kuhfufhrbuierf,
Thanks for the questions! I am the principal developer for the Netify Agent.
The Netify Console tool (as currently released) is a PHP application. The packaging for that was done only for ClearOS. There were no plans to release a package for other distributions/platforms because a new version is being designed in C++. The PHP version was first a debugging tool which now should be developed further into a full application with more needed features.
That being said, the PHP version is available here, and can be run from a cloned/manual install on any host that has a PHP interpreter. Netify Agent can then be configured to listen on a network socket (versus the default file socket), enabling remote Netify Console connections. TODO: At the moment, there is no privacy/authentication/encryption on this socket so some thought should be given to secure network access to it.
We don't package/include man pages or other documentation files for OpenWrt. I thought considering it's an embedded platform, perhaps that would be frowned upon. In hindsight, these files are so tiny compared to the rest of the image, we can include them in the next release if that's expected.
In the meantime, you can find the the man pages and sample configuration here.
Both. Depending on your requirements. An established socket connection will stream real-time detections and other status information (JSON payloads) for applications that want to ingest a stream. The "dump_established_flows", when enabled, will send the connecting client the entire current state of the engine. It does not dump the current state to a file. For that, use "json_save".
"json_save" will periodically (15 seconds by default), dump all new detections and all active flows to the file: sink-request.json
"dump_unknown_flows" is more of a debug function. It creates small pcap files (8 - 10 packets, configurable) for unidentified flows. When enabled, these files can be found in the volatile state directory as: nd-flow-xxxxxxxx.cap
This file is saved to the "volatile" state directory, which on OpenWrt is: /run/netifyd/
This path is currently compiled in and cannot be changed at runtime.
Again, this path is compiled into the executable and currently cannot be changed at runtime. For OpenWrt, the "persistent state path" is: /etc/netify.d/