network/ntop: Updated for version 4.0.1.

Signed-off-by: Erik Hanson <erik@slackbuilds.org>
This commit is contained in:
Niels Horn 2010-08-30 05:59:18 -05:00 committed by Erik Hanson
parent 2f7f4cecc0
commit 80c67ef078
6 changed files with 84 additions and 191 deletions

View file

@ -7,7 +7,7 @@ It sports a NetFlow/sFlow emitter/collector, an HTTP-based client
interface for creating ntop-centric monitoring applications, and
RRD for persistently storing traffic statistics.
This requires libevent, rrdtool, lua, and GeoIP.
This requires rrdtool, GeoIP, and graphviz.
ntop needs to run under its own user/group. This has been assigned to
the following by SlackBuilds.org, but feel free to change it on your

View file

@ -22,58 +22,10 @@ If you want to use a different user and/or group under which to run
ntop, you can pass alternate values to the NTOPUSER and NTOPGROUP variables
when running the build script.
1) Download extra databases
---------------------------
After building & installing the ntop package, you might want to
follow these extra steps:
1.1) GeoIP tables
To identify the location of the external hosts your netwerk connects
to, ntop uses GeoIP. You will need to download the latest tables to
your ntop server and store them in /etc/ntop:
# cd /etc/ntop
# wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
# gunzip -c GeoLiteCity.dat.gz > GeoLiteCity.dat
# wget http://geolite.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz
# gunzip -c GeoIPASNum.dat.gz > GeoIPASNum.dat
Both files are updated regularly (about once a month). There are some
suggestions below on how to keep your ntop server up-to-date.
1.2) OS fingerprint database
ntop tries to identify the Operating System from the captures packages by
searching for a "fingerprint". It uses a table that needs to be downloaded
from the ettercap project on SourceForge:
# cd /etc/ntop
# wget -O etter.finger.os http://ettercap.cvs.sourceforge.net/ettercap/ettercap_ng/share/etter.finger.os?rev=HEAD
This file hasn't been updated since 2005, so it doesn't identify the more
modern OSs (Slackware 13.0 is identified as "Debian Linux" :-/ ) but it still
might be helpful.
1.3) OUI database
All MAC addresses contain a "Organizationally Unique Identifier" (OUI) to
identify the manufacturer. These OUIs are assigned by the IEEE Standards
Association. A table is included with ntop, but new OUIs are assigned almost
every day, so you might want to update the file now, before starting ntop:
# cd /etc/ntop
# wget http://standards.ieee.org/regauth/oui/oui.txt
# gzip -c oui.txt > oui.txt.gz
Since this file changes frequently, check the suggestions later in this file
on how to keep your ntop server up-to-date.
2) Start & Stop scripts for ntop
1) Start & Stop scripts for ntop
--------------------------------
2.1) Automatic startup and shutdown
1.1) Automatic startup and shutdown
If you want to start ntop on system bootup, include these lines in your
/etc/rc.d/rc.local:
@ -93,14 +45,14 @@ To guarantee a clean shutdown of ntop, include this in
/etc/rc.d/rc.ntop stop
fi
2.2) Make /etc/rc.d/rc.ntop executable
1.2) Make /etc/rc.d/rc.ntop executable
Additionally, you'll have to set the rc script to be executable just like
any other Slackware rc script:
# chmod +x /etc/rc.d/rc.ntop
3) Set the administrator password
2) Set the administrator password
---------------------------------
When ntop is installed at the first time, you MUST set the administration
@ -113,7 +65,7 @@ For example:
It will prompt you for the password and then exit.
4) Starting ntop
3) Starting ntop
----------------
Now you are ready to start ntop by calling the startup script:
@ -135,21 +87,11 @@ Fore more documentation on ntop, check:
There are also some mailing lists you can subscribe to, that can be found on
the pages mentioned above.
*** NOTE ***
* There have been some reports about ntop crashing (segfault) after any
* period between a couple of minutes to several hours.
* If this happens on your system, try disabling DNS resolution either from
* the menu (admin/configure/startup options/IP Prefs) or changing the rc.ntop
* file, adding the "-n" option to the line that starts ntop:
* /usr/bin/ntop --w3c -u $NTOPUID -n -d >> $NTOPLOG 2>&1
* ^^
*** end ***
5) Keeping your ntop tables up-to-date
4) Keeping your ntop tables up-to-date
--------------------------------------
Now that your ntop server is running, you might want to keep the tables we
installed earlier updated automatically.
Now that your ntop server is running, you might want to keep some of the
tables that are installed updated automatically.
I do this with a few simple shell scripts I copy to the /etc/cron.xxxx/
directories, where xxxx stands for:
@ -168,7 +110,13 @@ My suggestions are:
Don't forget to make the script executable.
The following scripts are examples, feel free to adapt them to your reality:
The following scripts are examples for the GeoIP and OUI tables, feel free
to adapt them to your reality.
The "OS Fingerprint" table has not changed for over five years, so I did not
create a script for it.
It you want, you can check for updates at:
http://ettercap.cvs.sourceforge.net/ettercap/ettercap_ng/share/etter.finger.os?rev=HEAD
=============================================================================
*********************

View file

@ -1,98 +1,48 @@
--- ntop-3.3.10.orig/configure.in 2009-11-27 23:36:09.000000000 -0200
+++ ntop-3.3.10/configure.in 2009-11-28 10:16:33.000000000 -0200
@@ -1652,21 +1652,12 @@
dnl>
dnl> Lua - http://www.lua.org
dnl>
-LUA_VERSION=lua-5.1.4
-if test -f "$LUA_VERSION.tar.gz"; then
- echo "Lua already present on this machine"
-else
- wget http://www.lua.org/ftp/$LUA_VERSION.tar.gz
+LUA_TEST=$(which lua > /dev/null 2> /dev/null ; echo $?)
+if test $LUA_TEST -ne 0 ; then
+ echo "*** Lua not installed ***"
+ exit 1
fi
-
-tar xvfz $LUA_VERSION.tar.gz
-cat $LUA_VERSION/src/Makefile | sed -e s,'MYCFLAGS=-DLUA_USE_POSIX',' MYCFLAGS="-fPIC -DLUA_USE_POSIX"',g > /tmp/lua.temp
-cat /tmp/lua.temp > $LUA_VERSION/src/Makefile
-#rm -f /tmp/lua.temp
-cd $LUA_VERSION; make posix; cd ..
-
-LUA_LIB_DIR=$PWD/$LUA_VERSION"/src"
-LIBS="-L${LUA_LIB_DIR} -llua ${LIBS} "
+LIBS="-llua ${LIBS} "
INCS="${INCS} -I${LUA_LIB_DIR}"
AC_DEFINE_UNQUOTED(HAVE_LUA, 1, [LUA is supported])
@@ -1963,39 +1954,13 @@
fi
dnl> GeoIP (http://www.maxmind.com/)
-if test -f "GeoIP.tar.gz"; then
- echo "GeoIP already present on this machine"
-else
- wget http://www.maxmind.com/download/geoip/api/c/GeoIP.tar.gz
-fi
-tar xvfz GeoIP.tar.gz
-GEO_DIR=`find $PWD -type d -name "GeoIP-*"`
-cd $GEO_DIR; ./configure --prefix=${prefix}; make; cd ..
-# OSX Fix
-GEO_DYLIB="$GEO_DIR/libGeoIP/.libs/libGeoIP.dylib"
-if test -f $GEO_DYLIB; then
- ln -s $GEO_DYLIB .
-fi
-
-if test -f "GeoLiteCity.dat"; then
- echo "GeoLiteCity.dat already present"
-else
- wget http://www.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz
- gunzip GeoLiteCity.dat.gz
-fi
-
-if test -f "GeoIPASNum.dat"; then
- echo "GeoIPASNum.dat already present"
-else
- wget http://www.maxmind.com/download/geoip/database/asnum/GeoIPASNum.dat.gz
- gunzip GeoIPASNum.dat.gz
+GEOIP_TEST=$(ldconfig -p | grep libGeoIP.so > /dev/null 2> /dev/null ; echo $?)
+if test $GEOIP_TEST -ne 0 ; then
+ echo "*** GeoIP not installed ***"
+ exit 1
fi
-
-GEO_DIR=`find $PWD -type d -name "GeoIP-*"`
-GEO_IP="$GEO_DIR/libGeoIP/"
-CFLAGS="$CFLAGS -I$GEO_IP"
-LDFLAGS="-L$GEO_IP.libs/ -lGeoIP $LDFLAGS"
+LDFLAGS="-lGeoIP $LDFLAGS"
dnl> NTOPCONFIGDEBUG_SETTINGS([precet])
--- ntop-3.3.10.orig/Makefile.am 2009-11-28 12:08:37.000000000 -0200
+++ ntop-3.3.10/Makefile.am 2009-11-28 14:20:56.000000000 -0200
@@ -74,11 +74,8 @@
ETTER_PASSIVE_DOWNLOAD_PARMS = "rev=HEAD"
NTOPDATA = ntop-cert.pem \
- $(ETTER_PASSIVE) \
oui.txt.gz \
- specialMAC.txt.gz \
- GeoIPASNum.dat \
- GeoLiteCity.dat
+ specialMAC.txt.gz
NTOPHTML = html html/*.js html/*.html html/*.gif html/*.jpg html/*.ico html/*.png \
html/*.css html/*.dtd \
@@ -270,8 +267,6 @@
install: install-recursive
- cd @GEO_DIR@; make install
-
@mkdir -p $(DESTDIR)/$(CFG_DBFILE_DIR)
--- ntop-4.0.1_orig/Makefile.am 2010-04-25 09:52:28.000000000 -0300
+++ ntop-4.0.1/Makefile.am 2010-08-23 18:00:49.000000000 -0300
@@ -403,44 +403,9 @@
dnetter:
@echo ""
@echo ""
- @echo "Preparing "
+ @echo "Skipping download "
@echo ""
- @if test -f $(ETTER_PASSIVE).old; then \
- echo "...Deleting prior file, $(ETTER_PASSIVE).old..."; \
- rm -rf $(ETTER_PASSIVE).old; \
- fi;
- @if test -f $(ETTER_PASSIVE); then \
- echo "...Moving current $(ETTER_PASSIVE) to $(ETTER_PASSIVE).old"; \
- mv $(ETTER_PASSIVE) $(ETTER_PASSIVE).old; \
- fi;
- @for file in $(ETTER_PASSIVE) $(ETTER_PASSIVE).gz \
- $(ETTER_PASSIVE_FILE) $(ETTER_PASSIVE_FILE).gz; do \
- if test -f $$file; then \
- echo "...Deleting prior file, $$file..."; \
- rm -rf $$file; \
- fi; \
- done
- @echo ""
- @echo "...Downloading new file..."
- @wget -O $(ETTER_PASSIVE_FILE) \
- $(ETTER_PASSIVE_DOWNLOAD_FROM)/$(ETTER_PASSIVE_FILE)?$(ETTER_PASSIVE_DOWNLOAD_PARMS)
- @echo ""
- @echo "gziping downloaded file..."
- @gzip $(ETTER_PASSIVE_FILE)
- @echo ""
- @echo ""
- @if test -f $(ETTER_PASSIVE).old; then \
- echo -n "Old file lines were: "; \
- gunzip -c $(ETTER_PASSIVE).old | wc -l; \
- fi;
- @echo -n "New file lines are: "
- @gunzip -c $(ETTER_PASSIVE) | wc -l
- @echo ""
- @echo ""
- @echo "New file is:"
- @ls -l $(ETTER_PASSIVE)
-
# ntop census
census-fail:
@echo "This option is no longer available... thanks for trying"

View file

@ -22,22 +22,21 @@
# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Copyright 2009 (ntop version >= 3.3.10) Niels Horn <niels.horn@gmail.com>
# Maintained as of version >= 3.3.10 by Niels Horn <niels.horn@gmail.com>
# revision date: 2010/08/23
PRGNAM=ntop
VERSION=3.3.10
VERSION=4.0.1
BUILD=${BUILD:-1}
TAG=${TAG:-_SBo}
NTOPUSER=${NTOPUSER:-ntop}
NTOPGROUP=${NTOPGROUP:-ntop}
# Automatically determine the architecture we're building on:
if [ -z "$ARCH" ]; then
case "$( uname -m )" in
i?86) ARCH=i486 ;;
arm*) ARCH=arm ;;
# Unless $ARCH is already set, use uname -m for all other archs:
*) ARCH=$( uname -m ) ;;
esac
fi
@ -89,12 +88,10 @@ find . \
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
-exec chmod 644 {} \;
# The ntop configure / make routine automatically downloads & installs
# lua and GeoIP (even when already present on your machine), so we'll
# patch this to just warn & exit if the packages are not found.
# Patch Makefile so we won't do automatic downloads
patch -p1 < $CWD/no_downloads.patch
# Since ntop calls their ./configure from autogen.sh anything passed onto
# Since ntop calls their ./configure from autogen.sh anything passed onto
# autogen.sh (ie $@) is passed off as command line arguments to configure.
CFLAGS="$SLKCFLAGS" \
CXXFLAGS="$SLKCFLAGS" \
@ -116,10 +113,8 @@ make install DESTDIR=$PKG
find $PKG | xargs file | grep -e "executable" -e "shared object" | grep ELF \
| cut -f 1 -d : | xargs strip --strip-unneeded 2> /dev/null || true
( cd $PKG/usr/man
find . -type f -exec gzip -9 {} \;
for i in $(find . -type l) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done
)
find $PKG/usr/man -type f -exec gzip -9 {} \;
for i in $( find $PKG/usr/man -type l ) ; do ln -s $(readlink $i).gz $i.gz ; rm $i ; done
# Bug in ntop source:: http://tinyurl.com/2wf7ou . This should at some point
# be dealt with upstream. For now fix this in $PKG :)
@ -127,16 +122,16 @@ if [ -d $PKG/usr/lib${LIBDIRSUFFIX}/plugins ]; then
rmdir -v $PKG/usr/lib${LIBDIRSUFFIX}/plugins
fi
mkdir -p $PKG/etc/logrotate.d $PKG/etc/rc.d
mkdir -p $PKG/etc/logrotate.d $PKG/etc/rc.d
install -m 0644 $CWD/$PRGNAM.logrotate $PKG/etc/logrotate.d/$PRGNAM.new
sed -e "s%@NTOPUSER@%$NTOPUSER%" -e "s%@NTOPGROUP@%$NTOPGROUP%" \
$CWD/rc.ntop > $PKG/etc/rc.d/rc.ntop.new
chmod 0755 $PKG/etc/rc.d/rc.ntop.new
# Change the permissions on ntops homedir so we can write logs
# Change the permissions on ntops homedir so we can write logs
chown -R $NTOPUSER:$NTOPGROUP $PKG/var/lib/$PRGNAM
# Copy *all* documentation over (docs/ is not included in make install for
# Copy *all* documentation over (docs/ is not included in make install for
# some arkane reason. Rename some docs to prevent them copying over each other.
for FILE in {README,INSTALL}; do mv docs/$FILE docs/$FILE.docs ; done
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
@ -144,7 +139,7 @@ cp -a AUTHORS CONTENTS COPYING ChangeLog INSTALL MANIFESTO NEWS PORTING \
README SUPPORT_NTOP.txt THANKS ntop.html ntop.txt docs/* NetFlow www \
$PKG/usr/doc/$PRGNAM-$VERSION
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE
cat $CWD/README.SLACKWARE > $PKG/usr/doc/$PRGNAM-$VERSION/README.SLACKWARE
mkdir -p $PKG/install
cat $CWD/slack-desc > $PKG/install/slack-desc

View file

@ -1,10 +1,10 @@
PRGNAM="ntop"
VERSION="3.3.10"
VERSION="4.0.1"
HOMEPAGE="http://www.ntop.org"
DOWNLOAD="http://downloads.sourceforge.net/ntop/ntop-3.3.10.tar.gz"
MD5SUM="6e2ffa90d5f935c8f03d88a5dd19a866"
DOWNLOAD="http://downloads.sourceforge.net/ntop/ntop-4.0.1.tar.gz"
MD5SUM="22f916327f0e92d8c470aaadcb80d84d"
DOWNLOAD_x86_64=""
MD5SUM_x86_64=""
MAINTAINER="Niels Horn"
EMAIL="niels.horn@gmail.com"
APPROVED="rworkman"
APPROVED="Erik Hanson"

View file

@ -8,12 +8,12 @@
|-----handy-ruler------------------------------------------------------|
ntop: ntop (Network usage with shiny graphs)
ntop:
ntop: ntop is a network probe that shows network usage in a way similar to
ntop: what top does for processes. In interactive mode, it displays the
ntop: network status on the user's terminal. In Web mode, it acts as a Web
ntop: server, creating an HTML dump of the network status.
ntop: ntop is a network probe that shows network usage in a way similar to
ntop: what top does for processes. In interactive mode, it displays the
ntop: network status on the user's terminal. In Web mode, it acts as a Web
ntop: server, creating an HTML dump of the network status.
ntop:
ntop: It sports a NetFlow/sFlow emitter/collector, an HTTP-based client
ntop: interface for creating ntop-centric monitoring applications, and
ntop: It sports a NetFlow/sFlow emitter/collector, an HTTP-based client
ntop: interface for creating ntop-centric monitoring applications, and
ntop: RRD for persistently storing traffic statistics.
ntop: