Ntopng (ntop) – web-based network traffic monitoring system – Linux – Debian.

Ntopng is the next generation version of the original ntop, a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntopng is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform, MacOSX and on Win32 as well.


1. Install some needed dependencies.

sudo apt-get install autoconf automake autogen libsqlite3-dev libhiredis-dev libtool rrdtool libpcap-dev libglib2.0 libglib2.0-dev libgeoip-dev redis-server wget libxml2-dev build-essential libcurl-dev libmysqlclient-dev checkinstall

2. Download and install ntopng.

sudo mkdir -p install
cd install
sudo wget --trust-server-names http://sourceforge.net/projects/ntop/files/ntopng/ntopng-1.2.1.tgz/download


3. Compiling ntopng from Source Code (with geoip database).

sudo tar -xf ntopng-1.2.1.tgz
cd ntopng-1.2.1
sudo ./autogen.sh
sudo ./configure
sudo make geoip
sudo make

After this command  the installation and creating new package ntopng_1.2.1-1_amd64.deb will begin.

sudo checkinstall


checkinstall 1.6.2, Copyright 2009 Felipe Eduardo Sanchez Diaz Duran

Answer: y

Should I create a default set of package docs?  [y]: y
Preparing package documentation...OK

Please write a description for the package eg: ntopng and confirm it using 2x ENTER.

Please write a description for the package.
End your description with an empty line or EOF.
>> ntopng

0 - Maintainer: [ user@debian.com ]
1 - Summary: [ ntopng ]
2 - Name: [ ntopng ]
3 - Version: [ 1.2.1 ]
4 - Release: [ 1 ]
5 - License: [ GPL ]
6 - Group: [ checkinstall ]
7 - Architecture: [ amd64 ]
8 - Source location: [ ntopng-1.2.1 ]
9 - Alternate source location: [ ]
10 - Requires: [ ]
11 - Provides: [ ntopng ]
12 - Conflicts: [ ]
13 - Replaces: [ ]
Enter a number to change any of them or press ENTER to continue:

Continue by pressing ENTER.


Copying files to the temporary directory...OK
Stripping ELF binaries and libraries...OK
Compressing man pages...OK
Building file list...OK
Building Debian package...OK
Installing Debian package...OK
Erasing temporary files...OK
Deleting temp dir...OK


 Done. The new package has been installed and saved to


 You can remove it from your system anytime using:

      dpkg -r ntopng


The new package should be located in install folder e.g:



To remove ntopng use command below:

sudo dpkg -r ntopng


4. Configure init script ntopng.


Create ntopng configfile in /etc/default folder and create new folder for logs:

sudo mkdir /var/log/ntopng
sudo touch /var/log/ntopng/startup.log
sudo wget http://terminal28.com/wp-content/uploads/2014/08/ntopng-init-script-deb.tar.gz
sudo tar xvzf ntopng-init-script-deb.tar.gz -C /
sudo chmod +x /etc/default/ntopng 
sudo chmod +x /etc/init.d/ntopng


Configure  ntopng /etc/default/ntopng:

sudo nano /etc/default/ntopng



Configure network interfaces e.g:.

INTERFACES="eth0 eth1 wlan0"

Port on which ntopng will listen for the web-UI – default port 3000.


Additional command-line arguments for ntopng, more: ntopng –help.


5. First run.

sudo /etc/init.d/redis-server restart
sudo /etc/init.d/ntopng start


6. Accesss to Ntopng:


Username/password: admin/admin.


7. Configure Apache2 server as a proxy with SSL.

Install Apache2 server using this tutorial:


Edit configfile e.g: httpd.conf:

Create 2 virtualhosts:

Configure virtualhost to listen on port 80 and redirect to port 443 (SSL).

sudo nano /etc/appache2/httpd.conf


<VirtualHost *:80>
ServerName ntopng.domain.com
ServerAlias *.ntopng.domain.com
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
RewriteCond %{SERVER_PORT} !^443$
RedirectMatch ^/$ https://ntopng.domain.com


Configure virtualhost to listen on port 443 and proxy.

