50 lines
1.6 KiB
Plaintext
50 lines
1.6 KiB
Plaintext
$OpenBSD: README-main,v 1.2 2011/06/02 13:41:40 ajacoutot Exp $
|
|
|
|
+-----------------------------------------------------------------------
|
|
| Running ${FULLPKGNAME} on OpenBSD
|
|
+-----------------------------------------------------------------------
|
|
|
|
Basic installation
|
|
==================
|
|
To proceed with an installation or upgrade, adjust ${SYSCONFDIR}/nfsen.conf
|
|
as required and run the configuration tool:
|
|
|
|
# install-nfsen.pl ${SYSCONFDIR}/nfsen.conf
|
|
|
|
This will read the configuration file, create directories and files
|
|
as needed, and handle upgrades from previous versions.
|
|
|
|
It is highly advisable to read the documentation available at
|
|
http://nfsen.sourceforge.net/
|
|
|
|
Note, you may export netflow-compatible data from PF via pflow(4).
|
|
|
|
Chroot considerations
|
|
=====================
|
|
NfSen is written with chroot in mind and is capable of communicating
|
|
with the main nfcap daemon running outside the jail. Adapting to this
|
|
configuration is a simple matter of moving a few files around (while
|
|
the daemon is stopped).
|
|
|
|
# mkdir -p /var/www/var/db
|
|
# mv /var/db/nfsen /var/www/var/db/nfsen
|
|
# ln -s /var/www/var/db/nfsen /var/db/nfsen
|
|
|
|
PortTracker
|
|
===========
|
|
This optional module splits up traffic by port number. It can be useful
|
|
but is somewhat experimental. You can attempt to use it like this:
|
|
|
|
- uncomment the sample PortTracker entry from the plugin
|
|
section in the sample ${SYSCONFDIR}/nfsen.conf
|
|
|
|
- start nftrack:
|
|
# sudo -u _nfcapd nftrack -I -d /var/db/nfsen/ports-db/
|
|
|
|
- restart nfsen
|
|
# /etc/rc.d/nfsen reload
|
|
|
|
After the next processing interval, PortTracker should generate
|
|
data and graphs. If you have problems then examine system logs (you
|
|
may need to increase logging levels).
|