2009 Jun 28 - Sun
Perl Mason Install
Installing mason v1.42 from Mason HQ
is quite straight-forward:
- apt-get install build-essential
- apt-get install libapache2-mod-apreq2
- apt-get install libapreq2-dev
- apt-get install libapache2-request-perl
- ln -s /etc/apache2/mods-available/apreq.load /etc/apache2/mods-enabled/apreq.load
- perl -MCPAN -eshell
- install HTML::Mason
[/OpenSource/Debian/Monitoring]
permanent link
2009 May 03 - Sun
Time Series Analysis on RRD Files
Crist Clark, in a posting on the NANOG mailing list, started an interesting thread on
analyzing network traffic based upon frequency analysis rather than the traditional
time based analysis. He started the thread by asking about Fourier Analysis on
network traffic time series. A number of responses indicated that Wavelet Analysis
might be the 'more modern' approrach. This type of analysis has been used for
Network Traffic Anomoalies Detection. The responses indicate that operating systems can be
deduced through analysis of RTD (Round Trip Delay) of ping generated traffic.
The thread started with:
Crist Clark started:
Has anyone found any value in examining network utilization numbers
with Fourier analyses? After staring at pretty MRTG graphs for a bit
too long today, I'm wondering if there are some interesting periodic
characteristics in the data that could be easily teased out beyond,
"Well, the diurnal fluctuations are obvious, but looks like we may
have some hourly traffic spikes in there too. And maybe some of those
are bigger every fourth hour."
Dave Plonka Responded:
Such techniques are used in the are of network anomaly detection.
For instance, a search for "network anomaly detection" at scholar.google.com will yield very many results.
Our 2002 paper, "A Signal Analysis of Network Traffic Anomalies"
[ACM SIGCOMM Internet Measurement Workshop 2002, Barford, et al.], is one such work. We mention that we use wavelet analysis
rather than Fourier analysis because wavelet/framelet analysis is able to localize events both in the frequency and time
domains, whereas Fourier analysis would localize the events only in frequency, so an iterative approach (with varying intervals
of time) would be necessary.
In general, this is the reason why Fourier analysis has not been a common technique used in network anomaly detection.
That work used data stored in RRD files at five minute intervals.
Our subsequent work used data stored at one second intervals, again in RRD files.
Anton Kapela had a couple of messages and a
link (look for Kapela):
Indeed, there are. Interesting things emerge in frequency (or phase) space - bits/sec, packets/sec, and ave size, etc. - all
have new meaning, often revealing subtle details otherwise missed. The UW paper [Barford/Plonka et. al] is one of my favories
and often referenced in other publications.
Along similar lines, I presented a lightning talk at nanog that demonstrates using windowed Ft's (mostly Gaussian or Hamming)
in three-axis graphs (i.e. 'waterfalls') available in common tools (buadline, sigview, labview, etc) for characterizing round
trip times through various network queues and queue states. Unexpectedly, interesting details regarding host IP stacks and OS
scheduler behavior became visible.
I want to suggest that time windowed Ft might be a reasonable middle ground, certainly for Crist's case. Naturally, the
trade-offs will be in frequency accuracy (ie. longer window) vs. temporal accuracy (ie.
short window). Another solution for your needs might be cascaded FIR "bandpass" filters, but again, you're subject to
time/frequency error trade-offs as related a filter's bandwidth.
While you're at it, consider processing your time series data into histogram stacks, or nested histograms. I haven't
specifically seen a paper covering this, but another UW gent (DW, are you reading this?) used to process their 30 second ifmib
data into a raw .ps file, and printed this out weekly/daily. The trends visible here were quite interesting, but I don't think
much further work was done to see if anything super-interesting was more/less visible in this form than traditional ones.
