Shunze ¾Ç¶é >¹q¸£¸ê°T¾Ç¨t >¦Y³n¤£¦Yµw > ¡m¤À¨É¡nUbuntu¦w¸ËNfsen «¢Åo¡AÁÙ¨S¦³µù¥U©ÎªÌµn¤J¡C½Ð§A[µù¥U|µn¤J]
« ¤W¤@½g¥DÃD ¤U¤@½g¥DÃD » Åã¥Ü¦¨¦C¦L¼Ò¦¡ | ¼W¥[¨ì§Úªº³Ì·R
µoªí·s¥DÃD µoªí¦^ÂÐ
§@ªÌ
¥DÃD
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nUbuntu¦w¸ËNfsen¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

»¡¨ì¬y¶q¤ÀªR¡A¤@ª½¥H¨Ó¶¶¤l³£»{¬° ntop ¬O­ÓÀu¥ý±ÀÂ˪º¦n¤u¨ã¡I
¦ý¦Û±qntop§ïª©¬°ntopng¡Antop¤£¦AÄ~ÄòºûÅ@¡Antop¤W´NµLªk¥¿½T¸ÑªR¦UºØ¬y¶q»Pprotocolªº¹ïÀ³Ãö«Y¡C
(¦ý¨ä¬y¶q¼Æ¾ÚÁÙ¬O¹ïªº³á¡ã)

¦Ó ntopng ©O¡H
»¡¯uªº¡A¥¦ªºUI¶¶¤lÁÙ¯u¤£²ßºD¡A
·Pı¤W¤£¶È¥\¯àÅܤ֡AMRTG¬y¶q¹Ï¤£¨£¤F¡A¦Ó¥BÁÙ¦h¤F¨Ç¥I¶Oªº¥\¯à...


¦bºô¸ô·j´M«á¡A¶¶¤lµo²{ÁÙ¦³¥t¤@®M±ÀÂ˪º¤u¨ã-Nfsen¡C
¥¦¸òntop¨t¦C³Ì¤jªº¤£¦P¦b©óntopng¥i¥H¤ÀªR§¹¾ãªº¸ê®Æ¡A¤]¥i¥H¦¬¶°ºë²«áªº©â¼Ë¸ê®ÆNetflow»PsFlow¡A
¦ÓNfsen«h¥u¯à¤ÀªRºë²ªºNetflow©â¼Ë¼Æ¾Ú¡C

¤@¯ë¨Ó»¡¡A¦¬¶°§¹¾ãªº¸ê®Æ¡A¯à¹ï§Y®É¬y¶q°µ§ó§¹¾ã²`¤Jªº¤ÀªR¡A
¦ý¤]¦]¬°¼Æ¾Ú¤Ó¤j¡A¤£©ö«O¦s¡A¬GµLªk¶i¦æ¤ù¬q°Ï¶¡ªº¾ú¥v¸ê®Æ¤ÀªR¡C
¦Óºë²ªº©â¼Ë¸ê®Æ¡A¼Æ¾Ú¶q¤w¤j¤jªº´î¤Ö¡A¦]¦¹¥i¥H°µ¨ì¾ú¥v¸ê®Æªº¤ÀªR¡C

·í¥DºÞ°Ý§A¤W¶g¤­¤U¯Z«e¤@¤p®É¡A¬°¤°»òºô¸ô«ÜºC¡H
³z¹Lntop/ntopng¥i¯àµLªk§ä¨ì¦³¥Î½u¯Á¡A¦ý³z¹LNfsen­Ë¬O¥i¥H§ä¨ì¨Çµïµ·°¨¸ñ¡C

¥H¤U¬°Ubuntu 14.04¦w¸ËNfsen 1.3.6p1ªº¦w¸Ëµ§°O¡C
(«x¡H1.3.7³£¤w¸g¥X¤F¡A¬°¤°»ò¸Ë1.3.6p1¡H¨º¬O¦]¬°¶¶¤l¦w¸Ë¥¢±Ñ¤F¡A©Ò¥H¥u¦n¦^¹LÀY¨Ó¥Î¤@ÂIªºª©¥»¡C)

¾Þ§@Àô¹Ò
eth0 192.168.10.28/24 ¨ÑNfsen¾Þ§@¬d¸ß
eth1 169.254.77.1/24 ¶È¨Ñ¦¬¶°switch©Òmirror¹L¨Óªº¬y¶q¼Æ¾Ú



¦]¬°¶¶¤llab¤¤ªºswitch¨S¦³¿é¥XNetflow¥\¯à¡A
©Ò¥H¥u¯à³z¹Lmirror¥\¯à¡A±N¬y¶q½Æ¥»¤@¥÷¨ìNfsen¤W±Mªù¥Î¨Ó¦¬¶°¬y¶qªº²Ä¤G±iºô¥d(eth1)¡A
µM«á¦A§Q¥Îfprobe±N¬y¶q¿é¥X¬°Netflow®æ¦¡µ¹Nfsen¨Ï¥Î¡C
­Y±zªºswitch¥i¿é¥X©â¼Ë«áªºNetflow¼Æ¾Ú¡A«h¥i¥H¤£¥Î¦w¸Ëfprobe¡C


  • ¦w¸Ëfprobe
    ¤£§K«Uªº½Ð¥ý§ó·s®M¥ó²M³æ¡C
    apt-get update

    µM«á¦w¸Ëfprobe®M¥ó¡C
    apt-get install fprobe

    ¦w¸Ë´Á¶¡¡A¨t²Î·|°Ý±z­nÂà´«¼Æ¾Úªººô¥d¡A³oùاڭ̴N¿ï eth1 §a¡C



    µM«á¿é¥X¨ì¥»¾÷ªºport 9995¡C



    ­Y¤§«á­nÅܧófprobe³]©w¡A¥i¨ì¥H¤UÀɮ׶i¦æ°Ñ¼Æ­×§ï¡C
    /etc/default/fprobe

    ¦w¸Ë§¹¦¨¥i³z¥H¤U«ü¥O¡A´ú¸Õfprobe¯à§_¦¨¥\ªº¿é¥XNetflow«Ê¥]¡C
    tcpdump -n -i lo udp dst port 9995




