Topic: ntop 3.2 Install

[drywalldude]

I have succesfully installed ntop 3.2 on my sme server 6.01 but I still have some unresolved issues.

I used the how to for 3.1 located here: http://no.longer.valid/phpwiki/index.php/How%20to%20install%20and%20set%20up%20ntop%203.1

this all worked fine (with some searching for some correct versions of files)
until I went to access the web interface. But I managed to resolve this by
looking at the "1strun" document in the docs section of the tarball. The command that got everything going looks like this:
[root@smeserver root]# /usr/local/bin/ntop -P /usr/local/share/ntop -u admin -W 3001
Once this is run then everything is working fine, but the problem is that it hangs up a shell and if you close it the web interface is gone. The ntop sevice starts at reboot and is running, I did everything in the how to for version 3.1 I have set the preferances in the ntop web gui to use the command at start. But to no avail. I want the command to run that initializes the web gui to start when the service starts. Here are the results of the command running:

[root@smeserver root]# /usr/local/bin/ntop -P /usr/local/share/ntop -u admin -W 3001
Sun Apr 16 12:46:16 2006  NOTE: Interface merge enabled by default
Sun Apr 16 12:46:16 2006  Initializing gdbm databases
Sun Apr 16 12:46:16 2006  NOTE: Interface merge disabled from prefs file
Sun Apr 16 12:46:16 2006  ntop v.3.2 SourceForge .tgz
Sun Apr 16 12:46:16 2006  Configured on Apr 16 2006  9:22:01, built on Apr 16 2006 09:24:25.
Sun Apr 16 12:46:16 2006  Copyright 1998-2005 by Luca Deri <deri@ntop.org>
Sun Apr 16 12:46:16 2006  Get the freshest ntop from http://www.ntop.org/
Sun Apr 16 12:46:16 2006  NOTE: ntop is running from '/usr/local/bin'
Sun Apr 16 12:46:16 2006  NOTE: (but see warning on man page for the --instance parameter)
Sun Apr 16 12:46:16 2006  Initializing ntop
Sun Apr 16 12:46:16 2006  Checking eth0 for additional devices
Sun Apr 16 12:46:16 2006  Resetting traffic statistics for device eth0
Sun Apr 16 12:46:16 2006  DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Sun Apr 16 12:46:16 2006  Initializing gdbm databases
Sun Apr 16 12:46:16 2006  VENDOR: Loading MAC address table.
Sun Apr 16 12:46:16 2006  VENDOR: Checking for MAC address table file
Sun Apr 16 12:46:16 2006  VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded
Sun Apr 16 12:46:16 2006  VENDOR: ntop continues ok
Sun Apr 16 12:46:16 2006  VENDOR: Checking for MAC address table file
Sun Apr 16 12:46:16 2006  VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded
Sun Apr 16 12:46:16 2006  VENDOR: ntop continues ok
Sun Apr 16 12:46:16 2006  Fingeprint: Loading signature file.
Sun Apr 16 12:46:16 2006  Fingeprint: ...loaded 1697 records
Sun Apr 16 12:46:16 2006  ASN: Checking for Autonomous System Number table file
Sun Apr 16 12:46:16 2006  **WARNING** ASN: Unable to open file 'AS-list.txt'
Sun Apr 16 12:46:16 2006  I18N: This instance of ntop does not support multiple languages
Sun Apr 16 12:46:16 2006  IP2CC: Checking for IP address <-> Country Code mapping file
Sun Apr 16 12:46:16 2006  IP2CC: Loading file '/usr/local/etc/ntop/p2c.opt.table.gz'
Sun Apr 16 12:46:16 2006  IP2CC: ...found 52395 lines
Sun Apr 16 12:46:16 2006  GDVERCHK: Guessing at libgd version
Sun Apr 16 12:46:16 2006  GDVERCHK: ... as 1.8.4
Sun Apr 16 12:46:16 2006  Initializing external applications
Sun Apr 16 12:46:16 2006  THREADMGMT[t1026]: NPA: network packet analyzer (packet processor) thread running [p3169]
Sun Apr 16 12:46:16 2006  THREADMGMT[t1026]: NPA: Started thread for network packet analyzer
Sun Apr 16 12:46:16 2006  THREADMGMT[t2051]: SFP: Started thread for fingerprinting
Sun Apr 16 12:46:16 2006  THREADMGMT[t2051]: SFP: Fingerprint scan thread starting [p3170]
Sun Apr 16 12:46:16 2006  THREADMGMT[t3076]: SIH: Idle host scan thread starting [p3171]
Sun Apr 16 12:46:16 2006  THREADMGMT[t3076]: SIH: Started thread for idle hosts detection
Sun Apr 16 12:46:16 2006  THREADMGMT[t4101]: DNSAR(1): Address resolution thread running [p3172]