<VirtualHost *:443>
ServerName ntopng.domain.com
ServerAlias *.ntopng.domain.com
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ProxyPass / http://localhost:3000/
SSLEngine on
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLCertificateFile /etc/apache2/ssl/ntopng.domain.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/ntopng.domain.com.key



8. Activate proxy modul and restart Apache2 server.

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo /etc/init.d/apache2 restart


9. Access to ntop through Apache2 server with SSL:


Username/password: admin/admin.



Skip to comment form

    • MIchael on 29 October 2014 at 14:39

    Thank you sooooo much for this! I really needed help installing, as I am still fairly new to making/installing packages, and the ntopng website didn’t quite explain it in detail enough.

    • ein on 11 November 2014 at 14:44

    Not working for me, debian 7.70, I’ve compilation errors:
    g++ -g -Wall -I/usr/local/include -I/usr/include/hiredis -I./third-party/mongoose -Ithird-party/json-c -I./nDPI/src/include -I/usr/local/include/luajit-2.0 -I/usr/local/include -Ithird-party/http-client-c/src/ -Ithird-party/EWAHBoolArray/headers -DDATA_DIR='”/usr/local/share”‘ -c CollectorInterface.cpp -o CollectorInterface.o
    CollectorInterface.cpp: In constructor ‘CollectorInterface::CollectorInterface(const char*, const char*)’:
    CollectorInterface.cpp:33:25: error: ‘zmq_ctx_new’ was not declared in this scope
    CollectorInterface.cpp:50:30: error: ‘zmq_ctx_destroy’ was not declared in this scope
    CollectorInterface.cpp:57:30: error: ‘zmq_ctx_destroy’ was not declared in this scope
    CollectorInterface.cpp: In destructor ‘virtual CollectorInterface::~CollectorInterface()’:
    CollectorInterface.cpp:80:26: error: ‘zmq_ctx_destroy’ was not declared in this scope
    CollectorInterface.cpp: In member function ‘void CollectorInterface::collect_flows()’:
    CollectorInterface.cpp:112:59: error: cannot convert ‘zmq_msg_hdr*’ to ‘zmq_msg_t*’ for argument ‘2’ to ‘int zmq_recv(void*, zmq_msg_t*, int)’
    CollectorInterface.cpp:121:66: error: cannot convert ‘char*’ to ‘zmq_msg_t*’ for argument ‘2’ to ‘int zmq_recv(void*, zmq_msg_t*, int)’
    make: *** [CollectorInterface.o] Error 1

      • sethuper on 12 November 2014 at 07:37

      Works fine, I have just tested on new instalation (debian 7.7). You had to miss something when you did the tutorial or download ntopng again and compile..

        • e on 13 November 2014 at 16:06

        Yeah, u r right. I’ve made clean install and worked as expected. Thank u.

    • e on 13 November 2014 at 16:08

    Please add to the article that u use: ntopng-1.2.0_r8116.tgz

      • e on 13 November 2014 at 16:09

      I was using anyway.

      • sethuper on 13 November 2014 at 20:35

      Only stable version of ntopng (1.2.1) has been used in this tutorial.

    • Vasya on 19 November 2014 at 07:24

    sudo /etc/init.d/ntopng start
    * Starting network top daemon ntopng

    Ntopng fails to start.
    In log file /var/log/ntopng/startup.log: “ntopng requires the redis-server service to be running”

    But redis-server running:

    ps -e|grep “redis”
    2364 ? 00:00:00 redis-server

    • Immortal on 13 February 2015 at 10:21

    I installed the ntopng using the tutorial above. When I tried accessing as IP:3000, I get the error “unable to connect”.

    Also, when I checked the status of redis* and ntopng as follows:

    sudo /etc/init.d/redis-server restart
    redis-server is running

    sudo /etc/init.d/ntopng start
    I get to see nothing.

    Please advice, if I have done sth wrong.

      • sethuper on 15 February 2015 at 15:34

      Make sure these files are existing and are configured: /etc/default/ntopng and /etc/init.d/ntopng and all dependencies are installed. then stop and start both servers:

      sudo /etc/init.d/redis-server stop
      sudo /etc/init.d/redis-server start
      Starting redis-server: redis-server.

      sudo /etc/init.d/ntopng stop
      sudo /etc/init.d/ntopng start
      [ ok ] Starting network top daemon: ntopng.

    • sara on 17 April 2015 at 09:12

    how can i active -f option on ntopng?,i have no idea for that,pleaze help me
    thank you

    1. I will try this option this week, but you can add some options in the default config: ADD_ARGS=””:
      sudo nano /etc/default/ntopng

      or ….it might not work..

      sudo nano /etc/init.d/ntopng

      find ADD_ARGS and add -f


    • Joe on 19 August 2015 at 14:09

    Thanks mate, I’ve used your useful article in mine here http://nemgeek.blogspot.com/2015/08/ntopng-install-on-debian-sqeeze.html

    • TJ on 16 March 2016 at 09:39

    Trying to install ntopng on raspbbery pi with jessie distribution of debian i got message oafet command ./configure :”
    Please install libcurl(-dev) (http://curl.haxx.se/)” I know that package probably is included in my distro by “apt-cache search ^libcurl” i got.
    libcurl-ocaml – OCaml curl bindings (Runtime Library)
    libcurl-ocaml-dev – OCaml libcurl bindings (Development package)
    libcurl3 – easy-to-use client-side URL transfer library (OpenSSL flavour)
    libcurl3-dbg – debugging symbols for libcurl (OpenSSL, GnuTLS and NSS flavours)
    libcurl3-gnutls – easy-to-use client-side URL transfer library (GnuTLS flavour)
    libcurl3-nss – easy-to-use client-side URL transfer library (NSS flavour)
    libcurl4-doc – documentation for libcurl
    libcurl4-gnutls-dev – development files and documentation for libcurl (GnuTLS flavour)
    libcurl4-nss-dev – development files and documentation for libcurl (NSS flavour)
    libcurl4-openssl-dev – development files and documentation for libcurl (OpenSSL flavour)
    libcurlpp-dev – c++ wrapper for libcurl (development files)
    libcurlpp0 – c++ wrapper for libcurl
    libghc-hxt-curl-dev – LibCurl interface for HXT
    libghc-hxt-curl-doc – LibCurl interface for HXT; documentation
    libghc-hxt-curl-prof – LibCurl interface for HXT; profiling libraries
    lua-curl – libcURL bindings for the Lua language
    lua-curl-dev – libcURL development files for the Lua language
    ruby-ethon – libcurl wrapper using ffi
    his is included in my distribution of linux

    Unfortunaltey I dont know hot to use it and how to make it go. Trying to skip this :):
    sudo make geoip
    make: *** No rule to make target ‘geoip’. Stop.

    nad that all …any help?

    1. Did you install libcurl-dev as well?

    • TJ on 18 March 2016 at 13:14

    Yeah thanks . It indeed needed instalation of libcurl-dev and later libmysqlclient-dev
    and it works!!!
    Right now i wanted it to run after restart automatically after reboot and collect traffic data from mikrotik sending traffic flow.
    It tried to use commands:
    nprobe –zmq “tcp://*:5556” -i …..
    bash: nprobe: command not found
    how to install this?:)

    1. nProbe is a seperated package/app..

      You can use these packages:

      sudo su
      wget http://packages.ntop.org/apt/ntop.key
      apt-key add ntop.key
      echo "deb http://apt.ntop.org/jessie_pi armhf/" > /etc/apt/sources.list.d/ntop.list
      echo "deb http://apt.ntop.org/jessie_pi all/" >> /etc/apt/sources.list.d/ntop.list
      apt-get update
      apt-get install ntopng nprobe

Comments have been disabled.