{"id":615,"date":"2008-08-04T14:21:00","date_gmt":"2008-08-04T06:21:00","guid":{"rendered":"http:\/\/note.systw.net\/note\/?p=615"},"modified":"2023-11-04T14:25:29","modified_gmt":"2023-11-04T06:25:29","slug":"ntop","status":"publish","type":"post","link":"https:\/\/systw.net\/note\/archives\/615","title":{"rendered":"ntop"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">&nbsp;ntop(www.ntop.org)<br>\u529f\u80fd\uff1a\u7db2\u8def\u76e3\u63a7\uff0c\u6d41\u91cf\u7d71\u8a08<br>\u7f3a\u9ede\uff1a\u5f88\u5403\u8a18\u61b6\u9ad4<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u5b89\u88dd\u524d\u9700\u5148\u6709\u4ee5\u4e0b\u7a0b\u5f0f<br>gdbm<br>gd<br>libpng<br>libpcap(\u53ef\u80fd\u9700libpcap-devel)<br>zlib<br>rrdtool<br>mysql(\u975e\u5fc5\u8981)<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">1<br>\u4ee5rpm\u6216yum\u5b89\u88dd<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">2<br>ntop -P \/tmp -u nobody<br>ps:<br>-P \u6307\u5b9a\u57f7\u884c\u6642\u7684\u7a0b\u5e8f\u6a94\u6848<br>-u \u6307\u5b9a\u4f7f\u7528\u8005\u57f7\u884c<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">\u8f38\u5165\u5e33\u865fadmin,\u5bc6\u78bcadmin<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">3<br>\u958b\u555f\u6b64\u7db2\u5740\uff1alocalhost:3000<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;&#8230;.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">ntop\u7684\u53c3\u6578<\/p>\n\n\n\n<figure class=\"wp-block-table\"><table><tbody><tr><td>-a<br>&#8211;access-log-file<\/td><td>(default) (nil)<\/td><td>\u6307\u5b9ahttp\u7684\u767b\u5165access\u7684log\u6a94\u6848\u7684\u8def\u5f91,<br>ps:\u8207apache\u7684log\u5dee\u7570\u662fntop\u591a\u4e86\u4e00\u884cntop\u56de\u61c9\u9700\u6c42\u7684\u6642\u9593<\/td><\/tr><tr><td>-b<br>&#8211;disable-decoders<\/td><td>(default) No<\/td><td>\u4e0d\u8655\u7406\u5177\u89e3\u8b6f\u529f\u80fd\u7684protocol,ex:dns,netbios<br>ps:\u7576\u7db2\u8def\u7e41\u5fd9\u6642\u53ef\u7528\uff0c\u4f46ftp\u7684\u5c01\u5305\u4ecd\u6703\u88ab\u89e3\u6790\u51fa\u4f86<\/td><\/tr><tr><td>-c<br>&#8211;sticky-hosts<\/td><td>(default) No<\/td><td>\u9396\u5b9a\u67d0\u4e00\u53f0\u4e3b\u6a5f,\u8a72\u4e3b\u6a5f\u7684\u8cc7\u8a0a\u4e0d\u6703\u88ab\u9031\u671f\u6027\u5730\u6e05\u9664<\/td><\/tr><tr><td>-d<br>&#8211;daemon<\/td><td>No<\/td><td>\u5c07ntop\u8b8a\u6210daemon\u5728\u80cc\u666f\u57f7\u884c<br>ps:-L\u53c3\u6578\u9700\u6307\u5b9a,\u5426\u5247ntop\u7684\u8cc7\u6599\u6703\u88ab\u5217\u51fa\u4e26\u4e1f\u68c4<\/td><\/tr><tr><td>-e<br>&#8211;max-table-rows<\/td><td>(default) 