... one point - since packets/bits/etc data is more monotonic than not (math wizards, please debate/chime in) and
since it's not a 'signal' in the continuous sense, you might find value in differentially filtering the input data *before* FT
or wavelet processing. This would serve to remove the weird-looking "DC" offset in the output simply by creating a semi-even
distribution of both positive and negative input sample values.
[/OpenSource/Debian/Monitoring]
permanent link
2008 Nov 27 - Thu
TFTP
There are a number of TFTP servers available. I had written about atftpd in a related article. Research indicates that
tftpd-hpa is another popular tftp server. This article provides a few hints on its installation. Although designed for
remote boot capability for PXE (and for handling larger files), I use it mostly for device configuration and image loading.
Basic installation on Debian is straightforward: apt-get install tftpd-hpa
I created a local sub-directory called /var/local/tftpd. Traditionally, people use /tftpboot but I wanted the files in
the traditional /var/local location instead.
I modified /etc/default/tftpd-hpa to have this line: OPTIONS="-l -c -u tftpd -s /var/local/tftpd"
I added a user and group called tftpd.
I disabled the tftp entry in /etc/inetd.conf, and restarted inetd.
Starting the service: /etc/init.d/tftpd-hpa start
I use iptables for inbound/outbound protection, so needed to add rules for the tftp protocol. For protocol inspection
the connection tracker is needed: modprobe ip_conntrack_tftp
[/OpenSource/Debian/Monitoring]
permanent link
2008 Nov 03 - Mon
Multiple Switch Interfaces
Acktomic's genDevConfig creates it's Default files with one interface per view. For
switches, it would be nice to see all interfaces presented on one page. To do this, I
manually create a file to show these interfaces on one page. Here is a sample config:
target --default--
devicename = sw35
directory-desc = ""
interface-name = ""
long-desc = %short-desc%
short-desc = ""
target-type = cisco-interface
target sw35-ports
targets = "/switches/sw35/FastEthernet0_1;
/switches/sw35/FastEthernet0_2;
/switches/sw35/FastEthernet0_3;
/switches/sw35/FastEthernet0_4;
/switches/sw35/FastEthernet0_5;
/switches/sw35/FastEthernet0_6;
/switches/sw35/FastEthernet0_7;
/switches/sw35/FastEthernet0_8;
/switches/sw35/FastEthernet0_9;
/switches/sw35/FastEthernet0_10;
/switches/sw35/FastEthernet0_11;
/switches/sw35/FastEthernet0_12;
/switches/sw35/FastEthernet0_13;
/switches/sw35/FastEthernet0_14;
/switches/sw35/FastEthernet0_15;
/switches/sw35/FastEthernet0_16;
/switches/sw35/FastEthernet0_17;
/switches/sw35/FastEthernet0_18;
/switches/sw35/FastEthernet0_19;
/switches/sw35/FastEthernet0_20;
/switches/sw35/FastEthernet0_21;
/switches/sw35/FastEthernet0_22;
/switches/sw35/FastEthernet0_23;
/switches/sw35/FastEthernet0_24;
/switches/sw35/GigabitEthernet0_1;
/switches/sw35/GigabitEthernet0_2"
short-desc = "Sw35 ports"
[/OpenSource/Debian/Monitoring/Cricket]
permanent link
Cricket Summation
I have a number of routers, each with an interface to an upstream provider. I'd like to
show a graph with the three providers aggregated. This is a config I did to do so:
target --default--
devicename = statistics
directory-desc = ""
interface-name = ""
long-desc = %short-desc%
short-desc = ""
target-type = standard-interface
target ProviderAggregate
mtargets = "/routers/router1/fastethernet2_0;
/routers/router2/serial1_0;
/routers/router3/atm2_0.1-aal5_layer"
mtargets-ops = "sum()"
short-desc "sum(Prov1, Prov2, Prov3)"
The above is the content of a file located in the /routers subdirectory. This turned out
to be easier than I thought. The file needs the target --default-- section to start. Then
one or more of the aggregate targets can be present. The 'mtargets' simply needs to know
the directory and interface. The basic Default configurations in each subdirectory were
created with devConfig tool from Acktomic.
