Configuring NFR
Home ] Up ] System Requirements ] Installing NFR ] [ Configuring NFR ] Starting NFR ]


Configuring NFR

Before NFR begins monitoring your network traffic, you need to configure NFR to know about your network settings:

  • the name of the network interface that you want to monitor
  • the IP address of your network
  • the MAC address of your routers
  • Web server users

Configuring the Name of the Network Interface to Monitor

Before NFR can begin gathering information, you must tell NFR which network interface you want to monitor.

»To configure the network interface to monitor:

  1. Login as the NFR user.
  2. Find out the name of your network interface.  These names vary depending on the architecture of the machine, and the selection and number of network interface cards. Some common interface names are:
    • le0 - a Lance ethernet card on Solaris
    • fxp0 - an Intel Express card on FreeBSD
    • exp0 - an Intel Express card on BSD/OS
    • ef0 - 3COM EtherLink III 3C509/3C579 EISA/ISA Ethernet adaptors on BSD/OS
    • eth0 - an SMC on Linux

    Use the ifconfig and netstat commands and man pages to help you determine the names of the interfaces on your machine.

  3. Edit the network configuration file:

    % vi $NFRHOME/install/etc/nfrd.cfg
  4. Update the nfr_intf variable to include only the name of the interface that you want to monitor:

    nfr_intf=le0

Remove the names of any interfaces that you do not want to monitor. Currently, NFR only supports monitoring a single interface at a time.


Configuring the IP Address of the Network

You must configure NFR so that it knows the IP addresses of the networks that it is monitoring.  The packages use these values to determine whether to record information.

»To configure the IP address of the network:

  1. Login as the NFR user.
  2. Edit the packages configuration file:

    % vi  $NFRHOME/install/packages/values.nfr
  3. Update the my_network variable to reflect the IP address and netmask of the network that you are monitoring:

    my_network = [ 208.224.85.0:255.255.255.0 ] ;

    If you are monitoring multiple networks, separate the networks with a comma:

    my_network = [ 208.224.85.0:255.255.255.0 ,
                   208.217.179.0:255.255.255.0 ] ;

  4. Update the my_router_mac_list to reflect the MAC addresses of all routers between your network and other networks:

    my_router_mac_list = [ 00:c0:7b:6b:ee:2b ] ;

    Be sure that you specify both digits (that is, 00 not just 0) in each octet.  If you have multiple routers, separate the addresses a comma:

    my_router_mac_list = [ 00:c0:7b:6b:ee:2b ,
                   00:c0:7b:6b:ee:2c ] ;

Configuring Your Web Server

You must configure your Web server so that only the people you authorize can access the GUI. 

Apache Web Server

If you are running the Apache Web server, the NFR installation process adds a user (nfr) to the the list of users allowed to access the Web server.  You need to change the default password, add your own users, and add those users to groups.

»To configure your Web server:

  1. Login as the NFR user.
  2. Change the Web password for the default NFR user:

    % htpasswd $NFRHOME/install/etc/httpd/conf/htpasswd nfr

  3. Add other Web server users who can access the GUI:

    % htpasswd $NFRHOME/install/etc/httpd/conf/htpasswd jane
  4. Edit the Apache group configuration file:

    % vi $NFRHOME/install/etc/httpd/conf/htpasswd
  5. Add your new Web server users to the NFR group:

    nfr: nfr, jane

You are now ready to start NFR.


Back ] Home ] Up ] Next ]