Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Is there a way to check which IP is using the most bandwidth at any one time?
I have a proxy server running and occasionally some users download videos instead of stream them, which hogs the bandwidth on their connection and denies other users access.
I am trying to run ntop but get this error:
[root ntop]# /usr/local/bin/ntop -i "eth0,tun0,tun1" -d -L -u ntop -P /usr/local/var/ntop --skip-version-check --use-syslog=daemon
-bash: /usr/local/bin/ntop: No such file or directory
[root ntop]#
Check for the log messages. Your ntop seems to die as soon as it starts.
Is it ntop.log? That file does not seem to exist.
This is the conf:
Code:
# tells ntop the user id to run as
--user ntop
#save messages into the system log
--use-syslog=daemon
# sets the directory that ntop runs from
--db-file-path /var/lib/ntop
# the amount and severity of messages that ntop will put out
--trace-level 3
# limit ntop to listening on a specific interface and port
--http-server 127.0.0.1:3000 --https-server 127.0.0.1:3001
# Under certain circumstances, the sched_yield() function causes the ntop web
# server to lock up. It shouldn't happen, but it does. This option causes
# ntop to skip those calls, at a tiny performance penalty.
--disable-schedyield
# disables "phone home" behavior
--skip-version-check=yes
Nov 8 08:07:54 serverxx-xxx-xxx-198 kernel: ip_conntrack version 2.4 (7525 buckets, 60200 max) - 228 bytes per conntrack
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: THREADMGMT[t3086866656]: ntop RUNSTATE: PREINIT(1)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: THREADMGMT[t3086866656]: ntop RUNSTATE: INIT(2)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: ntop v.3.3.9 Fedora RPM
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Configured on Oct 26 2009 1:22:21, built on Oct 26 2009 01:22:27.
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Copyright 1998-2007 by Luca Deri <deri@ntop.org>
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Get the freshest ntop from http://www.ntop.org/
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: NOTE: ntop is running from 'ntop'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: NOTE: (but see warning on man page for the --instance parameter)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: NOTE: ntop libraries are in '/usr/lib'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Initializing ntop
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: No patterns to load: protocol guessing disabled.
Nov 8 08:08:16 serverxx-xxx-xxx-198 kernel: device eth0 entered promiscuous mode
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **WARNING** Truncated network size (device eth0) to 1024 hosts (real netmask 255.255.252.0)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Checking eth0 for additional devices
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Added virtual interface: 'eth0:0'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Resetting traffic statistics for device eth0
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Initializing device eth0 (0)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **ERROR** pcap_open_live(): 'ioctl: No such device'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Please correct the problem or select a different interface using the -i flag
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **FATAL_ERROR** Not root, ntop shutting down...
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: CLEANUP[t3086866656]: ntop caught signal 2 [state=2]
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: ntop is now quitting...
Nov 8 08:08:16 serverxx-xxx-xxx-198 kernel: device eth0 left promiscuous mode
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: THREADMGMT[t3086158048]: ntop RUNSTATE: PREINIT(1)
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: THREADMGMT[t3086158048]: ntop RUNSTATE: INIT(2)
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: ntop v.3.3.9 Fedora RPM
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Configured on Oct 26 2009 1:22:21, built on Oct 26 2009 01:22:27.
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Copyright 1998-2007 by Luca Deri <deri@ntop.org>
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Get the freshest ntop from http://www.ntop.org/
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: NOTE: ntop is running from 'ntop'
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: NOTE: (but see warning on man page for the --instance parameter)
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: NOTE: ntop libraries are in '/usr/lib'
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Initializing ntop
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: No patterns to load: protocol guessing disabled.
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: **WARNING** Truncated network size (device eth0) to 1024 hosts (real netmask 255.255.252.0)
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Checking eth0 for additional devices
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Added virtual interface: 'eth0:0'
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Resetting traffic statistics for device eth0
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Initializing device eth0 (0)
Nov 8 09:32:05 serverxx-xxx-xxx-198 kernel: device eth0 entered promiscuous mode
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: **ERROR** pcap_open_live(): 'ioctl: No such device'
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: Please correct the problem or select a different interface using the -i flag
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: **FATAL_ERROR** Not root, ntop shutting down...
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: CLEANUP[t3086158048]: ntop caught signal 2 [state=2]
Nov 8 09:32:05 serverxx-xxx-xxx-198 ntop[25619]: ntop is now quitting...
Nov 8 09:32:05 serverxx-xxx-xxx-198 kernel: device eth0 left promiscuous mode
Your configuration file will have no effect if you are running it from command line.
Can you see this:
Code:
Initializing ntop
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: No patterns to load: protocol guessing disabled.
Nov 8 08:08:16 serverxx-xxx-xxx-198 kernel: device eth0 entered promiscuous mode
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **WARNING** Truncated network size (device eth0) to 1024 hosts (real netmask 255.255.252.0)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Checking eth0 for additional devices
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Added virtual interface: 'eth0:0'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Resetting traffic statistics for device eth0
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Initializing device eth0 (0)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **ERROR** pcap_open_live(): 'ioctl: No such device'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Please correct the problem or select a different interface using the -i flag
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **FATAL_ERROR** Not root, ntop shutting down...
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: CLEANUP[t3086866656]: ntop caught signal 2 [state=2]
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: ntop is now quitting...
Your configuration file will have no effect if you are running it from command line.
Can you see this:
Code:
Initializing ntop
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: No patterns to load: protocol guessing disabled.
Nov 8 08:08:16 serverxx-xxx-xxx-198 kernel: device eth0 entered promiscuous mode
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **WARNING** Truncated network size (device eth0) to 1024 hosts (real netmask 255.255.252.0)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Checking eth0 for additional devices
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Added virtual interface: 'eth0:0'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Resetting traffic statistics for device eth0
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Initializing device eth0 (0)
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: DLT: Device 0 [eth0] is 1, mtu 1514, header 14
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **ERROR** pcap_open_live(): 'ioctl: No such device'
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: Please correct the problem or select a different interface using the -i flag
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: **FATAL_ERROR** Not root, ntop shutting down...
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: CLEANUP[t3086866656]: ntop caught signal 2 [state=2]
Nov 8 08:08:16 serverxx-xxx-xxx-198 ntop[23934]: ntop is now quitting...
But what is the problem?
I am running it as root so am not sure what the issue is...
Well I would suggest using your repositories to install ntop rather than compiling it from source. You can uninstall the current installation and then use yum to install a fresh copy. Also make sure you are deleting all the database files after uninstall is finished.
No usually you do not run ntop as root but as its own user. Why dont you try to configure the config file and run ntop as service. I do this.
How can I run it as a service?
Do I login as ntop and then do this? I cannot login as ntop as it says password denied even though I set the password eaerlier.
ntop -i "eth0,tun0,tun1" -d -L -u ntop -P /usr/local/var/ntop --skip-version-check --use-syslog=daemon
Well I would suggest using your repositories to install ntop rather than compiling it from source. You can uninstall the current installation and then use yum to install a fresh copy. Also make sure you are deleting all the database files after uninstall is finished.
See my earlier post. If you installed ntop from source we can not say if the installation was clean. What I would suggest you is a clean installation from yum repositories.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.