Sun Apr 16 12:46:16 2006  THREADMGMT[t4101]: DNSAR(1): Started thread for DNS address resolution
Sun Apr 16 12:46:16 2006  Calling plugin start functions (if any)
Sun Apr 16 12:46:16 2006  SSL: Initializing...
Sun Apr 16 12:46:16 2006  SSL_PRNG: Automatically initialized!
Sun Apr 16 12:46:16 2006  SSL initialized successfully
Sun Apr 16 12:46:16 2006  INITWEB: Initializing web server
Sun Apr 16 12:46:16 2006  INITWEB: Initializing tcp/ip socket connections for web server
Sun Apr 16 12:46:16 2006  INITWEB: Initialized socket, port 3000, address (any)
Sun Apr 16 12:46:16 2006  INITWEB: Waiting for HTTP connections on port 3000
Sun Apr 16 12:46:16 2006  INITWEB: Initialized ssl socket, port 3001, address (any)
Sun Apr 16 12:46:16 2006  INITWEB: Waiting for HTTPS (SSL) connections on port 3001
Sun Apr 16 12:46:16 2006  INITWEB: Starting web server
Sun Apr 16 12:46:16 2006  THREADMGMT[t5126]: WEB: Server connection thread starting [p3187]
Sun Apr 16 12:46:16 2006  Note: SIGPIPE handler set (ignore)
Sun Apr 16 12:46:16 2006  THREADMGMT[t5126]: WEB: Server connection thread running [p3187]
Sun Apr 16 12:46:16 2006  WEB: ntop's web server is now processing requests
Sun Apr 16 12:46:16 2006  THREADMGMT[t5126]: INITWEB: Started thread for web server
Sun Apr 16 12:46:16 2006  Listening on [eth0]
Sun Apr 16 12:46:16 2006  Loading Plugins
Sun Apr 16 12:46:16 2006  Searching for plugins in /usr/local/lib/ntop/plugins
Sun Apr 16 12:46:16 2006  ICMP: Welcome to ICMP Watch. (C) 1999-2005 by Luca Deri
Sun Apr 16 12:46:16 2006  LASTSEEN: Welcome to Host Last Seen. (C) 1999 by Andrea Marangoni
Sun Apr 16 12:46:16 2006  NETFLOW: Welcome to NetFlow.(C) 2002-05 by Luca Deri
Sun Apr 16 12:46:16 2006  PDA: Welcome to PDA. (C) 2001-2005 by L.Deri and W.Brock
Sun Apr 16 12:46:16 2006  RRD: Welcome to Round-Robin Databases. (C) 2002-04 by Luca Deri.
Sun Apr 16 12:46:16 2006  SNMP: Welcome to SNMP. (C) 2004 by F.Fusco and G.Giardina
Sun Apr 16 12:46:16 2006  SFLOW: Welcome to sFlow.(C) 2002-04 by Luca Deri
Sun Apr 16 12:46:16 2006  **WARNING** Unable to load plugin '/usr/local/lib/ntop/plugins/xmldumpPlugin.so'
Sun Apr 16 12:46:16 2006  **WARNING** Message is '/usr/local/lib/ntop/plugins/xmldumpPlugin.so: undefined symbol: dumpXML'
Sun Apr 16 12:46:16 2006  Calling plugin start functions (if any)
Sun Apr 16 12:46:16 2006  RRD: Welcome to the RRD plugin
Sun Apr 16 12:46:16 2006  RRD: Mask for new directories is 0700
Sun Apr 16 12:46:16 2006  RRD: Mask for new files is 0066
Sun Apr 16 12:46:16 2006  THREADMGMT: RRD: Started thread (t6151) for data collection
Sun Apr 16 12:46:16 2006  THREADMGMT[t1024]: ntop RUNSTATE: INITNONROOT(3)
Sun Apr 16 12:46:16 2006  Now running as requested user 'admin' (101:101)
Sun Apr 16 12:46:16 2006  **WARNING** INIT: Unable to create pid file (/usr/local/share/ntop/ntop.pid)
Sun Apr 16 12:46:16 2006  Note: Reporting device initally set to 0 [eth0]
Sun Apr 16 12:46:16 2006  THREADMGMT[t1024]: ntop RUNSTATE: RUN(4)
Sun Apr 16 12:46:16 2006  THREADMGMT[t7176]: NPS(1): Started thread for network packet sniffing
Sun Apr 16 12:46:16 2006  THREADMGMT[t6151]: RRD: Data collection thread starting [p3188]
Sun Apr 16 12:46:16 2006  THREADMGMT[t7176]: NPS(1,eth0): pcapDispatch thread starting [p3189]
Sun Apr 16 12:46:16 2006  THREADMGMT[t7176]: NPS(1,eth0): pcapDispatch thread running [p3189]
Sun Apr 16 12:46:16 2006  THREADMGMT[t2051]: SFP: Fingerprint scan thread running [p3170]
Sun Apr 16 12:46:16 2006  THREADMGMT[t3076]: SIH: Idle host scan thread running [p3171]
Sun Apr 16 12:46:27 2006  THREADMGMT[t8201]: RRD: Started thread for throughput data collection
Sun Apr 16 12:46:27 2006  THREADMGMT[t6151]: RRD: Data collection thread running [p3188]
Sun Apr 16 12:46:27 2006  THREADMGMT[t8201]: RRD: Throughput data collection: Thread starting [p3190]
Sun Apr 16 12:46:27 2006  THREADMGMT[t8201]: RRD: Throughput data collection: Thread running [p3190]
Sun Apr 16 12:46:54 2006  NOTE: -L | --use-syslog=facility not specified, child processes will log to the default (24).
   

