Home IT Linux Windows Database Network Programming Server Mobile  
           
  Home \ Linux \ Network traffic monitoring ntopng     - Linux find command to find files (Linux)

- The Linux OOM Terminator (Server)

- CentOS7 complete step to install Hadoop2.7 (Server)

- Recovery from MySQL master data consistency summary (Database)

- CentOS 6.5 installation using a data recovery software extundelete (Linux)

- Computer security perimeter recommendations (Linux)

- Share and show your code on GitHub (Linux)

- Stucts2 values on the page and how the attribute values corresponding to the Action (Programming)

- Ubuntu 15.04 Linux install anti-virus software Antiviral 0.2 (Linux)

- Strategy Games Ubuntu installation of Wesnoth 1.12.1 (Linux)

- Those functions under Linux you do not know the df command (Linux)

- Apache Linux firewall reverse proxy configuration (Linux)

- VirtualBox 4.3 Can not open a new task for a virtual computer solution (Linux)

- Android Custom View step (Programming)

- How to manage the time and date at systemd Linux systems (Linux)

- Open container cluster management system architecture and components introduced Kubernetes (Server)

- Getting Started with Linux: Learn how to upgrade Docker in Ubuntu (Server)

- OpenGL Superb Learning Notes - Fragment Shader (Programming)

- Standard and IO redirection (Linux)

- How to properly set up a Linux swap partition (Linux)

 
         
  Network traffic monitoring ntopng
     
  Add Date : 2018-11-21      
         
       
         
  Ntopng
Outline
First, Introduction
Second, the functional description
Third, the installation
Fourth, the configuration
Fifth, test

First, Introduction

1, ntopng ntop is the original version of the next-generation, real-time network traffic monitoring display. ntop is based Libpcap and it was written in a portable way to run on UNIX platforms, MacOSX and Win32 as

2, ntopng users can use a web browser to the NTOP (that is, as a Web server) traffic information and get network status dump. In the latter case, ntop can be seen as having an embedded network interface with a simple class remote monitoring agent. use:

A network interface
Limited configuration and management through Web interface
Reduce CPU and memory utilization (based on network size and traffic vary)

Second, the functional description

Automatic identification of useful information from the network;

The intercepted data packets into a format easy to identify;

On the network environment, the communication failure is analyzed;

Detection time and process network communications

Clean separation between the Supervisor Engine

Reporting facility.

    Rugged, collision engine (NTOP is not really the case).

    Platform enables the extension or scripting

    At runtime without rebooting.

    Real-time monitoring tools aggregate data (5 minutes), and when submitted too late.

    Many new features, including dynamic graphical user interface based on HTML5, classification, DPI.

Third, the installation

1, upgrade libraries

Note, the new version of ntopng relies on two main libraries is a glibc-2.7 version of the above, and the other is libstdc4.3.2 above version. (Which glibc compiler installation, libstdc with RPM package is installed, install glibc compiler little longer.)

[Root @ ntopng src] # ls

glibc-2.19.tar.gz libstdc ++ - 4.9.0-8.fc21.1.x86_64.rpm

[Root @ ntopng src] # rpm -ivh libstdc ++ - 4.9.0-8.fc21.1.x86_64.rpm

error: Failed dependencies:

 libc.so.6 (GLIBC_2.14) (64bit) is needed by libstdc ++ - 4.9.0-8.fc21.1.x86_64

 libc.so.6 (GLIBC_2.17) (64bit) is needed by libstdc ++ - 4.9.0-8.fc21.1.x86_64

[Root @ ntopng src] # rpm -ivh libstdc ++ - 4.9.0-8.fc21.1.x86_64.rpm --nodeps --force

Preparing ... ########################################### [100% ]

  1: libstdc ++ ########################################### [100%]

Note, ntopng relies GLIBCXX_3.4.9.

[Root @ ntopng src] # strings /usr/lib64/libstdc++.so.6 | grep GLIBC

GLIBCXX_3.4

GLIBCXX_3.4.1

GLIBCXX_3.4.2

GLIBCXX_3.4.3

GLIBCXX_3.4.4

GLIBCXX_3.4.5

GLIBCXX_3.4.6

GLIBCXX_3.4.7

GLIBCXX_3.4.8

GLIBCXX_3.4.9

GLIBCXX_3.4.10

GLIBCXX_3.4.11

GLIBCXX_3.4.12

GLIBCXX_3.4.13

GLIBCXX_3.4.14

GLIBCXX_3.4.15

GLIBCXX_3.4.16

GLIBCXX_3.4.17

GLIBCXX_3.4.18

GLIBCXX_3.4.19

GLIBCXX_3.4.20

GLIBC_2.3

GLIBC_2.2.5

GLIBC_2.14

GLIBC_2.4

GLIBC_2.17

GLIBC_2.3.2

GLIBCXX_DEBUG_MESSAGE_LENGTH

[Root @ ntopng src] # yum -y install gcc gcc-c ++ make

[Root @ ntopng src] # tar xf glibc-2.19.tar.gz

[Root @ ntopng src] # cd glibc-2.19

[Root @ ntopng glibc-2.19] # mkdir glibc_build

[Root @ ntopng glibc-2.19] # cd glibc_build /

[Root @ ntopng glibc_build] # ../configure --prefix = / usr /

[Root @ ntopng glibc_build] # make && make install


2, the installation dependencies ntopng

[Root @ ntopng ~] # rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

Retrieving http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

warning: /var/tmp/rpm-tmp.1VdEVr: Header V3 RSA / SHA256 Signature, key ID 0608b895: NOKEY

Preparing ... ########################################### [100% ]

