This material is work-in-progress ...
Do not follow instructions here until this notice is removed.
This document will show how to configure pmacct for IP accounting. Pmacct will be configured as NetFlow and sFlow collector using PostgreSQL as DB backend.
The following software have been used at the time of writing of this document:
* pmacct-0.12.4-r3 * postgresql 8.4 * softflowd 0.9.8
Install and Configure pmacct
apk add pmacct pmacct-doc
On postgreSQL server launch the following scripts found in /usr/share/doc/pmacct/sql (make sure to change the default password for user "pmacct" in pmacct-create-db.pgsql):
postgres$ psql -d template1 -f pmacct-create-db.pgsql postgres$ psql -d pmacct -f pmacct-create-table_v7.pgsql
NetFlow Collector Daemon
Edit /etc/nfmacctd.conf, changing "<HOSTNAME>" and "<PASSWORD>" to correct values:
daemonize: true pidfile: /var/run/nfacctd.pid syslog: daemon
sql_host: <HOSTNAME> sql_passwd: <PASSWORD> sql_table_version: 7
sql_optimize_clauses: true sql_recovery_logfile: /var/log/nfacct_recovery_log sql_history: 5m sql_history_roundoff: mhd sql_dont_try_update: true
A full list of options supported by pmacct can be found here.
Install and setup NetFlow sensor
It's assumed that this is done on a seperate computer than the collector.
Install NetFlow sensor:
apk add softflowd
Start softflow (substituting 192.168.0.10 with your collector's IP address, 9996 with the port nfmaccd is listening on, and eth0 with the interface to monitor):
softflowd -i eth0 -n 192.168.0.10:9996
After a minute or two, check that flows are being analyzed on the box: