目的:
1。可以用來監控公司內部或有 NAT 環境的網路流量,有效的掌控流量是來龍去脈
2。集中控管,需要放在 gateway 機器上,或者使用 mirror 方式
環境: fedora core、NTOP v3.3.8
1. 安裝 yum install ntop
2. 編輯設定檔 vi /etc/ntop.conf
# tells ntop the user id to run as
# 使用那個 User 執行 NTOP
–user ntop# save messages into the system log
# 背景執行 NTOP
–use-syslog=daemon# sets the directory that ntop runs from
# 圖、庫放置位子
–db-file-path /var/lib/ntop# the amount and severity of messages that ntop will put out
–trace-level 3# limit ntop to listening on a specific interface and port
#–http-server 127.0.0.1:3000 –https-server 127.0.0.1:3001
# 掛載的連接埠
–http-server 3000
–https-server 3001# Under certain circumstances, the sched_yield() function causes the ntop web
# server to lock up. It shouldn't happen, but it does. This option causes
# ntop to skip those calls, at a tiny performance penalty.
–disable-schedyield# disables "phone home" behavior
–skip-version-check=yes# 記錄 log 在 /var/log/messages
–use-syslog# 監聽 eth0
–interface=eth0
3. 首次執行 ntop,設定 admin 的密碼
/usr/bin/ntop @/etc/ntop.conf -A
4. 啟動 /etc/init.d/ntop start
5. 瀏覽 http://ssorc.tw:3000
留言