1. 安裝所需的套件
#yum -y install gcc gcc-c++ libpcap-devel libpcap libtool automake autoconf gdbm gdbm-devel libevent libevent-devel rrdtool rrdtool-devel zlib zlib-devel subversion make python python-devel
#rpm -Uvh http://pkgs.repoforge.org/geoip/geoip-1.4.6-1.el6.rf.i686.rpm
http://pkgs.repoforge.org/geoip/geoip-devel-1.4.6-1.el6.rf.i686.rpm
2. 下載並安裝 ntop
#wget http://sourceforge.net/projects/ntop/files/ntop/Stable/ntop-5.0.1.tar.gz/download
#tar zxvf ntop-5.0.1.tar.gz
#cd ntop-5.0 .1
#./autogen.sh && make && make install
3. 建立 Process 帳號
#useradd -M -s /sbin/nologin -r ntop
4. 變更目錄權限
#chown -R ntop:root /usr/local/var/ntop/
#chown -R ntop:ntop /usr/local/share/ntop/
5. 設定 ntop admin 密碼
#ntop -A
6. 執行 ntop
#/usr/local/bin/ntop -i "eth1" -d -L -u ntop
或
#/usr/local/bin/ntop -i "eth0" -d -L -u ntop -P /usr/local/var/ntop --skip-version-check --use-syslog=daemon
說明
* -i "eth0,eth1" : Specifies the network interface or interfaces to be used by ntop for network monitoring. Here you are monitoring eth0 and eth1.
* -d : Run ntop as a daemon.
* -L : Send all log messages to the system log (/var/log/messages) instead of screen.
* -u ntop : Start ntop as ntop user
* -P /usr/local/var/ntop : Specify where ntop stores database files. You may need to backup database as part of your disaster recovery program.
* --skip-version-check : By default, ntop accesses a remote file to periodically check if the most current version is running. This option disables that check.
* --use-syslog=daemon : Use syslog daemon.
7. 設定開機自動啟動
#vi /etc/rc.local
#/usr/local/bin/ntop -i "eth0" -d -L -u ntop
目錄說明
Data files are in /usr/local/share/ntop
Config files are in /usr/local/etc/ntop
Run directory is /usr/local/var/ntop
Plugin files are in /usr/local/lib/ntop/plugins
Database files are in /usr/local/var/ntop
資料參考
http://imomo.tw/phpbb/viewtopic.php?p=19076&sid=373691ccbdb1f2ae03caa49e07196810
http://forum.icst.org.tw/phpbb/viewtopic.php?f=24&t=21177
http://lanceyen.blogspot.tw/2012/06/centos-62ntop-410.html
http://download.ithome.com.tw/article/index/id/246
0 意見:
張貼留言