Installing Netshot 0.15.2 (or older) on Redhat or CentOS - netfishers-onl/Netshot GitHub Wiki
1. Download and unzip the Netshot distribution file
- Select your version on the Release page and copy the URL to the .zip file.
- Download that file onto your Ubuntu server and unzip:
$ wget https://github.com/netfishers-onl/Netshot/releases/download/vX.Y.Z/netshot_X.Y.Z.zip
$ unzip netshot_X.Y.Z.zip
2. Install a database server
$ sudo yum install mysql-server
$ sudo service mysqld start
3. Install Oracle Java 8
Go to http://www.oracle.com/technetwork/java/javase/downloads/index.html Select JRE Download then download JRE 8 last update for your linux architecture (32 or 64-bit), in RPM format, e.g. jre-8u25-linux-x64.rpm Install it:
$ sudo rpm -Uvh jre-8u25-linux-x64.rpm
Check the running Java version:
$ java -version 2>&1 | grep version
This should give 1.8.x
4. Add a dedicated system user
$ sudo useradd --system -k /dev/null --create-home --home /usr/local/netshot -s /bin/false netshot
5. Create the SSL certificate
$ keytool -genkey -keyalg RSA -alias selfsigned -keystore netshot.pfx -storepass password -validity 820 -keysize 4096 -storetype pkcs12 -ext san=dns:localhost -dname "CN=localhost, OU=Netshot, O=Netshot, L=A, ST=OCC, C=FR" -ext KeyUsage=nonRepudiation,digitalSignature,keyEncipherment -ext ExtendedKeyUsage=serverAuth
Press Enter when asked for a password (we don't use an additional password to protect the key in the keystore).
$ sudo mv netshot.jks /usr/local/netshot
$ sudo chmod o-r /usr/local/netshot
This is how to generate a local certificate, but for production purpose you are obviously encouraged to request and install a certificate approved by an authority you trust, and to use another password.
Note: The PKCS12 keystore (as in this example) is supported by Netshot 0.14.1. For an older version you still need a JKS keystore.
6. Prepare files
$ sudo cp netshot.jar /usr/local/netshot
$ sudo mkdir /usr/local/netshot/drivers
$ sudo chown -R netshot /usr/local/netshot
$ sudo mkdir /var/log/netshot
$ sudo chown -R netshot /var/log/netshot
$ sudo cp netshot.conf /etc/netshot.conf
$ sudo chown netshot /etc/netshot.conf
$ sudo chmod 400 /etc/netshot.conf
$ sudo cp systemd-netshot /etc/systemd/system/netshot.service
$ sudo systemctl enable netshot.service
7. Create database and user
$ mysql -u root
> CREATE DATABASE netshot01 CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
> GRANT ALL PRIVILEGES ON netshot01.* TO 'netshot'@'localhost' IDENTIFIED BY 'netshot';
> quit
8. Start Netshot service
$ sudo service netshot start
9. Manually create the initial user
$ mysql -u root
> USE netshot01;
> INSERT INTO user (level, local, username, hashed_password) VALUES (1000, 1, 'netshot', '7htrot2BNjUV/g57h/HJ/C1N0Fqrj+QQ');
Now you should be able to access Netshot with a browser, on https://localhost:8443/ on the machine itself. Use the account netshot (password netshot) for the initial login (then you can create the real users in the Admin section).
10. Optional - UDP port translation
If you want Netshot to detect changes from Syslog and/or SNMP messages sent by the devices, you can translate the UDP ports using the firewall:
$ sudo iptables -t nat -A PREROUTING -p udp --dport 162 -j REDIRECT --to-port 1162
$ sudo iptables -t nat -A PREROUTING -p udp --dport 514 -j REDIRECT --to-port 1514
$ sudo service iptables save