Date: Thu, 28 Mar 2024 23:29:16 +0200 (EET) Message-ID: <2124040993.6671.1711661356430@abills> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_6670_1420974443.1711661356428" ------=_Part_6670_1420974443.1711661356428 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
=D0=9F=D1=80=D0=BE=D0=B3=D1=80=D0=B0=D0=BC=D0=BC=D0=B0 =D1=81=D0=B1=D0= =BE=D1=80=D0=B0 =D1=81=D1=82=D0=B0=D1=82=D0=B8=D1=81=D1=82=D0=B8=D0=BA=D0= =B8 =D0=B4=D0=BB=D1=8F =D0=BF=D0=BE=D1=81=D0=BB=D0=B5=D0=B4=D1=83=D1=8E=D1= =89=D0=B5=D0=B9 =D0=B5=D0=B5 =D0=BE=D0=B1=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0= =BA=D0=B8 =D0=B1=D0=B8=D0=BB=D0=BB=D0=B8=D0=BD=D0=B3=D0=BE=D0=BC.
Nfsen =E2=80=94 =D1=81=D0=B1=D0=BE= =D1=80=D1=89=D0=B8=D0=BA =D0=B8 =D0=B0=D0=BD=D0=B0=D0=BB=D0=B8=D0=B7=D0=B0= =D1=82=D0=BE=D1=80 Netflow =D1=81 =D0=BE=D1=82=D0=BA=D1=80=D1=8B=D1=82=D1= =8B=D0=BC =D0=B8=D1=81=D1=85=D0=BE=D0=B4=D0=BD=D1=8B=D0=BC =D0=BA=D0=BE=D0= =B4=D0=BE=D0=BC, =D0=BE=D1=82=D0=BE=D0=B1=D1=80=D0=B0=D0=B6=D0=B0=D0=B5=D1= =82 =D1=81=D1=82=D0=B0=D1=82=D0=B8=D1=81=D1=82=D0=B8=D0=BA=D1=83 =D0=B2 =D0= =B2=D0=B5=D0=B1 =D0=B8=D0=BD=D1=82=D0=B5=D1=80=D1=84=D0=B5=D0=B9=D1=81=D0= =B5 =D0=B2 =D0=B2=D0=B8=D0=B4=D0=B5 =D0=B3=D1=80=D0=B0=D1=84=D0=B8=D0=BA=D0= =BE=D0=B2.
=D0=9F=D0=B5=D1=80=D0=B5=D0=B4 =D1= =83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BA=D0=BE=D0=B9 Nfsen =D0=B4=D0= =BE=D0=BB=D0=B6=D0=B5=D0=BD =D0=B1=D1=8B=D1=82=D1=8C =D1=83=D1=81=D1=82=D0= =B0=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5=D0=BD Nfdump
=D0=94=D0=BB=D1=8F =D1=83=D1=81=D1= =82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BA=D0=B8 Nfdump =D0=B2 Ubuntu/Debian<= /p>
apt-get= install nfdump=20
=D0=92 CentOS:
sudo yu= m install nfdump=20
=D0=94=D0=BB=D1=8F =D0=BF=D1=80=D0=BE=D0=B4=D0=BE=D0=BB=D0=B6=D0=B5=D0=
=BD=D0=B8=D0=B5 =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BA=D0=B8
add-apt= -repository universe apt-get install apache2 php libapache2-mod-php librrds-perl librrdp-perl li= brrd-dev libmailtools-perl build-essential autoconf rrdtool libio-socket-in= et6-perl=20
=D0=A1=D0=BA=D0=B0=D1=87=D0=B0=D0= =B5=D0=BC Nfsen =D0=B8 =D1=80=D0=B0=D1=81=D0=BF=D0=B0=D0=BA=D1=83=D0= =B5=D0=BC:
mkdir /= srv/nfsen cd /srv/nfsen wget https://sourceforge.net/projects/nfsen/files/stable/nfsen-1.3.8/nfsen-= 1.3.8.tar.gz tar xzfv nfsen-1.3.8.tar.gz=20
=D0=A1=D0=BE=D0=B7=D0=B4=D0=B0=D0= =B4=D0=B8=D0=BC =D1=84=D0=B0=D0=B9=D0=BB =D0=BA=D0=BE=D0=BD=D1=84=D0=B8=D0= =B3=D1=83=D1=80=D0=B0=D1=86=D0=B8=D0=B8 =D0=B8 =D0=BE=D1=82=D0=BA=D1=80=D0= =BE=D0=B5=D0=BC =D0=B5=D0=B3=D0=BE =D0=B2 =D1=82=D0=B5=D0=BA=D1=81=D1=82=D0= =BE=D0=B2=D0=BE=D0=BC =D1=80=D0=B5=D0=B4=D0=B0=D0=BA=D1=82=D0=BE=D1=80=D0= =B5:
cd nfse= n-1.3.8/etc cp nfsen-dist.conf nfsen.conf nano nfsen.conf=20
=D0=95=D1=81=D0=BB=D0=B8 Ubuntu/Debian =D1=82=D0=BE =D0=B2 =D1=84=D0=B0= =D0=B9=D0=BB=D0=B5 /srv/nfsen/= etc/nfsen.conf
$BASEDI= R =3D "/srv/nfsen"; $PREFIX =3D '/usr/bin'; $USER =3D "www-data"; $WWWUSER =3D "www-data"; $WWWGROUP =3D "www-data"; =20 %sources =3D ( 'upstream1' =3D> { 'port' =3D> '555', 'col' =3D> '#0000ff',= 'IP' =3D>'195.158.00.000' 'type' =3D> 'netflow' }, 'upstream2' =3D> { 'port' =3D> '555', 'col' =3D> '#00ff00',= 'IP' =3D>'195.158.00.111' 'type' =3D> 'netflow' }, );=20
