ntopng

  1. Forrás hozzáadása (Wheezy-n):
    wget http://apt-stable.ntop.org/wheezy/all/apt-ntop-stable.deb
    dpkg -i apt-ntop-stable.deb
    grep -q "wheezy-backports" /etc/apt/sources.list || echo "deb http://ftp.debian.org/debian wheezy-backports main" >> /etc/apt/sources.list
     
    apt-get clean all
    apt-get update
  2. Program telepítése
    apt-get install redis-server rrdtool libssl-dev
    apt-get install pfring nprobe ntopng ntopng-data n2disk cento
  3. Beállítás /etc/ntopng/ntopng.conf:
    ntopng.conf
    # /etc/ntopng/ntopng.conf
    #
    #        The  configuration  file is similar to the command line, with the exception that an equal
    #        sign '=' must be used between key and value. Example:  -i=p1p2  or  --interface=p1p2  For
    #        options with no value (e.g. -v) the equal is also necessary. Example: "-v=" must be used.
    #
    #
    #       -G|--pid-path
    #        Specifies the path where the PID (process ID) is saved.
    #
    --pid-path=/var/run/ntopng.pid
    #
    #       -e|--daemon
    #        This  parameter  causes ntop to become a daemon, i.e. a task which runs in the background
    #        without connection to a specific terminal. To use ntop other than as a casual  monitoring
    #        tool, you probably will want to use this option.
    #
    --daemon
    #
    #       -i|--interface
    #        Specifies  the  network  interface or collector endpoint to be used by ntopng for network
    #        monitoring. On Unix you can specify both the interface name  (e.g.  lo)  or  the  numeric
    #        interface id as shown by ntopng -h. On Windows you must use the interface number instead.
    #        Note that you can specify -i multiple times in order to instruct ntopng to create  multi‐
    #        ple interfaces.
    #
    --interface=eth0
    --interface=eth1
    #
    #       -w|--http-port
    #        Sets the HTTP port of the embedded web server.
    #
    --http-port=3000
    #
    #       -W|--https-port
    #       HTTPS. See usage of -w above. Default: 3001
    #
    #--https-port=3001
    #
    #       -m|--local-networks
    #        ntopng determines the ip addresses and netmasks for each active interface. Any traffic on
    #        those  networks  is considered local. This parameter allows the user to define additional
    #        networks and subnetworks whose traffic is also considered local in  ntopng  reports.  All
    #        other hosts are considered remote. If not specified the default is set to 192.168.1.0/24.
    #
    #        Commas  separate  multiple  network  values.  Both netmask and CIDR notation may be used,
    #        even mixed together, for instance "131.114.21.0/24,10.0.0.0/255.0.0.0".
    #
    --local-networks=192.168.1.0/24,192.168.2.0/24,127.0.0.0/8
    #
    #       -n|--dns-mode
    #        Sets the DNS address resolution mode: 0 - Decode DNS responses  and  resolve  only  local
    #        (-m)  numeric  IPs  1  -  Decode DNS responses and resolve all numeric IPs 2 - Decode DNS
    #        responses and don't resolve numeric IPs 3 - Don't decode DNS responses and don't  resolve
    #
    --dns-mode=1
    #
    #       -S|--sticky-hosts
    #        ntopng  periodically purges idle hosts. With this option you can modify this behaviour by
    #        telling ntopng not to purge the hosts specified by -S. This parameter requires  an  argu‐
    #        ment  that  can  be  "all"  (Keep  all hosts in memory), "local" (Keep only local hosts),
    #        "remote" (Keep only remote hosts), "none" (Flush hosts when idle).
    #
    --sticky-hosts=local
    #
    #       -d|--data-dir
    #        Specifies the data directory (it must be writable). Default directory is ./data
    #
    --data-dir=/var/tmp/ntopng
    #
    #       -q|--disable-autologout
    #        Disable web interface logout for inactivity.
    #
    --disable-autologout
    #                                                                                                                       
    #       -l|--disable-login
    #       Disable user login authentication
    #       0 - Disable login only for localhost
    #       1 - Disable login only for all hosts
    #
    --disable-login=1
    #
    #       --community
    #       Start ntopng in community edition (debug only).
    #
    --community
  4. GRO, GSO, TSO kikapcsolása
    /etc/init.d/ntopng
    ...
    start_ntopng() {
        ethtool -K p4p1 gro off gso off tso off
    ...
  5. Szolgáltatás indítása:
    /etc/init.d/ntopng start
  6. Webes felület megnyitása: http://localhost:3000