Shulou(Shulou.com)06/01 Report--

The purpose of this page is to facilitate the real-time viewing of the flow--ip traffic of the router in order to quickly analyze * *. If there are many external network ip accessing an ip in the internal network at the same time (the internal network has a large number of servers, the visits are usually not so centralized), then the page will have a color prompt to facilitate quick positioning and troubleshooting.

Wget http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm

Rpm-ivh epel-release-6-8.noarch.rpm

Yum-y install nfdump httpd php

Mkdir-p / usr/local/nfdump/test

Mkdir / flow

Chown apache.apache / flow

Setfacl-d-set g:apache:rwx / flow

Setfacl-d-set u:apache:rwx / flow

Nfcapd-z-w-D-1 / usr/local/nfdump/test-p 9996-S 0-t 60-T all-s 2000

Chkconfig httpd on & & service httpd restart

Add the following line at the bottom of vim / etc/rc.local

Nfcapd-z-w-D-1 / usr/local/nfdump/test-p 9996-S 0-t 60-T all-s 2000

Iptables release port 80 and port 9996 of udp, turn off selinux

Vim / flow/flow.sh press a, and then paste the following code

#! / bin/bash

Nfdump-r `find / usr/local/nfdump/test-name nfcapd.cu* `'router ip'$1' and if'$2cm'- o fmt:%sa "- >"% da "-"% byt-s record/bytes-Q-n 60 > $3

Vim / flow/top.sh press a, and then paste the following code

#! / bin/bash

If [[`cat $1 | awk'{print $3}'| sort | uniq-c | awk'{print $1}'| sort-nr | head-1`-ge 40]]; then

Echo "1" > $2

Else

Echo "0" > $2

Fi

Vim / var/www/html/index.php home page, press a, and then paste the following code, where 1.php is a separate page for each link, please add it yourself

Vim / var/www/html/1.php press a, and then paste the following code, in which the link name and router ip and snmp interface numbers need to be changed.

Link name

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.