Fastnetmon - Sanity check

# Generate sample data with nping..
[root@localhost ~]# nping -c 100000 --tcp -p 80,433 20.20.20.178

Starting Nping 0.6.47 ( http://nmap.org/nping ) at 2015-07-07 14:45 PDT
SENT (0.0089s) TCP 20.20.20.1:19853 > 20.20.20.178:80 S ttl=64 id=20020 iplen=40  seq=980459948 win=1480 
RCVD (0.0092s) ICMP [20.20.20.178 > 20.20.20.1 Destination host 20.20.20.178 administratively prohibited (type=3/code=10) ] IP [ttl=64 id=44494 iplen=68 ]
SENT (1.0092s) TCP 20.20.20.1:19853 > 20.20.20.178:433 S ttl=64 id=20020 iplen=40  seq=980459948 win=1480 
RCVD (1.0096s) ICMP [20.20.20.178 > 20.20.20.1 Destination host 20.20.20.178 administratively prohibited (type=3/code=10) ] IP [ttl=64 id=44832 iplen=68 ]
SENT (2.0106s) TCP 20.20.20.1:19853 > 20.20.20.178:80 S ttl=64 id=20020 iplen=40  seq=980459948 win=1480 
RCVD (2.0109s) ICMP [20.20.20.178 > 20.20.20.1 Destination host 20.20.20.178 administratively prohibited (type=3/code=10) ] IP [ttl=64 id=45231 iplen=68 ]
SENT (3.0121s) TCP 20.20.20.1:19853 > 20.20.20.178:433 S ttl=64 id=20020 iplen=40  seq=980459948 win=1480
 
[root@CloudRouter ~]# yum -y install fastnetmon
Yum command has been deprecated, redirecting to '/usr/bin/dnf -y install fastnetmon'.
See 'man dnf' and 'man yum2dnf' for more information.
To transfer transaction metadata from yum to DNF, run:
'dnf install python-dnf-plugins-extras-migrate && dnf-2 migrate'

Last metadata expiration check performed 0:02:58 ago on Tue Jul  7 19:16:47 2015.
Dependencies resolved.
================================================================================
 Package           Arch          Version               Repository          Size
================================================================================
Installing:
 fastnetmon        x86_64        1.1.2-1.fc22          cloudrouter        198 k

Transaction Summary
================================================================================
Install  1 Package

Total download size: 198 k
Installed size: 646 k
Downloading Packages:
fastnetmon-1.1.2-1.fc22.x86_64.rpm              345 kB/s | 198 kB     00:00    
--------------------------------------------------------------------------------
Total                                           344 kB/s | 198 kB     00:00     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Installing  : fastnetmon-1.1.2-1.fc22.x86_64                              1/1 
[78891.325745] systemd-sysv-generator[9165]: Overwriting existing symlink /run/systemd/generator.late/network.service with real service
[78891.335650] systemd-sysv-generator[9165]: Overwriting existing symlink /run/systemd/generator.late/netconsole.service with real service
  Verifying   : fastnetmon-1.1.2-1.fc22.x86_64                              1/1 

Installed:
  fastnetmon.x86_64 1.1.2-1.fc22                                                

Complete!



# systemctl enable fastnetmon
# systemctl start fastnetmon

## Edit /etc/fastnetmon.conf
##########################################################
# Pcap mode, very slow not suitable for production
pcap = on
# Netflow capture method with v5, v9 and IPFIX suppotr
netflow = on
# sFLOW capture suitable for switches
sflow = on
# Configuration for netmap, mirror, pcap modes
# For pcap and PF_RING we could specify "any"
# For netmap and PF_RING we could specify multiple interfaces separated by comma
interfaces = ens3

#######################################################
# systemctl restart fastnetmon

#fastnetmon_client

FastNetMon - DoS/DDoS analyzer with sflow/netflow/mirror support...[87674.913749] device ens3 entered promiscuoFastNetMon v1.0 FastVPS Eesti OU (c) VPS and dedicated: http://FastVPS.host
IPs ordered by: packets
Incoming traffic             1 pps	0 mbps      0 flows
20.20.20.178                 0 pps	0 mbps      0 flows

Outgoing traffic             1 pps	0 mbps      0 flows
20.20.20.178                 0 pps	0 mbps      0 flows

Internal traffic             0 pps	0 mbps

Other traffic                2 pps	0 mbps

PCAP statistics
Received packets: 65
Dropped packets: 0 (0%)
Dropped by driver or interface: 0

Screen updated in:              0 sec 167 microseconds
Traffic calculated in:          0 sec 5 microseconds
Total amount of not processed packets: 0

##########################################################