Configuring NFR
Before NFR begins monitoring your network traffic, you need to configure NFR to know
about your network settings:
- the name of the network interface that you want to monitor
- the IP address of your network
- the MAC address of your routers
- Web server users
Configuring the Name of the Network Interface to Monitor
Before NFR can begin gathering information, you must tell NFR which network interface
you want to monitor.
»To configure the network interface to monitor:
- Login as the NFR user.
- Find out the name of your network interface. These names vary depending on the
architecture of the machine, and the selection and number of network interface cards. Some
common interface names are:
- le0 - a Lance ethernet card on Solaris
- fxp0 - an Intel Express card on FreeBSD
- exp0 - an Intel Express card on BSD/OS
- ef0 - 3COM EtherLink III 3C509/3C579 EISA/ISA Ethernet adaptors on BSD/OS
- eth0 - an SMC on Linux
Use the ifconfig and netstat commands and man pages
to help you determine the names of the interfaces on your machine.
- Edit the network configuration file:
% vi $NFRHOME/install/etc/nfrd.cfg
- Update the nfr_intf variable to include only the name of the interface that you want to
monitor:
nfr_intf=le0
Remove the names of any interfaces that you do not want to monitor. Currently, NFR
only supports monitoring a single interface at a time.
Configuring the IP Address of the Network
You must configure NFR so that it knows the IP addresses of the networks that it is
monitoring. The packages use these values to determine whether to record
information.
»To configure the IP address of the network:
- Login as the NFR user.
- Edit the packages configuration file:
% vi $NFRHOME/install/packages/values.nfr
- Update the my_network variable to reflect the IP address and netmask of the network that
you are monitoring:
my_network = [ 208.224.85.0:255.255.255.0 ] ;
If you are monitoring multiple networks, separate the networks with a comma:
my_network = [ 208.224.85.0:255.255.255.0 ,
208.217.179.0:255.255.255.0
] ;
- Update the my_router_mac_list to reflect the MAC addresses of all routers between your
network and other networks:
my_router_mac_list = [ 00:c0:7b:6b:ee:2b ] ;
Be sure that you specify both digits (that is, 00 not just 0) in each octet. If you
have multiple routers, separate the addresses a comma:
my_router_mac_list = [ 00:c0:7b:6b:ee:2b ,
00:c0:7b:6b:ee:2c
] ;
You must configure your Web server so that only the people you authorize can access the
GUI.
Apache Web Server
If you are running the Apache Web server, the NFR installation process adds a user
(nfr) to the the list of users allowed to access the Web server. You need to change
the default password, add your own users, and add those users to groups.
»To configure your Web server:
- Login as the NFR user.
- Change the Web password for the default NFR user:
% htpasswd $NFRHOME/install/etc/httpd/conf/htpasswd nfr
- Add other Web server users who can access the GUI:
% htpasswd $NFRHOME/install/etc/httpd/conf/htpasswd jane
- Edit the Apache group configuration file:
% vi $NFRHOME/install/etc/httpd/conf/htpasswd
- Add your new Web server users to the NFR group:
nfr: nfr, jane
You are now ready to start NFR.
|