centos 5.4 配置监控软件ntop成功
http://blog.运维网.com/attachment/201001/201001141263479836187.png公司网络流量监控,哎一个个员工都爱BT=。= 无奈之下架设了 ntop网络监控服务器http://blog.运维网.com/editor/icons/etc_17.gif~~~~~ 暴力镇压BT~~~~~~~~~~感谢 网友陈文明(chenwenming.cublog.cn)一直以来的支持帮助。
系统centos5.4
1.
Step 1:下载安装rpmforge-release
wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
Step 2:
yum install rrdtool
step3
yum install ntop
2.配置
备份ntop.conf
# cp /etc/ntop.conf /etc/ntop.conf.bak
建立NTOP储存db的资料夹:
# mkdir /var/www/html/ntop
# chown ntop.ntop /var/www/html/ntop
# ntop -A //设置ntop管理员密码
ntop
==================以下是详细安装过程===========================================
# rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
warning: rpmforge-release-0.3.6-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing... ###########################################
1:rpmforge-release ###########################################
# yum install rrdtool
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirrors.163.com
* base: mirrors.163.com
* extras: mirrors.163.com
* rpmforge: apt.sw.be
* updates: mirrors.163.com
rpmforge | 1.1 kB 00:00
rpmforge/primary | 3.6 MB 02:36
rpmforge 10032/10032
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package rrdtool.i386 0:1.4.2-1.el5.rf set to be updated
--> Processing Dependency: ruby for package: rrdtool
--> Processing Dependency: perl(RRDs) for package: rrdtool
--> Processing Dependency: perl(RRDp) for package: rrdtool
--> Processing Dependency: libdbi.so.0 for package: rrdtool
--> Running transaction check
---> Package libdbi.i386 0:0.8.1-2.1 set to be updated
---> Package perl-rrdtool.i386 0:1.4.2-1.el5.rf set to be updated
---> Package ruby.i386 0:1.8.5-5.el5_4.8 set to be updated
--> Processing Dependency: ruby-libs = 1.8.5-5.el5_4.8 for package: ruby
--> Processing Dependency: libruby.so.1.8 for package: ruby
--> Running transaction check
---> Package ruby-libs.i386 0:1.8.5-5.el5_4.8 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================
Package Arch Version Repository Size
======================================================================
Installing:
rrdtool i386 1.4.2-1.el5.rf rpmforge 881 k
Installing for dependencies:
libdbi i386 0.8.1-2.1 base 35 k
perl-rrdtool i386 1.4.2-1.el5.rf rpmforge 52 k
ruby i386 1.8.5-5.el5_4.8 updates 274 k
ruby-libs i386 1.8.5-5.el5_4.8 updates 1.6 M
Transaction Summary
======================================================================
Install 5 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 2.8 M
Is this ok : y
Downloading Packages:
(1/5): libdbi-0.8.1-2.1.i386.rpm |35 kB 00:04
(2/5): perl-rrdtool-1.4.2-1.el5.rf.i386.rpm |52 kB 00:01
(3/5): ruby-1.8.5-5.el5_4.8.i386.rpm | 274 kB 00:57
(4/5): rrdtool-1.4.2-1.el5.rf.i386.rpm | 881 kB 00:52
(5/5): ruby-libs-1.8.5-5.el5_4.8.i386.rpm | 1.2 MB 08:53
http://mirrors.163.com/centos/5.4/updates/i386/RPMS/ruby-libs-1.8.5-5.el5_4.8.i386.rpm: Socket Error: timed out
Trying other mirror.
(5/5): ruby-libs-1.8.5-5.el5_4.8.i386.rpm | 1.6 MB 00:33
----------------------------------------------------------------------
Total 4.1 kB/s | 2.8 MB 11:49
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : libdbi 1/5
Installing : ruby-libs 2/5
Installing : ruby 3/5
Installing : perl-rrdtool 4/5
Installing : rrdtool 5/5
Installed:
rrdtool.i386 0:1.4.2-1.el5.rf
Dependency Installed:
libdbi.i386 0:0.8.1-2.1 perl-rrdtool.i386 0:1.4.2-1.el5.rf
ruby.i386 0:1.8.5-5.el5_4.8 ruby-libs.i386 0:1.8.5-5.el5_4.8
Complete!
# yum install ntop
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirrors.163.com
* base: mirrors.163.com
* extras: mirrors.163.com
* rpmforge: ftp-stud.fht-esslingen.de
* updates: mirrors.163.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ntop.i386 0:3.3.8-2.el5.rf set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================
Package Arch Version Repository Size
======================================================================
Installing:
ntop i386 3.3.8-2.el5.rf rpmforge 3.8 M
Transaction Summary
======================================================================
Install 1 Package(s)
Update 0 Package(s)
Remove 0 Package(s)
Total download size: 3.8 M
Is this ok : y
Downloading Packages:
ntop-3.3.8-2.el5.rf.i386.rpm | 3.8 MB 01:53
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : ntop 1/1
Installed:
ntop.i386 0:3.3.8-2.el5.rf
Complete!
# cp /etc/ntop.conf /etc/ntop.conf.bak
# mkdir /var/www/html/ntop
# cd /var/www/
# cd html/
# ll
total 4
drwxr-xr-x 2 root root 4096 Jan 12 15:28 ntop
# cd ntop/
# ll
total 0
# cd ..
# chown ntop.ntop /var/www/html/ntop
# ll
total 4
drwxr-xr-x 2 ntop ntop 4096 Jan 12 15:28 ntop
# ntop -A 密码
Tue Jan 12 15:28:59 2010NOTE: Interface merge enabled by default
Tue Jan 12 15:28:59 2010Initializing gdbm databases
ntop startup - waiting for user response!
Please enter the password for the admin user:
Please enter the password again:
Tue Jan 12 15:29:15 2010Admin user password has been set
# ntop -d -P /var/www/html/ntop/ -u nobody
Tue Jan 12 15:29:29 2010NOTE: Interface merge enabled by default
Tue Jan 12 15:29:29 2010**WARNING** Trailing slash removed from argument for option -P | --db-file-path
Tue Jan 12 15:29:29 2010Initializing gdbm databases
Tue Jan 12 15:29:29 2010ntop v.3.3.8 (Dag Apt RPM Repository)
Tue Jan 12 15:29:29 2010Configured on Jul 12 20093:32:30, built on Jul 12 2009 03:32:53.
Tue Jan 12 15:29:29 2010Copyright 1998-2007 by Luca Deri
Tue Jan 12 15:29:29 2010Get the freshest ntop from http://www.ntop.org/
Tue Jan 12 15:29:29 2010NOTE: ntop is running from 'ntop'
Tue Jan 12 15:29:29 2010NOTE: (but see warning on man page for the --instance parameter)
Tue Jan 12 15:29:29 2010NOTE: ntop libraries are in '/usr/lib'
Tue Jan 12 15:29:29 2010Initializing ntop
Tue Jan 12 15:29:29 2010No patterns to load: protocol guessing disabled.
Tue Jan 12 15:29:29 2010No default device configured. Using eth0
Tue Jan 12 15:29:29 2010**WARNING** Truncated network size (device eth0) to 1024 hosts (real netmask 255.255.0.0)
Tue Jan 12 15:29:29 2010Checking eth0 for additional devices
Tue Jan 12 15:29:29 2010Resetting traffic statistics for device eth0
Tue Jan 12 15:29:29 2010Initializing device eth0 (0)
Tue Jan 12 15:29:29 2010DLT: Device 0 is 1, mtu 1514, header 14
Tue Jan 12 15:29:29 2010Initializing gdbm databases
Tue Jan 12 15:29:29 2010VENDOR: Loading MAC address table.
Tue Jan 12 15:29:29 2010VENDOR: Checking for MAC address table file
Tue Jan 12 15:29:29 2010VENDOR: Loading newer file '/etc/ntop/specialMAC.txt.gz'
Tue Jan 12 15:29:29 2010VENDOR: ...found 61 lines
Tue Jan 12 15:29:29 2010VENDOR: ...loaded 59 records
Tue Jan 12 15:29:29 2010VENDOR: Checking for MAC address table file
Tue Jan 12 15:29:29 2010VENDOR: Loading newer file '/etc/ntop/oui.txt.gz'
Tue Jan 12 15:29:30 2010VENDOR: ...found 48541 lines
Tue Jan 12 15:29:30 2010VENDOR: ...loaded 7853 records
Tue Jan 12 15:29:30 2010Fingerprint: Loading signature file
Tue Jan 12 15:29:30 2010Fingerprint: Checking for Fingerprint file... file
Tue Jan 12 15:29:30 2010Fingerprint: Loading file '/etc/ntop/etter.finger.os.gz'
Tue Jan 12 15:29:30 2010Fingerprint: ...loaded 0 records
Tue Jan 12 15:29:30 2010INIT: Bye bye: I'm becoming a daemon...
Tue Jan 12 15:29:30 2010INIT: Parent process is exiting (this is normal)
# ntop startup
Tue Jan 12 15:30:06 2010NOTE: Interface merge enabled by default
Tue Jan 12 15:30:06 2010Initializing gdbm databases
FATAL ERROR: Unrecognized/unprocessed ntop options...
startup
run ntop --help for usage information
Common problems:
-B "filter expressions" (quotes are required)
--use-syslog=facilty (the = is required)
# reboot
Broadcast message from root (pts/3) (Tue Jan 12 15:30:22 2010):
The system is going down for reboot NOW!
# ntop
页:
[1]