Tutorial Purpose: Erecting Ntopng network traffic monitoring Server
Date: August 20, 2015
Contact e-mail: [Email protected]
Q q Group: 1851 15701
51CTO Blog Home: http://990487026.blog.51cto.com
Open source community, have you more exciting!
Brief introduction
Due to the NTOP network traffic monitoring tool, it is not possible to visually see what the device on which subnet to use what protocol and port from where to go, using open source software ntopng can solve the problem.
Hardware preparation:
1,ntop server requires two NICs
2, if the company has more than one network segment, then please map all the ports of the switch traffic to the eth0 of this NIC side
3,ETH1 network card used to access ntop Web pages
Device=eth0
hwaddr=90:2b:34:dd:**:* *
Type=ethernet
uuid=9728a861-a7e5-44a2-8e5a-************
Onboot=yes
Nm_controlled=yes
Bootproto=static
ipaddr=192.168.**.**
netmask=255.255.**.**
#GATEWAY =192.168.**.**
dns1=192.168.**.**
Device=eth1
hwaddr=00:e0:4c:b8:**:* *
Type=ethernet
Onboot=yes
Nm_controlled=yes
Bootproto=static
ipaddr=192.168.**.**
netmask=255.255.**.**
gateway=192.168.**.**
dns1=192.168.**.**
System environment:
CentOS 6.6 X64 Dektopa Desktop installation, installation development tools
Software Preparation:
-rw-r--r--. 1 root root 35M August 6 ntopng-2.0.tar.gz
The required documents can be found directly on the following website, or directly to the official website
Http://www.wangpansou.cn/recommended
https://github.com/
Http://sourceforge.net
http://search.cpan.org/
http://www.filewatcher.com/
==============================================================
1. Download and install the EPEL installation source
wget http://download.fedoraproject.org/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
RPM-IVH epel-release-5-4.noarch.rpm
2. Install all these packages, or you will get an error.
Yum install libpcap-devel glib2-devel geoip-devel libxml2-devel
Libxml2-devel Redis autoconf Automake sqlite-devel
Last 3 very important autoconf Automake Sqlite-devel
3. Download ntopng2.0 tar.gz
CD ntopng2.0
./autogen.sh
Execute./configure will prompt execution after
Compile Typing/usr/bin/gmake
Forget to download GeoIP databases doing:/usr/bin/gmake GeoIP
This is the networked download IP database
Execute/usr/bin/gmake GeoIP
Then there is the Make&make install compilation process is relatively long.
5. Modification of configuration files
You need to add a configuration file
mkdir/etc/ntopng/
Vim/etc/ntopng/ntopng.conf
-g=/var/tmp/ntopng.gid
--local-networks=192.168.0.0/24,192.168.5.0/24,192.168.6.0/24,192.168.200.0/24,192.168.1.0/24,192.168.9.0/ 24,192.168.60.0/24,192.168.10.0/24,192.168.12.0/24,192.168.2.0/24
--interface=eth0
--dns-mode=1
-w=3000
-d=all
-e=all
-s=all
--user=root
-f=db
======== configuration file End ===============================
--local-networks is a subnet
6. Start Redis before starting Ntopng
/etc/init.d/redis start
Start Ntopng & Background Run
/usr/local/bin/ntopng/etc/ntopng/ntopng.conf &
7. Login
http://IP:3000
Username:admin
Password:admin
CentOS 6.6 ntopng Network Traffic Monitoring Server