[/OpenSource/Debian/Monitoring/Cricket]
permanent link
2007 Jun 27 - Wed
Network Management Processes
In another exerpt from Cisco's book called Top-Down Network Design, Second Edition, there is a discussion
regarding network mangement as being a part of network design. Very few companies, or many engineers for that
matter, pay much attention to network management.
"Management is often overlooked during the design of a network because it is considered an operational
issue
rather than a design issue. However, by considering network management up front, instead of tacking it on at the
end of the design process or after the network is already operational, designs will be more scalable and
robust."
The The International Organization for Standardization (ISO) defines five types of network management processes
(and some examples for each):
- Performance management: Cricket
- Fault management: Syslog, SNMP Traps
- Configuration management: Rancid
- Security management: Radius, Tacacs, Snort
- Accounting management: Radius
[/OpenSource/Debian/Monitoring]
permanent link
2007 May 29 - Tue
Cricket: Combining Three Graphs Into One
In 2007/05/29's Cricket-User mailing list, there was a useful configuration file snippet
for charting and summing selected sources:
target Net
mtargets ="/Ethernet_To_Building/NSW/52GDC76F02/vlan231;
/Ethernet_To_Building/ACT/12NOC76FF/vlan201;
/Ethernet_To_Building/QLD/14VRC76F06/vlan439;
/Ethernet_To_Building/VIC/O3MLC76F05/vlan436;
/Ethernet_To_Building/SA/55DRC76FG/vlan467;
/Ethernet_To_Building/WA/O6SSC76FE/vlan469;"
mtargets-ops = "sum()"
short-desc = "desc"
filename = " Net Aggregate"
combinationgraph = 1
unknown-is-zero = true
order = 899
Courtesy of Naveen Baldeo.
[/OpenSource/Debian/Monitoring/Cricket]
permanent link
2007 May 17 - Thu
HTML Page Template Framework
'Glue' web pages on the monitoring server are generated through the Mason Delivery Engine. In other words, Mason is a Perl based template system used for formatting
the primary web pages of this server. It requres the use of Apache and mod_perl. Here is what I do to install Mason
for my needs. As the monitoring server relies on tables from two databases, OneUnified and NetDisco, the
installation process revolves around getting things ready for these two types of databases.
Installation
Install the packages:
apt-get install libhtml-mason-perl
apt-get install speedy-cgi-perl
apt-get install libfcgi-perl
apt-get install libdbi-perl
apt-get install libdbd-pg-perl
apt-get install apache2-dev
apt-get install libapache2-mod-apreq2
apt-get install libapache-dbi-perl
apt-get install libmasonx-request-withapachesession-perl
apt-get install libapache2-request-perl
ln -s /etc/apache2/mods-available/apreq.load /etc/apache2/mods-enabled/apreq.load
Add the following line into '/etc/postgresql/8.1/main/pg_hba.conf':
local netdisco netdisco trust
local oneunified oneunified trust
Create and load database:
/etc/init.d/postgresql-8.1 restart
su - postgres
psql template1
create user netdisco;
create group netdisco user netdisco;
create database netdisco with owner netdisco;
create user oneunified;
create group oneunified user oneunified;
create database oneunified with owner oneunified;
\q
psql netdisco -U netdisco < netdisco.dump
exit
Add the following lines into /etc/apache2/sites-available/default:
PerlModule HTML::Mason::ApacheHandler
<Directory /var/www/liveprobe>
PerlSetVar MasonArgsMethod CGI
PerlSetVar MasonDataDir /var/local/mason
PerlSetVar MasonDeclineDirs 0
</Directory>
# Decline access to mason internals
<LocationMatch "/liveprobe/.*(\.mc|autohandler|dhandler)$">
SetHandler perl-script
PerlInitHandler Apache::Constants::NOT_FOUND
</LocationMatch>
<LocationMatch "/liveprobe/.*(\.html)$">
SetHandler perl-script
PerlHandler HTML::Mason::ApacheHandler
</LocationMatch>
Include /usr/local/netdisco/netdisco_apache.conf
Include /usr/local/netdisco/netdisco_apache_dir.conf
Restart Apache:
/etc/init.d/apache2 restart
[/OpenSource/Debian/Monitoring]
permanent link
Debian based Open Source Network Monitoring Server
In giving back to the wealth of tools the open source community has provided, I have created a number of pages describing how
I have assembled a set of open source based network monitoring tools.
The set of tools is in two sections. The first step has to do with the installation of the Debian distribution:
Once the base is in place. Make it easy on your self to log in to the server to carry out various command line tasks:
Here are some entries for maintaining and upgrades of the distribution:
The next section has to do with the add-on tools:
There are a few optional tools, not fully integrated into the overall plan yet:
The next portion of the plan includes developing a database for maintaining circuit, patch panel, and floor diagram layout information. This will integrate with an IP
Address management scheme I've come up with, and should work with Cricket and NetDisco to provide a fully integrated visual troubleshooting guide to an organization's
network.
[/OpenSource/Debian/Monitoring]
permanent link
2007 May 14 - Mon
Nagios Installation and Sample Configuration
Introduction
As part of the network monitoring server, Nagios is used for monitoring servers and their services.
Installation
Download and expand the source:
cd /usr/src
wget http://superb-east.dl.sourceforge.net/sourceforge/nagios/nagios-2.4.tar.gz
tar -zxvf nagios-2.4.tar.gz
Add users and groups:
adduser nagios
mkdir /usr/local/nagios
chown nagios.nagios /usr/local/nagios
groupadd nagioscmd
usermod -G nagioscmd www-data
usermod -G nagioscmd nagios
Obtain libs, compile, and install:
apt-get install libgd-dev
apt-get install mcrypt
apt-get install libmcrypt-dev
cd nagios-2.4
./configure \
--prefix=/usr/local/nagios \
--with-cgiurl=/cgi-bin/nagios \
--with-htmurl=/nagios \
--with-nagios-user=nagios \
--with-nagios-group=nagios \
--with-command-group=nagioscmd \
--localstatedir=/var/local/nagios
make all
make install
make install-init
make install-commandmode
make install-config
Add the following lines to /etc/apache2/sites-available/default.
They need to go before the default cgi-bin configuration files.
<Location "/nagios/">
SetHandler default-handler
</Location>
ScriptAlias /cgi-bin/nagios/ /usr/local/nagios/sbin/
<Directory "/usr/local/nagios/sbin">
# AllowOverride AuthConfig
AllowOverride None
Options ExecCGI -MultiViews
Order allow,deny
Allow from all
AddHandler cgi-script .cgi
</Directory>
Alias /nagios/ "/usr/local/nagios/share/"
<Directory "/usr/local/nagios/share">
DefaultType text/html
Options None
# AllowOverride AuthConfig
AllowOverride None
Order allow,deny
Allow from all
</Directory>
Restart Apache:
/etc/init.d/apache2 restart
Modify configuration files:
cd /usr/local/nagios
mkdir samples
cp * samples/
mv cgi.cfg-sample cgi.cfg
mv checkcommands.cfg-sample checkcommands.cfg
mv misccommands.cfg-sample misccommands.cfg
mv nagios.cfg-sample nagios.cfg
mv resource.cfg-sample resource.cfg
rm bigger.cfg-sample
rm minimal.cfg-sample
Install plug-ins:
cd /usr/src
>wget http://superb-east.dl.sourceforge.net/sourceforge/nagiosplug/nagios-plugins-1.4.3.tar.gz
tar -zxvf nagios-plugins-1.4.3.tar.gz
cd nagios-plugins-1.4.3
./configure \
--prefix=/usr/local/nagios \
--with-nagios-user=nagios \
--with-nagios-group=nagios \
--with-cgiurl=/cgi-bin/nagios
make
make install
Make Nagios run automatically:
update-rc.d nagios defaults 25
To test configurations before committing them to execution:
cd /usr/local/nagios
