linux6 installation ntopng
From Wikipedia knowledge "ntop is a network probe that shows the network usage with the top display process like a similar way. In interactive mode, it displays the network status on the user's terminal. In the page mode, as network server, create a network of state HTML dump files. it supports NetFlow / sFlowemitter / collector, this is an HTTP-based client interface for creating ntop to monitor the application center and to use RRD continues to store communications data. "
GitHub Address: https://github.com/ntop/ntopng/tree/dev/
Official website: https://www.ntop.org/products/traffic-analysis/ntop/
Ntopng is a web-based high-speed communications traffic collector and analyzer. Ntopng based ntop, it runs on all Unix platforms, MacOS X and Windows.
1, the installation environment
ntopng is a web-based framework, to build a good LNMP environment.
Installation Development Tools
# yum groupindatll 'Development Tools'
Installation of various dependent libraries
# yum install -y rrdtool* tcl GeoIP-devel GeoIP automake makecache gcc gcc-c++
# yum install -y libpcap* libcurl* sqlite-devel libxml2* glib2* numactl
Install redis
2, installation ntopng
# wget https://sourceforge.net/projects/ntop/files/ntopng/ntopng-2.4-stable.tar.gz/download # tar -zxvf ntopng-2.4-stable.tar.gz # cd ntopng-2.4-stable # ./configure # make # make install
过程忘记截图了,安装的时候可能会报各种缺少依赖库,缺啥装啥就是了。
3、配置文件
在./configure时,默认 redis和ntopng将安装到/usr/local/文件夹。接下来,我们需要为ntopng创建配置文件。
# cd /usr/local/etc
# mkdir ntopng
# cd ntopng
# vi ntopng.start
加入:
--local-network "192.168.10.0/24" --interface 1
参数解释
-G 指定运行所用进程号文件 --local-network 指定本地子网段 --interface eth2 指定监听eth2网卡上的流量 --user ntopng 指定运行服务所使用账户 --http-port 3333 指定web展现的服务端口,如果不指定默认为3000
建立pid文件
# vi ntopng.pid -G=/var/run/ntopng.pid
4、运行ntopng
先运行redis
# /usr/local/bin/redis-server & [1] 2351 # [2351] 16 Dec 08:03:12.666 # Warning: no config file specified, using the default config. In order to specify a config file use /usr/local/bin/redis-server /path/to/redis.conf [2351] 16 Dec 08:03:12.667 * Max number of open files set to 10032 _._ _.-``__ ''-._ _.-`` `. `_. ''-._ Redis 2.6.17 (00000000/0) 64 bit .-`` .-```. ```\/ _.,_ ''-._ ( ' , .-` | `, ) Running in stand alone mode |`-._`-...-` __...-.``-._|'` _.-'| Port: 6379 | `-._ `._ / _.-' | PID: 2351 `-._ `-._ `-./ _.-' _.-' |`-._`-._ `-.__.-' _.-'_.-'| | `-._`-._ _.-'_.-' | http://redis.io `-._ `-._`-.__.-'_.-' _.-' |`-._`-._ `-.__.-' _.-'_.-'| | `-._`-._ _.-'_.-' | `-._ `-._`-.__.-'_.-' _.-' `-._ `-.__.-' _.-' `-._ _.-' `-.__.-' [2351] 16 Dec 08:03:12.675 # Server started, Redis version 2.6.17 [2351] 16 Dec 08:03:12.677 * The server is now ready to accept connections on port 6379
然后,运行ntopng
# /usr/local/bin/ntopng 16/Dec/2019 08:03:29 [Ntop.cpp:1121] Setting local networks to 127.0.0.0/8 16/Dec/2019 08:03:29 [Redis.cpp:92] Successfully connected to redis 127.0.0.1:6379@0 [NDPI] ndpi_init_protocol_defaults(missing protoId=226) INTERNAL ERROR: not all protocols have been initialized [NDPI] ndpi_init_protocol_defaults(missing protoId=226) INTERNAL ERROR: not all protocols have been initialized 16/Dec/2019 08:03:32 [PcapInterface.cpp:85] Reading packets from interface eth0... 16/Dec/2019 08:03:32 [Ntop.cpp:1267] Registered interface eth0 [id: 0] [NDPI] ndpi_init_protocol_defaults(missing protoId=226) INTERNAL ERROR: not all protocols have been initialized 16/Dec/2019 08:03:32 [PcapInterface.cpp:85] Reading packets from interface virbr0... 16/Dec/2019 08:03:32 [Ntop.cpp:1267] Registered interface virbr0 [id: 1] [NDPI] ndpi_init_protocol_defaults(missing protoId=226) INTERNAL ERROR: not all protocols have been initialized
5、验证进程
# ps -ef | grep ntopng nobody 2373 2358 1 08:03 pts/1 00:02:17 /usr/local/bin/ntopng root 12575 12239 0 10:02 pts/2 00:00:00 grep ntopng # # netstat -lantup | grep ntopng tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 2373/ntopng tcp 0 0 127.0.0.1:48272 127.0.0.1:6379 ESTABLISHED 2373/ntopng
6、浏览器使用
现在,你可以通过访问http://yourserver.name:3000来测试ntopng应用,你将会看到ntopng登录页面。首次登录,你可以使用用户‘admin’和密码‘admin’。
登陆后
