Difference between revisions of "Ntop"
| Line 2: | Line 2: | ||
==Install== | ==Install== | ||
| + | *Dependencies: | ||
| + | **<code>xorg-x11-devel</code> | ||
| + | **<code>libgdbm</code> | ||
| + | |||
Using svn is probably the easiest way to download the source: | Using svn is probably the easiest way to download the source: | ||
mkdir my_ntop_goes_here | mkdir my_ntop_goes_here | ||
Latest revision as of 07:25, 5 September 2007
ntop is a network probe that shows network usage in a way similar to what top does for processes. In interactive mode, it displays the network status on the user's terminal. In Web mode, it acts as a Web server, creating an HTML dump of the network status. It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics.
Install
- Dependencies:
xorg-x11-devellibgdbm
Using svn is probably the easiest way to download the source:
mkdir my_ntop_goes_here cd my_ntop_goes_here svn co https://svn.ntop.org/svn/ntop/trunk/ntop
Now you need to compile ntop:
cd ntop ./autogen.sh make make install # as root
Usage
Note:After installing ntop one must provide an admin password (first run only).
Once ntop is installed, you must provide an administrative password on the first run.
- Run
ntopdirectly:
ntop -A
This will start ntop, ask you for the admin password, and then exit. After that, you can start ntop and begin monitoring network traffic.
- basic invocation:
ntop -P /var/lib/ntop
This will start ntop and write the database files to the directory /var/lib/ntop (note: You must start ntop as root, however, you can give users permission as well).
Instead of running ntop as root all the time, run it as a dedicated user. To create the user ntop, execute:
groupadd ntop useradd -M -s /bin/false -d /var/lib/ntop -c "ntop user" -g ntop ntop
These two commands will create the user and group for ntop (you can also add the group to /etc/group).
Finally, start ntop and tell which user to drop privileges:
ntop -P /var/lib/ntop -u ntop
- have
ntoplisten to port 4000 and only accept HTTPS traffic
ntop -w 0 -W 4000
- have
ntoplisten on port 3000 for HTTP traffic and port 4000 for HTTPS traffic
ntop -w 3000 -W 4000.
To have ntop start at boot and constantly watch traffic, add the following to /etc/init.d/rc.local (or a similar script that is started at boot, depending on your distribution):
ntop -P /var/lib/ntop -u ntop -d
Specifying the -d option tells ntop to daemonise and fork to the background.
