ubuntu部署owlh猫头鹰一体机

舒克起飞了

已于 2025-04-14 15:49:18 修改

阅读量128

点赞数 1

CC 4.0 BY-SA版权

文章标签： ubuntu 服务器 linux

于 2025-04-14 15:48:57 首次发布

本文链接：https://blog.youkuaiyun.com/qq_46573670/article/details/147224582

下载 OwlHInstaller

# cd /tmp
# wget repo.owlh.net/current-debian/owlhinstaller.tar.gz
# mkdir owlhinstaller
# tar -C /tmp/owlhinstaller/ -xf /tmp/owlhinstaller.tar.gz

验证 OwlH 安装程序配置：

"action": "install",                                 <<< this should be install
"repourl":"http://repo.owlh.net/current-debian/",    <<< be sure to us the right repository
"target": [
    "owlhmaster",                                     /
    "owlhnode",                                      <   As we want to install an AIO
    "owlhui"                                          \
],

通常是需要修改一下action部分

运行 OwlH 安装程序：

# cd /tmp/owlhinstaller
# ./owlhinstaller

     2020/11/24 08:21:31.095 [I]  OwlH Installer - v0.17.2.20201031
     2020/11/24 08:21:31.112 [I]  Downloading http://repo.owlh.net/current-centos/current.version to /tmp/current.version
     2020/11/24 08:21:31.112 [I]  == MASTER ==
     2020/11/24 08:21:31.112 [I]  PRESCRIPTS - MASTER -> owlhmasterprescripts/
     2020/11/24 08:21:31.112 [I]  Master INSTALL
     2020/11/24 08:21:31.112 [I]  Downloading New Software
     2020/11/24 08:21:31.701 [I]  ManageMaster Stopping the service
     2020/11/24 08:21:31.701 [I]  owlhmaster systemd stopping...
     2020/11/24 08:21:31.711 [I]  ManageMaster Copying files from download
     2020/11/24 08:21:31.711 [I]  SRC: /tmp/owlhmaster/owlhmaster -- DST: /usr/local/owlh/src/owlhmaster/owlhmaster
     2020/11/24 08:21:32.020 [I]  ManageMaster Installing service...
     2020/11/24 08:21:32.193 [I]  ManageMaster Copying current.version...
     2020/11/24 08:21:32.193 [I]  SRC: /tmp/current.version -- DST: /usr/local/owlh/src/owlhmaster/conf/current.version
     2020/11/24 08:21:32.195 [I]  ManageMaster Launching service...
     2020/11/24 08:21:32.195 [I]  owlhmaster systemd starting...
     2020/11/24 08:21:32.220 [I]  ManageMaster Done!
     2020/11/24 08:21:32.220 [I]  POSTSCRIPTS - MASTER -> owlhmasterpostscripts/
     2020/11/24 08:21:32.235 [I]  Files removed for owlhmaster successfully!
     2020/11/24 08:21:32.235 [I]  == NODE ==
     2020/11/24 08:21:32.235 [I]  PRESCRIPTS - NODE -> owlhnodeprescripts/
     2020/11/24 08:21:32.235 [I]  Node INSTALL
     2020/11/24 08:21:32.235 [I]  Downloading New Software
     2020/11/24 08:21:33.822 [I]  ManageNode Stopping the service
     2020/11/24 08:21:33.822 [I]  owlhnode systemd stopping...
     2020/11/24 08:21:33.952 [I]  ManageNode Copying files from download
     2020/11/24 08:21:33.952 [I]  SRC: /tmp/owlhnode/owlhnode -- DST: /usr/local/owlh/src/owlhnode/owlhnode
     2020/11/24 08:21:34.242 [I]  SRC: /tmp/current.version -- DST: /usr/local/owlh/src/owlhnode/conf/current.version
     2020/11/24 08:21:34.244 [I]  ManageNode Installing service...
     2020/11/24 08:21:34.383 [I]  ManageNode Launching service...
     2020/11/24 08:21:34.384 [I]  owlhnode systemd starting...
     2020/11/24 08:21:34.414 [I]  ManageNode Done!
     2020/11/24 08:21:34.414 [I]  POSTSCRIPTS - NODE -> owlhnodepostscripts/
     2020/11/24 08:21:34.436 [I]  Files removed for owlhnode successfully!
     2020/11/24 08:21:34.436 [I]  == UI ==
     2020/11/24 08:21:34.436 [I]  PRESCRIPTS - UI -> owlhuiprescripts/
     2020/11/24 08:21:34.436 [I]  New Install for UI
     2020/11/24 08:21:34.436 [I]  Downloading New Software
     2020/11/24 08:21:34.686 [I]  ManageUI Copying files from download
     2020/11/24 08:21:35.521 [I]  ManageUI Launching service...
     2020/11/24 08:21:35.521 [I]  SRC: /tmp/current.version -- DST: /var/www/owlh/conf/current.version
     2020/11/24 08:21:35.524 [I]  owlhui OwlH UI - systemd starting...
     2020/11/24 08:21:36.614 [I]  ManageUI Done!
     2020/11/24 08:21:36.614 [I]  POSTSCRIPTS - UI -> owlhuipostscripts/
     2020/11/24 08:21:36.630 [I]  Files removed for owlhui successfully!

安装和配置 httpd/apache 服务器端

必须安装 HTTPD/Apache 和 OWLH 站点配置文件。

# cd /tmp/
# wget repo.owlh.net/current-debian/services/owlhui-httpd.sh
# bash owlhui-httpd.sh 1.1.1.1

1.1.1.1:	是您的主 IP。

您可以在文件 /var/www/owlh/conf/ui.conf 上编辑您的主 IP

安装 suricata

如果您想使用 Suricata。您将主要从 UI 配置 Suricata

# cd /tmp/
# wget repo.owlh.net/current-debian/services/owlhsuricata.sh
# bash owlhsuricata.sh

如果您想确保 Suricata 安装正确，请尝试此作。

# Suricata -V

安装 Zeek

此步骤可能需要很长时间，请考虑在 screen 会话下运行它。

# cd /tmp/
# wget repo.owlh.net/current-debian/services/owlhzeek.sh
# bash owlhzeek.sh

如果您想确保 Zeek 已正确安装，请尝试此作。

# /usr/local/zeek/bin/zeek -v

安装 OwlH Interface

如果您计划使用软件 TAP 配置，则应准备您的 owlh 本地接口

# cd /tmp/
# wget repo.owlh.net/current-debian/services/owlhinterface.sh
# bash owlhinterface.sh

此外，如果使用 suricata 和 Software TAP，则需要将此接口详细信息添加到 af-packet： key

编辑 /etc/suricata/suricata.yaml 并添加：

af-packet:
  - interface: owlh
    #threads: auto
    cluster-id: 98
    cluster-type: cluster_flow
    defrag: yes
    #rollover: yes
    #use-mmap: yes
    #mmap-locked: yes
    tpacket-v3: yes
    ring-size: 2048
    block-size: 409600
    #block-timeout: 10
    #use-emergency-flush: yes
    #checksum-checks: kernel
    #bpf-filter: port 80 or udp
    #copy-mode: ips
    #copy-iface: eth1

验证所有内容均已正确设置

# netstat -nputa

应该提供如下输出：

# netstat -nputa
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
...
tcp6       0      0 :::443                  :::*                    LISTEN      2570/httpd
...
tcp6       0      0 :::50001                :::*                    LISTEN      2451/owlhmaster
...
tcp6       0      0 :::50002                :::*                    LISTEN      9936/owlhnode

现在您应该能够使用浏览器访问您的 master。