  • ¦w¸Ënfdump
    ¨ä¹ênfdumpªº¦w¸Ë¡A¤]¥i¥H³z¹Lapt-get®M¥ó¨Ó¦w¸Ë¡A
    ¦ý³z¹Lapt-get®M¥ó¨Ó¦w¸Ë·|¤Ö¤F¤@­Ó nftrack °õ¦æÀÉ¡I

    ³o­Ó nftrack ·|ª½±µ¼vÅT¨ìPortTracker´¡¥óªº¨Ï¥Î¡A
    ¦Ó³o­Ó°õ¦æÀɶ¶¤l¤]¤£ª¾¹D¦p¦ó­««Ø¡A©Ò¥H¥u¦n¨Ä¨Ä±qtarball¨Ó¦w¸Ënfdump¥H²£¥Í nftrack¡C

    ­º¥ý¡A¦w¸Ëtarball complier¥²­n®M¥ó¡C
    apt-get update
    apt-get install gcc flex librrd-dev make

    µM«á¤U¸ü¨Ã¸ÑÀ£nfdump 1.6.8p1¡C
    cd /usr/src/
    wget http://sourceforge.net/projects/nfdump/files/stable/nfdump-1.6.8p1/nfdump-1.6.8p1.tar.gz
    tar zxvf nfdump-1.6.8p1.tar.gz
    cd nfdump-1.6.8p1

    «Ø¥ß³]©wÀɤº¹ïÀ³ªº¸ê®Æ§¨¡A¶i¦æ¦w¸Ë¡C
    mkdir -p /usr/local/nfdump
    ./configure --prefix=/usr/local/nfdump --enable-nftrack
    make
    make install

    ¥Ñ©ó§Ú­Ì¦b½sĶnfdump®É¦³¥[ --enable-nftrack °Ñ¼Æ¡A©Ò¥H¦b·|bin¥Ø¿ý¤U²£¥Í¤@­Ó°õ¦æÀÉ nftrack¡A
    §â³o­Ó nftrack ½Æ»s¨ì¨t²Î¸ê®Æ§¨¤¤¡ANfsenªºPortTracker´¡¥ó·|¥Î¨ì¡C
    cp bin/nftrack /usr/bin/


  • ¦w¸ËNfsen
    ¦w¸ËNfsen©Ò»Ý¬ÛÃö®M¥ó¡C
    apt-get install nfdump apache2 libapache2-mod-php5 php5-common rrdtool librrds-perl librrdp-perl librrd-dev libmailtools-perl libio-socket-ssl-perl

    ¤U¸ü¸ÑÀ£Nfsen¡C
    cd /usr/src/
    wget http://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.6p1/nfsen-1.3.6p1.tar.gz
    tar zvxf nfsen-1.3.6p1.tar.gz
    cd nfsen-1.3.6p1

    ¦w¸ËSocket6 perl¼Ò²Õ¡C
    perl -MCPAN -e 'install Socket6'


    µM«á½Æ»sNfsen³]©wÀÉ nfsen-dist.conf ¨ì¨t²Î¥Ø¿ý¤U¡C
    cp /usr/src/nfsen-1.3.6p1/etc/nfsen-dist.conf /etc/nfsen.conf


    ±µµÛ½s¿è¨t²Î¥Ø¿ý¤UªºNfsen³]©wÀÉ /etc/nfsen.conf¡C
    vim /etc/nfsen.conf

    ##­ì³]©wÀɤº®e
    $BASEDIR = "/data/nfsen";
    $HTMLDIR = "/var/www/nfsen/";
    $PREFIX = '/usr/local/bin';
    ...
    $USER = "netflow";
    $WWWUSER = "www";
    $WWWGROUP = "www";
    ...
    %sources = (
        'upstream1' => { 'port' => '9995', 'col' => '#0000ff', 'type' => 'netflow' },
        'peer1' => { 'port' => '9996', 'IP' => '172.16.17.18' },
        'peer2' => { 'port' => '9996', 'IP' => '172.16.17.19' },
    );

    ##Åܧó«á¤º®e
    $BASEDIR = "/usr/local/nfsen";
    $HTMLDIR = "/var/www/html/nfsen/";
    $PREFIX = '/usr/bin/';
    ...
    $USER = "www-data";
    $WWWUSER = "www-data";
    $WWWGROUP = "www-data";
    ...
    %sources = (
        'MyRouter' => { 'port' => '9995', 'col' => '#0000ff', 'type' => 'netflow' },
    );


    ½Ðª`·N³]©w¤¤Àɤ¤ªº°Ñ¼Æ $BASEDIR,
    ¦¹°Ñ¼Æ¹ïÀ³ªº¸ô®|¤w§ï¬° /usr/local/nfsen¡A¦¹¥Ø¿ý¨Ã¤£¦s¦b¡A©Ò¥H­n·s«Ø¦¹¤@¥Ø¿ý¡C
    mkdir -p /usr/local/nfsen


    ¥t¥~1.3.6p1ªº¦w¸ËÀɦ³¤@­Ó Socket6 ªºbug­n³B²z¡A
    ½Ð­×§ï¸ÑÀ£«á libexec ¥Ø¿ý¤Uªº AbuseWhois.pm ¤Î Lookup.pm ¨â­ÓÀɮסC
    ±N
    use Socket6;

    §ï¬°
    Socket6->import(qw(pack_sockaddr_in6 unpack_sockaddr_in6 inet_pton getaddrinfo));

    ³o¼Ë±µ¤U¨Ó¦w¸Ë¤~¯à¶¶§Q¦w¸Ë§¹¦¨¡A¤£µM·|¥X²{¦p¤Uªº¿ù»~¡I
    Subroutine Lookup::pack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67.
    at /var/nfsen/libexec/Lookup.pm line 43
    Subroutine Lookup::unpack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67.
    at /var/nfsen/libexec/Lookup.pm line 43
    Subroutine Lookup::sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67.
    at /var/nfsen/libexec/Lookup.pm line 43
    Subroutine AbuseWhois::pack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67.
    at /var/nfsen/libexec/AbuseWhois.pm line 42
    Subroutine AbuseWhois::unpack_sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67.
    at /var/nfsen/libexec/AbuseWhois.pm line 42
    Subroutine AbuseWhois::sockaddr_in6 redefined at /usr/share/perl/5.14/Exporter.pm line 67.
    at /var/nfsen/libexec/AbuseWhois.pm line 42
    Subroutine AbuseWhois::pack_sockaddr_in6 redefined at /var/nfsen/libexec/AbuseWhois.pm line 44
    Subroutine AbuseWhois::unpack_sockaddr_in6 redefined at /var/nfsen/libexec/AbuseWhois.pm line 44
    Subroutine AbuseWhois::sockaddr_in6 redefined at /var/nfsen/libexec/AbuseWhois.pm line 44

    ­×§ï¦n«á°õ¦æ¥Ø«e©Ò¦b¸ô®| /src/usr/nfsen-1.3.6p1 ùتº install.pl¡A¦õ¥H°Ñ¼ÆÀÉ /etc/nfsen.conf ùتº°Ñ¼Æ©w¸q¨Ó¦w¸ËNfsen¡C
    ./install.pl /etc/nfsen.conf

    ²Ä¤@¦¸¦w¸Ë·|µ²§ô¦b¦p¤Uªº¿ù»~°T®§¡A
    Profile live: spool directories:
    Creating: mkdir /usr/local/nfsen/profiles-data/live/MyRouter
    MyRouter
    Rename gif RRDfiles ... done.
    Create profile info for profile 'live'

    Can not get semaphore: at libexec/Nfsync.pm line 48.

    ¤£­nºò¡A¦A°õ¦æ¤@¦¸´N¥i¥H¶¶§Q¹LÃö¡I
    §¹¦¨«á¡A¤Á´«¨ì /usr/local/nfsen/bin ¸ô®|¤U±Ò°ÊNfsen¡ANfsenªº¦w¸Ë°ò¥»¤W´N§¹¦¨¤F¡ã
    cd /usr/local/nfsen/bin
    ./nfsen start


    ³z¹Ltarball¦w¸Ë¦nªºNfsen¹w³]¬O¤£·|¦Û°Ê±Ò°Êªº¡A
    §Ú­Ì¤]¥i¥H§ânfsen«Ø¥ß¤@­Ó³sµ²¨ì±Ò°Ê¥Ø¿ý /etc/init.d ¤¤¡AµM«á¥[¤JUbuntuªº¦Û°Ê±Ò°Ê¶µ¥ØùØ¡A
    ³o¼Ë§Y«K¬O­«¶}¾÷Nfsen¤]·|ÀH¤§¦Û°Ê±Ò°Ê¡C
    ln -s /usr/local/nfsen/bin/nfsen /etc/init.d/nfsen
    update-rc.d nfsen defaults


  • ¦w¸ËPortTracker´¡¥ó
    ½Ð¥ý¦b /usr/local/nfsen ¸ê®Æ§¨¤¤·s«Ø¤@­Ó¸ê®Æ§¨ ports-db¡A¨Ã½á¤©Apache¨Ï¥ÎªÌwww-data°õ¦æÅv­­¡C
    mkdir /usr/local/nfsen/ports-db
    chown -R www-data:www-data /usr/local/nfsen/ports-db/

    ±µµÛ¤Á´«¨ì¦w¸ËÀɤ¤ contrib ¸ô®|¤U¡A­×§ï PortTracker.pm ³o­ÓÀɮסC
    cd /usr/src/nfsen-1.3.6p1/contrib/PortTracker/
    vim PortTracker.pm

    ±N $PORTSDBDIR ¸ô®|«ü¦V /usr/local/nfsen/ports-db¡C
    my $PORTSDBDIR = "/usr/local/nfsen/ports-db";

    µM«á½Æ»s PortTracker.pm »P PortTracker.php ³o¨â­ÓÀɮרì¹ïÀ³¥Ø¿ý¤¤¡C
    cp PortTracker.pm /usr/local/nfsen/plugins/
    cp PortTracker.php /var/www/html/nfsen/plugins/

    ¤§«á¦A­×§ïNfsenªº¤º®e¡A§ä¨ì @plugins ¥[¤J PortTracker ³o­Ó´¡¥ó¡C
    vim /usr/local/nfsen/etc/nfsen.conf

    @plugins = (
        [ 'live', 'PortTracker'],
    );


    ³Ì«á¦A½á¤©PortTracker¸ê®Æ§¨ ports-db ªº¾Ö¦³Åvµ¹apache¨Ï¥ÎªÌwww-data¡C
    chown -R www-data:www-data /usr/local/nfsen/ports-db

    µM«á¦A¥Hwww-data¨­¥÷°õ¦æ nftrack ¨Ã±N¸ê®Æ²£¥Í¦b ports-db ¸ô®|¤§¤¤¡C
    sudo -u www-data /usr/bin/nftrack -I -d /usr/local/nfsen/ports-db

    ³o­Ó¶¥¬q·|ªá¤@ÂI®É¶¡²£¥Í¤j¶q¸ê®Æ¡AµwºÐªÅ¶¡·|¥Ñ­ì¨Óªº 1.6G ¼É¼W¨ì 9.8G¡I

    §¹¦¨«á¡A«Øij­«¶}¾÷¡F
    ­«¶}¾÷«áNfsen´N¯à¥¿±`¹B§@¤F¡ã


  • °ÝÃD³B²z
    1. Nfsen­º­¶¥X²{ Frontend - Backend version missmatch! ´£¥Ü¡I



      ¦b /var/www/ntml/nfsen/nfsen.php ºô­¶¤¤¡A§ä¨ì¥H¤U¤º®e¡A
      if ( !array_key_exists(¡¥backend_version¡¦, $_SESSION ) || $_SESSION[¡¥backend_version¡¦] != $expected_version ) {

      ­×§ï¬°¡A§Y¥i¸Ñ¨M¡C
      if ( array_key_exists(¡¥backend_version¡¦, $_SESSION ) && $_SESSION[¡¥backend_version¡¦] != $expected_version ) {


    2. Plugins­¶­±µLªkÅã¥ÜPortTracker´¡¥ó¡A¥X²{Error reading stat¡H

      PortTrackerªº¨Ï¥Î¬O»Ý­n¤@ÂI®É¶¡¨Ó¥Í¦¨¹ïÀ³ªº­¶­±¡C
      ¦pªG¸Ó¸Ëªº¡B¸Ó§ïªº¡B¸Ó½Æ»sªº³£¤w¸g½T¹ê§¹¦¨¡Aµ¹¥¦¤@ÂI®É¶¡¡A
      ¦^ÀY¦A¨Ó¬Ý¡A¤]³\¥¦´N¥i¥H¥¿±`¨Ï¥Î¤F¡ã

    3. Nfsen¥u¯à¦¬¶°¨ì¤@ÂIÂIªºudp¸ê®Æ¡A§¹¥þ¨S¦³¨ä¥¦¸ê®Æ¡H
      ³oºâ¬O¶¶¤l·dªº¯QÀs...
      ¶¶¤lªºÀô¹Ò¬O¬[¦bVMware¤¤¡A¦Ó°t¸m¥Î¨Ó¦¬¶°¬y¶qªººô¥d¡A¨S¦³¥´¶}Promiscuous Mode(¹w³]¬°Reject)¡A
      ¦]¦¹µLªk¦¬¶°¨ì¤£¦Pºô¬qªº«Ê¥]¡Aª½±µ³QVMware Server¾×±¼¡C

      ¥u­n­×§ïNewworkingùØvSwitchªºPromiscuous Mode¬° Accept¡A
      ´N¥i¥H¦¬¶°¨ì§¹¾ãªº«Ê¥]¤F¡ã



    4. ³z¹L update-rc.d ¦Û°Ê±Ò°Ê«á¡AÃö¾÷¦b Stopping System V runlevel compatibiligy ¥d¦n¤[¡H



      ³z¹L update-rc.d ±NNfsen¥[¤J¦Û°Ê±Ò°Ê«á¡A·|¼W¥[¥H¤U¶µ¥Ø¨ì¹ïÀ³¶¥¼h¸ô®|¤¤¡C



      ¨ä¤¤rc0.d/rc1.d/rc6.d³o¤T­Ó¼h¯Å¤À§O¬O¹ïÀ³¨ìÃö¾÷¡B³æ¤H¼Ò¦¡¤Î­«¶}¾÷ªºrun-level¡A
      ¥u­n§â³o¤T­Ó¸òÃö¾÷ÃöÁpªº K20nfsen §R°£¡AÃö¾÷¤Î­«¶}¾÷´N¤£·|¥d¥dÅo¡ã
      rm /etc/rc0.d/K20nfsen
      rm /etc/rc1.d/K20nfsen
      rm /etc/rc6.d/K20nfsen

    5. ©ú©ú²{¦b´N¦³¤j¶q¤U¸ü¦b¦û¥ÎÀW¼e¡A¬°¤°¬°Nfsen§ì¤£¨ì¡H

      ³o¬O¦]¬°Nfsenªº¬y¶q¹Ï¬O³z¹L¤ÀªRNetflow«Ê¥]¨Ó¶i¦æ¡A
      °£¤FNetflowªº«Ê¥]¬°©â¼Ë¼Æ¾Ú©w®É°e¦¬¨ìNfsen¥H¥~¡ANfsen¥»¨­¤]­n¤@ÂI®É¶¡¨Ó®ø¤Æ¸ê®Æ¡Aø»s¦¨¬y¶q¹Ï¡C
      ©Ò¥HµLªk°µ¨ì§Y®É¬y¶qªº¼Æ¾Ú¤ÀªR¡C

      ­n¬d§Y®É¬y¶q¡H
      «ØijÁÙ¬O¥Întop©Întopng¤ñ¸û²Å¦X§Y®É¬y¶qªº»Ý¨D¡C


°Ñ¦Ò¸ê®Æ
Ubuntu 12.04 install Netflow Note
Installation and configuration of NFDUMP and NfSen on Ubuntu
Install NFSEN on Ubuntu, the easiest way.
Nfsen°ò¤_CentOSªº³¡¸p



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-01-08, 13:40 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡n°ò¥»UI¤¶²Ð¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

Nfsen¦w¸Ë§¹¦¨«á¡A¥i¥HNfsen ServerªºIP¦ì§}¡AµM«á±¾nfsen¸ô®|¤Uªºnfsen.php¨Ó¶}±Ò­º­¶¡C

http://Nfsen-Server_IP/nfsen/nfsen.php

  • ¦b­º­¶HomeùØ¡A·|Åã¥Üflow/packet/¬y¶q¤TºØÃþ«¬ªº¬y¶qÁY¹Ï¡A
    ¨Ã¤À§O¥H¤é/¶g/¤ë/¦~¥|­Ó¼h¯Å¨ÓÅã¥Ü¡C



  • ¦bGraphsùبä¹ê¸òHomeÅã¥Üªº¥\¯à¬O¬Û¦Pªº¡A
    ¥D­nªº®t§O¦b©ó¤TºØÃþ«¬ªº¬y¶q¹Ï±¾¦b¦U¦Ûªº­¶­±ùØ¡C
    ¤]¦]¬°¦p¦¹¡A¬y¶q¹Ï¯à¥H¥¿±`¤Ø¤oÅã¥Ü¡A¦Ó¤£¬OHomeùتºÁY¤pÅã¥Ü¡C



  • Details¬O¥D­nªº¾Þ§@­¶­±¡C
    ¦bDetailsªº­¶­±¤W¤è¡A±N¬y¶q°Ï¤À¬°TCP/UDP/ICMP»Pother¥|ºØprotocolÃþ«¬¡C
    ÂI¤F¥ô¦ó¤@ºØprotocl¡A³£·|Åã¥Ü¹ïÀ³ªº¬y¶q©ó¨ä¤U¥D­nªº¤j¹ÏùØ¡C
    ¦Óflow/packet/¬y¶q¤TºØÃþ«¬ªº¬y¶q«h¥i³z¹L¥k°¼ªº¤p¬y¶q¹Ï¨Ó¶i¦æ¤Á´«¡C
    ¤U¤èDisplay®ÇªºÂsÄý¦C¥\¯à«ö¶s¡A´£¨Ñ¨Ï¥ÎªÌ¥H·Æ¹«©ì©Ô®É¶¡¶b¥~ªº¥t¤@ºØ¾Þ§@¿ï¾Ü¡C
    ³Ì¤U¤èªº²Î­p¸ê®Æ«hÅã¥Ü¤F®É¶¡½d³ò¤º¤TºØÃþ«¬¬y¶qªºÁ`©M©Î³t²v¡C



  • Alerts­¶­±¥i¥H³]©w§iĵ¾÷¨î¡C


    ¦ýNfsen´£¨Ñªºsmtp²ÕºA³]©w¬Û·í¦³­­¡A¦b³]©wÀÉnfsen.conf¤¤¥u´£¨Ñ¤F¥H¤U¨â­Ó°Ñ¼Æ¡A¨Ã¨S¦³¨ä¥¦²Ó¶µ³]©w¡C
    $MAIL_FROM = 'your@from.example.net';
    $SMTP_SERVER = 'localhost';

    ©Ò¥HÀô¹Ò¤¤ªºmail server»Ý¹ïNfsenªºIP¶i¦æopen relay©ñ¦æ¡A¤~¯àÅýNfsen¦¨¥\µo«H¡F
    ¤£µM´N­n¦bNfsen¤W¦A°_­ÓMTAªA°È¨Ó¹ê²{µo«H¾÷¨î¡C

  • Stats­¶­±¥i¹ï¸ê®Æ«O¯d®É»P¶¡¤j¤pµ¥¶i¦æ³]©w¡C
    ¬y¶q¹Ï¤¤ªºÃC¦â½Õ¾ã¤]¬O¦b³o­Ó­¶­±¤¤¶i¦æ³á¡ã



  • Plugins­¶­±Åã¥Ü¤FNfsenªº´¡¥ó¡A­Y¦³¸ËPortTrackerªº¸Ü¡A±N©ó¦¹­¶­±¤¤Åã¥Ü¡C



    ¦bPortTracker¤¤¡A¥i¥H¬Ý¨ì¥¦¬O°w¹ïTCP/UDP¨âºØÃþ«¬ªºflow/packet/¬y¶q¤TºØ¤è¦¡Ã¸»s¬y¶q¹Ï¡A
    ¥i¥H¦b³o¤@¤j¤­¤pªº¹Ï¤¤¦Û¦æ¤Á´«­n¬d¬ÝªºProtocol»P¬y¶q¡C
    ¨Ã¥B©ó¤U¤è²Î­p¸ê®Æ¤¤Åã¥Ü¦UºØProtocolªºPort¨Ï¥Î±Æ¦W¡C

    ¤£¹L¤ñ¸û¥i±¤ªº¬O¥¦¨S¦³´£¨Ñ¹³Details­¶­±ªº®É¶¡¶b¤u¨ã¡A
    µLªk¦Û©w®É¶¡½d³ò¨Ó¬d¸ß¸Ó½d³ò¤ºªºPort¨Ï¥Î±Æ¦W¡C
    ¥u¯à¥H²{¦bªº®É¶¡©¹«e±À12¤p®É¡B¤@¤Ñ¡B¨â¤Ñ¡B¥|¤Ñ¡B¤@¶g»P¨â¶gµ¥¬J©wªº®É¶¡½d³ò¨Ó°µ¬d¸ß¡A
    ³o¬O¤ñ¸û¥i±¤ªº¦a¤è...



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-01-08, 16:40 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡n³z¹LNfsen§ì¦û¥ÎÀW¼e¥û¤â¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

Nfsen¸Ë¦n¤F¡A¨Ó¸ÕµÛ³z¹L¥¦§ì¥X¦û¥ÎÀW¼eªº¥û¤â§a¡I
¦ý¦b¾Þ§@¤§«e¡A¦³´X­Ótcpdump¾Þ§@¤Wªº¦Wµü¬O±z¥²»Ý¥ýª¾¹Dªº¡C

host ¥D¾÷¡A±µ¨üIP¡C
ip IP¡C
port Port¡C
src Source¡A«á­±±µ¨Ó·½IP©ÎPort¡C
dst Destination¡A«á­±±µ¥ØªºIP©ÎPort¡C

proto Protocol¡A«á­±±µ¹ïÀ³ªºUDP/TCP/ICMPµ¥¨ó©w¡C
udp UDP¨ó©w¡C
tcp TCP¨ó©w¡C
icmp ICMP¨ó©w¡C

and ÅÞ¿è¹Bºâ-©M¡A«e«á±ø¥ó³£­n²Å¦X¤~¦³®Ä¡C
or ÅÞ¿è¹Bºâ-©Î¡A«e«á¥ô¤@±ø¥ó²Å¦X§Y¦³®Ä¡C
not ÅÞ¿è¹Bºâ-«D¡A²Å¦X±ø¥ó§YµL®Ä¡C


  1. µn¤JNfsenºô­¶¡A¥ÑHome©ÎGraphsªºTraffic¬d¬Ý¦³µL°ÝÃD¬y¶q¡C



    Nfsen´£¨Ñ¤FFlows¡APackets»PTraffic¤T­Ó¨¤«×ªº¬y¶q¹Ï¨Ó¬Ýºô¸ô¨Ï¥Î¡A







    ¶¶¤l­Ó¤H»{¬°Traffic¤ñ¸û¯àÅã¥Ü¥Xºô¸ôÀW¼eªº¨Ï¥Î±¡§Î¡A©Ò¥H±ÀÂ˱qTrafficªº¬y¶q¹Ï¨Ó§ì°ÝÃD¬y¶q¡C

  2. §ä¨ì­n¬d¸ßªº¬y¶q«á¡A¿ï¾Ü¡§Time Windows¡¨¨Ó³]©w­n¬d¸ßªº¬y¶q°Ï¶¡¡C
    ¿ï¾Ü¡§Time Windows¡¨«á¡AX¶bªº´å¼Ð¤Ø·|¤Àµõ¬°¥ª¥k¨âÃä¡C



    ¥ý©Ô¥k¥bÃä´å¼Ð¤Ø¨ìÆ[¹î°Ï¶¡ªº¥kÃä¡C



    ¦A©Ô¥ª¥bÃä´å¼Ð¤Ø¨ìÆ[¹î°Ï¶¡ªº¥ªÃä¡A§¹¦¨°Ï¶¡³]©w¡C



  3. ½Õ¾ãÅã¥Ü¤è¦¡¬°¡§sum¡¨¡A¥i¦bTraffic³¡¤Àµo²{°ÝÃD¬y¶q¨Ó¦Ûtcp¨ó©w¡A
    ¨¬¨¬¦³1.2G»·»·¤j©ó¨ä¥¦protocol¡C



