[SOLVED] Ntop GEO MAP



  • I have generated API key, also enabled Maps Java API Key.
    But there is nothing populating on geo map.
    0_1551673092734_CaptureNtop.PNG
    0_1551846403381_CaptureNtop Log.PNG



  • I have the same problem. The map only shows your local host location and no flows of the traffic/connections of the selected host. I did some googling and found the issue has already been reported here: Bug9211. It seems the cause is that ntopng can't download geolocation data because the source it uses has discontinued that particular ip database. It appears the fix (using a new ip database) is in ntopng CE 3.8 (pfsense 2.4 uses v3.6). Seems we just need to wait until the ntopng package for pfsense is updated.



  • Step by step tutorial to fix geomap https://youtu.be/soxD194Dpsw



  • @manjotsc thanks for video, Im waiting for update about a year already ☹



  • @dragoangel no problem,



  • How-to fix:

    1. Install System_Patches from Packages.
    2. Go to System => Patches
    3. Add new patch
    4. Give it Description, like: PFSENSE-9211 Fix GeoIP DB
    5. In Patch Contents copy-paste text:
    --- /usr/local/pkg/ntopng.inc
    +++ /usr/local/pkg/ntopng.inc
    @@ -241,16 +241,12 @@
     function ntopng_update_geoip() {
     	global $config;
     	$fetchcmd = "/usr/bin/fetch";
    -	$geolite_city = "https://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz";
    -	$geolite_city_v6 = "https://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz";
    -	$geoip_asnum = "https://download.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz";
    -	$geoip_asnum_v6 = "https://download.maxmind.com/download/geoip/database/asnum/GeoIPASNumv6.dat.gz";
    +	$geolite_city = "https://geolite.maxmind.com/download/geoip/database/GeoLite2-City.tar.gz";
    +	$geoip_asnum = "https://geolite.maxmind.com/download/geoip/database/GeoLite2-ASN.tar.gz";
     	$output_dir = "/usr/local/share/ntopng";
    -
    +	
     	mwexec("{$fetchcmd} -o {$output_dir} -T 5 {$geolite_city}");
    -	mwexec("{$fetchcmd} -o {$output_dir} -T 5 {$geolite_city_v6}");
     	mwexec("{$fetchcmd} -o {$output_dir} -T 5 {$geoip_asnum}");
    -	mwexec("{$fetchcmd} -o {$output_dir} -T 5 {$geoip_asnum_v6}");
     
     	ntopng_fixup_geoip();
     
    @@ -271,16 +267,15 @@
     
     	safe_mkdir($target_dir, 0755);
     
    -	foreach(glob("{$source_dir}/Geo*.dat*") as $geofile) {
    +	foreach(glob("{$source_dir}/Geo*.tar.gz") as $geofile) {
     		/* Decompress if needed. */
    -		if (substr($geofile, -3, 3) == ".gz") {
    -			// keep -f here, otherwise the files will not get updated
    -			mwexec("/usr/bin/gzip -d -f " . escapeshellarg($geofile));
    +		if (substr($geofile, -7, 7) == ".tar.gz") {			
    +			mwexec("tar -C {$source_dir} -f {$geofile} --strip 1 -xz '*.mmdb'");
     		}
     	}
     
     	/* Use a separate glob since the filenames could have changed since the last run */
    -	foreach(glob("{$source_dir}/Geo*.dat*") as $geofile) {
    +	foreach(glob("{$source_dir}/Geo*.mmdb") as $geofile) {
     		$target_file = $target_dir . '/' . basename($geofile);
     		if (!file_exists($target_file)) {
     			symlink($geofile, $target_file);
    
    
    1. Set Path Strip Count to 0
    2. Save it and Click Test
    3. If test done successfully - Apply button will appear.
    4. Apply patch
    5. Go to Status = >Services and Stop Ntop NG
    6. Got to Diagnostics => ntopng Settings and Remove checkbox from Enable ntopng
    7. Go to bottom of ntopng Settings and Update GeoIP Data
    8. Enable ntopng and Save - You will receive error, ignore it.
    9. Go to Status = >Services and Start Ntop NG

    P.S. Revert patch can be done from same way Test -> Revert at System Patches



  • I had to set the Path Strip Count to 1.

    That will ignore the a/ and b/ path prefixes.

    --- a/usr/local/pkg/ntopng.inc
    +++ b/usr/local/pkg/ntopng.inc



  • Line 203: function exec_bg undefined



  • @gogglespisano updated How-to, in your case try reinstall package from scratch and then apply fix



  • @dragoangel Reinstalling and re-applying worked. Thanks for the Patch!



  • @manjotsc Finally, Thank you



  • @manjotsc it's been a while I was screwing my head with this thanksss



  • Omg This was awesomeee.

    Also, my plex server is getting flows categorized as unknown application. Is there a way to create my category for Plex?

    There's some automated ones like netflix and that kind of stuff.



  • Thanks very much for this fix.



  • Thanks a lot @dragoangel



  • Thank you very much dragoangel!


Log in to reply