This tool will install FastNetMon Community using a package management system specific to your platform using our official binary packages. It can be used to upgrade existing deployment.
NB! For FastNetMon Advanced, please use this guide: FastNetMon Advanced Install
Supported Linux platforms:
- Ubuntu 14.04, 16.04, 18.04, 20.04, 22.04, 24.04
- Debian 8, 9, 10, 11, 12
- CentOS / RHEL / Alma Linux / Rocky Linux 6, 7, 8, 9
You need to install the wget tool before starting this tool.
wget https://install.fastnetmon.com/installer -Oinstaller sudo chmod +x installer sudo ./installer -install_community_edition
We offer official support for the ARM64 platform for Ubuntu 20.04, 22.04, Debian 11, 12 and CentOS 8 and 9, and you can run the installer in the following way:
wget https://install.fastnetmon.com/installer_arm64 -Oinstaller sudo chmod +x installer sudo ./installer -install_community_edition
We offer solid support for macOS-based platforms, and you can install FastNetMon Community from Homebrew this way:
brew install fastnetmon
For FreeBSD-based platforms, you can find FastNetMon Community in official ports:
pkg install fastnetmon
FastNetMon Community uses rolling releases, and the installer will install the latest version, which includes all the latest additions to the code base. To get information about latest changes you can check our GitHub releases page.
As the next step, it’s required to add all of your networks in CIDR notation (11.22.33.0/24) to the file /etc/networks_list in the form of one prefix per line. To ignore some network, you may add them in /etc/networks_whitelist using the same format.
After that, we recommend carefully reviewing each line in /etc/fastnetmon.conf and changing them according to your needs. To enable Netflow, sFlow, SPAN support, you will need to enable options netflow, sflow, mirror_afpacket accordingly.
By default, FastNetMon will block any of your hosts which exceed 1000 Mbits or 100.000 packets per second. You may change these values in the “Limits for DoS/DDoS attacks” section of the configuration file.
To apply changes, you need to restart FastNetMon:
sudo service fastnetmon restart
To monitor FastNetMon’s performance, you can use client:
fastnetmon_client
If something goes wrong, please check the logs:
tail -n 1000 /var/log/fastnetmon.log
When an incoming or outgoing attack occurs, the program calls a bash script twice (if it exists):
/usr/local/bin/notify_about_attack.sh
The first time when threshold exceed (at this step we know IP, direction and power of attack). Second when we collect 100 packets for detailed audit of what happened.
A sample script is provided and can be installed as follows:
sudo wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/notify_about_attack.sh -O/usr/local/bin/notify_about_attack.sh sudo chmod 755 /usr/local/bin/notify_about_attack.sh
After downloading the file, you need to open it and configure the ’email_notify’ option as required. You can use an alternative python script from here.
As the next step to see total traffic for your network, per network traffic and per host traffic in the web interface, we recommend installing Grafana, Clickhouse and dozen of predefined dashboards using this install tool:
wget https://storage.googleapis.com/community-installer/installer -Oinstaller sudo chmod +x installer sudo ./installer -install_graphic_stack_community
As the next step, you may consider enabling command line management interface, BGP integration, visual dashboards for traffic.
You can get version of installed FastNetMon Community in the following way:
fastnetmon --version Version: 1.2.6 49781ecd
There are two version numbers:
- 1.2.6 – point release to which this versions belongs to. It has minor version which follows previous point release
- 49781ecd – commit in our repository used to build this version.
To be in touch with our project, we recommend checking our GitHub page and subscribing to our community support channels.