Instructions are written for Raspberry Pi but can be used on any other platforms.
As there is no pre-built packages for ARM platforms I've found some packages but you might have no other choices than do the compilation yourself... π
I've finally been able to get the hand on their pre-built packages... I've just read too fast their documentation... :face_palm:
You could find their packages here: http://packages.ntop.org/
You should not follow their instructions from http://packages.ntop.org/apt-stable/ for the simple reason that it will install you a lot of licences required packages... If this is not your plan as mine too, you can avoid them.
wget http://apt-stable.ntop.org/18.04/all/apt-ntop-stable.deb
sudo dpkg -i apt-ntop-stable.debsudo apt clean all
sudo apt update --fix-missing -ySo as explained earlier, there are some packages that are license required to work, so I'll list them separately.
sudo apt install pfring ntopng ntopng-data nboxBoth
ntopngandnboxcan be used with a license too to unlock all features.
sudo apt install nprobe n2disk centoOptionally:
sudo apt install pfring-drivers-zc-dkmsNow you can directly jump to this section: Use the web interfaces
If you read this section then it means you might unlucky as I was and I wish luck for the next! :thumb_up:
You will have to install a bunch of packages to be sure that the compilation won't have any troubles...
sudo apt install build-essential git bison flex libxml2-dev libpcap-dev libtool libtool-bin rrdtool librrd-dev autoconf pkg-config automake autogen redis-server wget libsqlite3-dev libhiredis-dev libmaxminddb-dev libcurl4-openssl-dev libpango1.0-dev libcairo2-dev libnetfilter-queue-dev zlib1g-dev libssl-dev libcap-dev libnetfilter-conntrack-dev libreadline-dev libjson-c-dev libmariadbclient18 libradcli4 ntopng-data
libmariadb3will cause version conflict later andlibmariadb2is no more available for Ubuntu 18.04 so you will have to download it from Launchpad: http://launchpadlibrarian.net/322701384/libmariadb2_2.3.3-1_armhf.debTo install it, you will have to run:
sudo dpkg -i libmariadb2_2.3.3-1_armhf.debFor other platforms, please download the corresponding file from here: https://packages.ubuntu.com/search?keywords=libmariadb2
libcurl4will cause version conflict later too... but I will provide a workaround later in this gist πHere is the error the conflict will create:
/usr/local/bin/ntopng: /usr/lib/arm-linux-gnueabihf/libcurl.so.4: version
CURL_OPENSSL_4not found
Now it's time to create the directory where you will store all required stuff to compile Ntop-ng.
mkdir -v ntop-devNow it's time to proceed to the compilation!
cd ntop-dev/
git clone https://github.com/ntop/nDPI.git
cd nDPI; ./autogen.sh; ./configure; make -j $(nproc); cd ..
git clone https://github.com/ntop/ntopng.git
cd ntopng; ./autogen.sh; ./configure; make -j $(nproc);
make geoipThis is a mandatory step to avoid installation issues and also it will ease the maintenance of your Ntop-ng version.
Unfortunately, this will not be an easy step and caused me a lot of troubles before being able to make it working...
You will have debian signin packages and related gpg packages to install.
sudo apt install debhelper fakeroot dpkg-sigCheck the
READMEfile for more detailed instructions, including for other platforms.
cat READMEIf you don't do that, the compilation of the debian packages will fail with this error:
Processing ../ntopng_3.9.190626-6944_armhf.deb...
gpg: keybox '/home/ubuntu/.gnupg/pubring.kbx' created
gpg: /home/ubuntu/.gnupg/trustdb.gpg: trustdb created
gpg: error reading key: No public key
gpg: all values passed to '--default-key' ignored
gpg: no default secret key: No secret key
gpg: /tmp/debsigs-ng.Nkjacs/digests: clear-sign failed: No secret key
E: Signing failed. Error code: 512
Makefile:44: recipe for target 'ntopng' failed
make: *** [ntopng] Error 1So, to avoid this, you will have to generate your own keys... So here we go!
gpg --full-generate-key
gpg (GnuPG) 2.2.4; Copyright (C) 2017 Free Software Foundation, Inc.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
Your selection?[Redacted]
RSA keys may be between 1024 and 4096 bits long.
What keysize do you want? (3072) 4096
Requested keysize is 4096 bits
Please specify how long the key should be valid.
0 = key does not expire
<n> = key expires in n days
<n>w = key expires in n weeks
<n>m = key expires in n months
<n>y = key expires in n years
Key is valid for? (0)[Redacted]
Key expires at Thu Jun 25 02:18:11 2020 UTC
Is this correct? (y/N)y
GnuPG needs to construct a user ID to identify your key.
Real name: [Redacted]
Email address: [Redacted]
Comment:
You selected this USER-ID:
"[Redacted]"
Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
We need to generate a lot of random bytes. It is a good idea to perform
some other action (type on the keyboard, move the mouse, utilize the
disks) during the prime generation; this gives the random number
generator a better chance to gain enough entropy.
gpg: key 21D0C428FA73E27C marked as ultimately trusted
gpg: revocation certificate stored as '[Redacted]'
public and secret key created and signed.
pub [Redacted] [Redacted] [SC] [expires: [Redacted]]
[Redacted]
uid [Redacted]
sub [Redacted] [Redacted] [E] [expires: [Redacted]]Now list your keys to confirm that everything is correctly created.
gpg --list-secret
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u
gpg: next trustdb check due at [Redacted]
[Redacted]/pubring.kbx
-------------------------------
sec [Redacted] [Redacted] [SC] [expires: [Redacted]]
[Redacted]
uid [ultimate] [Redacted]
ssb [Redacted] [Redacted] [E] [expires: [Redacted]]If you get something similar, then you can proceed, otherwise you might have to restart the key creation from the beguining... Let's continue!
Again if you don't do that, the next compilation will fail with this error:
Processing ../ntopng_3.9.190626-6944_armhf.deb...
gpg: error reading key: No public key
gpg: all values passed to '--default-key' ignored
gpg: signing failed: Inappropriate ioctl for device
gpg: /tmp/debsigs-ng.PgrBeF/digests: clear-sign failed: Inappropriate ioctl for device
E: Signing failed. Error code: 512
Makefile:44: recipe for target 'ntopng' failed
make: *** [ntopng] Error 1To avoid this, here is the workaround:
# Add required config
echo 'use-agent' | tee -a ~/.gnupg/gpg.conf
echo 'pinentry-mode loopback' | tee -a ~/.gnupg/gpg.conf
echo 'allow-loopback-pinentry' | tee -a ~/.gnupg/gpg-agent.conf
# Init the agent
echo RELOADAGENT | gpg-connect-agent
OK # You should get this resultCheck the Makefile from the ~/ntop-dev/ntopng/packages/ubuntu directory to see all possible targets.
pwd
~/ntop-dev/ntopng/packages/ubuntu # make sure you're in this directory before continue
make ntopng # or make all (you decide, see below)Watch the compilation process as it may ask you for the newly created key to unlock it, see below.
You might get prompted for your gpg passphrase related to your newly created key around this step:
chown ubuntu: ../*deb
dpkg-sig --sign builder -k D1EB60BE ../ntopng_*deb
Processing ../ntopng_3.9.190626-6944_armhf.deb...
gpg: error reading key: No public key
gpg: all values passed to '--default-key' ignored
Signed deb ../ntopng_3.9.190626-6944_armhf.debLet the compilation process continue...
Once done, you should get something like this:
ll
total 27268
drwxrwxr-x 6 ubuntu ubuntu 4096 Jun 26 03:30 ./
drwxrwxr-x 7 ubuntu ubuntu 4096 Jun 26 03:30 ../
-rw-rw-r-- 1 ubuntu ubuntu 5262 Jun 26 01:48 Makefile
-rw-rw-r-- 1 ubuntu ubuntu 5294 Jun 26 01:37 Makefile.in
-rw-rw-r-- 1 ubuntu ubuntu 759 Jun 26 01:37 README
-rw-rw-r-- 1 ubuntu ubuntu 3970 Jun 26 01:48 config.log
-rwxrwxr-x 1 ubuntu ubuntu 25326 Jun 26 01:48 config.status*
-rwxrwxr-x 1 ubuntu ubuntu 88562 Jun 26 01:37 configure*
-rw-rw-r-- 1 ubuntu ubuntu 3799 Jun 26 01:37 configure.in
lrwxrwxrwx 1 ubuntu ubuntu 20 Jun 26 03:26 debian -> ./debian.ntopng-data/
drwxrwxr-x 5 ubuntu ubuntu 4096 Jun 26 03:26 debian.ntopng/
drwxrwxr-x 4 ubuntu ubuntu 4096 Jun 26 03:30 debian.ntopng-data/
drwxrwxr-x 3 ubuntu ubuntu 4096 Jun 26 01:46 etc/
-rw-r--r-- 1 ubuntu ubuntu 21455906 Jun 26 03:30 ntopng-data_3.9.190626_all.deb # New created package
-rw-r--r-- 1 ubuntu ubuntu 6289452 Jun 26 03:26 ntopng_3.9.190626-6944_armhf.deb # New created package
drwxrwxr-x 3 ubuntu ubuntu 4096 Jun 26 03:26 usr/If you get the package you wanted then continue! π Now we have to install the newly created package(s). You think that would be easy, right?! You would be wrong... :face_palm: When you will run:
sudo dpkg -i ntopng_3.9.190626-6944_armhf.debIt will fail because of version conflict with libcurl3 and libcurl4, both are required but can't be installed together without using some hacking skills... So here we go!
