■ntopの導入
$ sudo apt-get install -y apache2 ntop
$ netstat -an | grep "\:80"
tcp6 0 0 :::80 :::* LISTEN
■監視対象の確認。
※デフォルトでは「none」
$ sudo grep INTERFACE /var/lib/ntop/init.cfg
INTERFACES="lo,eth0"
■サービスの有効化
$ sudo sed -i s/"\(ENABLED\)=1"/"\1=0"/ /etc/default/ntop
$ sudo /etc/init.d/ntop restart
$ netstat -an | grep "\:3000"
tcp 0 0 0.0.0.0:3000 0.0.0.0:* LISTEN
■動作確認(後はfirefoxで)
$ wget -O - --no-proxy http://localhost:3000 2>/dev/null | \
sed s/"\(BORDER\)=1"/"\1=0"/g | w3m -dump -T text/html
Refresh (120 sec)
[ntop_logo] (C) 1998-2012 - Luca Deri
Please enable JavaScript support in your browser [graph_zoom]
Please enable make sure that the ntop html/ directory [ ]
is properly installed
• Global Statistics
• lo Report
• Protocol Distribution
• Application Protocols
Name Device Type Speed Sampling MTU Header Address IPv6
Rate Addresses
lo BSD
Network Change lo loopback 0 8232 4 127.0.0.1
Interface name
(s) eth0
Change eth0 Ethernet 0 1514 14 192.168.164.11
name
Local
Domain test.local
Name
Capturing Thu May 16 23:53:15 2013 [5:50]
Since
Hosts [5 active [graph]] [15 total [graph]]
Active 6 [Max: 16]
Sessions
Dropped (libpcap) 0.0% 0
Dropped (ntop) 0.0% 0
Total Received (ntop) 18,733
Total Packets Processed 18,686
Unicast 100.0% 18,684
Broadcast 0.0% 1
Multicast 0.0% 0
Shortest 42 bytes
Average Size 233 bytes
Packets Longest 65,542 bytes
Size <= 64 bytes 0.4% 68
64 < Size <= 128 bytes 58.6% 10,942
128 < Size <= 256 bytes 19.9% 3,717
256 < Size <= 512 bytes 2.6% 484
512 < Size <= 1024 bytes 11.8% 2,204
1024 < Size <= 1518 bytes 3.1% 574
Size > 1518 bytes 4.0% 746
Packets too long [> 8232] 2.6% 488
Total 12.0 MBytes [18,686 Pkts]
IPv4 Traffic 2.7 MBytes [10,849 Pkts]
Fragmented IPv4 Traffic 0 [0.0%]
Non IPv4 Traffic 9.3 MBytes
Average TTL 48
TTL <= 32 0.0% 1
Traffic 32 < TTL <= 64 57.6% 10,771
64 < TTL <= 96 0.0% 0
96 < TTL <= 128 0.4% 77
128 < TTL <= 160 0.0% 0
160 < TTL <= 192 0.0% 0
192 < TTL <= 224 0.0% 0
224 < TTL <= 256 0.0% 0
Actual 36.4 Kbit/s 20.4 Pkt/s
Last Minute 29.5 Kbit/s 10.9 Pkt/s
Network Load Last 5 Minutes 330.3 Kbit/s 59.5 Pkt/s
Peak 2.6 Mbit/s 469.3 Pkt/s
Average 287.6 Kbit/s 53.2 Pkt/s
Historical Data [ View rrd charts of historical data for this interface ]
L2/L3 Protocol Data Percentage
TCP 2.7 MBytes 99.8% 99.8%
IP 2.7 MBytes 22.8%
UDP 4.3 KBytes 0.2%
(R)ARP 0.2 KBytes 0.0%
Other 3.6 MBytes 29.9% 29.9%
Application Protocol Data Percentage
Mail_POP 59.9 KBytes 1.0%
[rrdPlugin] [graph_zoom]
Mail_SMTP 3.7 KBytes 0.1%
[rrdPlugin] [graph_zoom]
NTP 0.7 KBytes 0.0%
[rrdPlugin] [graph_zoom]
SSDP 5.7 MBytes 98.9%
[rrdPlugin] [graph_zoom]
Aggregated View [] [graph_zoom]
Report created on Thu May 16 23:59:05 2013 [ntop uptime: 5:50]
Generated by ntop v.4.99.3 (64 bit) [x86_64-3.2.0-4-amd64-linux-gnu]
© 1998-2012 by Luca Deri, built: Mar 1 2013 07:35:33.
Version: a minimally supported but OLDER version - please upgrade
Listening on [lo,eth0] for all packets (i.e. without a filtering expression)
Web reports include all interfaces (merged)
