+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------
Note: the _nfcapd user has been added to group "www".
Basic installation
==================
To proceed with an installation or upgrade, adjust ${SYSCONFDIR}/nfsen.conf
as required and run the configuration tool:
# install-nfsen.pl ${SYSCONFDIR}/nfsen.conf
This will read the configuration file, create directories and files
as needed, and handle upgrades from previous versions.
It is highly advisable to read the documentation available at
http://nfsen.sourceforge.net/
Note, you may export netflow-compatible data from PF via pflow(4).
Chroot considerations
=====================
NfSen is written with chroot in mind and is capable of communicating
with the main nfcap daemon running outside the jail. Adapting to this
configuration is a simple matter of moving a few files around (while
the daemon is stopped).
# mkdir -p /var/www/var/db
# mv /var/db/nfsen /var/www/var/db/nfsen
# ln -s /var/www/var/db/nfsen /var/db/nfsen
PortTracker
===========
This optional module splits up traffic by port number. It can be useful
but is somewhat experimental. You can attempt to use it like this:
- uncomment the sample PortTracker entry from the plugin
section in the sample ${SYSCONFDIR}/nfsen.conf
- start nftrack: note that this will require at least 10GB of space in
the database directory.
# su -m _nfcapd -c "nftrack -I -d /var/db/nfsen/ports-db/"
- restart nfsen
# rcctl restart nfsen
After the next processing interval, PortTracker should generate
data and graphs. If you have problems then examine system logs (you
may need to increase logging levels).
