====== ntopng ======
* http://packages.ntop.org/apt-stable/
* http://blog.webernetz.net/2016/02/09/ntopng-installation/
* http://idroot.net/linux/install-ntopng-ubuntu-16-04/
- Forrás hozzáadása (Wheezy-n):
wget http://apt-stable.ntop.org/wheezy/all/apt-ntop-stable.deb
dpkg -i apt-ntop-stable.deb
grep -q "wheezy-backports" /etc/apt/sources.list || echo "deb http://ftp.debian.org/debian wheezy-backports main" >> /etc/apt/sources.list
apt-get clean all
apt-get update
- Program telepítése
apt-get install redis-server rrdtool libssl-dev
apt-get install pfring nprobe ntopng ntopng-data n2disk cento
- Beállítás ''/etc/ntopng/ntopng.conf'':
# /etc/ntopng/ntopng.conf
#
# The configuration file is similar to the command line, with the exception that an equal
# sign '=' must be used between key and value. Example: -i=p1p2 or --interface=p1p2 For
# options with no value (e.g. -v) the equal is also necessary. Example: "-v=" must be used.
#
#
# -G|--pid-path
# Specifies the path where the PID (process ID) is saved.
#
--pid-path=/var/run/ntopng.pid
#
# -e|--daemon
# This parameter causes ntop to become a daemon, i.e. a task which runs in the background
# without connection to a specific terminal. To use ntop other than as a casual monitoring
# tool, you probably will want to use this option.
#
--daemon
#
# -i|--interface
# Specifies the network interface or collector endpoint to be used by ntopng for network
# monitoring. On Unix you can specify both the interface name (e.g. lo) or the numeric
# interface id as shown by ntopng -h. On Windows you must use the interface number instead.
# Note that you can specify -i multiple times in order to instruct ntopng to create multi‐
# ple interfaces.
#
--interface=eth0
--interface=eth1
#
# -w|--http-port
# Sets the HTTP port of the embedded web server.
#
--http-port=3000
#
# -W|--https-port
# HTTPS. See usage of -w above. Default: 3001
#
#--https-port=3001
#
# -m|--local-networks
# ntopng determines the ip addresses and netmasks for each active interface. Any traffic on
# those networks is considered local. This parameter allows the user to define additional
# networks and subnetworks whose traffic is also considered local in ntopng reports. All
# other hosts are considered remote. If not specified the default is set to 192.168.1.0/24.
#
# Commas separate multiple network values. Both netmask and CIDR notation may be used,
# even mixed together, for instance "131.114.21.0/24,10.0.0.0/255.0.0.0".
#
--local-networks=192.168.1.0/24,192.168.2.0/24,127.0.0.0/8
#
# -n|--dns-mode
# Sets the DNS address resolution mode: 0 - Decode DNS responses and resolve only local
# (-m) numeric IPs 1 - Decode DNS responses and resolve all numeric IPs 2 - Decode DNS
# responses and don't resolve numeric IPs 3 - Don't decode DNS responses and don't resolve
#
--dns-mode=1
#
# -S|--sticky-hosts
# ntopng periodically purges idle hosts. With this option you can modify this behaviour by
# telling ntopng not to purge the hosts specified by -S. This parameter requires an argu‐
# ment that can be "all" (Keep all hosts in memory), "local" (Keep only local hosts),
# "remote" (Keep only remote hosts), "none" (Flush hosts when idle).
#
--sticky-hosts=local
#
# -d|--data-dir
# Specifies the data directory (it must be writable). Default directory is ./data
#
--data-dir=/var/tmp/ntopng
#
# -q|--disable-autologout
# Disable web interface logout for inactivity.
#
--disable-autologout
#
# -l|--disable-login
# Disable user login authentication
# 0 - Disable login only for localhost
# 1 - Disable login only for all hosts
#
--disable-login=1
#
# --community
# Start ntopng in community edition (debug only).
#
--community
- GRO, GSO, TSO kikapcsolása
...
start_ntopng() {
ethtool -K p4p1 gro off gso off tso off
...
- Szolgáltatás indítása:
/etc/init.d/ntopng start
- Webes felület megnyitása: http://localhost:3000