Home Installation and Configuration Telegram Bot Manager in FNM Manager

Telegram Bot Manager in FNM Manager

Last updated on Jan 21, 2025

Telegram Bot Manager in FNM Manager

Introduction

The Telegram Bot Manager in FNM Manager allows administrators to interact with the panel via Telegram (chat or group). This feature provides real-time access to FastNetMon's main data, such as total traffic and top hosts. It also enables actions like sending IPs or networks to Black Hole, applying FlowSpec rules as needed, and retrieving details about BGP peers or recent attacks.

Key Features

  • Retrieve FastNetMon's main data (e.g., total traffic, top hosts).

  • Query details about recent attacks and view attack reports.

  • View active Black Hole rules, with the ability to add or remove IPs or networks.

  • Manage FlowSpec rules: view active rules, access a predefined rule database, inject these rules via BGP, or clear FlowSpec rules from the RIB.

  • Configure interaction using two methods: GetUpdates Polling or Webhooks.

  • Use the same API Token and Chat ID as Telegram notifications or configure separate ones for the Bot Manager.

Configuration Options

Interaction Methods

  1. GetUpdates Polling:

    • Regularly polls Telegram for updates at a configured interval (e.g., every 3 or 5 seconds).

    • Requires the Telegram Bot Manager service to be running to receive messages.

  2. Webhooks:

    • Telegram sends real-time updates to a specified URL.

    • Requires a valid SSL certificate or a self-signed certificate (in this case, you must upload the public key to Telegram).

    • Supported ports for Webhooks:

      • 443, 80, 88, 8443

    • It is highly recommended to review the official Telegram documentation for proper webhook configuration.

Shared or Separate Configuration

  • Shared Configuration:

    • Use the same API Token and Chat ID for notifications and the Telegram Bot Manager.

  • Separate Configuration:

    • Configure a different API Token and Chat ID to separate functions between notifications and the bot.

Steps to Configure Telegram Bot Manager

  1. Enable Telegram Bot Manager:

    • Navigate to System Notifications > Telegram Bot Manager.

    • Enable the "Enable BOT Manager" option.

  2. Set API Token and Chat ID:

    • Enter the Telegram API Token.

    • Provide the Chat ID for administration.

  3. Choose the Interaction Mode:

    • Select either GetUpdates Polling or Webhooks.

  4. Save the configuration.

  5. Test and Start the Bot:

    • Use the "Send Test" button to validate the configuration.

    • Start the bot service with "Start Service BOT" to begin receiving messages.

Important Notes

  1. Exclusivity Between GetUpdates and Webhooks:

    • Updates cannot be received via GetUpdates while a webhook is configured.

  2. Self-Signed Certificates:

    • If using a self-signed certificate, upload the public key using the certificate parameter (sending a string is not supported).

  3. Port Configuration:

    • Ensure the webhook URL uses one of the supported ports: 443, 80, 88, or 8443.

  4. Service Requirement for GetUpdates:

    • When using GetUpdates Polling, the Telegram Bot Manager service must be active to receive messages at the configured interval (e.g., 3 or 5 seconds).

Example with Webhook settings.

Example with GetUpdate settings

Interaction with the Bot

The Telegram bot allows simple commands to retrieve network data or execute actions. Examples of available commands:

  • /help: Displays the list of available commands.

  • /status: Shows system status (CPU, memory, traffic, recent attacks, etc.).

  • /total_traffic: Provides detailed statistics on total traffic (incoming and outgoing).

  • /top_talkers: Lists the top hosts by incoming and outgoing traffic.

  • /blackhole:

    • Displays the total number of active Black Hole rules.

    • Allows adding or removing IPs or networks to/from Black Hole.

  • /flowspec:

    • Displays active FlowSpec rules.

    • Allows querying the predefined rule database.

    • Injects predefined rules into the RIB via BGP.

    • Clears FlowSpec rules from the RIB.

Interaction Example

Command /blackhole

  • Displays the total number of active Black Hole rules.

  • Additional options:

    • Show the current rules.

    • Add or remove rules as needed.

Command /flowspec

  • Manages FlowSpec rules:

    • flowspec_active: Displays active FlowSpec rules.

    • flowspec_db: Shows the predefined rule database.

    • flowspec_send_rib: Publishes the predefined rules to the RIB via BGP.

    • flowspec_flush_rib: Clears FlowSpec rules from the RIB.

Recommendations

  • SSL Certificates:

    • Use a valid SSL certificate for Webhooks.

    • Consider setting up a reverse proxy with SSL (e.g., Nginx or Apache).

Screenshots

/help

/status

/total_traffic

/flowspec