diff --git a/network/ntop/README b/network/ntop/README index 81f6851706..873abb0a30 100644 --- a/network/ntop/README +++ b/network/ntop/README @@ -7,7 +7,7 @@ It sports a NetFlow/sFlow emitter/collector, an HTTP-based client interface for creating ntop-centric monitoring applications, and RRD for persistently storing traffic statistics. -This requires libevent, rrdtool, lua, and GeoIP. +This requires rrdtool, GeoIP, and graphviz. ntop needs to run under its own user/group. This has been assigned to the following by SlackBuilds.org, but feel free to change it on your diff --git a/network/ntop/README.SLACKWARE b/network/ntop/README.SLACKWARE index 0186ed3daa..fc5a973188 100644 --- a/network/ntop/README.SLACKWARE +++ b/network/ntop/README.SLACKWARE @@ -22,58 +22,10 @@ If you want to use a different user and/or group under which to run ntop, you can pass alternate values to the NTOPUSER and NTOPGROUP variables when running the build script. -1) Download extra databases ---------------------------- - -After building & installing the ntop package, you might want to -follow these extra steps: - -1.1) GeoIP tables - -To identify the location of the external hosts your netwerk connects -to, ntop uses GeoIP. You will need to download the latest tables to -your ntop server and store them in /etc/ntop: - - # cd /etc/ntop - # wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz - # gunzip -c GeoLiteCity.dat.gz > GeoLiteCity.dat - # wget http://geolite.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz - # gunzip -c GeoIPASNum.dat.gz > GeoIPASNum.dat - -Both files are updated regularly (about once a month). There are some -suggestions below on how to keep your ntop server up-to-date. - -1.2) OS fingerprint database - -ntop tries to identify the Operating System from the captures packages by -searching for a "fingerprint". It uses a table that needs to be downloaded -from the ettercap project on SourceForge: - - # cd /etc/ntop - # wget -O etter.finger.os http://ettercap.cvs.sourceforge.net/ettercap/ettercap_ng/share/etter.finger.os?rev=HEAD - -This file hasn't been updated since 2005, so it doesn't identify the more -modern OSs (Slackware 13.0 is identified as "Debian Linux" :-/ ) but it still -might be helpful. - -1.3) OUI database - -All MAC addresses contain a "Organizationally Unique Identifier" (OUI) to -identify the manufacturer. These OUIs are assigned by the IEEE Standards -Association. A table is included with ntop, but new OUIs are assigned almost -every day, so you might want to update the file now, before starting ntop: - - # cd /etc/ntop - # wget http://standards.ieee.org/regauth/oui/oui.txt - # gzip -c oui.txt > oui.txt.gz - -Since this file changes frequently, check the suggestions later in this file -on how to keep your ntop server up-to-date. - -2) Start & Stop scripts for ntop +1) Start & Stop scripts for ntop -------------------------------- -2.1) Automatic startup and shutdown +1.1) Automatic startup and shutdown If you want to start ntop on system bootup, include these lines in your /etc/rc.d/rc.local: @@ -93,14 +45,14 @@ To guarantee a clean shutdown of ntop, include this in /etc/rc.d/rc.ntop stop fi -2.2) Make /etc/rc.d/rc.ntop executable +1.2) Make /etc/rc.d/rc.ntop executable Additionally, you'll have to set the rc script to be executable just like any other Slackware rc script: # chmod +x /etc/rc.d/rc.ntop -3) Set the administrator password +2) Set the administrator password --------------------------------- When ntop is installed at the first time, you MUST set the administration @@ -113,7 +65,7 @@ For example: It will prompt you for the password and then exit. -4) Starting ntop +3) Starting ntop ---------------- Now you are ready to start ntop by calling the startup script: @@ -135,21 +87,11 @@ Fore more documentation on ntop, check: There are also some mailing lists you can subscribe to, that can be found on the pages mentioned above. -*** NOTE *** -* There have been some reports about ntop crashing (segfault) after any -* period between a couple of minutes to several hours. -* If this happens on your system, try disabling DNS resolution either from -* the menu (admin/configure/startup options/IP Prefs) or changing the rc.ntop -* file, adding the "-n" option to the line that starts ntop: -* /usr/bin/ntop --w3c -u $NTOPUID -n -d >> $NTOPLOG 2>&1 -* ^^ -*** end *** - -5) Keeping your ntop tables up-to-date +4) Keeping your ntop tables up-to-date -------------------------------------- -Now that your ntop server is running, you might want to keep the tables we -installed earlier updated automatically. +Now that your ntop server is running, you might want to keep some of the +tables that are installed updated automatically. I do this with a few simple shell scripts I copy to the /etc/cron.xxxx/ directories, where xxxx stands for: @@ -168,7 +110,13 @@ My suggestions are: Don't forget to make the script executable. -The following scripts are examples, feel free to adapt them to your reality: +The following scripts are examples for the GeoIP and OUI tables, feel free +to adapt them to your reality. + +The "OS Fingerprint" table has not changed for over five years, so I did not +create a script for it. +It you want, you can check for updates at: +http://ettercap.cvs.sourceforge.net/ettercap/ettercap_ng/share/etter.finger.os?rev=HEAD ============================================================================= ********************* diff --git a/network/ntop/no_downloads.patch b/network/ntop/no_downloads.patch index d54d9a48a1..9574662b43 100644 --- a/network/ntop/no_downloads.patch +++ b/network/ntop/no_downloads.patch @@ -1,98 +1,48 @@ ---- ntop-3.3.10.orig/configure.in 2009-11-27 23:36:09.000000000 -0200 -+++ ntop-3.3.10/configure.in 2009-11-28 10:16:33.000000000 -0200 -@@ -1652,21 +1652,12 @@ - dnl> - dnl> Lua - http://www.lua.org - dnl> --LUA_VERSION=lua-5.1.4 --if test -f "$LUA_VERSION.tar.gz"; then -- echo "Lua already present on this machine" --else -- wget http://www.lua.org/ftp/$LUA_VERSION.tar.gz -+LUA_TEST=$(which lua > /dev/null 2> /dev/null ; echo $?) -+if test $LUA_TEST -ne 0 ; then -+ echo "*** Lua not installed ***" -+ exit 1 - fi -- --tar xvfz $LUA_VERSION.tar.gz --cat $LUA_VERSION/src/Makefile | sed -e s,'MYCFLAGS=-DLUA_USE_POSIX',' MYCFLAGS="-fPIC -DLUA_USE_POSIX"',g > /tmp/lua.temp --cat /tmp/lua.temp > $LUA_VERSION/src/Makefile --#rm -f /tmp/lua.temp --cd $LUA_VERSION; make posix; cd .. -- --LUA_LIB_DIR=$PWD/$LUA_VERSION"/src" --LIBS="-L${LUA_LIB_DIR} -llua ${LIBS} " -+LIBS="-llua ${LIBS} " - INCS="${INCS} -I${LUA_LIB_DIR}" - AC_DEFINE_UNQUOTED(HAVE_LUA, 1, [LUA is supported]) - -@@ -1963,39 +1954,13 @@ - fi - - dnl> GeoIP (http://www.maxmind.com/) --if test -f "GeoIP.tar.gz"; then -- echo "GeoIP already present on this machine" --else -- wget http://www.maxmind.com/download/geoip/api/c/GeoIP.tar.gz --fi --tar xvfz GeoIP.tar.gz --GEO_DIR=`find $PWD -type d -name "GeoIP-*"` --cd $GEO_DIR; ./configure --prefix=${prefix}; make; cd .. --# OSX Fix --GEO_DYLIB="$GEO_DIR/libGeoIP/.libs/libGeoIP.dylib" --if test -f $GEO_DYLIB; then -- ln -s $GEO_DYLIB . --fi -- --if test -f "GeoLiteCity.dat"; then -- echo "GeoLiteCity.dat already present" --else -- wget http://www.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz -- gunzip GeoLiteCity.dat.gz --fi -- --if test -f "GeoIPASNum.dat"; then -- echo "GeoIPASNum.dat already present" --else -- wget http://www.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz -- gunzip GeoIPASNum.dat.gz -+GEOIP_TEST=$(ldconfig -p | grep libGeoIP.so > /dev/null 2> /dev/null ; echo $?) -+if test $GEOIP_TEST -ne 0 ; then -+ echo "*** GeoIP not installed ***" -+ exit 1 - fi - -- --GEO_DIR=`find $PWD -type d -name "GeoIP-*"` --GEO_IP="$GEO_DIR/libGeoIP/" --CFLAGS="$CFLAGS -I$GEO_IP" --LDFLAGS="-L$GEO_IP.libs/ -lGeoIP $LDFLAGS" -+LDFLAGS="-lGeoIP $LDFLAGS" - - dnl> NTOPCONFIGDEBUG_SETTINGS([precet]) - ---- ntop-3.3.10.orig/Makefile.am 2009-11-28 12:08:37.000000000 -0200 -+++ ntop-3.3.10/Makefile.am 2009-11-28 14:20:56.000000000 -0200 -@@ -74,11 +74,8 @@ - ETTER_PASSIVE_DOWNLOAD_PARMS = "rev=HEAD" - - NTOPDATA = ntop-cert.pem \ -- $(ETTER_PASSIVE) \ - oui.txt.gz \ -- specialMAC.txt.gz \ -- GeoIPASNum.dat \ -- GeoLiteCity.dat -+ specialMAC.txt.gz - - NTOPHTML = html html/*.js html/*.html html/*.gif html/*.jpg html/*.ico html/*.png \ - html/*.css html/*.dtd \ -@@ -270,8 +267,6 @@ - - install: install-recursive - -- cd @GEO_DIR@; make install -- - @mkdir -p $(DESTDIR)/$(CFG_DBFILE_DIR) - +--- ntop-4.0.1_orig/Makefile.am 2010-04-25 09:52:28.000000000 -0300 ++++ ntop-4.0.1/Makefile.am 2010-08-23 18:00:49.000000000 -0300 +@@ -403,44 +403,9 @@ + dnetter: @echo "" + @echo "" +- @echo "Preparing " ++ @echo "Skipping download " + @echo "" + +- @if test -f $(ETTER_PASSIVE).old; then \ +- echo "...Deleting prior file, $(ETTER_PASSIVE).old..."; \ +- rm -rf $(ETTER_PASSIVE).old; \ +- fi; +- @if test -f $(ETTER_PASSIVE); then \ +- echo "...Moving current $(ETTER_PASSIVE) to $(ETTER_PASSIVE).old"; \ +- mv $(ETTER_PASSIVE) $(ETTER_PASSIVE).old; \ +- fi; +- @for file in $(ETTER_PASSIVE) $(ETTER_PASSIVE).gz \ +- $(ETTER_PASSIVE_FILE) $(ETTER_PASSIVE_FILE).gz; do \ +- if test -f $$file; then \ +- echo "...Deleting prior file, $$file..."; \ +- rm -rf $$file; \ +- fi; \ +- done +- @echo "" +- @echo "...Downloading new file..." +- @wget -O $(ETTER_PASSIVE_FILE) \ +- $(ETTER_PASSIVE_DOWNLOAD_FROM)/$(ETTER_PASSIVE_FILE)?$(ETTER_PASSIVE_DOWNLOAD_PARMS) +- @echo "" +- @echo "gziping downloaded file..." +- @gzip $(ETTER_PASSIVE_FILE) +- @echo "" +- @echo "" +- @if test -f $(ETTER_PASSIVE).old; then \ +- echo -n "Old file lines were: "; \ +- gunzip -c $(ETTER_PASSIVE).old | wc -l; \ +- fi; +- @echo -n "New file lines are: " +- @gunzip -c $(ETTER_PASSIVE) | wc -l +- @echo "" +- @echo "" +- @echo "New file is:" +- @ls -l $(ETTER_PASSIVE) +- + # ntop census + census-fail: + @echo "This option is no longer available... thanks for trying" diff --git a/network/ntop/ntop.SlackBuild b/network/ntop/ntop.SlackBuild index e996b4c038..dc3e2c341b 100644 --- a/network/ntop/ntop.SlackBuild +++ b/network/ntop/ntop.SlackBuild @@ -22,22 +22,21 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# Copyright 2009 (ntop version >= 3.3.10) Niels Horn +# Maintained as of version >= 3.3.10 by Niels Horn +# revision date: 2010/08/23 PRGNAM=ntop -VERSION=3.3.10 +VERSION=4.0.1 BUILD=${BUILD:-1} TAG=${TAG:-_SBo} NTOPUSER=${NTOPUSER:-ntop} NTOPGROUP=${NTOPGROUP:-ntop} -# Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then case "$( uname -m )" in i?86) ARCH=i486 ;; arm*) ARCH=arm ;; - # Unless $ARCH is already set, use uname -m for all other archs: *) ARCH=$( uname -m ) ;; esac fi @@ -89,12 +88,10 @@ find . \ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ -exec chmod 644 {} \; -# The ntop configure / make routine automatically downloads & installs -# lua and GeoIP (even when already present on your machine), so we'll -# patch this to just warn & exit if the packages are not found. +# Patch Makefile so we won't do automatic downloads patch -p1 < $CWD/no_downloads.patch -# Since ntop calls their ./configure from autogen.sh anything passed onto +# Since ntop calls their ./configure from autogen.sh anything passed onto # autogen.sh (ie $@) is passed off as command line arguments to configure. CFLAGS="$SLKCFLAGS" \ CXXFLAGS="$SLKCFLAGS" \ @@ -116,10 +113,8 @@ make install DESTDIR=$PKG find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \ | cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true -( cd $PKG/usr/man - find . -type f -exec gzip -9 {} \; - for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done -) +find $PKG/usr/man -type f -exec gzip -9 {} \; +for i in $( find $PKG/usr/man -type l ) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done # Bug in ntop source:: http://tinyurl.com/2wf7ou . This should at some point # be dealt with upstream. For now fix this in $PKG :) @@ -127,16 +122,16 @@ if [ -d $PKG/usr/lib${LIBDIRSUFFIX}/plugins ]; then rmdir -v $PKG/usr/lib${LIBDIRSUFFIX}/plugins fi -mkdir -p $PKG/etc/logrotate.d $PKG/etc/rc.d +mkdir -p $PKG/etc/logrotate.d $PKG/etc/rc.d install -m 0644 $CWD/$PRGNAM.logrotate $PKG/etc/logrotate.d/$PRGNAM.new sed -e "s%@NTOPUSER@%$NTOPUSER%" -e "s%@NTOPGROUP@%$NTOPGROUP%" \ $CWD/rc.ntop > $PKG/etc/rc.d/rc.ntop.new chmod 0755 $PKG/etc/rc.d/rc.ntop.new -# Change the permissions on ntops homedir so we can write logs +# Change the permissions on ntops homedir so we can write logs chown -R $NTOPUSER:$NTOPGROUP $PKG/var/lib/$PRGNAM -# Copy *all* documentation over (docs/ is not included in make install for +# Copy *all* documentation over (docs/ is not included in make install for # some arkane reason. Rename some docs to prevent them copying over each other. for FILE in {README,INSTALL}; do mv docs/$FILE docs/$FILE.docs ; done mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION @@ -144,7 +139,7 @@ cp -a AUTHORS CONTENTS COPYING ChangeLog INSTALL MANIFESTO NEWS PORTING \ README SUPPORT_NTOP.txt THANKS ntop.html ntop.txt docs/* NetFlow www \ $PKG/usr/doc/$PRGNAM-$VERSION cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild -cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE +cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE mkdir -p $PKG/install cat $CWD/slack-desc > $PKG/install/slack-desc diff --git a/network/ntop/ntop.info b/network/ntop/ntop.info index b7539c791d..159cd6d0e4 100644 --- a/network/ntop/ntop.info +++ b/network/ntop/ntop.info @@ -1,10 +1,10 @@ PRGNAM="ntop" -VERSION="3.3.10" +VERSION="4.0.1" HOMEPAGE="http://www.ntop.org" -DOWNLOAD="http://downloads.sourceforge.net/ntop/ntop-3.3.10.tar.gz" -MD5SUM="6e2ffa90d5f935c8f03d88a5dd19a866" +DOWNLOAD="http://downloads.sourceforge.net/ntop/ntop-4.0.1.tar.gz" +MD5SUM="22f916327f0e92d8c470aaadcb80d84d" DOWNLOAD_x86_64="" MD5SUM_x86_64="" MAINTAINER="Niels Horn" EMAIL="niels.horn@gmail.com" -APPROVED="rworkman" +APPROVED="Erik Hanson" diff --git a/network/ntop/slack-desc b/network/ntop/slack-desc index 1ab4fb93a8..9f6b29e7ed 100644 --- a/network/ntop/slack-desc +++ b/network/ntop/slack-desc @@ -8,12 +8,12 @@ |-----handy-ruler------------------------------------------------------| ntop: ntop (Network usage with shiny graphs) ntop: -ntop: ntop is a network probe that shows network usage in a way similar to -ntop: what top does for processes. In interactive mode, it displays the -ntop: network status on the user's terminal. In Web mode, it acts as a Web -ntop: server, creating an HTML dump of the network status. +ntop: ntop is a network probe that shows network usage in a way similar to +ntop: what top does for processes. In interactive mode, it displays the +ntop: network status on the user's terminal. In Web mode, it acts as a Web +ntop: server, creating an HTML dump of the network status. ntop: -ntop: It sports a NetFlow/sFlow emitter/collector, an HTTP-based client -ntop: interface for creating ntop-centric monitoring applications, and +ntop: It sports a NetFlow/sFlow emitter/collector, an HTTP-based client +ntop: interface for creating ntop-centric monitoring applications, and ntop: RRD for persistently storing traffic statistics. ntop: