Re: [Nfsen-discuss] adding sources
Netflow visualisation and investigation tool
Brought to you by:
phaag
Menu
▾
▴
Re: [Nfsen-discuss] adding sources
|
From: Peter H. <ha...@sw...> - 2006-03-20 07:20:08
|
-----BEGIN PGP SIGNED MESSAGE-----
Hi Brian,
- --On March 16, 2006 15:08:48 -0800 Brian Jones <wor...@gm...> wrote:
| Hello,
|
| I've just installed nfdump/nfsen and I'm very happy so far.
|
| I have it happily collecting from 2 routers, and now I want to try capturing
| some traffic using fprobe or something similar on linux.
|
| What I want to know is the "proper" way to add another source.
As of nfsen-1.2.4 - there is no "proper way" to add sources, as the sources
are configured while installing NfSen. This is broken by design ( I knwo better now :( )
and will be fixed in upcoming NfSen-1.3, which will allow to add sources on the fly.
|
| I've edited nfsen.conf, but if I go to create new profile it doesn't show
| up.
There is an ugly work around - but no warranty whatsoever. Do it at your own risk:
1. Be sure, that you really want to do this.
2. Accept, that all graphic data in your graphs get lost. Graph will be rebuilt only
from data existing in your data directory.
3. Add the new source in nfsen.conf
4. Stop NfSen.
5. remove all rrd files in profile live directory.
6. Re-run ./install.pl /your/nfsen.conf
7. Start NfSen.
6. Run ./nfsen -r live
Again do it at your own risk!
- Peter
|
| I'd also like to add the the source to some existing profiles.
|
| Any hints/tips?
|
| Also, I'm currently looking at fprobe and using iptables/ulog, if anyone has
| any better ideas I'm open.
|
| Brian.
- --
_______ SWITCH - The Swiss Education and Research Network ______
Peter Haag, Security Engineer, Member of SWITCH CERT
PGP fingerprint: D9 31 D5 83 03 95 68 BA FB 84 CA 94 AB FC 5D D7
SWITCH, Limmatquai 138, CH-8001 Zurich, Switzerland
E-mail: pet...@sw... Web: http://www.switch.ch/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)
iQCVAwUBRB5Xmf5AbZRALNr/AQH02QP6A5MeGOTqc6mdnpe/TDAhMovoacMcWUAX
PP88IyOqGviqiLjZCY0BNY970ikYZPJrU7nh0vLXNq4C2ucMmeBC7XwQs5PpZ3bF
a+gsMN33FB2zXyzTVSkaEWRsOwmoaW1YLc0twgLgiN+MncsNSW34PrBnp2c5mCPF
ghkOGfKfjrI=
=pOj6
-----END PGP SIGNATURE-----
|