=D0=97=D0=B0=D0=BF=D1=83=D1=81=D1= =82=D0=B8=D0=BC =D1=81=D0=BA=D1=80=D0=B8=D0=BF=D1=82 =D1=83=D1=81=D1=82=D0= =B0=D0=BD=D0=BE=D0=B2=D0=BA=D0=B8 Nfsen:
cd .. ./install.pl ./etc/nfsen.conf=20
=D0=97=D0=B0=D0=BF=D1=83=D1=81=D1= =82=D0=B8=D0=BC nfsen:
/srv/nf= sen/bin/nfsen start=20
=D0=92 =D0=BA=D0=BE=D0=BD=D1=84=D0= =B8=D0=B3=D1=83=D1=80=D0=B0=D1=86=D0=B8=D0=B8 =D0=BC=D1=8B =D1=83=D0=BA=D0= =B0=D0=B7=D0=B0=D0=BB upstream1 =D1=81 =D0=BF=D0=BE=D1=80=D1=82=D0=BE=D0=BC= 555, =D0=BF=D0=BE =D1=8D=D1=82=D0=BE=D0=BC=D1=83 =D0=BF=D0=BE=D1=81=D0=BB= =D0=B5 =D0=B7=D0=B0=D0=BF=D1=83=D1=81=D0=BA=D0=B0 nsfsen =D0=BE=D0=BD =D0= =B0=D0=B2=D1=82=D0=BE=D0=BC=D0=B0=D1=82=D0=B8=D1=87=D0=B5=D1=81=D0=BA=D0=B8= =D0=B7=D0=B0=D0=BF=D1=83=D1=81=D1=82=D0=B8=D1=82 nfcapd =D0=BD=D0=B0 =D0= =BF=D0=BE=D1=80=D1=82=D1=83 555 =D0=B8 =D0=B1=D1=83=D0=B4=D0=B5=D1=82 =D0= =BF=D0=B8=D1=81=D0=B0=D1=82=D1=8C =D0=B4=D0=B0=D0=BD=D0=BD=D1=8B=D0=B5 =D0= =B2 =D0=B4=D0=B8=D1=80=D0=B5=D0=BA=D1=82=D0=BE=D1=80=D0=B8=D1=8E /srv/nfsen= /profiles-data/live/upstream1/.....
=D0=94=D0=BB=D1=8F =D0=B0=D0=B2=D1= =82=D0=BE=D0=B7=D0=B0=D0=BF=D1=83=D1=81=D0=BA=D0=B0 =D0=BF=D1=80=D0=B8 =D1= =81=D1=82=D0=B0=D1=80=D1=82=D0=B5 =D0=BE=D0=BF=D0=B5=D1=80=D0=B0=D1=86=D0= =B8=D0=BE=D0=BD=D0=BD=D0=BE=D0=B9 =D1=81=D0=B8=D1=81=D1=82=D0=B5=D0=BC=D1= =8B =D0=B2=D1=8B=D0=BF=D0=BE=D0=BB=D0=BD=D0=B8=D0=BC =D0=BA=D0=BE=D0=BC=D0= =B0=D0=BD=D0=B4=D1=8B:
ln -s /= srv/nfsen/bin/nfsen /etc/init.d/nfsen update-rc.d nfsen defaults 20=20
=D0=9E=D1=81=D1=82=D0=B0=D0=BB=D0= =BE=D1=81=D1=8C =D0=BD=D0=B0=D1=81=D1=82=D1=80=D0=BE=D0=B8=D1=82=D1=8C =D0= =BA=D0=BE=D0=BD=D1=84=D0=B8=D0=B3=D1=83=D1=80=D0=B0=D1=86=D0=B8=D1=8E =D0= =B2=D0=B5=D0=B1 =D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80=D0=B0 =D0=BB=D0=B8=D0= =B1=D0=BE =D0=BF=D1=80=D0=BE=D1=81=D1=82=D0=BE =D1=81=D0=BE=D0=B7=D0=B4=D0= =B0=D1=82=D1=8C =D1=81=D0=B8=D0=BC=D0=B2=D0=BE=D0=BB=D0=B8=D1=87=D0=B5=D1= =81=D0=BA=D1=83=D1=8E =D1=81=D1=81=D1=8B=D0=BB=D0=BA=D1=83 =D0=B2 www =D0= =B4=D0=B8=D1=80=D0=B5=D0=BA=D1=82=D0=BE=D1=80=D0=B8=D1=8E (=D0=BF=D0=BE=D1= =81=D0=BB=D0=B5 =D1=8D=D1=82=D0=BE=D0=B3=D0=BE =D0=BC=D0=BE=D0=B6=D0=BD=D0= =BE =D0=B1=D1=83=D0=B4=D0=B5=D1=82 =D0=BE=D1=82=D0=BA=D1=80=D1=8B=D1=82=D1= =8C nfsen =D0=B2 =D0=B1=D1=80=D0=B0=D1=83=D0=B7=D0=B5=D1=80=D0=B5, =D0=BD= =D0=B0=D0=BF=D1=80=D0=B8=D0=BC=D0=B5=D1=80 http://ixnfo.com/nfse= n/nfsen.php):
ln -s /= srv/nfsen/www/ /var/www/html/nfsen ln -s /var/www/nfsen/ /var/www/html/nfsen=20
=D0=9F=D0=BE=D1=81=D0=BB=D0=B5 =D1= =80=D0=B5=D0=B4=D0=B0=D0=BA=D1=82=D0=B8=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8= =D1=8F =D0=BA=D0=BE=D0=BD=D1=84=D0=B8=D0=B3=D1=83=D1=80=D0=B0=D1=86=D0=B8= =D0=B8, =D0=BD=D0=B0=D0=BF=D1=80=D0=B8=D0=BC=D0=B5=D1=80 =D0=BA=D0=BE=D0=B3= =D0=B4=D0=B0 =D0=BD=D1=83=D0=B6=D0=BD=D0=BE =D0=B4=D0=BE=D0=B1=D0=B0=D0=B2= =D0=B8=D1=82=D1=8C =D0=B8=D0=BB=D0=B8 =D0=B8=D0=B7=D0=BC=D0=B5=D0=BD=D0=B8= =D1=82=D1=8C =D0=B8=D1=81=D1=82=D0=BE=D1=87=D0=BD=D0=B8=D0=BA=D0=B8, =D0=B2= =D1=8B=D0=BF=D0=BE=D0=BB=D0=BD=D0=B8=D0=BC:
cd /srv= /nfsen/bin ./nfsen reconfig=20
=D0=A7=D0=B5=D1=80=D0=B5=D0=B7 =D0= =BD=D0=B5=D0=BA=D0=BE=D1=82=D0=BE=D1=80=D0=BE=D0=B5 =D0=B2=D1=80=D0=B5=D0= =BC=D1=8F =D0=B4=D0=BE=D0=BB=D0=B6=D0=BD=D1=8B =D0=BF=D0=BE=D1=8F=D0=B2=D0= =B8=D1=82=D1=81=D1=8F =D0=B4=D0=B0=D0=BD=D0=BD=D1=8B=D0=B5 =D0=BD=D0=B0 =D0= =B3=D1=80=D0=B0=D1=84=D0=B8=D0=BA=D0=B0=D1=85, =D1=82=D0=B0=D0=BA=D0=B6=D0= =B5 =D1=87=D0=B5=D1=80=D0=B5=D0=B7 tcpdump =D0=BC=D0=BE=D0=B6=D0=BD=D0=BE = =D0=BF=D0=BE=D1=81=D0=BC=D0=BE=D1=82=D1=80=D0=B5=D1=82=D1=8C =D0=BF=D1=80= =D0=B8=D1=85=D0=BE=D0=B4=D1=8F=D1=82 =D0=BB=D0=B8 =D0=B4=D0=B0=D0=BD=D0=BD= =D1=8B=D0=B5 =D0=BE=D1=82 =D1=81=D0=B5=D0=BD=D1=81=D0=BE=D1=80=D0=B0:
tcpdump= port 555 -e -n=20
=D0=A3=D0=B1=D0=B5=D0=B4=D0=B8=D0= =BC=D1=81=D1=8F =D1=87=D1=82=D0=BE nfsen =D0=B7=D0=B0=D0=BF=D1=83=D1=81=D0= =BA=D0=B0=D0=B5=D1=82=D1=81=D1=8F =D0=BF=D1=80=D0=B8 =D0=B7=D0=B0=D0=BF=D1= =83=D1=81=D0=BA=D0=B5 =D0=BE=D0=BF=D0=B5=D1=80=D0=B0=D1=86=D0=B8=D0=BE=D0= =BD=D0=BD=D0=BE=D0=B9 =D1=81=D0=B8=D1=81=D1=82=D0=B5=D0=BC=D1=8B:
systemc= tl is-enabled nfsen systemctl is-enabled nfdump systemctl enable nfsen systemctl status nfsen=20
=D0=95=D1=81=D0=BB=D0=B8 =D0=B2 = =D0=BE=D0=BF=D0=B5=D1=80=D0=B0=D1=86=D0=B8=D0=BE=D0=BD=D0=BD=D0=BE=D0=B9 = =D1=81=D0=B8=D1=81=D1=82=D0=B5=D0=BC=D0=B5 =D1=83=D1=81=D1=82=D0=B0=D0=BD= =D0=BE=D0=B2=D0=BB=D0=B5=D0=BD flow-tools, =D1=82=D0=BE =D0=BC=D0=BE=D0=B6= =D0=BD=D0=BE =D0=BE=D1=82=D0=BA=D0=BB=D1=8E=D1=87=D0=B8=D1=82=D1=8C =D0=B5= =D0=B3=D0=BE =D1=82=D0=B0=D0=BA:
systemc= tl is-enabled flow-capture systemctl disable flow-capture systemctl status flow-capture systemctl stop flow-capture=20
=D0=9F=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D0=BA=D0=B0/=D1=80=D0=B5=D0=B4=D0= =B0=D0=BA=D1=82=D0=B8=D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5 =D0=BD=D0= =B0=D1=81=D1=82=D1=80=D0=BE=D0=B5=D0=BA =D1=81=D0=B5=D1=80=D0=B2=D0=B8=D1= =81=D0=B0
vim /et= c/systemd/system/nfsen.service=20
=D0=A1=D0=B4=D0=B5=D0=BB=D0=B0=D1= =82=D1=8C =D1=81=D0=B8=D0=BC=D0=BB=D0=B8=D0=BD=D0=BA =D0=BD=D0=B0 =D1=84=D0= =B0=D0=B9=D0=BB traffic2sql=
ln -s /= usr/abills/Abills/modules/Internet/traffic2sql /usr/abills/libexec/traffic2= sql=20
=D0=94=D0=BB=D1=8F =D1=81=D0=B1=D0=BE=D1=80=D0=B0 =D0=B4=D0=B0=D0=BD=D0=
=BD=D1=8B=D1=85 c Nfsen =D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D0=B5=D0=BD=D0=
=B8=D0=B5 =D0=B4=D0=B0=D0=BD=D0=BD=D1=8B=D1=85 =D0=B2 =D0=B1=D0=B0=D0=B7=D1=
=83 =D0=B4=D0=B0=D0=BD=D0=BD=D1=8B=D1=85 =D0=BD=D1=83=D0=B6=D0=BD=D0=BE =D0=
=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=B8=D1=82=D1=8C =D0=B2=D1=8B=D0=B7=D0=BE=D0=B2 =D1=84=D0=B0=D0=B9=D0=BB=D0=
=B0 traffic2sql =D0=BD=D0=B0 =D0=BA=D1=80=D0=
=BE=D0=BD =D0=BA=D0=B0=D0=B6=D0=B4=D1=8B=D0=B9 =D1=87=D0=B0=D1=81 =D0=B2 /etc/crontab . =D0=92 =D0=BF=D0=BE=D0=BB=D0=B5 [NAS_IDS] =D1=
=83=D0=BA=D0=B0=D0=B7=D0=B0=D1=82=D1=8C NAS_ID. =D0=94=D0=BB=D1=8F =D0=BF=
=D1=80=D0=BE=D0=B2=D0=B5=D1=80=D0=BA=D0=B8 =D0=B2=D1=8B=D0=B2=D0=BE=D0=B4=
=D0=B0 =D0=B4=D0=B0=D0=BD=D0=BD=D1=8B=D1=85 =D1=81 =D0=BF=D0=BE=D1=82=D0=BE=
=D0=BA=D0=B0 =D0=BF=D0=BE=D1=81=D1=82=D0=B0=D0=B2=D0=B8=D1=82=D1=8C DEBUG=
=3D8.
