Ntop
DRAFT HOWTO
This procedure has initialisation problems with the configuration file when performing the startup of ntop. Published here for test purposes only and for testers to help resolve the problem.
Refer to this forum post
ie when doing
/etc/init.d/ntop start
the following error is received
Starting ntop: Processing file /etc/ntop.conf for parameters... Sat Aug 8 21:18:04 2009 NOTE: Interface merge enabled by default Sat Aug 8 21:18:05 2009 Initializing gdbm databases FATAL ERROR: Unrecognized/unprocessed ntop options... , --user ntop, , --db-file-path /var/ntop, , , , --use-syslog, , , , , , ,
Note that manually starting ntop works, and it listens on port 3000, but if you connect (even from localhost), it aborts with a RST packet and logs nothing.
This behaviour appears to be documented here: http://lists.ntop.org/pipermail/ntop-dev/2004-January/004104.html
A strace shows it's just sitting there,
nanosleep({10, 0}, {0, 0}) = 0
Description
ntop is a network monitoring tool/traffic probe that shows network usage in graphical form. A web browser is used to view traffic information and network status. For more information look here.
Prerequisites
To install ntop the Dag repository must be configured on your system. By default the Dag repo is not configured on sme server. If necessary follow this instruction to configure the repo, otherwise skip to the next section
Configuring Dag repository
see dag repository
Installation
With the Dag repository configured, install as follows:
yum install ntop --enablerepo=dag signal-event post-upgrade signal-event reboot
Starting and Stopping ntop
Issue the following commands
chkconfig ntop on config set ntop service status enabled TCPPort 3000 access private
Then run ntop manually from the command line and enter the admin password
ntop -u ntop
Enter the admin password when asked, and re-enter it when asked to confirm
Messages will scroll down the screen and then appear to freeze, press
Ctrl C
at the same time to exit. You should see the message
ntop is now quitting...
Note: In order to limit the use of system resources, you may only wish to run ntop as required for testing and analysing your system rather than running it continuously.
To manually start, stop and restart ntop do either of the following
/etc/init.d/ntop start /etc/init.d/ntop stop /etc/init.d/ntop restart
To configure ntop to start automatically at boot time do the following
ln -s /etc/rc.d/init.d/e-smith-service /etc/rc7.d/S83ntop
Usage
From the local network (LAN)
ntop provides its own default web server on port 3000:
http://yourserverIP:3000
From the Internet (WAN)
To access ntop remotely, setup SSH port forwarding (eg using PuTTY on Windows):
ssh -l root -L 3000:localhost:3000 <yourserverIP or yourservername>
Then open a web browser at:
http://localhost:3000
From a handheld device (PDA)
A PDA (WAP) plugin is available which can access ntop via:
http://yourserverIP:3000/plugins/PDAPlugin
Removal
If you have permanenty enabled ntop do the following
rm /etc/rc7.d/S83ntop
Stop ntop
/etc/init.d/ntop stop
Delete services
chkconfig ntop off config delete ntop
Remove packages
yum remove ntop libart_lgpl perl_rrdtool rrdtool signal-event post-upgrade signal-event reboot
Note: confirm that only the following packages are marked for removal before acknowledging
ntop libart_lgpl perl-rrdtool rrdtool
Feature Overview
See here