bin/nagios -v etc/nagios.cfg
Customizations
In /usr/local/nagios/etc/checkcommands.cfg, insert the following lines (this will be used by an Windows event
logging program):
# 'check_dummy' command definition
define command{
command_name check_dummy
command_line $USER1$/check_dummy $ARG1$ $ARG2$
}
Create a directory for site specific configurations:
mkdir /usr/local/nagios/etc/examplecom
Make the following changes to /usr/local/nagios/etc/nagios.cfg:
#cfg_file=/usr/local/nagios/etc/minimal.cfg
cfg_dir=/usr/local/nagios/etc/examplecom
check_external_commands=1
use_syslog=0
log_notifications=0
date_format=iso8601
admin_email=root
Apply the following changes to /usr/local/nagios/etc/cgi.cfg:
46c46
< show_context_help=0
---
> show_context_help=1
65c65
< #nagios_check_command=/usr/local/nagios/libexec/check_nagios /var/local/nagios/status.dat 5
'/usr/local/nagios/bin/nagios'
---
> nagios_check_command=/usr/local/nagios/libexec/check_nagios /var/local/nagios/status.dat 5
'/usr/local/nagios/bin/nagios'
116c116
< #authorized_for_system_information=nagiosadmin,theboss,jdoe
---
> authorized_for_system_information=nagiosadmin,admin
128c128
< #authorized_for_configuration_information=nagiosadmin,jdoe
---
> authorized_for_configuration_information=nagiosadmin,admin
141c141
< #authorized_for_system_commands=nagiosadmin
---
> authorized_for_system_commands=nagiosadmin,admin
154,155c154,155
< #authorized_for_all_services=nagiosadmin,guest
< #authorized_for_all_hosts=nagiosadmin,guest
---
> authorized_for_all_services=nagiosadmin,admin
> authorized_for_all_hosts=nagiosadmin,admin
168,169c168,169
< #authorized_for_all_service_commands=nagiosadmin
< #authorized_for_all_host_commands=nagiosadmin
---
> authorized_for_all_service_commands=nagiosadmin,admin
> authorized_for_all_host_commands=nagiosadmin,admin
Create a file /usr/local/nagios/etc/services.cfg with the following content:
################################################################################
# Configuration File: Services
#
# Last Modified: 2006/06/08
# By: Ray Burkholder
#
################################################################################
################################################################################
# Service Templates
################################################################################
# Generic service definition template
define service{
name generic-service ; Generic Service Template
active_checks_enabled 1 ; Active service checks are enabled
passive_checks_enabled 1 ; Passive service checks are enabled/accepted
parallelize_check 1 ; Active service checks should be parallelized
obsess_over_service 1 ; We should obsess over this service (if necessary)
check_freshness 0 ; Default is to NOT check service 'freshness'
notifications_enabled 1 ; Service notifications are enabled
event_handler_enabled 1 ; Service event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
register 0 ; DONT REGISTER THIS DEFINITION
is_volatile 0
check_period 24x7
max_check_attempts 3
normal_check_interval 3
retry_check_interval 1
contact_groups general-admins
notification_interval 120
notification_period 24x7
notification_options w,u,c,r
}
Create a file /usr/local/nagios/etc/hosts.cfg with the following content:
###############################################################################
# Configuration File: Hosts
# Last Modified: 2006/06/08
#
# By: Ray Burkholder
#
################################################################################
# HOST Template
################################################################################
# Generic host definition template
define host{
name generic-host-skeleton ; The name of this host template
notifications_enabled 1 ; Host notifications are enabled
event_handler_enabled 0 ; Host event handler is enabled
flap_detection_enabled 1 ; Flap detection is enabled
process_perf_data 1 ; Process performance data
retain_status_information 1 ; Retain status information across program restarts
retain_nonstatus_information 1 ; Retain non-status information across program restarts
active_checks_enabled 1
passive_checks_enabled 0
max_check_attempts 5
contact_groups general-admins
register 0 ; DONT REGISTER THIS DEFINITION
}
# 'generic-host' server host definition
define host{
name generic-host
use generic-host-skeleton
check_command check-host-alive
notification_interval 120
notification_period 24x7
notification_options d,u,r
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOST
}
# 'generic-host-nocheck' server host definition
define host{
name generic-host-nocheck
use generic-host-skeleton
notification_interval 120
notification_period 24x7
notification_options d,u,r
register 0 ; DONT REGISTER THIS DEFINITION - ITS NOT A REAL HOst
}
Add the following lines to /usr/local/nagios/etc/nagios.cfg:
cfg_file=/usr/local/nagios/etc/services.cfg
cfg_file=/usr/local/nagios/etc/hosts.cfg
cfg_dir=/usr/local/nagios/etc/examplecom
examplecom files
Create file /usr/local/nagios/etc/examplecom/timeperiod.cfg:
################################################################################
# Configuration File: Time Period
#
# Last Modified: 2005/07/19
#
# By: Ray Burkholder
#
################################################################################
###############################################################################
# TIMEPERIOD DEFINITIONS
################################################################################
# '24x7' timeperiod definition
define timeperiod{
timeperiod_name 24x7
alias 24 Hours A Day, 7 Days A Week
sunday 00:00-24:00
monday 00:00-24:00
tuesday 00:00-24:00
wednesday 00:00-24:00
thursday 00:00-24:00
friday 00:00-24:00
saturday 00:00-24:00
}
# 'workhours' timeperiod definition
define timeperiod{
timeperiod_name workhours
alias "Normal" Working Hours
monday 09:00-17:00
tuesday 09:00-17:00
wednesday 09:00-17:00
thursday 09:00-17:00
friday 09:00-17:00
}
# 'nonworkhours' timeperiod definition
define timeperiod{
timeperiod_name nonworkhours
alias Non-Work Hours
sunday 00:00-24:00
monday 00:00-09:00,17:00-24:00
tuesday 00:00-09:00,17:00-24:00
wednesday 00:00-09:00,17:00-24:00
thursday 00:00-09:00,17:00-24:00
friday 00:00-09:00,17:00-24:00
saturday 00:00-24:00
}
# 'none' timeperiod definition
define timeperiod{
timeperiod_name none
alias No Time Is A Good Time
}
Create a file called /usr/local/nagios/etc/examplecom/contacts.cfg with the following contact. Add additional
contacts and rearrange groups as needed.