=D0=9F=D0=BE =D1=83=D0=BC=D0=BE=D0=BB=D1=87=D0=B0=D0=BD=D0=B8=D1=8E =D0= =BF=D1=83=D1=82=D1=8C =D0=B4=D0=BB=D1=8F =D0=BF=D1=80=D0=BE=D0=B3=D1=80=D0= =B0=D0=BC=D0=BC=D1=8B Nfdump =D1=83=D0=BA=D0=B0=D0=B7=D0=B0=D0=BD=D0=B0 =D0= =BF=D0=BE =D0=B0=D0=B4=D1=80=D0=B5=D1=81=D1=83 '/usr/bin/nfdump'. =D0=95=D1=81=D0=BB=D0=B8 =D0=BF=D1=80=D0=BE=D0=B3=D1=80=D0=B0= =D0=BC=D0=BC=D0=B0 =D1=83=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BB=D0=B5= =D0=BD=D0=B0 =D0=BF=D0=BE =D0=B4=D1=80=D1=83=D0=B3=D0=BE=D0=BC=D1=83 =D0=BF= =D1=83=D1=82=D0=B8 - =D0=BC=D0=BE=D0=B6=D0=BD=D0=BE =D0=B7=D0=B0=D0=B4=D0= =B0=D1=82=D1=8C =D1=87=D0=B5=D1=80=D0=B5=D0=B7 =D0=B0=D1=80=D0=B3=D1=83=D0= =BC=D0=B5=D0=BD=D1=82 FLOW_NFDUMP=3D/usr/local/bin/nfdump
* */1 = * * * root /usr/abills/libexec/traffic2sql [NAS_IDS] NFSEN=3D1 flowdir=3D/s= rv/nfsen/profiles-data/live/upstream1/=20
=D0=9F=D1=80=D0=B8=D0=BC=D0=B5=D1=80:
* */1 * * * root /usr/abills/libexec/= traffic2sql 5 NFSEN=3D1 flowdir=3D/srv/nfsen/profiles-data/live/upstream1/<= /p>
flow-tools
=D0=A3=D1=81= =D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BA=D0=B0 flow-tools
=D0=A3=D1=81=D1=82=D0=B0=D0=BD=D0=BE=D0=B2=D0=BA=D0=B0 =D0=BD=D0=B0 = ;FreeBSD =D0=B8 Debian
=D0=97=D0=B0=D0=BF=D1=83=D1=81=D0=BA =D1=81=D0=BA=D1=80=D0=B8=D0=BF=D1=
=82=D0=B0 =D0=BE=D0=B1=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=BA=D0=B8 =D1=81=D1=
=82=D0=B0=D1=82=D0=B8=D1=81=D1=82=D0=B8=D0=BA=D0=B8
/etc/crontab=
*/10 *= * * * root /usr/abills/libexec/traffic2sql 8 flowdir=3D/usr/abills/var/log= /ipn/=20
=D0=95=D1=81=D0=BB=D0=B8 =D1=83 =D0=92=D0=B0=D1=81 =D0=BD=D0=B5=D1= =81=D0=BA=D0=BE=D0=BB=D1=8C=D0=BA=D0=BE NAS-=D1=81=D0=B5=D1=80=D0=B2=D0=B5= =D1=80=D0=BE=D0=B2 (=D0=BA=D0=BE=D0=BB=D0=BB=D0=B5=D0=BA=D1=82=D0=BE=D1=80= =D0=BE=D0=B2 =D1=82=D1=80=D0=B0=D1=84=D0=B8=D0=BA=D0=B0), =D1=82=D0=BE =D0= =B4=D0=BB=D1=8F =D0=BA=D0=B0=D0=B6=D0=B4=D0=BE=D0=B3=D0=BE =D0=BD=D1=83=D0= =B6=D0=BD=D0=BE =D1=81=D0=BE=D0=B7=D0=B4=D0=B0=D1=82=D1=8C =D0=BE=D1=82=D0= =B4=D0=B5=D0=BB=D1=8C=D0=BD=D1=83=D1=8E =D0=BF=D0=B0=D0=BF=D0=BA=D1=83 =D0= =B4=D0=BB=D1=8F =D0=BB=D0=BE=D0=B3=D0=BE=D0=B2.