# First install libcurl3 (let it remove libcurl4 dependency if installed)
sudo apt install libcurl3
# Now do the hack by creating a copy to /usr/lib
sudo cp -v /usr/lib/arm-linux-gnueabihf/libcurl.so.3 /usr/lib/
'/usr/lib/arm-linux-gnueabihf/libcurl.so.3' -> '/usr/lib/libcurl.so.3'
# Now reinstall libcurl4 and let it remove libcurl3
sudo apt install -y libcurl4 libcurl4-openssl-devChange the corresponding path according to your platform, don't use this one if you're doing this on an ARM platform.
Okay, now you're almost done! π
you just have to bypass the version check by adding optional arguments to dpkg that way:
sudo dpkg -i --force-bad-version ntopng_3.9.190626-6944_armhf.deb
Selecting previously unselected package ntopng.
(Reading database ... 107940 files and directories currently installed.)
Preparing to unpack ntopng_3.9.190626-6944_armhf.deb ...
Unpacking ntopng (3.9.190626-6944) ...
dpkg: dependency problems prevent configuration of ntopng:
ntopng depends on libcurl3; however:
Package libcurl3 is not installed.
dpkg: error processing package ntopng (--install):
dependency problems - leaving unconfigured
Processing triggers for man-db (2.8.3-2ubuntu0.1) ...
Errors were encountered while processing:
ntopngEven if it complains it will work.
Now you can also install the related data package created too that way:
sudo dpkg -i ntopng-data_3.9.190626_all.debOkay now... You're done!! π€ You can rest a little π
In case the service is not running yet, just start it that way:
sudo systemctl start ntopng.serviceCheck the status:
sudo systemctl status ntopng.service
β ntopng.service - ntopng high-speed web-based traffic monitoring and analysis tool
Loaded: loaded (/etc/systemd/system/ntopng.service; disabled; vendor preset: enabled)
Active: active (running) since Wed 2019-06-26 04:23:38 UTC; 5s ago
Process: 12127 ExecStartPost=/bin/sh -c /bin/echo "$(/bin/date) ntopng StartPost" >> /var/log/ntop-systemd.log (code=exited, status=0/SUCCESS)
Process: 12124 ExecStartPre=/bin/sh -c /bin/sed "/^[ ]*-e.*$\|^[ ]*-G.*\|^[ ]*--daemon.*\|^[ ]*--pid.*/s/^/#/" /etc/ntopng/ntopng.conf > /run/ntopng.conf (code=exited, status=0/SUCCESS)
Process: 12116 ExecStartPre=/bin/sh -c /usr/bin/ntopng-utils-manage-config -a check-restore && /usr/bin/ntopng-utils-manage-config -a restore || true (code=exited, status=0/SUCCESS)
Process: 12113 ExecStartPre=/bin/sh -c /bin/echo "$(/bin/date) ntopng StartPre" >> /var/log/ntop-systemd.log (code=exited, status=0/SUCCESS)
Main PID: 12126 (ntopng)
Tasks: 8 (limit: 2151)
CGroup: /system.slice/ntopng.service
ββ12126 /usr/local/bin/ntopng /run/ntopng.conf
[REDACTED]
[REDACTED]
[REDACTED]
[REDACTED]
[REDACTED]
[REDACTED]
[REDACTED]
[REDACTED]
[REDACTED]
[REDACTED]Check if the web-interface port is open:
sudo netstat -tunap
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN 12126/ntopngYou should go to the
web-interfaceto change theLISTENINGinterface to avoid security issues and set it to yourLOCALinterface instead of using0.0.0.0(ALL)
If you get something similar, (the port 3000) then you go the web-interface by opening your browser to http://your-host:3000. Change [your-host] by the host where you've just installed Ntop-ng.
There is two web interfaces availables if you have also installed nbox.
The initial default credentials are the following: nbox/nbox as username and password, you will be invited to set a new one directly once logged in.
Access: https://localhost
Now you can see some system stats and have a better control over the
ntopngand the system itself.
The initial default credentials are the following: admin/admin as username and password, you will be invited to set a new one directly once logged in.
Access: http://host-ip-address:3000
Now enjoy all the information that will be gathered regarding your network. π
It took me around two hours of debugging to make whole process working correctly and here are the places where I got some useful information:
- https://github.com/ntop/ntopng/blob/dev/doc/README.compilation
- http://packages.ntop.org/
- http://packages.ntop.org/apt-stable/
- http://wooledge.org/~greg/crypto/node41.html
- https://dev.to/jake/using-libcurl3-and-libcurl4-on-ubuntu-1804-bionic-184g
Feel free to comment here if you have any suggestions or correction to provide! π
You can reach me on Twitter by using @Jiab77.
Added
pre-builtpackages andnboxpicture.