[SOLVED] Ntop GEO MAP
-
This now broken again due MaxMind require LicenseKeys usage now https://blog.maxmind.com/2019/12/18/significant-changes-to-accessing-and-using-geolite2-databases/
Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
Unifi AP-AC-LR with EAP RADIUS, US-24 -
-
@dragoangel As temporary solution I uploaded latest files on web server, and It seems to be working fine again.
-
@manjotsc I understand that I can simply put files even on pfsense with geoip. Question about that this plugins must already be officially fixed by netgate to support new API with authorization
Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
Unifi AP-AC-LR with EAP RADIUS, US-24 -
@dragoangel I think they are waiting for PfSense 2.5 release, because I tried installing Ntopng 3.8 manually, but ntopng 3.8 needs some package dependencies that only supported in FreeBSD12.
BIOS: Vendor: HP
Version: P01 Ver. 02.49Version: 24.03-RELEASE (amd64)
built on Wed Apr 24 13:38:00 EDT 2024
FreeBSD 15.0-CURRENTCPU Type Intel(R) Core(TM) i5-7500 CPU @ 3.40GHz
Current: 3606 MHz, Max: 3400 MHz
4 CPUs : 1 package(s) x 4 core(s) -
-
@manjotsc devel version of pfsense 2.5 has same ntopng. Thanks for video.
-
@dragoangel hmmm, sorry maybe I am confused.
-
@manjotsc yep, I doesn't know, but looks like pkg maintainer simply lost.
Direct link by simple parameters works so I updated https://forum.netgate.com/topic/141150/solved-ntop-geo-map/6 as well -
@dragoangel Atleast this time it got solved quickly as compared to before, which was broken for months.
-
I'm not sure if anyone else is running into issues with the above patch and the new access key requirement from maxmind, but mine still wouldn't update the GeoIP database..
It seems like fetch has an issue with the new URL, so changed the /usr/local/pkg/ntopng.inc file to use curl.. These changes are made after applying the above mentioned patch:
function ntopng_update_geoip() {
global $config;
$curlcmd = "/usr/local/bin/curl";$geolite_city = "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key=YOURKEYHERE&suffix=tar.gz"; $geoip_asnum = "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key=YOURKEYHERE&suffix=tar.gz"; $output_dir_city = "/usr/local/share/ntopng/GeoCity.tar.gz"; $output_dir_asn = "/usr/local/share/ntopng/GeoASN.tar.gz"; mwexec("{$curlcmd} --output {$output_dir_city} \"{$geolite_city}\""); mwexec("{$curlcmd} --output {$output_dir_asn} \"{$geoip_asnum}\""); ntopng_fixup_geoip(); /* Do not (re)start services on package (re)install, only on manual GeoIP updates via the GUI */ if ($_POST['Submit'] == "Update GeoIP Data") { init_config_arr(array('installedpackages', 'ntopng', 'config', 0)); $ntopng_config = $config['installedpackages']['ntopng']['config'][0]; ntopng_services_stop(); if ($ntopng_config['enable'] == "on") { start_service("ntopng"); } }}
-
@Sigsegv Fetch still works. you just need to modify the execution of the command and put quotes around the url to fetch.
I made the same changes as mentioned above but these two lines were edited in the following way:
mwexec("{$fetchcmd} -o {$output_dir}/GeoLite2-City.tar.gz -T 5 \"{$geolite_city}\""); mwexec("{$fetchcmd} -o {$output_dir}/GeoLite2-ASN.tar.gz -T 5 \"{$geoip_asnum}\"");then it should work.
-
@pponce said in [SOLVED] Ntop GEO MAP:
@Sigsegv Fetch still works. you just need to modify the execution of the command and put quotes around the url to fetch.
I made the same changes as mentioned above but these two lines were edited in the following way:
mwexec("{$fetchcmd} -o {$output_dir}/GeoLite2-City.tar.gz -T 5 \"{$geolite_city}\""); mwexec("{$fetchcmd} -o {$output_dir}/GeoLite2-ASN.tar.gz -T 5 \"{$geoip_asnum}\"");then it should work.
OK cool. Really, my point of posting was that the patch provided no longer works, therefore, I came up with a workaround using curl.
I'm happy to modify the patch to fix the escape sequence.
-
@Sigsegv Didn't mean to imply what you posted wasn't helpful. Apologies if it came out that way. I was stuck with things still not working even after making your suggested curl command changes. Then realized I hadn't changed the output directory variable to include the file name like you had. In troubleshooting why it was not working I ended up figuring out why the fetch command was not working originally. Figured i'd share my findings.
If i had copied your changes exactly all would have worked perfectly.
-
@pponce said in [SOLVED] Ntop GEO MAP:
@Sigsegv Didn't mean to imply what you posted wasn't helpful. Apologies if it came out that way. I was stuck with things still not working even after making your suggested curl command changes. Then realized I hadn't changed the output directory variable to include the file name like you had. In troubleshooting why it was not working I ended up figuring out why the fetch command was not working originally. Figured i'd share my findings.
If i had copied your changes exactly all would have worked perfectly.
No worries my friend! I was more concerned that I had posted something that was not correct and would mess up someone's system other than my own!
Thanks for the reply!
-
Please check the latest PR:
https://redmine.pfsense.org/issues/9211#note-20 -
@viktor_g looks promising.
-
@viktor_g thanks for pushing this through.
-
New version released for PFSENSE. Issue officially fixed.
-
Now let's wait for ntopng 4.0 to arrive on pfsense.