(aka kir)
no ip r= cmd domain-lookup ip rcmd rsh-enable ip rcmd remote-host firewall 192.168.0.1 root enable ! ip flow-export source FastEthernet0/1 ip flow-export version 5 ip flow-export destination 192.168.0.1 9996 ! access-list 100 permit 172.19.80.0 0.0.0.255 192.168.0.1 - =D0=A0=D0=B0=D0=B7=D1=80=D0=B5=D1=88=D0=B0=D0=B5=D0=BC =D0=BF=D1=80=D0=BE= =D1=85=D0=BE=D0=B6=D0=B4=D0=B5=D0=BD=D0=B8=D0=B5 =D0=BF=D0=B0=D0=BA=D0=B5= =D1=82=D0=BE=D0=B2 =D0=BD=D0=B0 =D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80 =D1=81= =D1=82=D0=B0=D1=82=D0=B8=D1=81=D1=82=D0=B8=D0=BA=D0=B8 access-list 100 dynamic ABILS permit IP any any - =D0=94=D0=B8=D0=BD=D0=B0=D0=BC=D0=B8=D1=87=D0=B5=D1=81=D0=BA=D0=B8=D0=B5 = =D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB=D0=B0 =D0=B1=D1=83=D0=B4=D1=83=D1=82 = =D0=B4=D0=BE=D0=B1=D0=B0=D0=B2=D0=BB=D1=8F=D1=82=D1=8C=D1=81=D1=8F =D1=82= =D1=83=D1=82 access-list 100 deny ip any any =D0=95=D1=81=D0=BB=D0=B8 =D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB=D0=B0 =D0=BD= =D0=B5=D1=82, =D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF =D0=BF=D0=BE=D0=BB=D1=8C= =D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8E =D0=BF=D0=BE =D1=83=D0=BC= =D0=BE=D0=BB=D1=87=D0=B0=D0=BD=D0=B8=D1=8E =D0=B7=D0=B0=D0=BA=D1=80=D1=8B= =D1=82! ! interface FastEthernet0/1.21 ip address 192.168.0.1 255.255.255.0 ip access-group 100 in =D0=9D=D0=B5 =D0=B7=D0=B0=D0=B1=D1=8B=D0=B2=D0=B0=D0=B5=D0=BC =D0=BF=D1=80= =D0=B8=D0=B2=D1=8F=D0=B7=D0=B0=D1=82=D1=8C =D0=B3=D1=80=D1=83=D0=BF=D0=BF= =D1=83 =D0=BF=D1=80=D0=B0=D0=B2=D0=B8=D0=BB =D0=BA =D0=B8=D0=BD=D1=82=D0=B5= =D1=80=D1=84=D0=B5=D0=B9=D1=81=D1=83! !=20
192.168.0.1 - =D0=90=D0=B4=D1=80=D0=B5=D1=81 =D0=BA=D0=BE=D0=BB=D0=BB=D0= =B5=D0=BA=D1=82=D0=BE=D1=80=D0=B0 =D0=B4=D0=BB=D1=8F =D0=BF=D0=BE=D1=82=D0= =BE=D0=BA=D0=B0 Netflow (flow-tools)
=D0=94=D0=BB=D1=8F =D0=B1=D0=BB=D0=BE=D0=BA=D0=B8=D1=80=D0=BE=D0=B2=D0= =BA=D0=B8 =D0=B8 =D0=BE=D1=82=D0=BA=D1=80=D1=8B=D1=82=D0=B8=D1=8F =D0=B4=D0= =BE=D1=81=D1=82=D1=83=D0=BF=D0=B0 =D0=BC=D0=BE=D0=B6=D0=BD=D0=BE =D0=B8=D1= =81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D1=8C =D1=81=D0= =BA=D1=80=D0=B8=D0=BF=D1=82
/usr/ab= ills/misc/cisco_access ACTION - Allow/Deny IP - Client IP debug - Make debug log=20
/usr/local/etc/sudoers
www A= LL =3D NOPASSWD: /usr/abills/misc/cisco_access=20
ABillS IPN Traffic collector
=D0=90=D0=BD=D0=B0=D0=BB=D0=
=B8=D0=B7=D0=B0=D1=82=D0=BE=D1=80 =D1=82=D1=80=D0=B0=D1=84=D0=B8=D0=BA=D0=
=B0 =D0=B4=D0=BB=D1=8F =D0=BC=D0=BE=D0=B4=D1=83=D0=BB=D1=8F IPN
=D0=A2=D0=B0=D0=BA =D0=BA=D0=B0=D0=BA =D0=BF=D1=80=D0=BE=D0=B3=D1=80=D0= =B0=D0=BC=D0=BC=D0=B0 =D0=B0=D0=BD=D0=B0=D0=BB=D0=B8=D0=B7=D0=B8=D1=80=D1= =83=D0=B5=D1=82 =D0=BF=D1=80=D0=B8=D1=88=D0=B5=D0=B4=D1=88=D0=B8=D0=B5 =D0= =B7=D0=B0 5 =D0=BC=D0=B8=D0=BD=D1=83=D1=82 =D0=BF=D0=B0=D0=BA=D0=B5=D1=82= =D1=8B, =D0=B8 =D0=BF=D0=BE=D1=82=D0=BE=D0=BC =D1=81=D0=BA=D0=BB=D0=B0=D0= =B4=D1=8B=D0=B2=D0=B0=D0=B5=D1=82 =D0=B8=D1=85 =D0=B2 =D0=B1=D0=B0=D0=B7=D1= =83 =D0=BF=D1=80=D0=B8 =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE=D0= =B2=D0=B0=D0=BD=D0=B8=D0=B8 =D0=B4=D0=B8=D0=BD=D0=B0=D0=BC=D0=B8=D1=87=D0= =B5=D1=81=D0=BA=D0=B8=D1=85 =D0=B0=D0=B4=D1=80=D0=B5=D1=81=D0=BE=D0=B2 =D1= =81=D0=B8=D1=81=D1=82=D0=B5=D0=BC=D0=B0 =D0=BC=D0=BE=D0=B6=D0=B5=D1=82 =D0= =BD=D0=B5 =D1=83=D1=81=D0=BF=D0=B5=D1=82=D1=8C =D0=B2=D0=BD=D0=B5=D1=81=D1= =82=D0=B8 =D1=82=D1=80=D0=B0=D1=84=D0=B8=D0=BA =D0=BF=D0=BE=D1=81=D0=BB=D0= =B5=D0=B4=D0=BD=D0=B8=D1=85 5 =D0=BC=D0=B8=D0=BD=D1=83=D1=82 =D0=BF=D0=B5= =D1=80=D0=B5=D0=B4 =D1=80=D0=B0=D0=B7=D1=80=D1=8B=D0=B2=D0=BE=D0=BC =D1=81= =D0=B5=D1=81=D1=81=D0=B8=D0=B8.
=D0=9F=D0=B5=D1=80=D0=B5=D0=B4 =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0= =B7=D0=BE=D0=B2=D0=B0=D0=BD=D0=B8=D0=B5=D0=BC =D1=81=D0=BC. =D0=A3=D1=81=D1=82=D0=B0=D0=BD= =D0=BE=D0=B2=D0=BA=D0=B0 flow-tools.
=D0=97=D0=B0=D0=BF=D1=83=D1=81=D0=BA =D1=81=D0=BA=D1=80=D0=B8=D0=BF=D1= =82=D0=B0 =D0=BE=D0=B1=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=BA=D0=B8 =D1=81=D1= =82=D0=B0=D1=82=D0=B8=D1=81=D1=82=D0=B8=D0=BA=D0=B8 /etc/cront= ab
*/5 * *= * * root /usr/abills/libexec/traffic2sql [NAS_IDS] flowdir=3D/usr/abills/v= ar/log/ipn/=20
=D0= =9F=D0=B0=D1=80=D0=B0=D0=BC=D0=B5=D1=82=D1=80=D1=8B:
traffic= 2sql [NAS_IDS] [Options]=20
=D0= =9F=D1=80=D0=B8=D0=BC=D0=B5=D1=80 =D0=B2=D1=8B=D0=B7=D0=BE=D0=B2=D0=B0 =D0= =B4=D0=BB=D1=8F =D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80=D0=BE=D0=B2 =D1=81 ID = 1,2,3:
/usr/ab= ills/libexec/traffic2sql 1,2,3 flowdir=3D/usr/abills/var/log/ipn/=20
=D0=9E=D0=BF=D1=86=D0=B8=D0=B8:
NAS_IDS | ID (NAS) =D1=81=D0=B5=D1=80=D0=B2=D0=B5=D1=80=D0= =BE=D0=B2 =D0=B4=D0=BE=D1=81=D1=82=D1=83=D0=BF=D0=B0. =D0=A4=D0=BE=D1=80=D0= =BC=D0=B0=D1=82: 1,2,3 =D0=B8=D0=BB=D0=B8 1-100 |
---|---|
log | =D0=A0=D0=B0=D1=81=D0=BF=D0=BE=D0=BB=D0=BE=D0=B6= =D0=B5=D0=BD=D0=B8=D0=B5 =D1=84=D0=B0=D0=B9=D0=BB=D0=B0 =D1=82=D1=80=D0=B0= =D1=84=D0=B8=D0=BA=D0=B0 =D0=B4=D0=BB=D1=8F trafd |
INTERFACE | =D0=98=D0=BD=D1=82=D0=B5=D1=80=D1=84=D0=B5=D0=B9= =D1=81 =D0=B4=D0=BB=D1=8F trafd |
flowdir | =D0=9A=D0=B0=D1=82=D0=B0=D0=BB=D0=BE=D0=B3, =D0= =B2 =D0=BA=D0=BE=D1=82=D0=BE=D1=80=D1=8B=D0=B9 =D1=81=D0=BA=D0=BB=D0=B0=D0= =B4=D1=8B=D0=B2=D0=B0=D1=8E=D1=82=D1=81=D1=8F =D1=84=D0=B0=D0=B9=D0=BB=D1= =8B =D1=80=D0=B0=D0=B1=D0=BE=D1=82=D1=8B flow-capture. =D0=9F=D0=BE=D1=81= =D0=BB=D0=B5 =D0=BE=D0=B1=D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=BA=D0=B8 =D1=84= =D0=B0=D0=B9=D0=BB=D0=BE=D0=B2 ft* =D0=BE=D0=BD=D0=B8 =D0=B0=D0=B2=D1= =82=D0=BE=D0=BC=D0=B0=D1=82=D0=B8=D1=87=D0=B5=D1=81=D0=BA=D0=B8 =D1=83=D0= =B4=D0=B0=D0=BB=D1=8F=D1=8E=D1=82=D1=81=D1=8F =D0=BF=D1=80=D0=BE=D0=B3=D1= =80=D0=B0=D0=BC=D0=BC=D0=BE=D0=B9 traffic2sql. |
FLOWTOOLS_IP_AGGREGA= TION=3D1 | =D0=90=D0=B3=D1=80=D0=B5=D0=B3=D0=B0=D1=86=D0=B8= =D1=8F =D0=BF=D0=BE=D1=82=D0=BE=D0=BA=D0=BE=D0=B2 =D0=BF=D0=BE IP =D0=B0=D0= =B4=D1=80=D0=B5=D1=81=D0=B0=D0=BC. =D0=9F=D0=BE=D0=B4=D0=BD=D0=B8=D0=BC=D0= =B0=D0=B5=D1=82 =D1=81=D0=BA=D0=BE=D1=80=D0=BE=D1=81=D1=82=D1=8C =D0=B0=D0= =BD=D0=B0=D0=BB=D0=B8=D0=B7=D0=B0. |
FLOWTOOLS_FT_BACKUP= =3Ddir | =D0=9F=D0=B5=D1=80=D0=B5=D0=BD=D0=BE=D1=81=D0=B8= =D1=82=D1=8C =D0=BF=D1=80=D0=BE=D0=B0=D0=BD=D0=B0=D0=BB=D0=B8=D0=B7=D0=B8= =D1=80=D0=BE=D0=B2=D0=B0=D0=BD=D0=BD=D1=8B=D0=B5 =D1=84=D0=B0=D0=B9=D0=BB= =D1=8B =D0=B2 =D0=B1=D0=B5=D0=BA=D0=B0=D0=BF=D0=BD=D1=8B=D0=B9 =D0=BA=D0=B0= =D1=82=D0=B0=D0=BB=D0=BE=D0=B3. =D0=98=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7= =D1=83=D0=B5=D1=82=D1=81=D1=8F =D0=B4=D0=BB=D1=8F =D0=BE=D1=82=D0=BB=D0=B0= =D0=B4=D0=BA=D0=B8 |
