Versions Compared

Old Version 4

changes.mady.by.user Kostas Stamos

Saved on

compared with

New Version 5

changes.mady.by.user Νικολαος Κωστοπουλος

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The guide presents the commands needed to install the WiFiMon Analysis Station (WAS) in a Debian-based distribution (Debian, Ubuntu, etc.). Other distributions can also be used, by adjusting the apt install commands appropriately.

0. Prerequisites to Install the WiFiMon Analysis Station (WAS)

To install WiFiMon Analysis Station (WAS) successfully, the following software components are required:

  • WiFiMon Agent package
  • PostgreSQL (required, tested on version 910.612) and phpPgAdmin (optional)
  • Java 8 (or later)
  • Elasticsearch (required, tested on version 7.4.2)
  • Kibana (required, tested on version 7.4.2)
  • Logstash (required in case of correlation with RADIUS and DHCP Logs, tested on version 7.4.2)

By default, the The following ports must be available on the installation server WAS. However, the ports may be changed manually depending on your needs:

  • 5044: for Logstash
  • 5432: for PostgreSQL
  • 5601: for Kibana
  • 8441: for WiFiMon GUI
  • 8443: for WiFiMon Secure Agent
  • 9000: for WiFiMon Non-secure Agent (optional)
  • 9200: for communication with Elasticsearch

1. Overview of the WiFiMon Analysis Station (WAS)

...

 Installation

A summary of the mandatory steps for the installation (detailed in the linked sections below):

...

There are also some optional steps:

...

Configure subnets

...

...

Configure dashboard for HW probes

...

Anchor
PostgreSQL
PostgreSQL
2. PostgreSQL

...

To install PostgreSQL and phpPgAdmin (optional), you must use the Installing PostgreSQL from a package manager requires using the following commands:

sudo apt-get install -y postgresql postgresql-contrib phppgadmin

By default, PostgreSQL is configured to listen on localhost. We suggest that you do not change this default configuration is not modified.

After the successful installation of of PostgreSQL, the database and tables of the following sections required by WiFiMon should be created.  Detailed instructions are included in the following subsections.

Anchor
database
database
Create Database and User

...

Code Block
languagesql
CREATE USER wifimon_user WITH PASSWORD 'wifimonpass';
CREATE DATABASE wifimon_database OWNER wifimon_user;

Once the database "wifimon_database" is created, you should connect to wifimon_databaseconnecting to it is possible using the following command:


Code Block
languagesql
\c wifimon_database;

...

cp /agent/wifimon-assembly/target/wifimon-agent-bin/secure-processor-0.1.1-SNAPSHOT.war /usr/lib/wifimon/secure-processor-0.1.1.war
cp /agent/wifimon-assembly/target/wifimon-agent-bin/ui-0.1.1-SNAPSHOT.war /usr/lib/wifimon/ui-0.1.1.war

...

Apart from entering a new subnet in the configuration tab, you are required to create a new entry in the Subnets Tab to monitor your WiFi network. This requires performing a few modifications to the WiFiMon Java code as well as modifying HTML code. In the following, we will demonstrate an example of creating an entry for the subnet a.b.c.d/xx where xx is the subnet netmask. The folder that contains the WiFiMon code is called “agent”. Note that the WiFiMon code includes an entry for the subnet “147.102.13.0/24” for demonstration purposes. You may remove this Subnet or overwrite it with yours.

Edit file /agent/wifimon-ui/src/main/resources/templates/fragments/header.html

Insert the red lines as below:

...

<li th:class="${classActiveSettingsSubnets}" class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">Subnets<span class="caret"></span></a>

<ul class="dropdown-menu">

<li><a href="#" th:href="@{/secure/Subnets/147_102_13_0_24}">147.102.13.0/24</a></li>

<li><a href="#" th:href="@{/secure/Subnets/a_b_c_d_xx}">a.b.c.d/xx</a></li>

</ul></li>

-processor-0.1.1.war
cp /agent/wifimon-assembly/target/wifimon-agent-bin/ui-0.1.1-SNAPSHOT.war /usr/lib/wifimon/ui-0.1.1.war

Anchor
letsencrypt
letsencrypt
7

Copy the template file /usr/lib/wifimon/subnets/elasticsearchSubnets_a_b_c_d_xx.html to /agent/wifimon-ui/src/main/resources/templates/secure/ and substitute a, b, c, d, xx according to the details of the monitored subnet. Inside this file, you should also substitute a, b, c, d, xx according to your setup. In the following, we provide the head of elasticsearchSubnets_147_102_13_0_24 that corresponds to the monitored subnet 147.102.13.0/24:

...

<head>

<title>Subnets 147.102.13.0/24</title>

<meta name="viewport" content="width=device-width, initial-scale=1"/>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<script src="//code.jquery.com/jquery-1.12.0.min.js"></script>

<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.css"/>

<link href="../../static/css/styling.css" rel="stylesheet" />

<script src="//netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js"></script>

</head>

In /usr/lib/wifimon/subnets, you are given a template MeasurementsController_subnets.txt. You have to include this code extract in /agent/wifimon-ui/src/main/java/net/geant/wifimon/agent/controller/MeasurementsController.java and (a) change a, b, c, d and xx according to your setup and (b) enter the link from the Kibana Dashboard where it is requested.

...

