Ntop or equivalent real-time traffic monitor?

jcortes · 07-01-2009, 11:17 AM

I have been looking for a way to monitor my network in real-time by using the web interface. I can SSH into my box and run iptraf but I would like it to be cleaner like ntop.

Is there any way to install ntop at this point? I was reading and according to some of the posts it wasnt working because of the kernel version but it has been updated since.

Another question would be, will the new reports module include real-time viewing?

WebFooL · 07-01-2009, 12:18 PM

Hi.
you have jnettop installd.

To access it.
Step one login with SSH.
step1.JPG

Then run

Code:

jnettop

step2.JPG

you can apply rules so that you only se some types of network traffic.
Here are the syntax.

Quote:

Usage: jnettop [-hv] [-i interface] [-d filename]

-h, --help display this help message
-v, --version display version information

-c, --content-filter disable content filtering
-d, --debug filename write debug information into file (or syslog)
--display type type of display (curses, text, uia)
-f, --config-file name reads configuration from file. defaults to ~/.jnettop
--format format list of fields to list in text output
-i, --interface name capture packets on specified interface
--local-aggr arg set local aggregation to none/host/port/host+port
-n, --no-resolver disable resolving of addresses
-p, --promiscuous enable promisc mode on the devices
--remote-aggr arg set remote aggregation to none/host/port/host+port
-s, --select-rule rule selects one of the rules defined in config file
by it's name
-t, --timeout sec timeout in seconds after which jnettop ends (text display)
-x, --filter rule allows for specification of custom filtering rule
this follows tcpdump(1) syntax. don't forget to
enclose the filter in quotes when running from shell

Report bugs to <j@kubs.cz>

Format variable can be CSV (comma separated values), TSV (tab separated values)
or completelly custom format string, where the following identifiers are substituted when surrounded by '$':
src, srcname, srcport, srcbytes, srcpackets, srcbps, srcpps,
dst, dstname, dstport, dstbytes, dstpackets, dstbps, dstpps,
proto, totalbytes, totalpackets, totalbps, totalpps, filterdata

example:
jnettop --display text -t 5 --format CSV
jnettop --display text -t 5 --format '$srcname$,$srcport$,$dstname$,$dstport$,$totalbps $'

Otherwise you can install Ntop.
http://forums.untangle.com/tip-day/9...test-rels.html

I use Ngrep to filter and watch my home network.
You can read my thread on how to install here.
http://forums.untangle.com/tip-day/9...all-ngrep.html

jcortes · 07-01-2009, 01:09 PM

got ntop running thanks for the quick reply

07-01-2009, 11:17 AM	#1 (permalink)
jcortes Untangler Join Date: Nov 2008 Posts: 77	Ntop or equivalent real-time traffic monitor? I have been looking for a way to monitor my network in real-time by using the web interface. I can SSH into my box and run iptraf but I would like it to be cleaner like ntop. Is there any way to install ntop at this point? I was reading and according to some of the posts it wasnt working because of the kernel version but it has been updated since. Another question would be, will the new reports module include real-time viewing?

Protect

Filter

Perform

Connect

Manage

Add-Ons

07-01-2009, 01:09 PM	#3 (permalink)
jcortes Untangler Join Date: Nov 2008 Posts: 77	got ntop running thanks for the quick reply