1、简介
yaf是Yet Another Flowmeter的缩写。
2、安装过程
1)首先安装编译工具
$ sudo apt-get install make gcc
2)安装libglib, libpcap, libpcre
$ sudo apt-get install libglib2.0-dev libpcap-dev libpcre3-dev
3)下载libfixbuf
$ sudo mkdir /usr/local/src/netsa
$ sudo chown USER.USER /usr/local/src/netsa
$ cd /usr/local/src/netsa
$ wget http://tools.netsa.cert.org/releases/libfixbuf-1.2.0.tar.gz
4)安装libfixbuf
$ tar zxvf libfixbuf-1.2.0.tar.gz
$ cd libfixbuf-1.2.0
$ ./configure
$ make
$ sudo make install
5)下载yaf
$ cd /usr/local/src/netsa
$ wget http://tools.netsa.cert.org/releases/yaf-2.3.2.tar.gz
6)安装yaf
$ tar zxvf yaf-2.3.2.tar.gz
$ cd yaf-2.3.2
$ ./configure --enable-applabel
$ make
$ sudo make install
7)配置yaf
$ sudo cp /usr/local/src/netsa/yaf-2.3.2/etc/yaf.conf /usr/local/etc/
修改yaf.conf的如下内容:
ENABLED=TRUE
YAF_CAP_IF=eth1
$sudo ldconfig
参考文献:http://davelowe.com.au/network-security-monitoring/installing-yaf-on-ubuntu-server-12-10/
$ tar zxvf libfixbuf-1.2.0.tar.gz
$ cd libfixbuf-1.2.0
$ ./configure
$ make
$ sudo make install
![Linux学习—复习vim程序编辑器[图]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)