Ntopng (ntop) – web-based network traffic monitoring system – Linux – Debian.

Ntopng is the next generation version of the original ntop, a network traffic probe that shows the network usage, similar to what the popular top Unix command does. ntopng is based on libpcap and it has been written in a portable way in order to virtually run on every Unix platform, MacOSX and on Win32 as well.

 

1. Install some needed dependencies.

sudo apt-get install autoconf automake autogen libsqlite3-dev libhiredis-dev libtool rrdtool libpcap-dev libglib2.0 libglib2.0-dev libgeoip-dev redis-server wget libxml2-dev build-essential libcurl-dev libmysqlclient-dev checkinstall

2. Download and install ntopng.

sudo mkdir -p install
cd install
sudo wget --trust-server-names http://sourceforge.net/projects/ntop/files/ntopng/ntopng-1.2.1.tgz/download

 

3. Compiling ntopng from Source Code (with geoip database).

sudo tar -xf ntopng-1.2.1.tgz
cd ntopng-1.2.1
sudo ./autogen.sh
sudo ./configure
sudo make geoip
sudo make

After this command  the installation and creating new package ntopng_1.2.1-1_amd64.deb will begin.

sudo checkinstall

 

checkinstall 1.6.2, Copyright 2009 Felipe Eduardo Sanchez Diaz Duran
...

Answer: y

...
Should I create a default set of package docs?  [y]: y
...
Preparing package documentation...OK
...

Please write a description for the package eg: ntopng and confirm it using 2x ENTER.

Please write a description for the package.
End your description with an empty line or EOF.
>> ntopng
>>
...

0 - Maintainer: [ user@debian.com ]
1 - Summary: [ ntopng ]
2 - Name: [ ntopng ]
3 - Version: [ 1.2.1 ]
4 - Release: [ 1 ]
5 - License: [ GPL ]
6 - Group: [ checkinstall ]
7 - Architecture: [ amd64 ]
8 - Source location: [ ntopng-1.2.1 ]
9 - Alternate source location: [ ]
10 - Requires: [ ]
11 - Provides: [ ntopng ]
12 - Conflicts: [ ]
13 - Replaces: [ ]
Enter a number to change any of them or press ENTER to continue:

Continue by pressing ENTER.

....

Copying files to the temporary directory...OK
Stripping ELF binaries and libraries...OK
Compressing man pages...OK
Building file list...OK
Building Debian package...OK
Installing Debian package...OK
Erasing temporary files...OK
Deleting temp dir...OK

**********************************************************************

 Done. The new package has been installed and saved to

 ../install/ntopng-1.2.1/ntopng_1.2.1-1_amd64.deb

 You can remove it from your system anytime using:

      dpkg -r ntopng

**********************************************************************

The new package should be located in install folder e.g:

../install/ntopng-1.2.1/ntopng_1.2.1-1_amd64.deb

 

To remove ntopng use command below:

sudo dpkg -r ntopng

 

4. Configure init script ntopng.

 

Create ntopng configfile in /etc/default folder and create new folder for logs:

sudo mkdir /var/log/ntopng
sudo touch /var/log/ntopng/startup.log
sudo wget http://terminal28.com/wp-content/uploads/2014/08/ntopng-init-script-deb.tar.gz
sudo tar xvzf ntopng-init-script-deb.tar.gz -C /
sudo chmod +x /etc/default/ntopng 
sudo chmod +x /etc/init.d/ntopng

 

Configure  ntopng /etc/default/ntopng:

sudo nano /etc/default/ntopng

 

ENABLED=1

Configure network interfaces e.g:.

INTERFACES="eth0 eth1 wlan0"

Port on which ntopng will listen for the web-UI – default port 3000.

HTTP_PORT=3000

Additional command-line arguments for ntopng, more: ntopng –help.

ADD_ARGS=""


5. First run.

sudo /etc/init.d/redis-server restart
sudo /etc/init.d/ntopng start

 

6. Accesss to Ntopng:

http://127.0.0.1:3000
http://adress_IP:3000
http://domain.com:3000

 

Username/password: admin/admin.

 

7. Configure Apache2 server as a proxy with SSL.

Install Apache2 server using this tutorial:

http://man.sethuper.com/instalacja-i-konfiguracja-apache-php5-ruby-python-webdav

Edit configfile e.g: httpd.conf:

Create 2 virtualhosts:

Configure virtualhost to listen on port 80 and redirect to port 443 (SSL).

sudo nano /etc/appache2/httpd.conf

 

# NTOPNG.DOMAIN.COM - PORT  80
#===========================================================================
<VirtualHost *:80>
ServerName ntopng.domain.com
ServerAlias *.ntopng.domain.com
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
RewriteCond %{SERVER_PORT} !^443$
RedirectMatch ^/$ https://ntopng.domain.com
</VirtualHost>
#===========================================================================

 

Configure virtualhost to listen on port 443 and proxy.

# NTOPNG.DOMENA.PL - PORT 443
#===========================================================================
<VirtualHost *:443>
ServerName ntopng.domain.com
ServerAlias *.ntopng.domain.com
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ProxyPass / http://localhost:3000/
SSLEngine on
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLCertificateFile /etc/apache2/ssl/ntopng.domain.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/ntopng.domain.com.key

</VirtualHost>
#===========================================================================

 

8. Activate proxy modul and restart Apache2 server.

sudo a2enmod proxy
sudo a2enmod proxy_http
sudo /etc/init.d/apache2 restart

 

9. Access to ntop through Apache2 server with SSL:

http://ntopng.domain.com
 

Username/password: admin/admin.

ntopng

Comments have been disabled.