  1: epel-release ########################################### [100 %]

[Root @ ntopng ~] # yum install -y GeoIP-devel GeoIP redis

[Root @ ntopng ~] # service redis start

Starting redis-server: [OK]


3, installation ntopng

Note: source compiler installation and rpm package installed, since being given the time to start ntopng

[Root @ ntopng ~] # service ntopng start

Starting ntopng

[Root @ ntopng ~] # / usr / local / bin / ntopng: error while loading shared libraries: librrd.so.4: can not open shared object file: No such file or directory


 The solution is part of the installation source to install + rpm, because the installation source packages without a configuration file, rpm package installed configuration file, a combination of both is the best

[Root @ ntopng ~] # yum -y install libpcap * libxml2 libxml2-devel glib2-devel libglib2.0-dev

[Root @ ntopng src] # tar xf ntopng-1.1_6932.tgz

[Root @ ntopng ntopng-1.1_6932] # ./configure --prefix = / usr / local / ntopng

[Root @ ntopng ntopng-1.1_6932] # gmake

[Root @ ntopng ntopng-1.1_6932] # make install

[Root @ ntopng src] # rpm -ivh ntopng-1.1.3_7750-7750.x86_64.rpm --nodeps

warning: ntopng-1.1.3_7750-7750.x86_64.rpm: Header V4 DSA / SHA1 Signature, key ID 7921df34: NOKEY

Preparing ... ########################################### [100% ]

  1: ntopng ########################################### [100%]

Setting up redis auto startup

[Root @ ntopng src] # rpm -ivh ntopng-data-1.1.3_7750-7750.x86_64.rpm --nodeps

warning: ntopng-data-1.1.3_7750-7750.x86_64.rpm: Header V4 DSA / SHA1 Signature, key ID 7921df34: NOKEY

Preparing ... ########################################### [100% ]

  1: ntopng-data ########################################### [100 %]

[Root @ ntopng src] # cd / etc / ntopng /

[Root @ ntopng ntopng] # ll

total 8

-rw-r -. r-- 1 root root 23 Jun 11 21:12 ntopng.conf.sample # profile

-rw-r -. r-- 1 root root 49 Jun 11 21:12 ntopng.start # startup file

[Root @ ntopng ntopng] # cat ntopng.conf.sample

-G = / Var / tmp / ntopng.gid # specified process ID file to run

[Root @ ntopng ntopng] # cat ntopng.start

--local-networks "192.168.1.0" # local subnet segment

--interface 0 # monitor traffic on the network card


Fourth, the configuration

[Root @ ntopng ntopng] # cp ntopng.conf.sample ntopng.conf

[Root @ ntopng ntopng] # vim ntopng.conf

-G = / Var / tmp / ntopng.gid

--local-networks "192.168.0.0/24"

--interface eth1 # the NIC on which to listen

--user nobody

--http-port 8000 # 3000 default

# Start ntopng service

Note, before running ntopng, make sure to start redis service, redis ntopng to provide key-value store. Here we restart the service redis

[Root @ ntopng ~] # service ntopng start # as rpm package installation package is missing library files

Starting ntopng

[Root @ ntopng ~] # / usr / local / bin / ntopng: error while loading shared libraries: librrd.so.4: can not open shared object file: No such file or directory

[Root @ ntopng ~] # after service ntopng start # source code to compile and install careful not to uninstall rpm packages installed ntopng

Starting ntopng

 

[Root @ ntopng ntopng] # service ntopng restart

Stopping ntopng

Waiting ntopng to shutdown and flush data ...

Starting ntopng

[Root @ ntopng ntopng] # netstat -tnlp

Active Internet connections (only servers)

Proto Recv-Q Send-Q Local Address Foreign Address State PID / Program name

tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 63713 / redis-server

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1041 / sshd

tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1117 / master

tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 63793 / ntopng

tcp 0 0 ::: 22 ::: * LISTEN 1041 / sshd

tcp 0 0 :: 1: 25 ::: * LISTEN 1117 / master

Five test

1, browser access http://172.16.2.136, the default user name and password is admin

2, the first landing of the interface

3. Check all online host's network traffic

4. Check the list of hosts

5, view network interface traffic summary

All right! ntopng This is the end!
     
         
       
         
  More:      
 
- Under Ubuntu on how to use iptables firewall (Linux)
- Common Linux System Troubleshooting (Linux)
- Git Installation and Configuration (Network Agent settings) (Linux)
- Learning MySQL data types (Database)
- Use a soft Raid play multiple SSD hard drive performance and enhance data security (Linux)
- Shell Script: Bulk add users, and set the random character password (Programming)
- MySQL optimization of the relevant Group By (Database)
- Memcached source installation and configuration under CentOS 6.6 (Server)
- The basic principle of pointers in C ++ (Programming)
- Examples of RAID levels and achieve Operational Details (Linux)
- Ubuntu 14.04 LTS installed Hadoop 1.2.1 (distributed cluster mode) (Server)
- Linux install and configure Heartbeat (Server)
- Hibernate4 The Hello World (basic environmental structures) (Programming)
- Hadoop 2.2.0 installation development environment (standalone pseudo-distributed mode) (Server)
- How to use the Docker Machine cluster deployment Swarm (Server)
- How to install and configure a VNC server on CentOS 7.0 (Server)
- Oracle Incident Packaging Service (Database)
- Use source packages compiled and installed GCC5.1 in Mac OS X 10.10.3 (Linux)
- Linux shared libraries .so file name and Dynamic Link (Linux)
- CentOS 6.5 / Linux restart network card being given Determining if ip address x.x.x.x is already in use (Linux)
     
           
     
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.