New Package: ntopng


  • Rebel Alliance Developer Netgate

    There is now an ntopng package available for pfSense 2.1.4 and later. The 800lb Gorilla of network monitoring lives on.

    Works similar to the old ntop package, but with the shiny new version. Remove ntop before installing.

    Install the package, go to Diag > ntopng settings, set an admin password, pick any other options you like, then Save. Click Diag > ntopng to visit its GUI.

    It will whinge about the version being out of date, but that will be OK on the 2.2 version of the package (which should be up in an hour or two)



  • Thank you Jimp! I was happy with ntop but thank you for creating this add-on…


  • Rebel Alliance Developer Netgate

    I thought I was happy with ntop, but that was before I saw ntopng. :-)



  • it tried to install 386 on a 64 bit install


  • Rebel Alliance Developer Netgate

    I pushed a fix for that a bit ago, it'll be OK shortly.



  • Thanks Jimp!

    I had a small bounty for this ($50).  You want it or want me to donate it?


  • Rebel Alliance Developer Netgate

    We can't take direct donations anymore. It's not quite enough for a Gold subscription or I'd say just get one of those. But you can pick up some stuff from the pfSense store with that and you'll get some swag out of it on top of us getting a cut. :-)



  • This is fantastic!  Thanks for doing this.



  • Thank you so much jimp!
    I thought I will never see ntop on pfSense anymore.
    I was on 2.2-ALPHA August 9 and it was not showing up under packages then I updated to the latest Aug 15 version and its still not there, any suggestions?


  • Rebel Alliance Developer Netgate

    It won't compile right now on 2.2, the port is broken on FreeBSD 10.x. The ntopng author is working with the port maintainer to get it corrected.


  • Rebel Alliance Developer Netgate

    I'm trying to get it to compile in various ways but no success yet.



  • Thanks jimp! I appreciate your efforts!
    Can't use v2.1.4 on my Shuttle DS437 because nics are not supported.
    At least there's some hope :D



  • Great an thank you

    hope squid3-dev become supported by pfsense and more stable


  • Rebel Alliance Developer Netgate

    It's live now on 2.2. Works fine on my test VM anyhow. Give it a spin.



  • It does not see my lan nic



  • Interesting. I installed this on a test machine with two physical NICs and the menu options for NTOPNG appeared under my Diagnostics menu. It showed traffic flowing from my internal NIC without any problem. I then installed it on my production system and can't see the ntopng men item under the Diagnostics menu at all! Both machines are running pfSense 2.1.4. The only real difference between both boxes is that my production system is operating a captive portal and my two internal NICs on the production system are set as VLANs sharing the same physical network card. So my first question is why isn't the Diagnostics menu showing the ntopng items? My second query is whether ntopng will work with a VLAN-tagged NIC bound to a physical NIC? I can get the ntopng page to load (port 3000), but it's monitoring only the outside network card and no other NICs are available as options.

    I appreciate this is an alpha release, so I won't set my hopes too high that this might be resolved soon.



  • The package work great ,,, the problem was from me

    Thanks again



  • In deed this a 800lb Gorilla!
    It works and I love it. Only one thing that does not work is a GeoMap it looks like it needs to be compalied with geolocation but that's not a big deal.

    _NOTE

    Browser reported home map location [Latitude: xx.3581782, Longitude: -xxx.03674879999998]
    In order to visualize maps you must:
    Have a working Internet connection.
    Have compiled ntopng with geolocation and started with it.
    Have active flows between peers with public IP addresses.
    HTML browser geolocation is used to place on map hosts based on unknown locations._



  • My geolocation seems to work.  It shows everything coming from my city and shows the routes to the major feeds.

    this new ntop is visually a complete rewrite and way over the top of what I expected.



  • @tester_02:

    My geolocation seems to work.  It shows everything coming from my city and shows the routes to the major feeds.

    this new ntop is visually a complete rewrite and way over the top of what I expected.

    I'm assuming for geolocation you didn't need to change anything?



  • I've now re-installed the updated version (1.1v0.1 to 1.1v0.2) on my test machine to see if the problem was with the update. It seems it is! The latest version of this package fails to update the Diagnostics menu on the 64-bit pfsense system I'm running and also breaks the uninstall process as well. I'm going to try to see if I can do a manual uninstallation of the package and see whether I can get the older version of ntop to work any better.

    From what I could tell, ntopng looks very good and has huge potential. The package installation needs a bit of tweaking, though.


  • Rebel Alliance Developer Netgate

    The menu works fine on my 32 and 64-bit installs. I tested install and uninstall and they all worked cleanly. I tried 2.1.4, 2.1.5 (coming soon), and 2.2 and I had no issues here.

    If the menu failed then the install probably never completed properly. Try it again but watch the messages very carefully when installing.

    The only difference between the new version of the pkg was a change on startup to allow 2.2 to function since it had a different path for one program.



  • @jimp:

    We can't take direct donations anymore. It's not quite enough for a Gold subscription or I'd say just get one of those. But you can pick up some stuff from the pfSense store with that and you'll get some swag out of it on top of us getting a cut. :-)

    Jimp
    This is working great for me  . .  thanks.  Because you can't take the bounty, I donated the money to ALS with a thanks to pfSense forum. (I am already a gold membership holder)




  • Recently I've installed ntopng in my pfsense firewalls and It's really a good tool, thank for the package.

    I am reading and investigation to learn more about this tool and I would like to know if it is possible to upgrade the ntopng's version to 1.2. By the way, when I access to the dashboard it showing the attached message.




  • @jimp thanks again for taking the time to create this package…

    couple of things,

    1 Should we have to worry about this error in the system log?

    
    ntopng: [Prefs.cpp:408] ERROR: Unable to create log C:\Windows\Temp/ntopng.log
    
    

    2 I should read the manaul but there isn't much under the admin menu as far as configuration. I was hoping to re-name the interfaces to laymen names.

    2.1.4-RELEASE (i386)
    built on Fri Jun 20 12:59:29 EDT 2014
    FreeBSD 8.3-RELEASE-p16



  • @jimp:

    We can't take direct donations anymore. It's not quite enough for a Gold subscription or I'd say just get one of those. But you can pick up some stuff from the pfSense store with that and you'll get some swag out of it on top of us getting a cut. :-)

    Could I ask, Jim: why can't people donate anymore? I know I did last year, and suddenly it was gone. I bought a Gold to support (and buy you all a beer  ;D ) but I kept on wondering: why did you remove the donations? It is people wanting to show their appreciation, and some money seems better than no money (but then again, this is the stupid economist speaking here: if there is anything we don't understand, it is money  ;D ;D ;D ).



  • Eeehm, sorry for the mildly intelligent question, but: on my nano 2.1.4 boxes there is no ntop or ntopng package available in the list… What's wrong here?  :o


  • Rebel Alliance Developer Netgate

    @yefryf:

    I am reading and investigation to learn more about this tool and I would like to know if it is possible to upgrade the ntopng's version to 1.2. By the way, when I access to the dashboard it showing the attached message.

    Not until 1.2 shows up in FreeBSD ports. I'm told it's being worked on.

    @Cino:

    1 Should we have to worry about this error in the system log?

    
    ntopng: [Prefs.cpp:408] ERROR: Unable to create log C:\Windows\Temp/ntopng.log
    
    

    I don't think it's worth worrying about

    @Hollander:

    Could I ask, Jim: why can't people donate anymore? I know I did last year, and suddenly it was gone. I bought a Gold to support (and buy you all a beer  ;D ) but I kept on wondering: why did you remove the donations? It is people wanting to show their appreciation, and some money seems better than no money (but then again, this is the stupid economist speaking here: if there is anything we don't understand, it is money  ;D ;D ;D ).

    I don't know the nitty gritty details, but since we're not a non-profit organization, taking donations in that way has some weird tax/legal issues. The beancounters said it caused more trouble than it was worth.

    @chemlud:

    Eeehm, sorry for the mildly intelligent question, but: on my nano 2.1.4 boxes there is no ntop or ntopng package available in the list… What's wrong here?  :o

    ntop isn't compatible with NanoBSD installs, only full installs.



  • Too bad!!

    btw: If I had the choice between paying an invoice (including VAT) and giving a donation, I knew which option I would choose… :-D



  • @jimp:

    @Hollander:

    Could I ask, Jim: why can't people donate anymore? I know I did last year, and suddenly it was gone. I bought a Gold to support (and buy you all a beer  ;D ) but I kept on wondering: why did you remove the donations? It is people wanting to show their appreciation, and some money seems better than no money (but then again, this is the stupid economist speaking here: if there is anything we don't understand, it is money  ;D ;D ;D ).

    I don't know the nitty gritty details, but since we're not a non-profit organization, taking donations in that way has some weird tax/legal issues. The beancounters said it caused more trouble than it was worth.

    Right  :P

    Well it so happens I am a post-academic bean counter ( ;D ), and the thing is:
    1. I don't know the specifics of US GAAP (Generally Accepted Accounting Principles), theree might be a twist in there, but:
    2. (Donation/1+ VAT-percentage) (so: 50/1,06 assuming VAT 6%) should do it, at least under IFRS (International Financial Reporting Standards).

