mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-30 01:15:52 +00:00
dfa096d246
Ourmon is a network management and anomaly detection system for performing various SNMP RMON-like network analysis tasks. It uses the BSD bpf in combination with RRDTOOL as well as various "top talker" style tuples including: top-N flows which include IP, TCP, UDP, and ICMP flows, top SYN senders, top TCP/UDP ports, top single IP src to many IP dst senders, top single IP src to L4 (TCP/UDP), top ICMP errors which includes UDP creators of ICMP errors and other tools for both network management and anomaly detection. RRDTOOL graphs include a year of baselined information. New RRDTOOL graphs may be designed with user-configured BPF expressions a la tcpdump. Reports and logging for top talkers are also included. WWW: http://ourmon.cat.pdx.edu/ourmon/ PR: ports/84530 Submitted by: Charlie Schluting <manos@cs.pdx.edu>
29 lines
809 B
Plaintext
29 lines
809 B
Plaintext
For the FreeBSD port, we assume
|
|
|
|
/usr/local/mrourmon
|
|
|
|
is the base directory, although that can be overridden with
|
|
the port Makefile.
|
|
|
|
Read the INSTALL file in the ourmon base directory.
|
|
**************************************************
|
|
|
|
If you want to uninstall ourmon, read "uninstall.txt" in
|
|
the base directory.
|
|
|
|
Be sure and inspect and modify the basic config file,
|
|
at /usr/local/mrourmon/etc/ourmon.conf. In particular
|
|
set the notion of topn_syn home IP in the config file
|
|
|
|
topn_syn_homeip 10.1.0.0 255.255.0.0
|
|
|
|
to your home subnet and netmask.
|
|
|
|
After setting the config file up properly,
|
|
in order to start the front-end probe process,
|
|
named "ourmon", you must cd to the base directory
|
|
and run the ourmon probe from the start shellscript.
|
|
|
|
# cd /usr/local/mrourmon/bin
|
|
# ./ourmon.sh start
|