Install Ntopng on Rocky Linux 9: Easy Network Monitoring

Posted on

Install Ntopng on Rocky Linux 9: Easy Network Monitoring

Install Ntopng on Rocky Linux 9: Easy Network Monitoring

This guide will walk you through the process of how to Install Ntopng on Rocky Linux 9. Ntopng is a powerful, open-source network traffic monitoring tool. It allows administrators to visualize and analyze network traffic in real-time, providing valuable insights into network performance and security.

Ntopng excels as a passive network monitoring solution, meticulously gathering and statistically evaluating traffic data on connected networks. Crucially, it doesn’t actively interfere with network traffic (though "Layer 7 Manipulation" capabilities exist). This makes it an ideal tool for administrators seeking answers to critical questions, such as:

  • What devices are communicating on my network?
  • What applications are consuming the most bandwidth?
  • Are there any suspicious traffic patterns that might indicate a security threat?
  • How is my network performing overall?

Now that you have a basic understanding of Ntopng, let’s proceed with the steps to install this valuable network monitoring tool on your Rocky Linux 9 server.

Before you begin, ensure you have root user access with sudo privileges and a basic firewall configured. You can refer to an Initial Server Setup with Rocky Linux 9 guide for assistance with these prerequisites.

1. Add Ntopng Repository on Rocky Linux

Ntopng packages are not available in the default Rocky Linux repositories. To install Ntopng, you need to add the official Ntop repository.

Execute the following command to add the Ntop repository:

curl https://packages.ntop.org/centos/ntop.repo > /etc/yum.repos.d/ntop.repo

2. Install EPEL Repository

The EPEL (Extra Packages for Enterprise Linux) repository provides additional packages that are not included in the base Rocky Linux distribution. Ntopng has dependencies that are available in EPEL.

Install the EPEL repository with the following command:

dnf install epel-release -y

3. Install Remi Repository

The Remi repository offers newer versions of PHP and other software packages. While not strictly required for Ntopng itself, it can be useful for related web applications or services.

Add the Remi repository using this command:

rpm -ivh http://rpms.remirepo.net/enterprise/remi-release-9.rpm

4. Install DNF Plugins

DNF (Dandified YUM) plugins enhance the functionality of the DNF package manager. Install the necessary DNF plugins with the following command:

dnf install dnf-plugins-core -y

5. Enable Power Tools

Enable the PowerTools repository (also known as CodeReady Linux Builder or CRB) and the Remi repository. These repositories provide additional development tools and libraries.

Enable the CRB repository with:

dnf config-manager --set-enabled crb

The original guide includes the following line:

# dnf config-manager --set-enabled remi

However, in the next step, when installing Ntopng, dnf will be executed with the --enablerepo=remi option. It is not necessary to enable the remi repo here.

After enabling the repositories, update the system to ensure all packages are up-to-date:

dnf update -y

6. Install Ntopng Network Monitoring Tool

Now you can install Ntopng and its dependencies. Make sure to enable the remi repo to install the necessary php dependencies.

dnf install pfring-dkms n2disk nprobe ntopng --enablerepo=remi -y

Note: PF_RING is now packaged without ZC drivers, so you can optionally install them:

dnf install pfring-drivers-zc-dkms

Some Ntopng components require a license. These include:

  • nProbe
  • n2disk

If you are a nProbe user and want to install a nProbe package with no dependency, please install the nProbes (rather than the nProbe) package. Note that you can either install the nProbe or the nProbes package but NOT both simultaneously.

Start and Enable Ntopng

Start the Ntopng service and enable it to start automatically on boot:

systemctl enable --now ntopng

Verify that the service is running correctly:

systemctl status ntopng

Output:

● ntopng.service - ntopng high-speed web-based traffic monitoring and analysis
     Loaded: loaded (/usr/lib/systemd/system/ntopng.service; enabled; vendor preset: disabled)
     Active: active (running) since Sun 2023-01-22 06:21:44 EDT; 2s ago
    Process: 36766 ExecStartPre=/bin/sh -c /usr/bin/ntopng-utils-manage-config --config-file /etc/ntopng/ntopng.conf (code=exited, status=0/SUCCESS)
    Process: 36780 ExecStartPre=/bin/sh -c /bin/cat /etc/ntopng/ntopng.conf > /tmp/ntopng.conf.tmp (code=exited, status=0/SUCCESS)
    Process: 36782 ExecStartPre=/bin/sh -c /bin/cat /etc/ntopng/ntopng.conf.d/* > /tmp/ntopng.conf.d.tmp (code=exited, status=0/SUCCESS)
    Process: 36784 ExecStartPre=/bin/sh -c /bin/sed "/^[ ]*-e.*$|^[ ]*-G.*|^[ ]*-w.*$/d" /tmp/ntopng.conf.tmp /tmp/ntopng.conf.d.tmp > /run/ntopng.conf (code=exited, status=0/SUCCESS)
   Main PID: 36786 (ntopng)
      Tasks: 7 (limit: 23609)
     Memory: 37.3M
        CPU: 542ms
     CGroup: /system.slice/ntopng.service
             └─36786 /usr/bin/ntopng /run/ntopng.conf
...

A status of active (running) indicates that Ntopng is successfully running.

7. Configure Firewall For Ntopng

Ntopng, by default, listens on port 3000. You need to allow traffic on this port through the Rocky Linux 9 firewall.

Use the following commands to open port 3000:

firewall-cmd --permanent --add-port=3000/tcp
firewall-cmd --reload

The first command adds the rule permanently, and the second command reloads the firewall to apply the changes.

