Installation Notes
This is a work in progress. It has been tested in OpenBSD 4.4 and 4.6 in the default httpd(8) chroot.
Dependencies
You will need to have the xbaseXX set installed for some GD dependencies (freetype).
* postgresql-server * flowd * mod_perl * p5-flowd * p5-DBI * p5-DBD-Pg * p5-HTML-Template * p5-GD-Graph * subversion
As described in the install message for mod_perl, you'll need to enable the module.
$ sudo /usr/local/sbin/mod_perl-enable
Grabbing the Source
Releases are available here. You can also download the latest trunk with Subversion.
$ cd /var/www/ $ sudo svn co http://svn.netflowdashboard.com/netflowdashboard/trunk netflowdashboard $ sudo chown www netflowdashboard/cgi/images/tmp
Setting up the Database
All of the instructions for initializing PostgreSQL and adding the startup/shutdown bits are in /usr/local/share/doc/postgresql/README.OpenBSD. You're not expected to be a professional DBA, but you are expected to read the instructions for running PostgreSQL in OpenBSD. Here are the primary bits that you'll need to setup the necessary databases. I strongly suggest that users review the aforementioned file.
Note: Make sure you edit postgresql.conf to enable listen_addresses before starting the database. If you forget, just make the change and restart the database with "pg_ctl -D /var/postgresql/data -l logfile restart" (as the _postgresql user).
$ sudo su - _postgresql $ mkdir /var/postgresql/data $ initdb -D /var/postgresql/data -U postgres -A md5 -W $ grep listen data/postgresql.conf listen_addresses = 'localhost' $ pg_ctl -D /var/postgresql/data -l logfile start
Once you have PostgreSQL working, you'll use the PostgreSQL administrator role account (postgres) and NetFlow Dashboard administrator role account (nfdb_admin) to create the nfdb database. The default password for nfdb_admin is nfdb_admin_pass. The creation script requires you to enter the PostgreSQL administrator password twice and the NetFlow Dashboard administrator password once.
$ psql -U postgres -W < /var/www/netflowdashboard/sql/create_pgsql.sql <enter postgres password> <enter nfdb_admin password> <enter postgres password>
Database Optimization
Depending on your usage, the following settings can be modified to suit your needs. See the Resource Consumption and Write Ahead Log sections in the PostgreSQL manual for more details. Please note that the values I've listed are for a high-volume installation. Typical deployments should not need shared_buffers and work_mem cranked to this level.
# data/postgresql.conf shared_buffers = 96MB work_mem = 16MB checkpoint_segments = 8
NetFlow Collector
The following lines should be set in /etc/flowd.conf to match your setup. You should not start flowd manually. The netflowdb.pl script will manage flowd properly, including creation and cleanup of the logfile (a FIFO). Please note that sbin/netflowdb.pl does not yet daemonize, but it will soon. If you choose to run it with debug output enabled (-D), you may also want to run it inside a screen window manager for easy terminal detachment.
# /etc/flowd.conf logfile "/tmp/flowpipe" listen on 10.10.10.10:12345 flow source 10.10.10.1 accept agent 10.10.10.1
$ sudo /var/www/netflowdashboard/sbin/netflowdb.pl
NetFlow Agent
This is an example using a pflow(4) export from OpenBSD. When using pflow(4), don't forget to edit the pf.conf(5) rules that you wish to export NetFlow information about.
$ sudo ifconfig pflow0 flowsrc 10.10.10.1 flowdst 10.10.10.10:12345
$ ifconfig pflow0
pflow0: flags=<UP,RUNNING> mtu 1464
pflow: sender: 10.10.10.1 receiver: 10.10.10.10:12345
groups: pflow
Webserver
NetFlow Dashboard works in the default OpenBSD httpd(8) chroot using mod_perl. An example configuration follows.
<VirtualHost *:80>
ServerName nfdb.yourdomain.com
DocumentRoot /var/www/netflowdashboard/cgi
PerlModule Apache::PerlRun
<Location />
SetHandler perl-script
PerlHandler Apache::PerlRun
PerlRequire /var/www/netflowdashboard/cgi/startup.pl
Options ExecCGI
PerlSendHeader On
DirectoryIndex index.cgi
Order deny,allow
Allow from all
</Location>
<Location /images/>
SetHandler default-handler
</Location>
<Location /css/>
SetHandler default-handler
</Location>
<Location /js/>
SetHandler default-handler
</Location>
</VirtualHost>
Starting at Boot
The following stanza can be added to /etc/rc.local to have netflowdb.pl started automatically during boot. Make sure that it occurs after the PostgreSQL database is running.
if [ -x /var/www/netflowdashboard/sbin/netflowdb.pl ]; then
echo -n ' netflowdashboard'
HOME=/var/empty /var/www/netflowdashboard/sbin/netflowdb.pl &
fi
Maintenance Tasks
There are no longer any tasks that should need to be performed manually or automatically via cron. The only ongoing maintenance that should be required is typical PostgreSQL database administration (e.g. VACUUM).