    Of course, neglecting the 'twist' mentioned before.

    But, to my knowledge, there is no country in the world that forbids companies receiving money that can be taxed both VAT and profit tax.

    The offset is the paypal fee. Which I believe is 3-5%.

    Which I would assume would make it worthwile: 50 dollars from me, minnus the VAT, minus the corporate tax, still leaves nett money even when offset against the paypal fee.

    Sincerely,

    Sr. Beancounter  ;D



  • Hi,

    For the record, I think I found out what the problem was with my pfSense installation and this package. I did a bit of digging and found that there had been a previous installation of NRPE on this firewall which had somehow or another failed or been aborted, which must have corrupted the config. When I examined the /cf/conf/config.xml file, I discovered that this installation was still showing in the the 'installedpackages' section. The description for NtopNG was below, but the xml for the associated menu items was completely missing. Editing the config.xml, inserting the relevant xml for Ntop, resolved the problem completely.

    Thanks for a very useful contribution to the pfSense community!



  • Is it possible to have this program display the bandwidth used per time period?



  • @scotty562:

    Is it possible to have this program display the bandwidth used per time period?

    It's possible to get historical views for individual hosts for a predefined date/time range. You'll have to enable historical data storage:

    1. open a terminal and log in with root account
    2. open the launch script with an editor:

    
    vi /usr/local/etc/rc.d/ntopng.sh
    
    

    3. add "-F" to the last command in the "rc_start()" block, so it should look like this:

    
    rc_start() {
            ldconfig -m /usr/pbi/ntopng-amd64/lib
            /usr/pbi/ntopng-amd64/local/bin/redis-server --dir /var/db/ntopng/ --dbfilename ntopng.rdb &
            /usr/local/bin/ntopng -s -e -F --dns-mode '0'  --local-networks '192.168.0.0/16,172.16.0.0/12,10.0.0.0/8' &
    }
    
    

    4. stop and start ntopng:

    
    /usr/bin/killall ntopng
    /usr/local/bin/ntopng -s -e -F --dns-mode '0' --local-networks '192.168.0.0/16,172.16.0.0/12,10.0.0.0/8' &
    
    

    I haven't been able to get the aggregate on an interface - is that available somewhere? edit: The total data throughput is available at 'Overview'.



  • You could edit '/usr/local/pkg/ntopng.xml' so you dont have to edit /usr/local/etc/rc.d/ntopng.sh when you reboot or resave ntopng options in the gui



  • That is ONE sexy package  :P :P :P

    (I don't really know what I am looking at, but I am like that bird that likes anything that blinks (Dutch: ekster): this is some interesting 'bling-bling'  to study  ;D

    (On another note: how comes no site shows up normally in IE, you would have expected MS to understand something now after 35 years and an army of 150.000 employees. Firefox is getting more bloated by the second (2 gigs of RAM currently, for-a-browser?), Chrome is NSA, and  Opera apprently has decided to come a 'living dead').


  • Rebel Alliance Developer Netgate

    @Cino:

    You could edit '/usr/local/pkg/ntopng.xml' so you dont have to edit /usr/local/etc/rc.d/ntopng.sh when you reboot or resave ntopng options in the gui

    Adding a new checkbox option to enable that should be simple. I don't have time at the moment but I'll keep it in mind next time I poke at the package.

    Or someone could add it and submit a pull request.



  • @jimp:

    @Cino:

    You could edit '/usr/local/pkg/ntopng.xml' so you dont have to edit /usr/local/etc/rc.d/ntopng.sh when you reboot or resave ntopng options in the gui

    Adding a new checkbox option to enable that should be simple. I don't have time at the moment but I'll keep it in mind next time I poke at the package.

    Or someone could add it and submit a pull request.

    funny you brought this up… i'm already on it :-)  might be ugly since i'm not a programmer but sure can copy and paste... hehehehe

    edit: https://github.com/pfsense/pfsense-packages/pull/771



  • Pull request has been accepted and merged. You should see an update for ntopng in Package Manager



  • I uninstalled it to see if this package perhaps made my box crash. After that, my log is flooded with this:

    ntopng: [PeriodicActivities.cpp:83] ERROR: Missing script /usr/local/share/ntopng/scripts/callbacks/second.lua

    Literally thousands of these lines, 1 per second it seems.

    But it isn't installed anymore  ;D

    How might I perhaps fix this?

    Thank you  :)





  • Rebel Alliance Developer Netgate

    The process must not have stopped. Try

    killall -9 ntopng
    

Log in to reply