DEBUG | =D0=A0=D0=B5=D0=B6=D0=B8=D0=BC =D0=BE=D1=82=D0= =BB=D0=B0=D0=B4=D0=BA=D0=B8 (1..6) =D1=80=D0=B5=D0=B6=D0=B8=D0= =BC 5 =D0=B8 6 =D0=92 =D0=91=D0=90=D0=97=D0=A3 =D0=94=D0=90=D0=9D= =D0=9D=D0=AB=D0=95 =D0=9D=D0=95 =D0=92=D0=9D=D0=9E=D0=A1=D0=98=D0=A2 |
DETAIL_ONLY | =D0=A1=D0=BA=D0=BB=D0=B0=D0=B4=D1=8B=D0=B2=D0=B0= =D1=82=D1=8C =D0=B2 =D0=B1=D0=B0=D0=B7=D1=83 =D1=82=D0=BE=D0=BB=D1=8C=D0=BA= =D0=BE =D0=B4=D0=B5=D1=82=D0=B0=D0=BB=D0=B8=D0=B7=D0=B0=D1=86=D0=B8=D1=8E = =D0=B4=D0=BB=D1=8F =D0=B0=D0=BA=D1=82=D0=B8=D0=B2=D0=BD=D1=8B=D1=85 =D0=BA= =D0=BB=D0=B8=D0=B5=D0=BD=D1=82=D0=BE=D0=B2 (=D0=BF=D1=80=D0=B8=D1=81=D1=83= =D1=82=D1=81=D1=82=D0=B2=D1=83=D1=8E=D1=89=D0=B8=D1=85 =D0=B2 /Monitoring),= =D1=81=D0=B0=D0=BC =D0=BF=D0=BE=D0=B4=D1=81=D1=87=D0=B5=D1=82 =D1=82=D1=80= =D0=B0=D1=84=D0=B8=D0=BA=D0=B0 =D0=B8 =D0=B2=D0=B5=D0=B4=D0=B5=D0=BD=D0=B8= =D0=B5 =D1=81=D0=B5=D1=81=D1=81=D0=B8=D0=B9 =D0=BD=D0=B5 =D0=BF=D1=80=D0=BE= =D0=B8=D0=B7=D0=B2=D0=BE=D0=B4=D0=B8=D1=82=D1=81=D1=8F |
UNKNOWN_IP_LOG | =D0=92=D0=BA=D0=BB=D1=8E=D1=87=D0=B8=D1=82=D1=8C= =D1=83=D1=87=D1=91=D1=82 =D0=B0=D0=B4=D1=80=D0=B5=D1=81=D0=BE=D0=B2, =D0= =BD=D0=B5 =D0=BE=D1=82=D0=BD=D0=BE=D1=81=D1=8F=D1=89=D0=B8=D1=85=D1=81=D1= =8F =D0=BA =D0=B0=D0=BA=D1=82=D0=B8=D0=B2=D0=BD=D1=8B=D0=BC =D0=BF=D0=BE=D0= =BB=D1=8C=D0=B7=D0=BE=D0=B2=D0=B0=D1=82=D0=B5=D0=BB=D1=8F=D0=BC |
TCOLLECTOR | =D0=A0=D0=B5=D0=B6=D0=B8=D0=BC =D0=B3=D0=BB=D0= =BE=D0=B1=D0=B0=D0=BB=D1=8C=D0=BD=D0=BE=D0=B3=D0=BE =D0=BA=D0=BE=D0=BB=D0= =BB=D0=B5=D0=BA=D1=82=D0=BE=D1=80=D0=B0. =D0=A1=D0=BA=D0=BB=D0=B0=D0=B4=D1= =8B=D0=B2=D0=B0=D1=82=D1=8C =D0=B2=D0=B5=D1=81=D1=8C =D1=82=D1=80=D0=B0=D1= =84=D0=B8=D0=BA, =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B5=D0=BD=D0=BD=D1=8B=D0= =B9 =D0=BE=D1=82 =D0=BA=D0=BE=D0=BB=D0=BB=D0=B5=D0=BA=D1=82=D0=BE=D1=80=D0= =B0 |
AMON_ALIVE | =D0=98=D0=BD=D1=82=D0=B5=D1=80=D0=B2=D0=B0=D0=BB= =D0=BF=D0=BE=D0=BB=D1=83=D1=87=D0=B5=D0=BD=D0=B8=D1=8F =D0=BF=D0=BE=D0=B4= =D1=82=D0=B2=D0=B5=D1=80=D0=B6=D0=B4=D0=B5=D0=BD=D0=B8=D1=8F =D0=B0=D0=BA= =D1=82=D0=B8=D0=B2=D0=BD=D0=BE=D1=81=D1=82=D0=B8 =D0=BE=D1=82 AMon. =D0=98=D0=BD=D1=82=D0=B5=D1=80=D0=B2= =D0=B0=D0=BB =D0=B7=D0=B0=D0=B4=D0=B0=D1=91=D1=82=D1=81=D1=8F =D0=B2 =D1=81= =D0=B5=D0=BA=D1=83=D0=BD=D0=B4=D0=B0=D1=85 (=D0=97=D0=BD=D0=B0=D1=87=D0=B5= =D0=BD=D0=B8=D0=B5 =D0=BF=D0=BE =D1=83=D0=BC=D0=BE=D0=BB=D1=87=D0=B0=D0=BD= =D0=B8=D1=8E 120). =D0=95=D1=81=D0=BB=D0=B8 =D0=BD=D0=B0 =D0=BF=D1=80=D0=BE= =D1=82=D1=8F=D0=B6=D0=B5=D0=BD=D0=B8=D0=B8 3 =D0=B8=D0=BD=D1=82=D0=B5=D1=80= =D0=B2=D0=B0=D0=BB=D0=BE=D0=B2 =D0=BD=D0=B5 =D0=BF=D1=80=D0=B8=D1=88=D0=BB= =D0=BE =D0=BD=D0=B8 =D0=BE=D0=B4=D0=BD=D0=BE=D0=B3=D0=BE =D0=BF=D0=B0=D0=BA= =D0=B5=D1=82=D0=B0 =D0=B0=D0=BA=D1=82=D0=B8=D0=B2=D0=BD=D0=BE=D1=81=D1=82= =D0=B8 =D1=81=D0=B8=D1=81=D1=82=D0=B5=D0=BC=D0=B0 =D0=B7=D0=B0=D0=BA=D1=80= =D1=8B=D0=B2=D0=B0=D0=B5=D1=82 =D1=81=D0=BE=D0=B5=D0=B4=D0=B8=D0=BD=D0=B5= =D0=BD=D0=B8=D0=B5. |