################################################################################
# Configuration File: Contacts and Contact Groups
#
# Last Modified: 2006/06/08
#
# By: Ray Burkholder
#
################################################################################
# relevant documentation
# http://nagios.sourceforge.net/docs/1_0/xodtemplate.html#contact<
################################################################################
# CONTACT DEFINITIONS
################################################################################
# 'nagios' contact definition
define contact{
contact_name nagios
alias Nagios Admin
service_notification_period 24x7
host_notification_period 24x7
service_notification_options w,u,c,r
host_notification_options d,u,r
service_notification_commands notify-by-email,notify-by-epager
host_notification_commands host-notify-by-email,host-notify-by-epager
email nagios-admin@localhost.localdomain
pager pagenagios-admin@localhost.localdomain
}
# Network Generic Alerts
define contact {
contact_name networkalerts
alias Network Alerts
service_notification_period 24x7
host_notification_period 24x7
service_notification_options c,w
host_notification_options d,r
service_notification_commands notify-by-email
host_notification_commands host-notify-by-email
email networkalerts@example.com
}
################################################################################
# CONTACT GROUP DEFINITIONS
################################################################################
# 'general-admins' contact group definition
define contactgroup{
contactgroup_name general-admins
alias General Administrators
members networkalerts
}
# 'windows-server-admins' contact group definition
define contactgroup{
contactgroup_name windows-server-admins
alias Windows Server Administrators
members networkalerts
}
# 'windows-desktop-admins' contact group definition
define contactgroup{
contactgroup_name windows-desktop-admins
alias Windows Desktop Support
members networkalerts
}
# 'linux-server-admins' contact group definition
define contactgroup{
contactgroup_name linux-server-admins
alias Linux Administrators
members networkalerts
}
# 'switch-admins' contact group definition
define contactgroup{
contactgroup_name switch-admins
alias Etherswitch Administrators
members networkalerts
}
# 'router-admins' contact group definition
define contactgroup{
contactgroup_name router-admins
alias Router Technicians
members networkalerts
}
# 'firewall-admins' contact group definition
define contactgroup{
contactgroup_name firewall-admins
alias Firewall Technicians
members networkalerts
}
# 'printer-admins' contact group definition
define contactgroup{
contactgroup_name printer-admins
alias Printer Administrators
members networkalerts
}
# 'sensor-admins' contact group definition
define contactgroup{
contactgroup_name sensor-admins
alias Sensor Administrators
members networkalerts
}
Create a file called /usr/local/nagios/etc/examplecom/groups.cfg with the following template:
################################################################################
# Configuration File: Groups
#
# Last Modified: 2006/06/08
# By: Ray Burkholder
#
################################################################################
# Group DEFINITIONS
################################################################################
#define hostgroup {
# hostgroup_name groupname
# alias Member Devices
# members x,y
# }
[/OpenSource/Debian/Monitoring]
permanent link
2007 May 10 - Thu
TFTP Installation with ATFTPD
I use the atftpd tftp server daemon. For the most part, it is an easy package retrieval. However there are some
custom security and directory settings.
Installation
Install the package:
apt-get install atftpd
Edit /etc/inetd.conf and comment out the line with tftpd.
Restart inetd:
/etc/init.d/inetd.dpkg-new restart
Create a new directory, user, group, and privleges:
mkdir /var/atftpd
cd /var
groupadd atftpd
useradd -d /var/atftpd -g atftpd atftpd
chmod 766 atftpd
chown atftpd.atftpd atftpd
Edit /etc/default/atftpd. Add '--user atftpd.atftpd' and change '/tftpboot' to '/var/atftpd'.
Start the service: /etc/init.d/atftpd start
[/OpenSource/Debian/Monitoring]
permanent link
2007 May 09 - Wed
Upgrading Nfsen and Nfdump
As an update to my two articles for installing nfdump and installing nfsen, here are a few corrections and a process for upgrading.
As of this writing, the latest snapshots are for March 12. Here is the upgrade process:
cd /usr/src
wget http://superb-east.dl.sourceforge.net/sourceforge/nfsen/nfsen-snapshot-20070312.tar.gz
wget http://superb-west.dl.sourceforge.net/sourceforge/nfdump/nfdump-snapshot-20070312.tar.gz
/usr/local/nfsen/bin/nfsen.rc stop
tar -zxvf nfdump-snapshot-20070312.tar.gz
tar -zxvf nfsen-snapshot-20070312.tar.gz
cd nfdump-snapshot-20070312
./configure
make
make install
cd ../nfsen-snapshot-20070312
./install.pl /etc/nfsen/nfsen.conf
/usr/local/nfsen/bin/nfsen.rc start
The 'start' command could be placed in /etc/rc.local so it starts upon boot. The start command
also starts the flow collectors (nfdump), so there is no need to start them; the nfsen.rc command takes care
of everything.
[/OpenSource/Debian/Monitoring]
permanent link
|