wanderer/fastnetmon-rewritten
1
0
Fork 0
mirror of https://github.com/pavel-odintsov/fastnetmon synced 2024-11-23 13:22:36 +01:00
Code Issues Releases Activity

Merge pull request #119 from dotie/dotie-patch-1

Browse Source 
Update documentation
This commit is contained in:
Pavel Odintsov 2015-02-19 14:09:33 +03:00
commit 2594b81731
1 changed files with 20 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
INSTALL.md
View File

@ -1,32 +1,43 @@
For Debian 6, 7 and CentOS 6 and 7 you should use automatic installer:
For Debian 6, 7 and CentOS 6 and 7 you should use the automatic installer:
```bash
wget https://raw.githubusercontent.com/FastVPSEestiOu/fastnetmon/master/fastnetmon_install.pl
perl fastnetmon_install.pl
```
It's REQUIRED to add all your networks in CIDR form (11.22.33.44/24) to file /etc/networks_list if form when one subnet on one line. When you running this software in OpenVZ node you may did not specify networks explicitly, we can read it from file /proc/vz/veip.
It's REQUIRED to add all of your networks in CIDR notation (11.22.33.0/24) to the file /etc/networks_list in the form of one prefix per line. If you are running this software on an OpenVZ node, you may not need to specify networks explicitly, as we can read them from /proc/vz/veip.
You can add whitelist subnets in similar form to /etc/networks_whitelist (CIDR masks too).
You can whitelist prefixes by adding them to /etc/networks_whitelist (CIDR notation too).
Start main process:
```bash
./opt/fastnetmon/fastnetmon
/opt/fastnetmon/fastnetmon
```
Start client process in another console:
Start the client process in another console:
```bash
/opt/fastnetmon/fastnetmon_client
```
Enable programm start on server startup, please add to /etc/rc.local this lines:
To enable fastnetmon to start on server startup, please add the following line to /etc/rc.local:
```bash
screen -S fastnetmon -d -m /root/fastnetmon/fastnetmon
screen -S fastnetmon -d -m /opt/fastnetmon/fastnetmon
```
If something goes wrong, please check logs:
```bash
tail -f /var/logfastnetmon.log
tail -f /var/log/fastnetmon.log
```
When incoming or outgoing attack arrives programm call bash script (when it exists): /usr/local/bin/notify_about_attack.sh two times. First time when threshold exceed (at this step we know IP, direction and power of attack). Second when we collect 100 packets for detailed audit what did happens.
When an incoming or outgoing attack occurs, the program calls a bash script twice (if it exists):
```bash
/usr/local/bin/notify_about_attack.sh
```
The first time when threshold exceed (at this step we know IP, direction and power of attack). Second when we collect 100 packets for detailed audit of what happened.
A sample script is provided and can be installed as follows:
```bash
cp /usr/src/fastnetmon/notify_about_attack.sh /usr/local/bin/notify_about_attack.sh
chmod 755 /usr/local/bin/notify_about_attack.sh
```
After copying the file, you need to open it and configure the 'email_notify' option as required.
Guide for manual install (for unsupported platforms): [link](MANUAL_INSTALL.md)