128<\/td><td>\u986f\u793aweb\u4e0a\u7684\u6700\u5927\u8868\u683c\u6578<\/td><\/tr><tr><td>-f<br>&#8211;traffic-dump-file<\/td><td>(default) (nil)<\/td><td>\u5f9e\u7279\u5b9a\u7684\u6a94\u6848\u8b80\u53d6\u8cc7\u6599,\u901a\u5e38\u8b80\u53d6tcpdump\u6240\u7522\u751f\u7684\u6a94\u6848<br>ps:\u5728debug\u6642\u6703\u7528\u5230<\/td><\/tr><tr><td>-g<br>&#8211;track-local-hosts<\/td><td>(default) Track all hosts<\/td><td>\u6307\u5b9a\u5340\u7db2\u4e3b\u6a5f\u8cc7\u8a0a\u8ffd\u8e64,\u9069\u5408\u5728ntop\u5728gateway\u4e0a\u7528<br>ps:\u7576\u7db2\u8def\u7e41\u5fd9\u6642\u53ef\u7528,\u6216\u6709\u592a\u591a\u5916\u7db2host\u6642<\/td><\/tr><tr><td>-o<br>&#8211;no-mac<\/td><td>(default) Trust MAC Addresses<\/td><td>\u4e0d\u4fe1\u4efb\u7279\u5b9a\u7684mac address<\/td><\/tr><tr><td>-i<br>&#8211;interface<\/td><td>(effective) eth0<\/td><td>\u6307\u5b9a\u8981\u5206\u6790\u7684\u754c\u9762,ex:-i eth0,ppp0<br>ps,-M\u53ef\u5c07\u5404\u7db2\u5361\u8cc7\u8a0a\u5206\u958b<\/td><\/tr><tr><td>-j<br>&#8211;create-other-packets<\/td><td>(default) Disabled<\/td><td>\u5e6bother\u7db2\u8def\u6d41\u91cf\u88fd\u6210\u4e00\u6a94\u6848,\u6b64\u6a94\u6848\u8def\u5f91\u7531-O\u6307\u5b9a<br>ps:\u6b64\u6a94\u5c0d\u4e86\u89e3\u672a\u88ab\u6a19\u6e96\u5316\u7684\u5c01\u5305\u6709\u5e6b\u52a9<\/td><\/tr><tr><td>-k<br>&#8211;filter-expression-in-extra-frame<\/td><td><\/td><td>ntop\u7684\u5831\u544a\u88fd\u4f5c\u6642\u65e5,\u7248\u672c\u8cc7\u8a0a,\u4f7f\u7528\u4e2d\u7db2\u5361\u53ef\u5728\u984d\u5916\u770b\u898b<\/td><\/tr><tr><td>-l<br>&#8211;pcap-log<\/td><td>(default) (nil)<\/td><td>\u5c07\u622a\u53d6\u5230\u7684\u6d41\u91cf\u4ee5pcap\u7684\u683c\u5f0f\u5b58\u653e,\u6216\u4ee5tcpdump\u7684\u683c\u5f0f\u4f5c\u51fa\u4e00\u500b\u6a94\u6848,\u6a94\u6848\u76ee\u9304\u8def\u5f91\u7531-O\u6307\u5b9a<\/td><\/tr><tr><td>-m<br>&#8211;local-subnets (effective)<\/td><td>(default) (nil)<\/td><td>\u6307\u5b9a\u5340\u7db2\u4e2d\u7279\u5b9a\u7684\u5b50\u7db2\u8def\u6d41\u91cf\u5206\u6790,\u6703\u5c07\u6307\u5b9a\u7db2\u8def\u8996\u505alocal\u770b\u5f85<br>ex:-m 192.168.10.0\/24,10.1.2.3\/8<\/td><\/tr><tr><td>-n<br>&#8211;numeric-ip-addresses<\/td><td>(default) No<\/td><td>\u4ee5ip\u4f4d\u7f6e\u4ee3\u66ffdns<br>ps:\u53ef\u7701\u7565dns\u7701\u8a62\u7684\u6642\u9593<\/td><\/tr><tr><td>-p<br>&#8211;protocols<\/td><td>(default) internal list<\/td><td>\u6307\u5b9a\u7279\u5b9a\u7684tcp\/udp port\u76e3\u63a7,\u683c\u5f0f\u6709\u4ee5\u4e0b\u4e09\u7a2e<br>name=port1|port2&nbsp;&nbsp;&nbsp;<br>ex:-p WWW=http|https \u76e3\u63a7http\u548chttps\u7684port\uff0c\u4e26\u4ee5WWW\u6a19\u793a<br>name=port1-port2&nbsp;&nbsp;&nbsp;<br>ex:-p other=1024-32767 \u76e3\u63a71024\u523032767\u7684port\uff0c\u4e26\u4ee5other\u6a19\u793a<br>filepath&nbsp;&nbsp;&nbsp;<br>ex:-p net.list \u5c07\u4e0a\u8ff0\u7684\u683c\u5f0f\u5beb\u9032net.list\uff0c\u4e26\u4ee5\u6b64\u6a94\u5167\u7684\u8aaa\u660e\u76e3\u63a7<\/td><\/tr><tr><td>-q<br>&#8211;create-suspicious-packets<\/td><td>(default) Disabled<\/td><td>\u7528pcap\u683c\u5f0f\u5132\u5b58\u53ef\u7591\u5c01\u5305\u8cc7\u8a0a\u5230\u65b0\u6a94\u6848<br>ps:\u6b64\u6a94\u6848\u6703\u653e\u5728-O\u6307\u5b9a\u76ee\u9304\u4e0b<\/td><\/tr><tr><td>-r<br>&#8211;refresh-time<\/td><td>(default) 120<\/td><td>\u986f\u793a\u7db2\u9801\u66f4\u65b0\u6642\u9593<\/td><\/tr><tr><td>-s<br>&#8211;no-promiscuous<\/td><td>(default) No<\/td><td>\u5c07\u96dc\u4e82\u6a21\u5f0f\u95dc\u9589<\/td><\/tr><tr><td>-t<br>&#8211;trace-level<\/td><td>(default) 3<\/td><td>\u555f\u52d5\u5f8c\u6240\u986f\u793a\u7684\u8a0a\u606f\u7b49\u7d1a\uff0c\u503c\u8d8a\u4f4e\u8a0a\u606f\u8d8a\u5c11<\/td><\/tr><tr><td>-u<br>&#8211;user<\/td><td>nobody(uid=99, gid=99)<\/td><td>\u6307\u5b9a\u4f7f\u7528\u8005\u57f7\u884c,\u4f46\u4e0d\u53efroot\u57f7\u884c<\/td><\/tr><tr><td>-w<br>&#8211;http-server<\/td><td>(default) Active, all interfaces, port 3000<\/td><td>\u6307\u5b9a\u767b\u5165\u6642\u7684port\u865f&nbsp;ex:http:\/\/localhost:3000<\/td><\/tr><tr><td>-z<br>&#8211;disable-sessions<\/td><td>(default) No<\/td><td>\u4e0d\u986f\u793atcp session\u7684\u8ffd\u8e64\uff0c\u53ef\u6709\u8f03\u597d\u7684\u6548\u80fd<\/td><\/tr><tr><td>-A<br>&#8211;set-admin-password<\/td><td><\/td><td>\u8a2d\u5b9a\u7ba1\u7406\u54e1\u5bc6\u78bc<\/td><\/tr><tr><td>-B<br>&#8211;filter-expression<\/td><td>(default) none<\/td><td>\u52a0\u4e0a\u904e\u6ffe\u6558\u8ff0\uff0c\u8207tcpdump\u76f8\u540c<br>ex:\u53ea\u8981abc.com.tw\u7684\u8cc7\u8a0a<br>-B src host abc.com.tw<\/td><\/tr><tr><td>-D<br>&#8211;domain<\/td><td>com.tw<\/td><td>\u6307\u5b9a\u57df\u540d\u4f86\u505a\u5206\u6790\uff0c\u6703\u8fa6\u8a8d\u672c\u5730\u7aef\u7684domain<\/td><\/tr><tr><td>-F<br>&#8211;flow-spec<\/td><td>(default) none&nbsp;<\/td><td>&nbsp;<\/td><\/tr><tr><td>-K<br>&#8211;enable-debug<\/td><td>(default) No<\/td><td>\u555f\u52d5\u9664\u932f\u6a21\u5f0f\uff0c\u8a0a\u606f\u5728show configuration\u9801\u5e95\u4e0b<\/td><\/tr><tr><td>-L<br>&#8211;use-syslog<\/td><td>daemon<\/td><td>\u6307\u5b9a\u8f38\u51fa\u7684\u8a0a\u606f\u8981\u653e\u5230\u7cfb\u7d71\u7684log\uff0c\u4e0d\u518d\u53e6\u8f38\u51fa\u6a94\u6848<\/td><\/tr><tr><td>-M<br>&#8211;no-interface-merge (effective)<\/td><td>(default) (Merging Interfaces) Yes<\/td><td>\u4e0d\u8981\u5c07\u5404\u4ecb\u9762\u8cc7\u8a0a\u5408\u4f75<\/td><\/tr><tr><td>-N<br>&#8211;wwn-map<\/td><td>(default) (nil)<\/td><td>&nbsp;<\/td><\/tr><tr><td>-O<br>&#8211;pcap-file-path<\/td><td>(default) \/var\/ntop<\/td><td>\u8a2d\u5b9a\u5404\u985elog\u5b58\u5728\u6307\u5b9a\u8def\u5f91\u4e0b<\/td><\/tr><tr><td>-P<br>&#8211;db-file-path<\/td><td>\/tmp<\/td><td>\u6307\u5b9a\u5b58\u653edb\u6a94\u7684\u8def\u5f91<\/td><\/tr><tr><td>-Q<br>&#8211;spool-file-path<\/td><td>\/tmp<\/td><td>&nbsp;<\/td><\/tr><tr><td>-U<br>&#8211;mapper<\/td><td>(default) (nil)<\/td><td>\u986f\u793a\u4e3b\u6a5f\u7684\u4f4d\u7f6e<\/td><\/tr><tr><td>-W<br>&#8211;https-server<\/td><td>Uninitialized<\/td><td>\u6307\u5b9a\u767b\u5165\u6642\u7684port\u865f,\u4e26\u6709\u52a0\u5bc6\u529f\u80fd<\/td><\/tr><tr><td>-X<\/td><td>32768<\/td><td>&nbsp;<\/td><\/tr><\/tbody><\/table><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">-p\u7684\u9810\u8a2d\u503c<br>FTP=ftp|ftp-data<br>HTTP=http|www|https|3128<br>DNS=name|domain<br>telnet=telnet|login<br>Nbios-IP=netbios-ns|netbios-dgm|netbios-ssn<br>Mail=pop-2|pop-3|pop3|kpop|smtp|imap|imap2<br>DGCP-BOOTP=67-68<br>SNMP=snmp|snmp-trap<br>NNTP=nntp<br>NFS=mount|pcnfs|bwnfs|nfsd|nfsd-status<br>X11=6000-6010<br>SSH=22<br>Gnutella=6346|6347|6348(\u67d0p2p\u8edf\u9ad4)<br>Kazaa=1214<br>WinMx=6699|7730<br>DiretcConnect=0<br>EDonkey=4661-4665<br>Messenger=1863|5000|5001|5190-5193<\/p>\n","protected":false},"excerpt":{"rendered":"<p>&nbsp;ntop(www.ntop.org)\u529f\u80fd\uff1a\u7db2\u8def\u76e3 &#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[17],"tags":[],"class_list":["post-615","post","type-post","status-publish","format-standard","hentry","category-systemtool"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/615","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/comments?post=615"}],"version-history":[{"count":0,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/posts\/615\/revisions"}],"wp:attachment":[{"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/media?parent=615"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/categories?post=615"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/systw.net\/note\/wp-json\/wp\/v2\/tags?post=615"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}