daemon | =D0=A0=D0=B5=D0=B6=D0=B8=D0=BC =D0=B4=D0=B5=D0= =BC=D0=BE=D0=BD=D0=B0 (=D0=BF=D0=BE=D0=BA=D0=B0 =D0=B2 =D1=80=D0=B0=D0=B7= =D1=80=D0=B0=D0=B1=D0=BE=D1=82=D0=BA=D0=B5) |
FLOW_CAT | =D0=9C=D0=B5=D1=81=D1=82=D0=BE=D0=BF=D0=BE=D0=BB= =D0=BE=D0=B6=D0=B5=D0=BD=D0=B8=D0=B5 Flow tools flow-cat |
FLOW_PRINT | =D0=9C=D0=B5=D1=81=D1=82=D0=BE=D0=BF=D0=BE=D0=BB= =D0=BE=D0=B6=D0=B5=D0=BD=D0=B8=D0=B5 Flow tools flow-print |
PREPAID_STORE | =D0=98=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D0=BE= =D0=B2=D0=B0=D0=BD=D0=B8=D1=8F =D0=BE=D1=82=D0=B4=D0=B5=D0=BB=D1=8C=D0=BD= =D0=BE=D0=B9 =D1=82=D0=B0=D0=B1=D0=BB=D0=B8=D1=86=D1=8B =D0=B4=D0=BB=D1=8F = =D1=85=D1=80=D0=B0=D0=BD=D0=B5=D0=BD=D0=B8=D1=8F =D0=B7=D0=BD=D0=B0=D1=87= =D0=B5=D0=BD=D0=B8=D0=B9 =D0=BF=D1=80=D0=B5=D0=B4=D0=BE=D0=BF=D0=BB=D0=B0= =D1=87=D0=B5=D0=BD=D0=BD=D0=BE=D0=B3=D0=BE =D1=82=D1=80=D0=B0=D1=84=D0=B8= =D0=BA=D0=B0. =D0=9F=D0=BE=D0=B4=D0=BD=D0=B8=D0=BC=D0=B0=D0=B5=D1=82 =D1=81= =D0=BA=D0=BE=D1=80=D0=BE=D1=81=D1=82=D1=8C =D0=B0=D0=BD=D0=B0=D0=BB=D0=B8= =D0=B7=D0=B0. |
VIRUS_ALERT=3D1000= th> | =D0=9E=D0=BF=D1=86=D0=B8=D1=8F =D1=80=D0=B0=D0= =B7=D1=80=D0=B5=D1=88=D0=B0=D0=B5=D1=82 =D0=BE=D1=82=D1=81=D0=BB=D0=B5=D0= =B6=D0=B8=D0=B2=D0=B0=D1=82=D1=8C =D0=B7=D0=B0=D1=80=D0=B0=D0=B6=D1=91=D0= =BD=D0=BD=D1=8B=D0=B5 =D1=85=D0=BE=D1=81=D1=82=D1=8B, =D0=BA=D0=BE=D1=82=D0= =BE=D1=80=D1=8B=D0=B5 =D1=80=D0=B0=D1=81=D1=81=D1=8B=D0=BB=D0=B0=D1=8E=D1= =82 =D0=B2=D0=B8=D1=80=D1=83=D1=81=D1=8B. =D0=92 =D0=B4=D0=B0=D0=BD=D0=BD= =D0=BE=D0=B9 =D0=BE=D0=BF=D1=86=D0=B8=D0=B8 =D1=83=D0=BA=D0=B0=D0=B7=D1=8B= =D0=B2=D0=B0=D0=B5=D1=82=D1=81=D1=8F =D0=BA=D0=BE=D0=BB=D0=B8=D1=87=D0=B5= =D1=81=D1=82=D0=B2=D0=BE =D0=BC=D0=B5=D0=BB=D0=BA=D0=B8=D1=85 =D0=BF=D0=B0= =D0=BA=D0=B5=D1=82=D0=BE=D0=B2 =D1=80=D0=B0=D0=B7=D0=BC=D0=B5=D1=80=D0=BE= =D0=BC =D0=B4=D0=BE 150 =D0=B1=D0=B0=D0=B9=D1=82 =D0=B7=D0=B0 =D0=B5=D0=B4= =D0=B8=D0=BD=D0=B8=D1=86=D1=83 =D0=B2=D1=80=D0=B5=D0=BC=D0=B5=D0=BD=D0=B8, = =D0=BF=D1=80=D0=B8 =D0=BA=D0=BE=D1=82=D0=BE=D1=80=D0=BE=D0=BC =D1=85=D0=BE= =D1=81=D1=82 =D0=BF=D0=BE=D0=BF=D0=B0=D0=B4=D0=B0=D0=B5=D1=82 =D0=B2 =D1=87= =D1=91=D1=80=D0=BD=D1=8B=D0=B9 =D1=81=D0=BF=D0=B8=D1=81=D0=BE=D0=BA |
LOG_FILE=3D'=E2=80= =A6' | =D0=A4=D0=B0=D0=B9=D0=BB =D0=B2=D0=B5=D0=B4=D0= =B5=D0=BD=D0=B8=D1=8F =D0=BB=D0=BE=D0=B3=D0=B0 =D1=80=D0=B0=D0=B1=D0=BE=D1= =82=D1=8B =D0=B0=D0=BD=D0=B0=D0=BB=D0=B8=D0=B7=D0=B0=D1=82=D0=BE=D1=80=D0= =B0 |
TRANSACTION=3D1 | =D0=92=D0=BD=D0=BE=D1=81=D0=B8=D1=82=D1=8C =D0= =B2=D1=81=D0=B5 =D0=B4=D0=B0=D0=BD=D0=BD=D1=8B=D0=B5 =D0=BE=D0=B4=D0=BD=D0= =BE=D0=B9 =D1=82=D1=80=D0=B0=D0=BD=D0=B7=D0=B0=D0=BA=D1=86=D0=B8=D0=B5=D0= =B9 (=D1=83=D1=81=D0=BA=D0=BE=D1=80=D1=8F=D0=B5=D1=82 =D1=80=D0=B0=D0=B1=D0= =BE=D1=82=D1=83) |