centos 5.4 配置监控软件ntop成功

deles

公司网络流量监控，哎一个个员工都爱BT=。= 无奈之下架设了 ntop网络监控服务器~~~~~ 暴力镇压BT~~~~~~~~~~感谢 网友陈文明（chenwenming.cublog.cn）一直以来的支持帮助。

系统centos5.4
1.
Step 1：下载安装rpmforge-release
wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm

Step 2：
yum install rrdtool

step3
yum install ntop

2.配置
备份ntop.conf
# cp /etc/ntop.conf /etc/ntop.conf.bak
建立NTOP储存db的资料夹:
# mkdir /var/www/html/ntop
# chown ntop.ntop /var/www/html/ntop
# ntop -A //设置ntop管理员密码

ntop

==================以下是详细安装过程===========================================

[root@mail ~]# rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
warning: rpmforge-release-0.3.6-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing...                                                          ########################################### [100%]
   1:rpmforge-release                                                 ########################################### [100%]
[root@mail ~]# yum install rrdtool
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirrors.163.com
* base: mirrors.163.com
* extras: mirrors.163.com
* rpmforge: apt.sw.be
* updates: mirrors.163.com
rpmforge                                       | 1.1 kB     00:00     
rpmforge/primary                               | 3.6 MB     02:36     
rpmforge                                                  10032/10032
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package rrdtool.i386 0:1.4.2-1.el5.rf set to be updated
--> Processing Dependency: ruby for package: rrdtool
--> Processing Dependency: perl(RRDs) for package: rrdtool
--> Processing Dependency: perl(RRDp) for package: rrdtool
--> Processing Dependency: libdbi.so.0 for package: rrdtool
--> Running transaction check
---> Package libdbi.i386 0:0.8.1-2.1 set to be updated
---> Package perl-rrdtool.i386 0:1.4.2-1.el5.rf set to be updated
---> Package ruby.i386 0:1.8.5-5.el5_4.8 set to be updated
--> Processing Dependency: ruby-libs = 1.8.5-5.el5_4.8 for package: ruby
--> Processing Dependency: libruby.so.1.8 for package: ruby
--> Running transaction check
---> Package ruby-libs.i386 0:1.8.5-5.el5_4.8 set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================
Package           Arch      Version              Repository     Size
======================================================================
Installing:
rrdtool           i386      1.4.2-1.el5.rf       rpmforge      881 k
Installing for dependencies:
libdbi            i386      0.8.1-2.1            base           35 k
perl-rrdtool      i386      1.4.2-1.el5.rf       rpmforge       52 k
ruby              i386      1.8.5-5.el5_4.8      updates       274 k
ruby-libs         i386      1.8.5-5.el5_4.8      updates       1.6 M
Transaction Summary
======================================================================
Install      5 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         
Total download size: 2.8 M
Is this ok [y/N]: y
Downloading Packages:
(1/5): libdbi-0.8.1-2.1.i386.rpm               |  35 kB     00:04     
(2/5): perl-rrdtool-1.4.2-1.el5.rf.i386.rpm    |  52 kB     00:01     
(3/5): ruby-1.8.5-5.el5_4.8.i386.rpm           | 274 kB     00:57     
(4/5): rrdtool-1.4.2-1.el5.rf.i386.rpm         | 881 kB     00:52     
(5/5): ruby-libs-1.8.5-5.el5_4.8.i386.rpm      | 1.2 MB     08:53     
http://mirrors.163.com/centos/5.4/updates/i386/RPMS/ruby-libs-1.8.5-5.el5_4.8.i386.rpm: [Errno 4] Socket Error: timed out
Trying other mirror.
(5/5): ruby-libs-1.8.5-5.el5_4.8.i386.rpm      | 1.6 MB     00:33     
----------------------------------------------------------------------
Total                                 4.1 kB/s | 2.8 MB     11:49     
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : libdbi                                         1/5
  Installing     : ruby-libs                                      2/5
  Installing     : ruby                                           3/5
  Installing     : perl-rrdtool                                   4/5
  Installing     : rrdtool                                        5/5
Installed:
  rrdtool.i386 0:1.4.2-1.el5.rf                                       
Dependency Installed:
  libdbi.i386 0:0.8.1-2.1        perl-rrdtool.i386 0:1.4.2-1.el5.rf   
  ruby.i386 0:1.8.5-5.el5_4.8    ruby-libs.i386 0:1.8.5-5.el5_4.8     
Complete!
[root@mail ~]# yum install ntop
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirrors.163.com
* base: mirrors.163.com
* extras: mirrors.163.com
* rpmforge: ftp-stud.fht-esslingen.de
* updates: mirrors.163.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ntop.i386 0:3.3.8-2.el5.rf set to be updated
--> Finished Dependency Resolution
Dependencies Resolved
======================================================================
Package     Arch        Version                Repository       Size
======================================================================
Installing:
ntop        i386        3.3.8-2.el5.rf         rpmforge        3.8 M
Transaction Summary
======================================================================
Install      1 Package(s)         
Update       0 Package(s)         
Remove       0 Package(s)         
Total download size: 3.8 M
Is this ok [y/N]: y
Downloading Packages:
ntop-3.3.8-2.el5.rf.i386.rpm                   | 3.8 MB     01:53     
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing     : ntop                                           1/1
Installed:
  ntop.i386 0:3.3.8-2.el5.rf                                          
Complete!
[root@mail ~]# cp /etc/ntop.conf /etc/ntop.conf.bak
[root@mail ~]# mkdir /var/www/html/ntop
[root@mail ~]# cd /var/www/
[root@mail www]# cd html/
[root@mail html]# ll
total 4
drwxr-xr-x 2 root root 4096 Jan 12 15:28 ntop
[root@mail html]# cd ntop/
[root@mail ntop]# ll
total 0
[root@mail ntop]# cd ..
[root@mail html]# chown ntop.ntop /var/www/html/ntop
[root@mail html]# ll
total 4
drwxr-xr-x 2 ntop ntop 4096 Jan 12 15:28 ntop
[root@mail html]# ntop -A 密码
Tue Jan 12 15:28:59 2010  NOTE: Interface merge enabled by default
Tue Jan 12 15:28:59 2010  Initializing gdbm databases

