![Untangle Networks [home]](http://www.untangle.com/templates/untangle_networks_template_950px/public/images/logo.gif){kind=logo}
![Untangle Networks [home]](http://untangle.com/templates/untangle_networks_template_950px/images/untangle_logo.gif){kind=logo}
|
|||||||
 |
|
|
LinkBack | Thread Tools |
06-01-2009, 08:17 AM
|
#1 (permalink) |
|
Master Untangler
Join Date: Jul 2008
Posts: 796
|
How to Install All (Ntop, Webmin, PHPSysinfo, Imspector) on UT 6.2 (All Latest Rels)
All credit for these scripts go to napa.
Please reference his original post. I am posting the cleaned up scripts here for him. DISCLAIMER: Please turn off all automatic UT updates. These scripts make some major changes to UT. Use these at your own risk and it's up to you to put these on a production box. I have NOT tested an upgrade after installing these. Once I do an upgrade of UT, I will test to see how it effected these changes. You have been warned.  Post all questions to the other post so we can keep this one clean and for scripts only. NOTE: squid cache does not work 100%. You cannot filter traffic, rendering it useless for regular users, but OK for power users you dont want filtered. We will keep trying to get it to work. 1. INSTALL NTOP #Increase the APT cache Code:
echo 'APT::Cache-Limit 30000000;' >| /etc/apt/apt.conf Code:
cp /etc/apt/sources.list /etc/apt/sources.list.orig Code:
echo "deb http://ftp.debian.org/debian lenny main contrib non-free" >| /etc/apt/sources.list echo "deb http://security.debian.org lenny/updates main contrib non-free" >> /etc/apt/sources.list echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list echo "deb http://www.backports.org/debian lenny-backports main contrib non-free" >> /etc/apt/sources.list echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list Code:
apt-get clean apt-get update Code:
apt-get install ntop Code:
ntop -A Code:
echo 'USER="ntop"\nINTERFACES="eth0"' >| /var/lib/ntop/init.cfg Code:
echo 'GETOPT="-w 4000"' >> /etc/default/ntop Code:
cp /etc/apt/sources.list.orig /etc/apt/sources.list Code:
/etc/init.d/ntop start Code:
lsof -i | grep ntop Login to admin page, click on CONFIG, NETWORKING. At the top right click on ADVANCED to enable advanced mode. If this is the first time, it will try to run a wizard which you can cancel. After advanced mode has been enabled, click on the down arrow to the right of the word ADVANCED and select PACKET FILTER. Click on ADD which will add it to the selection. Make your screen match the following: Code:
NAME: nTop Access ACTION: PASS DESTINATION LOCAL PROTOCOL: TCP DESTINATION PORT 4000 #Secure NTop URL Check http://untangle-ip:4000 Click into "Admin" and "Configure" Select "Protect URL's" Type in the admin username and password. Click "Add URL" to bring up the default site url then click "Add URL" Again. #Access NTOP http://untangle-ip:4000 NOTE: Ntop crashes randomly, so you may need to install monit to help restart it.
__________________
Please VOTE for the AD/LDAP Connector upgrade. Please VOTE for the ByPass feature. Please VOTE for the Top Talkers feature. Last edited by lschafroth; 08-29-2009 at 09:59 AM.. |
|
|
|
06-01-2009, 08:43 AM
|
#2 (permalink) |
|
Master Untangler
Join Date: Jul 2008
Posts: 796
|
2. INSTALL WEBMIN
#Increase the APT cache (SKIP this if you have already done this in a previous script) Code:
echo 'APT::Cache-Limit 30000000;' >| /etc/apt/apt.conf Code:
cp /etc/apt/sources.list /etc/apt/sources.list.orig Code:
echo "deb http://ftp.debian.org/debian lenny main contrib non-free" >| /etc/apt/sources.list echo "deb http://security.debian.org lenny/updates main contrib non-free" >> /etc/apt/sources.list echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list echo "deb http://www.backports.org/debian lenny-backports main contrib non-free" >> /etc/apt/sources.list echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list Code:
apt-get clean apt-get update Code:
apt-get install webmin If all went well you should get the following response: Webmin install complete. You can now login to https://untangle-ip:10000/ #Restore the original APT sources list Code:
cp /etc/apt/sources.list.orig /etc/apt/sources.list Code:
/etc/init.d/webmin start Code:
lsof -i | grep webmin Login to admin page, click on CONFIG, NETWORKING. At the top right click on ADVANCED to enable advanced mode. If this is the first time, it will try to run a wizard which you can cancel. After ADVANCED mode has been enabled, click on the down arrow to the right of the word ADVANCED and select PACKET FILTER. Click on ADD which will add it to the selection. Click on the EDIT icon and make your screen match the following: Code:
NAME: Webmin Access ACTION: PASS DESTINATION LOCAL SOURCE INTERFACE: Internal PROTOCOL: TCP DESTINATION PORT 10000 #Access Webmin Login to http://untangleip:10000 using the UT root username and password. NOTE: My install always places webmin in the /usr/share/webmin/ folder, not the /usr/local/webmin/ folder. This will matter during the imspector.cgi installation. NOTES: this installation is easy
__________________
Please VOTE for the AD/LDAP Connector upgrade. Please VOTE for the ByPass feature. Please VOTE for the Top Talkers feature. Last edited by lschafroth; 10-23-2009 at 05:01 PM.. |
|
|
|
|
06-01-2009, 09:06 AM
|
#3 (permalink) |
|
Master Untangler
Join Date: Jul 2008
Posts: 796
|
3. INSTALL PHPSYSINFO
#Increase the APT cache (SKIP this if you have already done this in a previous script) Code:
echo 'APT::Cache-Limit 30000000;' >| /etc/apt/apt.conf Code:
cp /etc/apt/sources.list /etc/apt/sources.list.orig Code:
echo "deb http://ftp.debian.org/debian lenny main contrib non-free" >| /etc/apt/sources.list echo "deb http://security.debian.org lenny/updates main contrib non-free" >> /etc/apt/sources.list echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list echo "deb http://www.backports.org/debian lenny-backports main contrib non-free" >> /etc/apt/sources.list echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list Code:
apt-get clean apt-get update Code:
apt-get install libapache2-mod-fcgid php5-cgi Code:
a2enmod fcgid Code:
nano /etc/apache2/sites-available/uvm Code:
<Directory /var/www> AddHandler fcgid-script .php FCGIWrapper /usr/lib/cgi-bin/php5 .php FileETag Mtime Size </Directory> Code:
/etc/init.d/apache2 restart Code:
apt-get install phpsysinfo #Restore the original APT sources list Code:
cp /etc/apt/sources.list.orig /etc/apt/sources.list http://untangle-ip/phpsysinfo |
|
|
|
|
06-01-2009, 09:31 AM
|
#4 (permalink) |
|
Master Untangler
Join Date: Jul 2008
Posts: 796
|
4. INSTALL IMSPECTOR (CHAT SNIFFER)
UPDATED code for imspector0.9 #Increase the APT cache (SKIP this if you have already done this in a previous script) Code:
echo 'APT::Cache-Limit 30000000;' >| /etc/apt/apt.conf Code:
cp /etc/apt/sources.list /etc/apt/sources.list.orig Code:
echo "deb http://ftp.debian.org/debian lenny main contrib non-free" >| /etc/apt/sources.list echo "deb http://security.debian.org lenny/updates main contrib non-free" >> /etc/apt/sources.list echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list echo "deb http://www.backports.org/debian lenny-backports main contrib non-free" >> /etc/apt/sources.list echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list Code:
apt-get clean apt-get update Code:
apt-get install make build-essential openssl libssl-dev #Install Imspector Code:
cd /tmp wget http://www.imspector.org/downloads/imspector-0.9.tar.gz tar zxf imspector-0.9.tar.gz cd imspector-0.9 Code:
make Code:
make install make install-cert #Create Folder Code:
mkdir /etc/imspector Code:
cp imspector /etc/init.d/imspector chmod 755 /etc/init.d/imspector update-rc.d imspector defaults Code:
/etc/init.d/untangle-net-alpaca restart /etc/init.d/untangle-net-alpaca-iptables restart /etc/init.d/imspector cp /tmp/imspector-0.9/contrib/imspector.cgi /usr/share/webmin/imspector.cgi Code:
cp /etc/apt/sources.list.orig /etc/apt/sources.list https://untangle-ip:10000/imspector.cgi You can view the Raw Logs here: /var/log/imspector NOTE: With no port forwarding, this install is passive and you can view the logs. Correct me if I'm wrong. I did not do any port forwarding on my other system and I can see all the chat traffic. If you want to do badword filtering and etc, you will need to redirect.
__________________
Please VOTE for the AD/LDAP Connector upgrade. Please VOTE for the ByPass feature. Please VOTE for the Top Talkers feature. Last edited by lschafroth; 10-23-2009 at 06:15 PM.. |
|
|
|
|
06-01-2009, 10:07 AM
|
#6 (permalink) |
|
Master Untangler
Join Date: Jul 2008
Posts: 796
|
5. INSTALL SQUID with Reporter (SARG)
#Increase the APT cache (SKIP this if you have already done this in a previous script) Code:
echo 'APT::Cache-Limit 30000000;' >| /etc/apt/apt.conf Code:
cp /etc/apt/sources.list /etc/apt/sources.list.orig Code:
echo "deb http://ftp.debian.org/debian lenny main contrib non-free" >| /etc/apt/sources.list echo "deb http://security.debian.org lenny/updates main contrib non-free" >> /etc/apt/sources.list echo "deb http://volatile.debian.org/debian-volatile lenny/volatile main contrib non-free" >> /etc/apt/sources.list echo "deb http://www.backports.org/debian lenny-backports main contrib non-free" >> /etc/apt/sources.list echo "deb http://download.webmin.com/download/repository sarge contrib" >> /etc/apt/sources.list Code:
apt-get clean apt-get update Code:
apt-get install squid squid-cgi #configure squid Edit /etc/squid/squid.conf with (customize to your liking, otherwise do a CTRL W to find each line and make sure it's set as below) Code:
nano /etc/squid/squid.conf acl all src all acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 access_log /var/log/squid/access.log squid Code:
http_port 3128 transparent Code:
http_access allow all cache_mem 32 MB cache_dir ufs /var/spool/squid 5000 16 256 httpd_suppress_version_string on Code:
cache_mgr your@mail.com Code:
cp /etc/apt/sources.list.orig /etc/apt/sources.list Login to admin page, click on CONFIG, NETWORKING. At the top click on PORT FORWARDS. Click on ADD which will add it to the selection. Make your screen match the following: Code:
ENABLED: Checked DESCRIPTION: Squid Redirect DESTINATION PORT: 80 SOURCE INTERFACE: Internal PROTOCOL: TCP NEW DESTINATION: 192.168.0.1 (change this to YOUR internal UT IP) NEW PORT: 3128 #Configure a packet filter for webmin (Packet Filter) Login to admin page, click on CONFIG, NETWORKING. At the top click on ADVANCED to enable advanced mode. If this is the first time, it will try to run a wizard which you can cancel. After advanced mode has been enabled, click on the down arrow to the right of the word ADVANCED and select PACKET FILTER. Click on ADD which will add it to the selection. Make your screen match the following: Code:
NAME: Squid Proxy ACTION: PASS SOURCE INTERFACE: Internal DESTINATION PORT 3128 PROTOCOL: TCP DESTINED LOCAL NOTE: This setup will bypass all UT Web Filtering. Use the settings below to redirect squid properly through the Web Filter in UT NOTE: Web filtering still does not work when using squid. We are still trying to get this to work. #Filtering seems to work by adding a file 750-squid with: Code:
nano /etc/untangle-net-alpaca/iptables-rules.d/750-squid Code:
#!/bin/dash
${IPTABLES} -t nat -A OUTPUT -p tcp --destination-port 80 -m owner --uid-owner 0 -j REDIRECT --to-ports 3128
Code:
chmod 664 /etc/untangle-net-alpaca/iptables-rules.d/750-squid Code:
/etc/init.d/untangle-net-alpaca restart /etc/init.d/untangle-net-alpaca-iptables restart Code:
/etc/init.d/squid restart
__________________
Please VOTE for the AD/LDAP Connector upgrade. Please VOTE for the ByPass feature. Please VOTE for the Top Talkers feature. Last edited by lschafroth; 06-02-2009 at 03:31 PM.. |
|
|
|
|
06-02-2009, 06:41 PM
|
#10 (permalink) |
|
Untangler
Join Date: Oct 2008
Posts: 79
|
Hi,
It was mentioned above that imspector raw logs can be viewed at /var/log/imspector. But it is a directory not a file? What can I do to fix it? Here's what I got from lsof # lsof -i | grep imspector [root @ srv] imspector 18644 root 5u IPv4 1109985 TCP *:16667 (LISTEN) imspector 18644 root 6u IPv4 4224434 TCP 192.168.125.1:16667->x pc.domain.lan:1037 (ESTABLISHED) imspector 18644 root 7u IPv4 4224435 TCP srv.domain.lan:788 7->el-in-f125.google.com:xmpp-client (ESTABLISHED) imspector 18728 root 5u IPv4 1109985 TCP *:16667 (LISTEN) imspector 18728 root 6u IPv4 4224710 TCP 192.168.125.1:16667->c elpc.domain.lan:1039 (ESTABLISHED) imspector 18728 root 7u IPv4 4224711 TCP srv.domain.lan:764 2->72.14.247.125:xmpp-client (ESTABLISHED) imspector 18981 root 5u IPv4 1109985 TCP *:16667 (LISTEN) imspector 18981 root 6u IPv4 4225622 TCP 192.168.125.1:16667->b ethpc.domain.lan:1038 (ESTABLISHED) imspector 18981 root 7u IPv4 4225623 TCP srv.domain.lan:767 1->72.14.247.125:xmpp-client (ESTABLISHED) imspector 19064 root 5u IPv4 1109985 TCP *:16667 (LISTEN) imspector 19064 root 6u IPv4 4225918 TCP 192.168.125.1:16667->c larizpc.domain.lan:1056 (ESTABLISHED) imspector 19064 root 7u IPv4 4225919 TCP srv.domain.lan:767 9->72.14.247.125:xmpp-client (ESTABLISHED) I already configured port forwarding from google chat port 5222 to 16667 (imspector). But no progress yet. TIA, James Last edited by c4rdinal; 06-02-2009 at 06:54 PM.. |
|
|
|
|
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
|
All times are GMT -7. The time now is 07:21 AM.
