Mittwoch, 13. September 2006

nTOP: bestimmtes netz ueberwachen

/etc/protocol.list (Beispiel)

HTTP=http|www|https,SAP=sapdp00|sapdp99|sapgw00|sapgw99|sapmsNP1,IXOS=webcache|ixDS|ixWC|ixRC1|ixMONS|ixMONS1|ixDP|ixADMS|ixADMS-http|ixADMS-https,LPR=printer|mvservice,Mail=pop-2|pop-3|pop3s|kpop|smtp|imap|imap2|imaps|exrpc|iso-tsap|phone,FTP=ftp|ftp-data|squid,PDM=oralisten|pdm|pdm1|pdm2|pdm3|pdm4,TIF=pdmtif,ON=onc|onc2,DNS=name|domain,NBios-IP=netbios-ns|netbios-dgm|netbios-ssn,LDAP=ldap|ldaps,SNMP=snmp|snmp-trap,NEWS=nntp,SSH=ssh|telnet|login,MSP=msp,Tcpapl=tcpapl1|tcpapl2,CSTA=csta|csta1|csta2,VoIP-SIP=sip_stun3478|sip_stun3479|sip_any5060|sip_any5061|sip_any5062|sip_any5070,VoIP-T2T=32512-32767|VoIP-pbx=2556|cmisd=2535|RTP=32000-32255|SIP-Proxy=5060|AudioCodeChannels=4000-4072|tftpd-download=2568|acd=2538-2555|H323-OutCall=21000-21999|H323-MediaChannelOut=25000-25999|H323-MediaChannelOut=25000-25999|H323-MediaChannelIn=31000-31059|MS-MOM=1270|syslog=514






cd /usr/bin

ln -s ntop ntop_netz19216800-24




/etc/ntop_netz19216800-24.conf

--user ntop
--db-file-path /var/ntop_netz19216800-24
--http-server 3001


/etc/init.d/ntop_netz19216800-24

#!/bin/bash
#
# Init file for the NTOP network monitor
#
# chkconfig: - 93 83
#
# description: NTOP Network Monitor
#
# processname: ntop
# config: /etc/ntop.conf
# pidfile: /var/run/ntop

# Source function library.
. /etc/rc.d/init.d/functions

# Source networking configuration.
. /etc/sysconfig/network

# Check that networking is up.
[ "${NETWORKING}" == "no" ] && exit 0
[ -x "/usr/bin/ntop21" ] || exit 1
[ -r "/etc/ntop21.conf" ] || exit 1
[ -r "/var/ntop21/ntop_pw.db" ] || exit 1

RETVAL=0
prog="ntop_netz19216800-24"


#Netz 192.168.0.0/24

start () {
echo -n $"Starting $prog: "
daemon $prog -d -L @/etc/ntop21.conf -p /etc/protocol.list -B "'(src net 192.168.0.0/24) or (dst net 192.168.0.0/24)'"
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/\$prog
return $RETVAL
}

stop () {
echo -n $"Stopping $prog: "
killproc $prog
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}

restart () {
stop
start
}

case "$1" in
start)
start
;;
stop)
stop
;;
restart|reload)
restart
;;
condrestart)
[ -e /var/lock/subsys/$prog ] && restart
RETVAL=$?
;;
status)
status $prog
RETVAL=$?
;;
*)
echo $"Usage: $0 {start|stop|restart|condrestart|status}"
RETVAL=1
esac

exit $RETVAL



/var/ntop_netz19216800-24

chown ntop.nobody /var/ntop_netz19216800-24


Admin Kennwort vergeben

ntop_netz19216800-24 -L @/etc/ntop_netz19216800-24.conf -p /etc/protocol.list

STRG+C

chkconfig --add ntop_netz19216800-24

chkconfig ntop_netz19216800-24 on


dann via browser auf die IP des NTOP-Severver z.B. 192.168.1.222

http://192.168.1.222:3001

Montag, 11. September 2006

file mit bestimmer groesse anlegen

dd if=/dev/zero of=300m bs=1024 count=300000

hier wird ein file mit 300 MB angelegt