ntop startup - waiting for user response!

Please enter the password for the admin user:
Please enter the password again:
Tue Jan 12 15:29:15 2010  Admin user password has been set
[root@mail html]# ntop -d -P /var/www/html/ntop/ -u nobody
Tue Jan 12 15:29:29 2010  NOTE: Interface merge enabled by default
Tue Jan 12 15:29:29 2010  **WARNING** Trailing slash removed from argument for option -P | --db-file-path
Tue Jan 12 15:29:29 2010  Initializing gdbm databases
Tue Jan 12 15:29:29 2010  ntop v.3.3.8 (Dag Apt RPM Repository)
Tue Jan 12 15:29:29 2010  Configured on Jul 12 2009  3:32:30, built on Jul 12 2009 03:32:53.
Tue Jan 12 15:29:29 2010  Copyright 1998-2007 by Luca Deri
Tue Jan 12 15:29:29 2010  Get the freshest ntop from http://www.ntop.org/
Tue Jan 12 15:29:29 2010  NOTE: ntop is running from 'ntop'
Tue Jan 12 15:29:29 2010  NOTE: (but see warning on man page for the --instance parameter)
Tue Jan 12 15:29:29 2010  NOTE: ntop libraries are in '/usr/lib'
Tue Jan 12 15:29:29 2010  Initializing ntop
Tue Jan 12 15:29:29 2010  No patterns to load: protocol guessing disabled.
Tue Jan 12 15:29:29 2010  No default device configured. Using eth0
Tue Jan 12 15:29:29 2010  **WARNING** Truncated network size (device eth0) to 1024 hosts (real netmask 255.255.0.0)
Tue Jan 12 15:29:29 2010  Checking eth0 for additional devices
Tue Jan 12 15:29:29 2010  Resetting traffic statistics for device eth0
Tue Jan 12 15:29:29 2010  Initializing device eth0 (0)
Tue Jan 12 15:29:29 2010  DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Tue Jan 12 15:29:29 2010  Initializing gdbm databases
Tue Jan 12 15:29:29 2010  VENDOR: Loading MAC address table.
Tue Jan 12 15:29:29 2010  VENDOR: Checking for MAC address table file
Tue Jan 12 15:29:29 2010  VENDOR: Loading newer file '/etc/ntop/specialMAC.txt.gz'
Tue Jan 12 15:29:29 2010  VENDOR: ...found 61 lines
Tue Jan 12 15:29:29 2010  VENDOR: ...loaded 59 records
Tue Jan 12 15:29:29 2010  VENDOR: Checking for MAC address table file
Tue Jan 12 15:29:29 2010  VENDOR: Loading newer file '/etc/ntop/oui.txt.gz'
Tue Jan 12 15:29:30 2010  VENDOR: ...found 48541 lines
Tue Jan 12 15:29:30 2010  VENDOR: ...loaded 7853 records
Tue Jan 12 15:29:30 2010  Fingerprint: Loading signature file
Tue Jan 12 15:29:30 2010  Fingerprint: Checking for Fingerprint file... file
Tue Jan 12 15:29:30 2010  Fingerprint: Loading file '/etc/ntop/etter.finger.os.gz'
Tue Jan 12 15:29:30 2010  Fingerprint: ...loaded 0 records
Tue Jan 12 15:29:30 2010  INIT: Bye bye: I'm becoming a daemon...
Tue Jan 12 15:29:30 2010  INIT: Parent process is exiting (this is normal)
[root@mail html]# ntop startup
Tue Jan 12 15:30:06 2010  NOTE: Interface merge enabled by default
Tue Jan 12 15:30:06 2010  Initializing gdbm databases
FATAL ERROR: Unrecognized/unprocessed ntop options...
      startup
run ntop --help for usage information
    Common problems:
        -B "filter expressions" (quotes are required)
        --use-syslog=facilty (the = is required)
[root@mail html]# reboot
Broadcast message from root (pts/3) (Tue Jan 12 15:30:22 2010):
The system is going down for reboot NOW!
[root@mail etc]# ntop