  4. µM«á¦bNetflow Processing°Ï¶ô¤¤¡A±NOptions§ï¥H¡§Stat TopN¡¨ªº¤è¦¡¡A°µ«e´X¦W¤j¤á±Æ§Ç¡C



  5. µo²{²Ä¤@¦W¥D¾÷IP¬O192.168.10.208¡C



  6. §ä¨ì¤j¤á«á¡A±µ¤U¨Ó­n½T»{ªº¬O¸Ó¥Î¤á¬O¥Hµo°eºÝÁÙ¬O±µ¦¬ºÝ¦b¦û¥Î¬y¶q¡H
    ¥Htcp protocol¤Îsrc ip 192.168.10.208ªº±ø¥ó¬d¸ß¨ä¬y¶q¡C
    proto tcp and src ip 192.168.10.208



    §ï¥Htcp protocol¤Îdst ip 192.168.10.208ªº¤è¦¡½T»{¨ä¬y¶q¡C
    proto tcp and dst ip 192.168.10.208



    ¸g¹L¤ñ¹ï¡A°µ¬°µo°eºÝªº¬y¶q¥u¦³9.2M¡A°µ¬°±µ¦¬ºÝªº¬y¶q«h¦³1.2G¡F
    «Ü©úÅ㪺192.168.10.208¬O°µ¬°±µ¦¬ºÝ¦b¤U¸ü¬y¶q¡C

  7. §ï¥HList Flow¨Ó¬d¬Ý¨Ó·½»P¥Øªº¶¡ªºÃö«Y¡C



    µo²{192.168.10.208¥D­n¥H80¤Î443 port¨âºØ¤è¦¡¦b¤U¸ü¸ê®Æ¡A½T»{¨s³º¬O­þ¤@port©Ò³y¦¨ªº¬y¶q¡C
    proto tcp and dst ip 192.168.10.208 and src port 80



    proto tcp and dst ip 192.168.10.208 and src port 443



    ¥Ñ¬y¶q¨Ó¬Ý¡A192.168.10.208¬O³z¹L80 port¦b¤U¸ü¸ê®Æ¡C

  8. ¦ý¦³«Ü¦h80 port¦b¤U¸ü¡A¨s³º¬O­þ­Ó¨Ó·½IP©O¡H
    §âFlows¥´¶}¨ì³Ì¤j10000¡A¬d¸ß©Ò¦³³s½u¡C



    µo²{¬O140.138.144.170³o­Ó¨Ó·½IP¡C



    ­ì¨Ó¬O¶¶¤l³z¹Lºô­¶¦bUbuntuºô¯¸¤U¸üisoÀÉ©Ò³y¦¨¡A¤@¤Á³£¬O»~·|¡ã
    ¦ý¤]¦¨¥\³z¹LNfsen¬d¸ß¨ì¦û¥ÎÀW¼eªº¥û¤â¡I


Nfsenªº°ò¥»¾Þ§@¥Ü½d¨ì¦¹¡A
§ó²`¤JªºÀ³¥Î¯dµ¹¦³¿³½ìªº±zÄ~Äò¬ã¨sÅo¡ã


°Ñ¦Ò¸ê®Æ
NetflowÊI络¬y¶qªR¤â册



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-01-08, 16:50 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nNfsen´¡¥ó¦w¸Ë¤À¨É¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

±µ¤U¨Ó¤À¨É¨â­ÓNfsenªº´¡¥óHostStats»PSURFmap¡C

  • HostStats
    HostStats¬O¤@­Ó¥i¥H¨Ì®É¶¡°Ï¶¡¨ÓÅã¥ÜHost¶i¥Xflow/packets/bytesªºNfsen´¡¥ó¡A
    ¦w¸Ë®É¡A»Ý¤U¸ütarball¨Ó¶i¦æ¦w¸Ë¡C

    ¤U¸ü¦w¸Ëlibnfdump»PHostStats¡C
    cd /usr/src/
    wget http://sourceforge.net/projects/hoststat...ts-1.1.5.tar.gz
    tar zxvf hoststats-1.1.5.tar.gz
    cd hoststats-1.1.5
    ./install-libnfdump.sh


    §¹¦¨«á¡A±µ¤U¨Ó¶i¦æ¥Dµ{¦¡HostStats¦w¸Ë¡C
    ¥Ñ©ó¶¶¤l¦w¸ËNfsen®É¡A¤w§â­ì©l¦w¸Ë¸ô®|¥Ñ /data/nfsen ÅÜ§ó¬° /usr/local/nfsen¡A
    ©Ò¥HHostStatsªº³¡¤À¡A¶¶¤l¤]¤ñ·Ó¿ì²z¡A±N¦w¸Ë¸ô®|¥Ñ /data/hoststats ÅÜ§ó¬° /usr/local/hoststats¡C

    ­º¥ý¡A«Ø¥ßhoststats¦w¸Ë¸ô®|¡C
    mkdir -p /usr/local/hoststats

    µM«á¶i¦æ½sĶ»P¦w¸Ë¡C
    ./configure
    make
    make install

    ¦Ó¦b make install ®É¡AHostStats´N·|°Ý§Ú­Ì¦w¸Ë¸ô®|¦b­þ¡H
    ³o®É§Ú­Ì¥i¥H¿é¤J /usr/local/hoststats ±N¦w¸Ë¸ô®|Åܧó¨ì¦¹¸ô®|¤U¡C



    ¦w¸Ë§¹¦¨«á¡A§Ú­Ì¥i¥HÀ˵ø¨ä³]©wÀÉ hoststats.conf ½T»{¤@¤U¹ïÀ³¸ô®|¬O§_¤w¦Û°ÊÅܧó¨ì /usr/local/hoststats ¸ô®|¤U¡C
    vim /usr/local/hoststats/hoststats.conf

    ##­ì³]©wÀɤº®e
    basedir = /data/hoststats/
    flow-data-path = /data/nfsen/profiles-data/live/%source/%y/%m/%d/nfcapd.%y%m%d%H%M
    db-path = /data/hoststats/data/
    detection-log = /data/hoststats/log/

