2017-06-24 13:44:56 +02:00
For Debian 6, 7, 8, 9 and CentOS 6, 7 and Ubuntu 14.04 and Fedora and Gentoo you should use the automatic installer:
2014-11-22 13:30:32 +01:00
```bash
2015-10-08 17:47:07 +02:00
wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl -Ofastnetmon_install.pl
2015-05-08 15:57:25 +02:00
sudo perl fastnetmon_install.pl
2014-11-22 13:30:32 +01:00
```
2015-08-05 08:06:20 +02:00
Please keep in mind! We track some information about your machine (os type and distro version). If you do not want to share this information, please add flag --do-not-track-me to intsall script call. But in this case we can't improve FastNetMon for your distribution.
2015-03-13 16:36:38 +01:00
If you want to use netmap module, please install it: [netmap install ](NETMAP_INSTALL.md )
2014-11-22 13:30:32 +01:00
2015-02-14 13:46:33 +01:00
It's REQUIRED to add all of your networks in CIDR notation (11.22.33.0/24) to the file /etc/networks_list in the form of one prefix per line. If you are running this software on an OpenVZ node, you may not need to specify networks explicitly, as we can read them from /proc/vz/veip.
2014-11-22 13:30:32 +01:00
2015-02-14 13:46:33 +01:00
You can whitelist prefixes by adding them to /etc/networks_whitelist (CIDR notation too).
2014-11-22 13:30:32 +01:00
2014-12-22 16:39:46 +01:00
Start main process:
2014-11-22 13:30:32 +01:00
```bash
2015-02-14 13:46:33 +01:00
/opt/fastnetmon/fastnetmon
2014-11-22 13:30:32 +01:00
```
2015-02-14 13:46:33 +01:00
Start the client process in another console:
2014-12-22 16:39:46 +01:00
```bash
/opt/fastnetmon/fastnetmon_client
```
2015-02-14 13:46:33 +01:00
To enable fastnetmon to start on server startup, please add the following line to /etc/rc.local:
2014-11-22 14:17:26 +01:00
```bash
2015-05-07 09:06:08 +02:00
/opt/fastnetmon/fastnetmon --daemonize
2014-11-24 21:52:39 +01:00
```
If something goes wrong, please check logs:
```bash
2015-02-14 13:46:33 +01:00
tail -f /var/log/fastnetmon.log
2014-11-22 14:17:26 +01:00
```
2015-02-14 13:46:33 +01:00
When an incoming or outgoing attack occurs, the program calls a bash script twice (if it exists):
```bash
/usr/local/bin/notify_about_attack.sh
```
2015-09-13 21:17:08 +02:00
2015-02-14 13:46:33 +01:00
The first time when threshold exceed (at this step we know IP, direction and power of attack). Second when we collect 100 packets for detailed audit of what happened.
A sample script is provided and can be installed as follows:
```bash
2015-05-07 09:06:08 +02:00
cp /usr/src/fastnetmon/src/notify_about_attack.sh /usr/local/bin/notify_about_attack.sh
2015-02-14 13:46:33 +01:00
chmod 755 /usr/local/bin/notify_about_attack.sh
```
After copying the file, you need to open it and configure the 'email_notify' option as required.
2014-11-24 21:52:39 +01:00
2015-09-13 21:17:08 +02:00
You can use an alternative python script: /usr/src/fastnetmon/src/scripts/fastnetmon_notify.py
2015-03-13 16:38:50 +01:00
Guide for manual install (for unsupported platforms): [link ](MANUAL_INSTALL.md )
2015-07-29 15:27:30 +02:00
If you want unstable development branch, please use this syntax:
```bash
2015-10-08 17:47:07 +02:00
wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl -Ofastnetmon_install.pl
2015-07-29 15:27:30 +02:00
sudo perl fastnetmon_install.pl --use-git-master
```
