Debian

Netify DPI for Debian - Live Traffic Analysis

Overview

The following document provides information on how to install the Netify Agent (netifyd) on Debian for ingesting live traffic on a gateway or via mirror port mode. For instructions on how to install and configure Netify to analyze packet capture files, please see these instructions.

Installation

Up-to-date Netify packages are maintained in our Debian repository.

Debian 10

apt-get update
apt-get install curl gnupg2
curl https://download.netify.ai/5/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb https://download.netify.ai/5/debian/10/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd netify-proc-core netify-sink-log netify-sink-socket netify-sink-http

Debian 11

apt-get update
apt-get install curl gnupg2
curl https://download.netify.ai/5/debian/apt-gpg-key-netify.asc -o Netify.gpg
apt-key add - < Netify.gpg
echo 'deb https://download.netify.ai/5/debian/11/ /' > /etc/apt/sources.list.d/netify.list
apt-get update
apt-get -y install netifyd netify-proc-core netify-sink-log netify-sink-socket netify-sink-http

Configuration

Network Interfaces

You will need to install Netify on a system with at least two network cards. Examples are shown below for both configuration modes. Please keep in mind that Netify can monitor any number of network interfaces.

# File: /etc/network/interfaces

# Network interface connected to WAN/backbone
allow-hotplug eth0
iface eth0 inet dhcp

# Network interface connected to LAN/local network
auto eth1
iface eth1 inet static
 address 192.168.99.1
 netmask 255.255.255.0

# File: /etc/network/interfaces

# Network interface connected to network
allow-hotplug eth0
iface eth0 inet dhcp

# Network interface connected to mirror port
# - note: IP address is not required
auto eth1
iface eth1 inet manual
up ifconfig eth1 up

Next Steps

With netifyd installed, you are now ready to jump into the Network Interfaces documentation.