlhttp://www.shunze.info/forum/thread.php?threadid=1953&boardid=3&sid=aadc298e695d7f799db0b872563884b3&sid=aadc298e695d7f799db0b872563884b3

Installing Nfsen and plugins on CentOS