Install Ntop
$sudo apt-get install ntop
Next, Configure Ntop
Set Admin Password
$sudo ntop --set-admin-password
Restart Ntop Service
$sudo /etc/init.d/ntop restart
Then check if your ntop already running by visiting
http://[your_ntop_server_ip]:3000 (without [ ])
Next, we configure ntop to receive Mikrotik's traffic flow
Select Menu: Plugin -> NetFlow -> Activate
Select Menu: Plugin -> NetFlow -> Configure
Edit the Netflow Name = Mikrotik (activate)
Edit Local Collector UDP Port = 2055
Edit Virtual NetFlow Interface Network Address = [your_mikrotik_ip_in_cidr_format]
Select Admin -> Switch Interface -> Select Mikrotik
If your ntop service is up and running, next step is to configure mikrotik.
Enable traffic-flow on mikrotik by following these steps below:
[admin@Mikrotik] > /ip traffic-flow
[admin@Mikrotik] /ip traffic-flow> set enabled=yes
[admin@Mikrotik] /ip traffic-flow> print
enabled: yes
interfaces: all
cache-entries: 4k
active-flow-timeout: 30m
inactive-flow-timeout: 15s
[admin@Mikrotik] /ip traffic-flow> target
[admin@Mikrotik] /ip traffic-flow target> add address=[your_cacti_server_ip]:2055 \
\... version=9
[admini@Mikrotik] /ip traffic-flow target> print
Flags: X - disabled
# ADDRESS VERSION
0 [your_cacti_server_ip]:2055 9
[admin@Mikrotik] /ip traffic-flow target> print
Flags: X - disabled
# ADDRESS VERSION
0 [your_cacti_server_ip]:2055 9
After a while your ntop will began collecting data from Mikrotik traffic Flow. Done!
*Update:
It seems that the current version of libpcap in Ubuntu 10.04 has bug in it. So I need to manually upgrade to the new version (libpcap-dev_1.1.1-2_all.deb)
References:
- http://fisikaunud.wordpress.com/2008/10/08/network-monitor-ntop-di-windows-dengan-mikrotik/
- http://www.mikrotik.com/testdocs/ros/2.9/ip/traffic-flow.php
- https://help.ubuntu.com/community/Ntop
0 komentar:
Posting Komentar