@RequestMapping(value = "/secure/Subnets/a_b_c_d_xx")

public String elasticsearchSubnets_a_b_c_d_xx(Model model, HttpSession session, HttpServletRequest request) {

UrlParameters urlParameters = createUrlParameters(request);

String elasticsearchURL;

elasticsearchURL = environment.getProperty(KIBANA_PROTOCOL) + "://" + environment.getProperty(SERVER_HOST_NAME) + ":" + environment.getProperty(KIBANA_PORT) +

"ENTER_KIBANA_VISUALIZATION_LINK_HERE";

model.addAttribute("classActiveSettingsSubnets", "active");

model.addAttribute("elasticsearchURL", elasticsearchURL);

return "secure/elasticsearchSubnets_a_b_c_d_xx";

}

...

In the following, we will demonstrate an example of creating an entry for the HW Probe corresponding to the number x, i.e. testtools are NetTest-x, boomerang-x and speedtest-x. The folder that contains the WiFiMon code is called “agent”. Note that the WiFiMon code includes 10 preconfigured WiFiMon HW Probes.

Firstly, you should create a new option in the HWProbes Tab of the WiFiMon GUI for the desired WiFiMon HW Probe with number x. Edit file /agent/wifimon-ui/src/main/resources/templates/fragments/header.html.

Insert the red lines as below:

...

<li th:class="${classActiveSettingsHWProbes}" class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">HWProbes<span class="caret"></span></a>

<ul class="dropdown-menu">

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe1}">HWProbe1</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe2}">HWProbe2</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe3}">HWProbe3</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe4}">HWProbe4</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe5}">HWProbe5</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe6}">HWProbe6</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe7}">HWProbe7</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe8}">HWProbe8</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe9}">HWProbe9</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbe10}">HWProbe10</a></li>

<li><a href="#" th:href="@{/secure/HWProbes/HWProbex}">HWProbex</a></li>

</ul>

</li>

Copy the template file /usr/lib/wifimon/probes/elasticsearchHWProbesx.html to /agent/wifimon-ui/src/main/resources/templates/secure/ and substitute x according to your setup. Inside this file, you should also substitute x according to your setup. In the following, we provide the head of elasticsearchHWProbes10 that corresponds to the HW Probe with testtool number 10:

...

<head>

<title>Metrics for HW Probe 10</title>

<meta name="viewport" content="width=device-width, initial-scale=1"/>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />

<script src="//code.jquery.com/jquery-1.12.0.min.js"></script>

<link rel="stylesheet" href="//netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap.css"/>

<link href="../../static/css/styling.css" rel="stylesheet" />

<script src="//netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js"></script>

</head>

In /usr/lib/wifimon/probes, you are given a template MeasurementsController_probes.txt. You have to include this code extract in /agent/wifimon-ui/src/main/java/net/geant/wifimon/agent/controller/MeasurementsController.java and (a) change x according to your setup and (b) enter the link from the Kibana Dashboard where it is requested.

@RequestMapping(value = "/secure/HWProbes/HWProbex")

public String elasticsearchHWProbe1(Model model, HttpSession session, HttpServletRequest request) {

UrlParameters urlParameters = createUrlParameters(request);

String elasticsearchURL;

elasticsearchURL = environment.getProperty(KIBANA_PROTOCOL) + "://" + environment.getProperty(SERVER_HOST_NAME) + ":" + environment.getProperty(KIBANA_PORT) +

"INSERT_KIBANA_DASHBOARD_LINK_HERE";

model.addAttribute("classActiveSettingsHWProbes", "active");

model.addAttribute("elasticsearchURL", elasticsearchURL);

return "secure/elasticsearchHWProbesx";

}

...

In the Kibana user interface, choose the Dashboard section. There, you will find a Dashboard called “SubnetsTimeseries_a.b.c.d/xx”. Add the appropriate filter corresponding to the number of your monitored subnet. For example, if the subnet is a.b.c.d/xx, you should add the following filter “requesterSubnet is a.b.c.d/xx”. Save your dashboard as a new dashboard. Remember to store time with your dashboard.

In Share --> Permanent Links --> Snapshot you can find the URL to include in the WiFiMon Java code.

...

In the Kibana user interface, choose the Dashboard section. There, you will find a Dashboard called “HW Probe Dashboard x”. Add the appropriate filter corresponding to the number of your monitored WiFiMon HW Probe. For example, if the testtool number of your WiFiMon HW Probe is 11, you should add the following filter “testTool is one of NetTest-11 boomerang-11 speedtest-11”. Save your dashboard as a new dashboard. Remember to store time with your dashboard.

In Share --> Permanent Links --> Snapshot you can find the URL to include in the WiFiMon Java code.

...

. Configuring WiFiMon Secure Agent

We will demonstrate the configuration of the WiFiMon Secure Agent with a Let’s encrypt certificate. WiFiMon Administrators are free to use whatever certificates they prefer. In the following, we assume that both WiFiMon Analysis Station and WiFiMon Test Server are installed in the same server and thus, use the same certificate. WiFiMon Administrators may install them in separate servers.

...

WiFiMon is now configured to use HTTPS for WiFiMon GUI and Agent.

Anchor
xpack
xpack

...

8. Configuring ELK Stack Security (X-Pack)

We will secure the ELK stack using a self-signed certificate. First, you have to create the file “/usr/share/elasticsearch/instances.yml” with the following contents:

...

xpack.security.enabled=true
ssl.certificate.type=keystore
ssl.http.user.username=elastic
ssl.http.user.password=[elastic built-in user password]
ssl.http.keystore.filepath=/usr/lib/wifimon/keystore/keystore.jks
ssl.http.keystore.password=[keystore.jks password]
ssl.http.truststore.filepath=/usr/lib/wifimon/keystore/truststore.jks
ssl.http.truststore.password=[truststore password]
ssl.http.key.password=[elasticsearch.key password]


Anchor
links
links

...

9. Links to Installed Software

The installation is now complete and you can access:

...