    ##À³¸Ó·|¦Û°ÊÅܧ󬰦p¤Uªº¤º®e
    basedir = /usr/local/hoststats/
    flow-data-path = /usr/local/nfsen/profiles-data/live/%source/%y/%m/%d/nfcapd.%y%m%d%H%M
    db-path = /usr/local/hoststats/data/
    detection-log = /usr/local/hoststats/log/

    µM«á¦b³]©wÀɤ¤¡A¦A¶i¦æ¥H¤U¤º®eªº½Õ¾ã¡C
    ##­ì³]©wÀɤº®e
    profiles = all

    all:filter = any
    all:max-size = 10G
    all:color = 008DFF

    #ssh:filter = proto TCP and port 22
    #ssh:max-size = 5G
    #ssh:color = 7070D0

    ##·s³]©w¤º®e
    profiles = all,ssh,http,https,TCP,UDP
    all:filter = any
    all:max-size = 10G
    all:color = 008DFF

    ssh:filter = proto TCP and port 22
    ssh:max-size = 5G
    ssh:color = CCBB00

    http:filter = proto TCP and port 80
    http:max-size = 5G
    http:color = FF00BB

    https:filter = proto TCP and port 443
    https:max-size = 5G
    https:color = 009F67

    TCP:filter = proto TCP
    TCP:max-size = 5G
    TCP:color = FF5700

    UDP:filter = proto UDP
    UDP:max-size = 5G
    UDP:color = 8D00BA

    ³]©wÀɽվ㧹¦¨«á¡A±µ¤U¨Ó½á¤©HostStats¸ê®Æ§¨Åv­­µ¹www-data¡C
    chown -R www-data:www-data /usr/local/hoststats/

    µM«á¥Hwww-dataªº¨­¥÷¨Ó°õ¦æHostStats¡A³o¼Ë´N¯à¦¨¥\±Ò¥ÎHostStats´¡¥ó¤F¡ã
    sudo -u www-data /usr/local/hoststats/hoststats start


    ¤£¹L¸òNfsen¤@¼Ë¡A¦w¸Ë¦nªºHostStats´¡¥ó¹w³]¬O¤£·|¦Û°Ê±Ò°Êªº¡A
    ­n¹F¦¨¦Û°Ê±Ò°Ê¡A¥i¦b /etc/rc.local ¤¤¥[¤J±Ò°Ê«ü¥O¡C
    /usr/local/hoststats/hoststats start

    (¶¶¤l¸Õ¹L³z¹L update-rc.d ±NHostStats¥[¤J±Ò°Êrun-level¬O¥¢±Ñªº¡A©Ò¥HÁÙ¬O¨Ä¨Äªº³z¹Lrc.local¨Ó±Ò°Ê§a...)


    HostStatsªº­¶­±¸ê®Æ¡A¤@¼Ë»Ý­n¤@ÂI®É¶¡¨Ó¥Í¦¨¡A
    ½Ðµ¥´X¤ÀÄÁ¡A¦A©óPlugins­¶­±¤¤¡Aµn¤JHostStats´¡¥ó­¶­±¡C



    ¤£¹L¡A«e´X¦¸À³¸Ó³£·|¥X²{¦p¤Uªº¿ù»~°T®§¡I
    Notice: fwrite(): send of 1 bytes failed with errno=32 Broken pipe in /var/www/html/nfsen/plugins/HostStats/libs/HSConnection.php on line 84

    ³o³¡¤À¥u­n¨Ó¦^¾Þ§@´X¦¸Details­¶­±ªºHost¸ê®ÆÂI¿ï¡A¦¹°T®§´N·|¦Û¤w®ø¥¢¡I
    («Ü©Ç§a¡A¦ýºô¸ô¤W¨S¬d¨ì¸Ñªk¡A©Ò¥H¥ý±N´NµÛ¥ÎÐù...)

    ¦bDetail­¶­±¤¤¡A«h·|Åã¥Ü«ü©w®É¶¡¤U¥D¾÷ªº¦U¶µ¶Ç¿é¼Æ¾Ú¡C



    History­¶­±¤¤¡A«h¥i¥H¥H¥D¾÷ªºIP·f°t®É¶¡°Ï¶¡¨ÓÅã¥Ü¸Ó¥D¾÷©ó°Ï¶¡¤ºªº¶Ç¿é¼Æ¾Ú¡C
    (¦ý³o­Ó¥D¾÷IP¦ì§}Äæ¦ì¡A±`±`¥´¤F¨S¤ÏÀ³...)



    ¦bIP Mapªº­¶­±¡A«h¥H¤£¦PªºÃC¦â©ó¤Gºû«×¶qªí§e²{IP¨Ï¥Îªº±K«×¡C
    (¦ý»¡¯uªº¡A§Ú¬Ý¤£À´...)


    ¡ô¦¹¥\¯àªº¨Ï¥Î»Ý·f°t php5-gd ®M¥ó¡A§_«h·|¥X²{ ERROR: GD library not found. ªº¿ù»~°T®§¡C

    ¦Ü©ó³Ì«á¤@­ÓDetectors­¶­±¡A¶¶¤l´N¤£ª¾¹D¬O°µ¤°»ò¥Îªº...



  • SURFmap
    SURFmap¬O¤@­Ó³z¹LGoogle MAP¨Ó®i²{IP¶¡©¹¨Ó³s½uªºNfsen´¡¥ó¡C



    ¦w¸Ë®É¡A»Ý¥ý¸É¨¬¤@¨Ç¥²­nªº®M¥ó¡C
    apt-get install php5-gd libapache2-mod-php5 php5-sqlite php5-curl

    µM«á¤U¸üinstall scriptÀɨӶi¦æ¸}¥»¦w¸Ë¡C
    wget http://sourceforge.net/projects/surfmap/files/install.sh
    chmod +x install.sh
    ./install.sh

    ¦w¸Ë§¹¡A«Øij­«¶}¾÷¡AµM«áµ¹¥¦¤@ÂI®É¶¡¨Ó¥Í¦¨­¶­±¡C
    ¶¶¤l´N´¿«æµÛ¬Ý¥¦ªº­¶­±¡A¾É­P­¶­±¤@ª½¥d¦bloadingªº¦a¤è¡A«ç»ò¼Ë¤]­×¤£¦n¡I
    ³Ì«á¥u¦³­Ë¦^¤W¤@­Ó§Ö·Ó¡A­«·s¦w¸Ë¤~¸Ñ¨M¡C

    ¤£¹L¬Ý¨ì³o­ÓGoogle Mapªºflow¬y¦V¡A§A¤@©w·|ı±o«Ü©Ç¡I¡H
    ¬°¤°»ò©Ò¦³ªº¸ê®Æ¬y¤¤¤ß¬O²üÄõ¦Ó¤£¬O¥xÆW¡H

    ­ì¨Ó¦bSURFmap¹w³]§â192.168/16;172.16/12;10.0/8³o¨ÇµêÀÀºô¬qªº¸ê®Æµn°O¦bENSCHEDE(®¦´µ»®¼w)¡A©Ò¥H¤~·|¥X²{³o»ò©_©Çªºflow¤À§G...



    ³o­Ó³¡¤À§Ú­Ì¥i¥H­×§ïSURFmapªº³]©w¨Ó¶i¦æ®Õ¥¿¡A¨ä³]©wÀɦb¦p¤U¸ô®|¡C
    /var/www/html/nfsen/plugins/SURFmap/config.php

    ­ì¬ÛÃö³]©w°Ñ¼Æ¬°
    ...
    $config['map_center'] = "52.217,6.9";
    ...
    $config['internal_domains'] = array("192.168/16;172.16/12;10.0/8" => array("country" => "THE NETHERLANDS", "region" => "OVERIJSSEL", "city" => "ENSCHEDE"));

    ­Y·Q§âµêÀÀºô¬qIP³]©w¬°¥x¥_¡A¥B¦a¹Ï¥H¥x¥_¬°¤¤¤ß(¥x¥_¸g«×=121.524521¡A½n«×=25.096502)¡A
    ¥i±N°Ñ¼Æ­×§ï¦p¤U
    ...
    $config['map_center'] = "121.52,25.10";
    ...
    $config['internal_domains'] = array("192.168/16;172.16/12;10.0/8" => array("country" => "TAIWAN", "region" => "TAIPEI", "city" => "TAIPEI"));

    ­×§ï«á¤£»Ý­«±ÒªA°È¡Aª½±µ¥hÂsÄýSURFmap´¡¥ó­¶­±¡A
    §A·|µo²{¡AµêÀÀºô¬qIP¤w¸¨¦b¥x¥_¡A¦Ó¥B¤]§ï¦¨¥H¥x¥_¬°¦a¹Ï¤¤¤ß¤F¡ã


°Ñ¦Ò¸ê®Æ
Centos6.4 ¦w装 Fprobe¥[nfsenÊI络¬y¶q¤ÀªR
¶}·½NetFlow¤ÀªR³nÅé-NfSen¦w¸Ë



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-01-11, 17:36 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
shunze
¤u¤Í§B§B


µù¥U¤é´Á: 2002 04
¨Ó¦Û: ¼é¦Á²×¤î¤§¦a
¤å³¹: 2380

shunze Â÷½u
¡m¤À¨É¡nNfsen 1.3.7§ó·s¤Þ¥Î¦^ÂÐ ½s¿è/§R°£¤å³¹ ·j´M¥Ñ  µoªíªº¨ä¥L¤å³¹ ¦^³øµ¹ª©¥D IP ¦ì¸m ¦^¦¹­¶³Ì¤W¤è

¦b¥»½g¤@¶}©l¡A¶¶¤l»¡¦w¸ËNfsen 1.3.7¥¢±Ñ¡H©Ò¥H§ï¸Ë«e¤@ª©1.3.6p1¡C
¥¢±ÑÂI¬O¦b°õ¦æinstall.pl¶i¦æ¦w¸Ë®É¡A¥X²{¦p¤Uªº¿ù»~¡C

Profile live: spool directories:
Creating: mkdir /usr/local/nfsen/profiles-data/live/MyRouter
MyRouter
Rename gif RRDfiles ... done.
Create profile info for profile 'live'

Rebuilding profile stats for './live'
Can't use string ("live") as a HASH ref while "strict refs" in use at libexec/NfProfile.pm line 1238.


¦ý­Y¬O¦b¦w¸Ë¦n1.3.6p1ªºÀô¹Ò¤U¦A¥h¦w¸Ë1.3.7¡A¸g´ú¸Õ¬O¥i¥H¦¨¥\¦w¸Ëªº­C¡I
¤£¹L¡A¤§«e¦w¸Ë¦nªºplugin¥þ³¡³£­n­«·s¦w¸Ë...

1.3.6p1¨ì1.3.7ªº¥D­n§ó·s¦p¤U¡C
- Fix various incompatibilities with newer php and Perl versions
- Fix empty details graph, if too many channels or resources were selected.
- Fix argument bug in selecting the dstmac statistics
- Fix bug in create history profiles: compression flag was not applied properly
- Add periodic reload feature for Perls with mem leak.


¶¶¤l­Ó¤Hı±o¨â­Óª©¥»¶¡¯uªº¨S¦³¤°»ò®t§O¡A
°£¤FNetflow Processingùتºhost¤w¸g¥i¥HÅã¥Üwho is¸ê®Æ¥~¡A¶¶¤l¨S¦³·P¨ü¨ì¨ä¥¦§ïÅÜ¡C



¦Ü©ó­n¤£­n§ó·s¨ì1.3.7¡H
´N¬Ý¬O§_¯uªº³o»ò¦b¥G³o­Ówho is¸ê°T¤F¡ã



♥¶¶¤l¦Ñ±Cªººô©ç¡A½Ð¦hÃö·Ó¡ã

If you don't like something, change it.
If you can't change it, change your attitude.
Don't complain!




2016-01-14, 13:41 shunze ªº­Ó¤H¸ê®Æ §â shunze ¥[¤J¦n¤Í¦Cªí µo°eEmailµ¹ shunze ÂsÄý shunze ªººô¯¸ MSN : shunze@gmail.com
  « ¤W¤@½g¥DÃD ¤U¤@½g¥DÃD »
µoªí·s¥DÃD µoªí¦^ÂÐ
¸õ¨ì:

Powered by: Burning Board 1.1.1 2001 WoltLab GbR