8. Access Ntopng Dashboard Rocky Linux 9

You can now access the Ntopng web interface by navigating to your server’s IP address followed by port 3000 in your web browser:

http://<server-IP>:3000

Replace <server-IP> with the actual IP address of your Rocky Linux 9 server.

The default credentials are admin:admin. It is highly recommended to change the default password immediately after logging in.

Install Ntopng on Rocky Linux 9, Ntopng login screen
Ntopng Login screen

Change the default password.

Change default password of Ntopng
Change password

You will now be presented with the Ntopng dashboard.

Ntopng dashboard
Ntopng network monitoring tool dashboard

That concludes the installation process.

Conclusion

You have successfully learned how to Install Ntopng on Rocky Linux 9. Ntopng is particularly well-suited for monitoring small to medium-sized Class C networks at gigabit speeds. However, with appropriate hardware, it can also be used to monitor larger networks. This guide has provided a straightforward approach to setting up this powerful network monitoring tool. Enjoy using Ntopng to gain insights into your network traffic!

Please subscribe to us on Facebook, YouTube, and Twitter.

You may also like these articles:

Install Zabbix on Rocky Linux 9

Install XAMPP on Rocky Linux 9

How To Install Netdata on Rocky Linux 9

Installing aaPanel Rocky Linux 8

Run Xfce Desktop on Rocky Linux 8

Install Mono on Rocky Linux 8

Alternative Installation Methods for Ntopng on Rocky Linux 9

While the method described above is effective, there are alternative approaches to installing Ntopng on Rocky Linux 9. Here are two different ways:

1. Using Docker

Docker provides a containerized environment, making it easier to deploy and manage applications like Ntopng. This method eliminates the need to manually manage dependencies and configurations.

Explanation:

Docker containers encapsulate an application and its dependencies into a single unit. This ensures consistency across different environments and simplifies deployment. To install Ntopng using Docker, you’ll need to install Docker and Docker Compose. Docker Compose is a tool for defining and running multi-container Docker applications.

Steps:

  1. Install Docker:

    dnf install docker -y
    systemctl start docker
    systemctl enable docker
  2. Install Docker Compose:

    dnf install docker-compose -y
  3. Create a docker-compose.yml file:

    Create a file named docker-compose.yml in a directory of your choice. Add the following content:

    version: "3.8"
    services:
      ntopng:
        image: ntop/ntopng:latest
        ports:
          - "3000:3000"
        volumes:
          - ntopng_data:/var/lib/ntopng
        cap_add:
          - NET_ADMIN
        restart: unless-stopped
    volumes:
      ntopng_data:

    This Docker Compose file defines a single service, ntopng, which uses the ntop/ntopng:latest image from Docker Hub. It maps port 3000 on the host to port 3000 in the container, creates a volume named ntopng_data to persist data, grants the NET_ADMIN capability, and sets the restart policy to unless-stopped.

  4. Run Docker Compose:

    Navigate to the directory containing the docker-compose.yml file and run the following command:

    docker-compose up -d

    This command starts the Ntopng container in detached mode.

  5. Access Ntopng:

    Open your web browser and navigate to http://<server-IP>:3000.

Code Example:

The key code example here is the docker-compose.yml file. It defines the Ntopng service and its configuration.

2. Compiling from Source

Another approach is to compile Ntopng directly from the source code. This method gives you the most control over the build process and allows you to customize Ntopng to your specific needs.

Explanation:

Compiling from source involves downloading the Ntopng source code, resolving dependencies, and then building the application. This approach requires more technical expertise but provides the greatest flexibility.

Steps:

  1. Install Development Tools and Dependencies:

    dnf groupinstall "Development Tools" -y
    dnf install libtool autoconf automake glib2-devel libpcap-devel zlib-devel 
        GeoIP-devel redis -y
  2. Download the Ntopng Source Code:

    Download the latest Ntopng source code from the Ntop website or GitHub repository.

    wget https://github.com/ntop/ntopng/archive/dev.tar.gz
    tar -zxvf dev.tar.gz
    cd ntopng-dev
  3. Compile and Install Ntopng:

    ./autogen.sh
    ./configure
    make
    make install
  4. Configure Ntopng:

    Copy the sample configuration file:

    cp /usr/local/etc/ntopng.conf.default /usr/local/etc/ntopng.conf

    Edit the configuration file /usr/local/etc/ntopng.conf to adjust settings as needed.

  5. Create a Systemd Service File:

    Create a service file for Ntopng at /etc/systemd/system/ntopng.service:

    [Unit]
    Description=ntopng high-speed web-based traffic monitoring and analysis
    After=network.target
    
    [Service]
    Type=simple
    ExecStart=/usr/local/bin/ntopng /usr/local/etc/ntopng.conf
    Restart=on-failure
    
    [Install]
    WantedBy=multi-user.target
  6. Enable and Start Ntopng:

    systemctl enable ntopng
    systemctl start ntopng
  7. Configure Firewall:

    Open port 3000 in the firewall as described in the original guide.

  8. Access Ntopng:

    Open your web browser and navigate to http://<server-IP>:3000.

Code Example:

The key code example here is the systemd service file.

These are two alternative approaches to installing Install Ntopng on Rocky Linux 9. Each method has its own advantages and disadvantages, so choose the one that best suits your needs and technical expertise.

Leave a Reply

Your email address will not be published. Required fields are marked *