centos 5.4 配置监控软件ntop成功

原创

无语的奇迹 2010-01-14 22:24:54 博主文章分类：linux基础知识 ©著作权

©著作权归作者所有：来自51CTO博客作者无语的奇迹的原创作品，谢绝转载，否则将追究法律责任

公司网络流量监控，哎一个个员工都爱BT=。= 无奈之下架设了 ntop网络监控服务器~~~~~ 暴力镇压BT~~~~~~~~~~感谢网友陈文明（chenwenming.cublog.cn）一直以来的支持帮助。

系统centos5.4

1.
Step 1：下载安装rpmforge-release
wget http://dag.wieers.com/rpm/packages/rpmforge-release/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm

Step 2：
yum install rrdtool

step3

yum install ntop

2.配置
备份ntop.conf
# cp /etc/ntop.conf /etc/ntop.conf.bak
建立NTOP储存db的资料夹:
# mkdir /var/www/html/ntop
# chown ntop.ntop /var/www/html/ntop
# ntop -A //设置ntop管理员密码

ntop

==================以下是详细安装过程===========================================

[root@mail ~]# rpm -Uvh rpmforge-release-0.3.6-1.el5.rf.i386.rpm
warning: rpmforge-release-0.3.6-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
Preparing...                                                          ########################################### [100%]
   1:rpmforge-release                                                 ########################################### [100%]
[root@mail ~]# yum install rrdtool
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirrors.163.com
* base: mirrors.163.com
* extras: mirrors.163.com
* rpmforge: apt.sw.be
* updates: mirrors.163.com
rpmforge                                       | 1.1 kB     00:00
rpmforge/primary                               | 3.6 MB     02:36
rpmforge                                                  10032/10032
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package rrdtool.i386 0:1.4.2-1.el5.rf set to be updated
--> Processing Dependency: ruby for package: rrdtool
--> Processing Dependency: perl(RRDs) for package: rrdtool
--> Processing Dependency: perl(RRDp) for package: rrdtool
--> Processing Dependency: libdbi.so.0 for package: rrdtool
--> Running transaction check
---> Package libdbi.i386 0:0.8.1-2.1 set to be updated
---> Package perl-rrdtool.i386 0:1.4.2-1.el5.rf set to be updated
---> Package ruby.i386 0:1.8.5-5.el5_4.8 set to be updated
--> Processing Dependency: ruby-libs = 1.8.5-5.el5_4.8 for package: ruby
--> Processing Dependency: libruby.so.1.8 for package: ruby
--> Running transaction check
---> Package ruby-libs.i386 0:1.8.5-5.el5_4.8 set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

======================================================================
Package           Arch      Version              Repository     Size
======================================================================
Installing:
rrdtool           i386      1.4.2-1.el5.rf       rpmforge      881 k
Installing for dependencies:
libdbi            i386      0.8.1-2.1            base           35 k
perl-rrdtool      i386      1.4.2-1.el5.rf       rpmforge       52 k
ruby              i386      1.8.5-5.el5_4.8      updates       274 k
ruby-libs         i386      1.8.5-5.el5_4.8      updates       1.6 M

Transaction Summary
======================================================================
Install      5 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 2.8 M
Is this ok [y/N]: y
Downloading Packages:
(1/5): libdbi-0.8.1-2.1.i386.rpm               | 35 kB     00:04
(2/5): perl-rrdtool-1.4.2-1.el5.rf.i386.rpm    | 52 kB     00:01
(3/5): ruby-1.8.5-5.el5_4.8.i386.rpm           | 274 kB     00:57
(4/5): rrdtool-1.4.2-1.el5.rf.i386.rpm         | 881 kB     00:52
(5/5): ruby-libs-1.8.5-5.el5_4.8.i386.rpm      | 1.2 MB     08:53
http://mirrors.163.com/centos/5.4/updates/i386/RPMS/ruby-libs-1.8.5-5.el5_4.8.i386.rpm: [Errno 4] Socket Error: timed out
Trying other mirror.
(5/5): ruby-libs-1.8.5-5.el5_4.8.i386.rpm      | 1.6 MB     00:33
----------------------------------------------------------------------
Total                                 4.1 kB/s | 2.8 MB     11:49
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : libdbi                                         1/5
Installing     : ruby-libs                                      2/5
Installing     : ruby                                           3/5
Installing     : perl-rrdtool                                   4/5
Installing     : rrdtool                                        5/5

Installed:
rrdtool.i386 0:1.4.2-1.el5.rf

Dependency Installed:
libdbi.i386 0:0.8.1-2.1 perl-rrdtool.i386 0:1.4.2-1.el5.rf
ruby.i386 0:1.8.5-5.el5_4.8 ruby-libs.i386 0:1.8.5-5.el5_4.8

Complete!
[root@mail ~]# yum install ntop
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* addons: mirrors.163.com
* base: mirrors.163.com
* extras: mirrors.163.com
* rpmforge: ftp-stud.fht-esslingen.de
* updates: mirrors.163.com
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package ntop.i386 0:3.3.8-2.el5.rf set to be updated
--> Finished Dependency Resolution

Dependencies Resolved

Transaction Summary
======================================================================
Install      1 Package(s)
Update       0 Package(s)
Remove       0 Package(s)

Total download size: 3.8 M
Is this ok [y/N]: y
Downloading Packages:
ntop-3.3.8-2.el5.rf.i386.rpm | 3.8 MB 01:53
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing : ntop 1/1

Installed:
ntop.i386 0:3.3.8-2.el5.rf

Complete!
[root@mail ~]# cp /etc/ntop.conf /etc/ntop.conf.bak
[root@mail ~]# mkdir /var/www/html/ntop
[root@mail ~]# cd /var/www/
[root@mail www]# cd html/
[root@mail html]# ll
total 4
drwxr-xr-x 2 root root 4096 Jan 12 15:28 ntop
[root@mail html]# cd ntop/
[root@mail ntop]# ll
total 0
[root@mail ntop]# cd ..
[root@mail html]# chown ntop.ntop /var/www/html/ntop
[root@mail html]# ll
total 4
drwxr-xr-x 2 ntop ntop 4096 Jan 12 15:28 ntop
[root@mail html]# ntop -A 密码
Tue Jan 12 15:28:59 2010 NOTE: Interface merge enabled by default
Tue Jan 12 15:28:59 2010 Initializing gdbm databases

ntop startup - waiting for user response!

Please enter the password for the admin user:
Please enter the password again:
Tue Jan 12 15:29:15 2010 Admin user password has been set
[root@mail html]# ntop -d -P /var/www/html/ntop/ -u nobody
Tue Jan 12 15:29:29 2010 NOTE: Interface merge enabled by default
Tue Jan 12 15:29:29 2010 **WARNING** Trailing slash removed from argument for option -P | --db-file-path
Tue Jan 12 15:29:29 2010 Initializing gdbm databases
Tue Jan 12 15:29:29 2010 ntop v.3.3.8 (Dag Apt RPM Repository)
Tue Jan 12 15:29:29 2010 Configured on Jul 12 2009 3:32:30, built on Jul 12 2009 03:32:53.
Tue Jan 12 15:29:29 2010 Copyright 1998-2007 by Luca Deri <deri@ntop.org>
Tue Jan 12 15:29:29 2010 Get the freshest ntop from http://www.ntop.org/
Tue Jan 12 15:29:29 2010 NOTE: ntop is running from 'ntop'
Tue Jan 12 15:29:29 2010 NOTE: (but see warning on man page for the --instance parameter)
Tue Jan 12 15:29:29 2010 NOTE: ntop libraries are in '/usr/lib'
Tue Jan 12 15:29:29 2010 Initializing ntop
Tue Jan 12 15:29:29 2010 No patterns to load: protocol guessing disabled.
Tue Jan 12 15:29:29 2010 No default device configured. Using eth0
Tue Jan 12 15:29:29 2010 **WARNING** Truncated network size (device eth0) to 1024 hosts (real netmask 255.255.0.0)
Tue Jan 12 15:29:29 2010 Checking eth0 for additional devices
Tue Jan 12 15:29:29 2010 Resetting traffic statistics for device eth0
Tue Jan 12 15:29:29 2010 Initializing device eth0 (0)
Tue Jan 12 15:29:29 2010 DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Tue Jan 12 15:29:29 2010 Initializing gdbm databases
Tue Jan 12 15:29:29 2010 VENDOR: Loading MAC address table.
Tue Jan 12 15:29:29 2010 VENDOR: Checking for MAC address table file
Tue Jan 12 15:29:29 2010 VENDOR: Loading newer file '/etc/ntop/specialMAC.txt.gz'
Tue Jan 12 15:29:29 2010 VENDOR: ...found 61 lines
Tue Jan 12 15:29:29 2010 VENDOR: ...loaded 59 records
Tue Jan 12 15:29:29 2010 VENDOR: Checking for MAC address table file
Tue Jan 12 15:29:29 2010 VENDOR: Loading newer file '/etc/ntop/oui.txt.gz'
Tue Jan 12 15:29:30 2010 VENDOR: ...found 48541 lines
Tue Jan 12 15:29:30 2010 VENDOR: ...loaded 7853 records
Tue Jan 12 15:29:30 2010 Fingerprint: Loading signature file
Tue Jan 12 15:29:30 2010 Fingerprint: Checking for Fingerprint file... file
Tue Jan 12 15:29:30 2010 Fingerprint: Loading file '/etc/ntop/etter.finger.os.gz'
Tue Jan 12 15:29:30 2010 Fingerprint: ...loaded 0 records
Tue Jan 12 15:29:30 2010 INIT: Bye bye: I'm becoming a daemon...
Tue Jan 12 15:29:30 2010 INIT: Parent process is exiting (this is normal)
[root@mail html]# ntop startup
Tue Jan 12 15:30:06 2010 NOTE: Interface merge enabled by default
Tue Jan 12 15:30:06 2010 Initializing gdbm databases
FATAL ERROR: Unrecognized/unprocessed ntop options...
startup

run ntop --help for usage information

    Common problems:
        -B "filter expressions" (quotes are required)
        --use-syslog=facilty (the = is required)

[root@mail html]# reboot

Broadcast message from root (pts/3) (Tue Jan 12 15:30:22 2010):

The system is going down for reboot NOW!
[root@mail etc]# ntop