gonsquid

command module
v0.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 4, 2021 License: AGPL-3.0 Imports: 18 Imported by: 0

README

Minimalist Netflow v5 to squid-log and CSV collector written in Go

The broker listens on UDP port (default 2055), accepts Netflow v5 traffic, and by default collects records with selected metadata formatted into squid log. Login information replaces the Mac address of the device that receives from the router mikrotik.

Any squid log analyzer can be used to generate reports. For example: screensquid

Usage

Clone repository

git clone https://github.com/Rid-lin/gonsquid.git

cd gonsquid

Copy folder assets to /usr/share/gonsquid/

cp /assets /usr/share/gonsquid/

Build programm:

make build

Move binary file

mv ./bin/linux/gonsquid /usr/local/bin/

Edit file /usr/share/gonsquid/assets/gonsquid.service

nano /usr/share/gonsquid/assets/gonsquid.service

E.g.

/usr/local/bin/gonsquid -subnet=10.0.0.0/8 -subnet=192.168.0.0/16 -ignorlist=10.0.0.2 -ignorlist=:3128 -ignorlist=8.8.8.8:53 -ignorlist=ff02:: -loglevel=debug -log=/var/log/gonsquid/access.log -mtaddr=192.168.1.1:8728 -u=mikrotik_user -p=mikrotik_user_password

and move to /lib/systemd/system

mv /usr/share/gonsquid/assets/gonsquid.service /lib/systemd/system

Make sure the log folder exists, If not then

mkdir -p /var/log/gonsquid/

Configuring sistemd to automatically start the program

systemctl daemon-reload

systemctl start gonsquid

systemctl enable gonsquid

Edit the file "fetch.pl" in accordance with the comments and recommendations.

Add a task to cron (start every 5 minutes)

crontab -e

*/5 * * * * /var/www/screensquid/fetch.pl > /dev/null 2>&1

Supported command line parameters

Usage of gonsquid.exe:
-csv string
      Output to a CSV file, equivalent to the setting for squid 4.0+ in squid.conf 'logformat csv %{%Y|%b|%d|%H|%M|%S|%z}tl|%tr|%st|%>a|%>A|%>p|%>eui|%<a|%<p|%ru|%Ss|%03>Hs|%rm|%[un|%Sh/%<a|%mt' (default "false")
  -flow_addr string
      Address and port to listen NetFlow packets (default "0.0.0.0:2055")
  -gomtc_addr string
      Address and port for connect to gomtc API (default "http://127.0.0.1:3034")
  -ignor_list string
      List of lines that will be excluded from the final log
  -interval string
      Interval to getting info from Mikrotik (default "10m")
  -loc string
      Location for time (default "Asia/Yekaterinburg")
  -log_level string
      Log level: panic, fatal, error, warn, info, debug, trace (default "info")
  -mt_addr string
      The address of the Mikrotik router, from which the data on the comparison of the MAC address and IP address is taken
  -mt_pass string
      The password of the user of the Mikrotik router, from which the data on the comparison of the mac-address and IP-address is taken
  -mt_user string
      User of the Mikrotik router, from which the data on the comparison of the MAC address and IP address is taken
  -name_file_to_log string
      The file where logs will be written in the format of squid logs (default "access.log")
  -num_of_trying_connect_to_mt string
      The number of attempts to connect to the microtik router (default "10")
  -receive_buffer_size_bytes string
      Size of RxQueue, i.e. value for SO_RCVBUF in bytes
  -sub_nets string
      List of subnets traffic between which will not be counted

Credits

This project was created with help of:

Documentation

The Go Gopher

There is no documentation for this package.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.