Ntop

From SME Server
Jump to: navigation, search

DRAFT HOWTO

This procedure has initialisation problems with the configuration file when performing the startup of ntop. Published here for test purposes only and for testers to help resolve the problem.

Refer to this forum post

ie when doing

/etc/init.d/ntop start

the following error is received

Starting ntop:    Processing file /etc/ntop.conf for parameters...
Sat Aug  8 21:18:04 2009  NOTE: Interface merge enabled by default
Sat Aug  8 21:18:05 2009  Initializing gdbm databases
FATAL ERROR: Unrecognized/unprocessed ntop options...
                                         ,     --user ntop, ,   --db-file-path /var/ntop, ,       
,     ,       --use-syslog, ,     ,       ,     ,         ,     ,     


Note that manually starting ntop works, and it listens on port 3000, but if you connect (even from localhost), it aborts with a RST packet and logs nothing.

This behaviour appears to be documented here: http://lists.ntop.org/pipermail/ntop-dev/2004-January/004104.html

A strace shows it's just sitting there,

nanosleep({10, 0}, {0, 0}) = 0


Description

ntop is a network monitoring tool/traffic probe that shows network usage in graphical form. A web browser is used to view traffic information and network status. For more information look here.

Prerequisites

To install ntop the Dag repository must be configured on your system. By default the Dag repo is not configured on sme server. If necessary follow this instruction to configure the repo, otherwise skip to the next section

Configuring Dag repository

You need to activate the Dag reposity before installing this contrib.

see dag repository

Installation

With the Dag repository configured, install as follows:

yum install ntop --enablerepo=dag
signal-event post-upgrade
signal-event reboot

Starting and Stopping ntop

Issue the following commands

chkconfig ntop on
config set ntop service status enabled TCPPort 3000 access private

Then run ntop manually from the command line and enter the admin password

ntop -u ntop

Enter the admin password when asked, and re-enter it when asked to confirm

Messages will scroll down the screen and then appear to freeze, press

Ctrl C

at the same time to exit. You should see the message

ntop is now quitting...


Note: In order to limit the use of system resources, you may only wish to run ntop as required for testing and analysing your system rather than running it continuously.

To manually start, stop and restart ntop do either of the following

/etc/init.d/ntop start
/etc/init.d/ntop stop
/etc/init.d/ntop restart

To configure ntop to start automatically at boot time do the following

ln -s /etc/rc.d/init.d/e-smith-service /etc/rc7.d/S83ntop

Usage

From the local network (LAN)

ntop provides its own default web server on port 3000:

http://yourserverIP:3000

From the Internet (WAN)

To access ntop remotely, setup SSH port forwarding (eg using PuTTY on Windows):

ssh -l root -L 3000:localhost:3000 <yourserverIP or yourservername>

Then open a web browser at:

http://localhost:3000 

From a handheld device (PDA)

A PDA (WAP) plugin is available which can access ntop via:

http://yourserverIP:3000/plugins/PDAPlugin

Removal

If you have permanenty enabled ntop do the following

rm /etc/rc7.d/S83ntop

Stop ntop

/etc/init.d/ntop stop

Delete services

chkconfig ntop off
config delete ntop

Remove packages

yum remove ntop libart_lgpl perl_rrdtool rrdtool
signal-event post-upgrade
signal-event reboot

Note: confirm that only the following packages are marked for removal before acknowledging

ntop
libart_lgpl
perl-rrdtool
rrdtool

Feature Overview

See here