51 lines
1.7 KiB
Plaintext
51 lines
1.7 KiB
Plaintext
$OpenBSD: README,v 1.4 2015/10/05 12:59:12 kirby Exp $
|
|
|
|
+-----------------------------------------------------------------------
|
|
| Running ${FULLPKGNAME} on OpenBSD
|
|
+-----------------------------------------------------------------------
|
|
|
|
Basic installation
|
|
==================
|
|
To proceed with an installation or upgrade, adjust ${SYSCONFDIR}/nfsen.conf
|
|
as required and run the configuration tool:
|
|
|
|
# install-nfsen.pl ${SYSCONFDIR}/nfsen.conf
|
|
|
|
This will read the configuration file, create directories and files
|
|
as needed, and handle upgrades from previous versions.
|
|
|
|
It is highly advisable to read the documentation available at
|
|
http://nfsen.sourceforge.net/
|
|
|
|
Note, you may export netflow-compatible data from PF via pflow(4).
|
|
|
|
Chroot considerations
|
|
=====================
|
|
NfSen is written with chroot in mind and is capable of communicating
|
|
with the main nfcap daemon running outside the jail. Adapting to this
|
|
configuration is a simple matter of moving a few files around (while
|
|
the daemon is stopped).
|
|
|
|
# mkdir -p /var/www/var/db
|
|
# mv /var/db/nfsen /var/www/var/db/nfsen
|
|
# ln -s /var/www/var/db/nfsen /var/db/nfsen
|
|
|
|
PortTracker
|
|
===========
|
|
This optional module splits up traffic by port number. It can be useful
|
|
but is somewhat experimental. You can attempt to use it like this:
|
|
|
|
- uncomment the sample PortTracker entry from the plugin
|
|
section in the sample ${SYSCONFDIR}/nfsen.conf
|
|
|
|
- start nftrack: note that this will require at least 10GB of space in
|
|
the database directory.
|
|
# su -m _nfcapd -c "nftrack -I -d /var/db/nfsen/ports-db/"
|
|
|
|
- restart nfsen
|
|
# rcctl restart nfsen
|
|
|
|
After the next processing interval, PortTracker should generate
|
|
data and graphs. If you have problems then examine system logs (you
|
|
may need to increase logging levels).
|