Difference between revisions of "Ntop"
RayMitchell (talk | contribs) (added instructions to starting and stopping) |
RayMitchell (talk | contribs) (added DRAFT problems Note) |
||
Line 1: | Line 1: | ||
+ | Note: DRAFT HOWTO - This procedure has initialisation problems with the configuration file when performing the startup of ntop. Published here for test purposes only and for testers to help resolve the problem. | ||
+ | |||
+ | ie when doing | ||
+ | /etc/init.d/ntop start | ||
+ | the following error is received | ||
+ | FATAL ERROR: Unrecognized/unprocessed ntop options... | ||
+ | , --user ntop, , --db-file-path /var/ntop, , | ||
+ | , , --use-syslog, , , , , , , | ||
+ | |||
+ | |||
+ | Note that manually starting ntop works, and it listens on port 3000, but if you connect (even from localhost), it aborts with a RST packet and logs nothing. | ||
+ | |||
+ | This behaviour appears to be documented here: | ||
+ | http://lists.ntop.org/pipermail/ntop-dev/2004-January/004104.html | ||
+ | |||
+ | A strace shows it's just sitting there, | ||
+ | nanosleep({10, 0}, {0, 0}) = 0 | ||
+ | |||
+ | |||
+ | |||
===Description=== | ===Description=== | ||
ntop is a network monitoring tool/traffic probe that shows network usage in graphical form. A web browser is used to view traffic information and network status. For more information look [http://www.ntop.org/ here]. | ntop is a network monitoring tool/traffic probe that shows network usage in graphical form. A web browser is used to view traffic information and network status. For more information look [http://www.ntop.org/ here]. |
Revision as of 12:16, 8 August 2009
Note: DRAFT HOWTO - This procedure has initialisation problems with the configuration file when performing the startup of ntop. Published here for test purposes only and for testers to help resolve the problem.
ie when doing
/etc/init.d/ntop start
the following error is received
FATAL ERROR: Unrecognized/unprocessed ntop options... , --user ntop, , --db-file-path /var/ntop, , , , --use-syslog, , , , , , ,
Note that manually starting ntop works, and it listens on port 3000, but if you connect (even from localhost), it aborts with a RST packet and logs nothing.
This behaviour appears to be documented here: http://lists.ntop.org/pipermail/ntop-dev/2004-January/004104.html
A strace shows it's just sitting there,
nanosleep({10, 0}, {0, 0}) = 0
Description
ntop is a network monitoring tool/traffic probe that shows network usage in graphical form. A web browser is used to view traffic information and network status. For more information look here.
Prerequisites
To install ntop the Dag repository must be configured on your system. By default the Dag repo is not configured on sme server. If necessary follow this instruction to configure the repo, otherwise skip to the next section
Configuring Dag repository
The following command will configure the Dag repository on SME Server. EDIT NOT COMPLETE!
To create an entry in the database for the epel repository we open put the following commands in a terminal
window or in a shell window:
/sbin/e-smith/db yum_repositories set epel repository \
Name 'SME Server - epel' \ BaseURL 'http://<http://download.fedoraproject.org/pub/epel/7/$basearch' \ EnableGroups yes \ GPGCheck yes \ Visible no \ status disabled
To enable the changes:
signal-event yum-modify
Just to be sure, give yum a fresh start:
yum clean all
After adding it to the database we have to update the changes to the configuration file:
signal-event yum-modify
Installation
With the Dag repository configured, install as follows:
yum install ntop --enablerepo=dag signal-event post-upgrade signal-event reboot
Starting and Stopping ntop
Issue the following commands
chkconfig ntop on config set ntop service status enabled TCPPort 3000 access private
Then run ntop manually from the command line and enter the admin password
ntop -u ntop
Enter the admin password when asked, and re-enter it when asked to confirm
Messages will scroll down the screen and then appear to freeze, press
Ctrl C
at the same time to exit. You should see the message
ntop is now quitting...
Note: In order to limit the use of system resources, you may only wish to run ntop as required for testing and analysing your system rather than running it continuously.
To manually start, stop and restart ntop do either of the following
/etc/init.d/ntop start /etc/init.d/ntop stop /etc/init.d/ntop restart
To configure ntop to start automatically at boot time do the following
ln -s /etc/rc.d/init.d/e-smith-service /etc/rc7.d/S83ntop
Usage
From the local network (LAN)
ntop provides its own default web server on port 3000:
http://yourserverIP:3000
From the Internet (WAN)
To access ntop remotely, setup SSH port forwarding (eg using PuTTY on Windows):
ssh -l root -L 3000:localhost:3000 <yourserverIP or yourservername>
Then open a web browser at:
http://localhost:3000
From a handheld device (PDA)
A PDA (WAP) plugin is available which can access ntop via:
http://yourserverIP:3000/plugins/PDAPlugin
Removal
If you have permanenty enabled ntop do the following
rm /etc/rc7.d/S83ntop
Stop ntop
/etc/init.d/ntop stop
Delete services
chkconfig ntop off config delete ntop
Remove packages
yum remove ntop
Note: confirm that only the following packages are marked for removal before acknowledging
ntop i386 3.3.8-2.el4.rf libart_lgpl i386 2.3.16-3 perl-rrdtool i386 1.2.30-1.el4.rf rrdtool i386 1.2.30-1.el4.rf
Feature Overview
See here