[egerards]

What exactly goes wrong when you start ntop via the /etc/init.d/ntop script? Does the ntop process crash? Does it simply stop to respond? What shows the logging at crash time?

Sun Apr 16 12:46:16 2006 **WARNING** INIT: Unable to create pid file (/usr/local/share/ntop/ntop.pid)

That's something you really want to check. Checked my installation: ntop.pid is created in /var/run/ .

[drywalldude]

Its not as though the program has crashed its just you can't access the web gui untill you run the command line:

[root@smeserver root]# /usr/local/bin/ntop -P /usr/local/share/ntop -u admin -W 3001

In the shell, the shell hangs up with the previous window showing but as long as you leave the shell up you have administrator access without a logon.

I will check the logs, I believe the pid file might be a permisions thing.

I really want to get this to work as it is one of the most beautifull and informative traffic monitoring programs that I have seen, thanks for your help.

[drywalldude]

[root@smeserver root]# /usr/local/bin/ntop -P /usr/local/share/ntop -u admin -W 3001

This command is running the proccess as "admin"

so a chmod -R /usr/local/share/ntop admin or something very close to that fixed the write permissions and everthing works with or without the shell open. There are still some plug-in issues: The snmp plug in does not work and there is a dump plugin not working but it still has pleanty of info. Still working at it.

[curlynostril]

Hey, anybody out there....?

After running up against wall at every turn with the .rpm and egerards guide, I decided to compile for the very first time ever! HA!

Well, I started with the RRDtool thinking it might be best to compile everything for SME 7.  Then somehow package it up so everything is new since "ntop" is a GREAT tool (when it's working) and put it in the contribs if it works out.  Yet I hit another wall with:

Audit Compilation Environment
checking for gcc... no
checking for cc... no
checking for cc... no
checking for cl... no
configure: error: no acceptable C compiler found in $PATH
See config.log' for more details.

There must be a c compiler in there somewhere but I have to take a break and while I do, maybe someone has some clarification they can throw my way.  Another course of action? Whatevs...

Although SME is a really great system and a fantastic environment for me to tinker and finally get a grip on the whole Linux thing, running ntop in a more appropriate and able environment than windo$e is at the top of the top five reasons I'm messing around with SME in the first place.

Thanks,
curly