ntopng on pfsense

음.. lua mysql redis?

 

>>> Installing pfSense-pkg-ntopng...  Updating pfSense-core repository catalogue... Fetching meta.conf:  Fetching packagesite.pkg:  pfSense-core repository is up to date. Updating pfSense repository catalogue... Fetching meta.conf:  Fetching packagesite.pkg:  pfSense repository is up to date. All repositories are up to date. The following 26 package(s) will be affected (of 0 checked): New packages to be INSTALLED: fontconfig: 2.14.2,1 [pfSense] gdbm: 1.23 [pfSense] graphite2: 1.3.14 [pfSense] graphviz: 8.1.0_1 [pfSense] groff: 1.23.0_2 [pfSense] harfbuzz: 8.2.1 [pfSense] hidapi: 0.14.0 [pfSense] libcbor: 0.10.2 [pfSense] libcjson: 1.7.16 [pfSense] libfido2: 1.13.0 [pfSense] libfontenc: 1.1.7 [pfSense] libpaper: 1.1.28 [pfSense] libunwind: 20211201_2 [pfSense] libzmq4: 4.3.4 [pfSense] lua54: 5.4.6 [pfSense] mkfontscale: 1.2.1 [pfSense] mysql80-client: 8.0.33_3 [pfSense] ndpi: 4.6.d20230510,1 [pfSense] norm: 1.5r6_3 [pfSense] ntopng: 5.6.d20230920,1 [pfSense] openpgm: 5.2.122_6 [pfSense] pfSense-pkg-ntopng: 0.8.13_10 [pfSense] psutils: 1.17_5 [pfSense] redis: 7.2.1 [pfSense] uchardet: 0.0.8 [pfSense] webfonts: 0.30_14 [pfSense] Number of packages to be installed: 26 The process will require 199 MiB more space. 23 MiB to be downloaded. [1/26] Fetching ntopng-5.6.d20230920,1.pkg: .......... done [2/26] Fetching groff-1.23.0_2.pkg: .......... done [3/26] Fetching hidapi-0.14.0.pkg: .. done [4/26] Fetching lua54-5.4.6.pkg: ......... done [5/26] Fetching norm-1.5r6_3.pkg: .......... done [6/26] Fetching mkfontscale-1.2.1.pkg: .. done [7/26] Fetching libcbor-0.10.2.pkg: .. done [8/26] Fetching ndpi-4.6.d20230510,1.pkg: .......... done [9/26] Fetching psutils-1.17_5.pkg: .... done [10/26] Fetching libpaper-1.1.28.pkg: .. done [11/26] Fetching graphite2-1.3.14.pkg: ....... done [12/26] Fetching pfSense-pkg-ntopng-0.8.13_10.pkg: . done [13/26] Fetching libfido2-1.13.0.pkg: .......... done [14/26] Fetching harfbuzz-8.2.1.pkg: .......... done [15/26] Fetching gdbm-1.23.pkg: .......... done [16/26] Fetching libcjson-1.7.16.pkg: ... done [17/26] Fetching graphviz-8.1.0_1.pkg: .......... done [18/26] Fetching libfontenc-1.1.7.pkg: . done [19/26] Fetching libunwind-20211201_2.pkg: ....... done [20/26] Fetching mysql80-client-8.0.33_3.pkg: .......... done [21/26] Fetching openpgm-5.2.122_6.pkg: ....... done [22/26] Fetching webfonts-0.30_14.pkg: .......... done [23/26] Fetching uchardet-0.0.8.pkg: ...... done [24/26] Fetching fontconfig-2.14.2,1.pkg: ........ done [25/26] Fetching libzmq4-4.3.4.pkg: .......... done [26/26] Fetching redis-7.2.1.pkg: .......... done Checking integrity... done (0 conflicting) [1/26] Installing libpaper-1.1.28... [1/26] Extracting libpaper-1.1.28: .......... done [2/26] Installing libcjson-1.7.16... [2/26] Extracting libcjson-1.7.16: .......... done [3/26] Installing libcbor-0.10.2... [3/26] Extracting libcbor-0.10.2: .......... done [4/26] Installing psutils-1.17_5... [4/26] Extracting psutils-1.17_5: .......... done [5/26] Installing uchardet-0.0.8... [5/26] Extracting uchardet-0.0.8: .......... done [6/26] Installing groff-1.23.0_2... [6/26] Extracting groff-1.23.0_2: .......... done [7/26] Installing hidapi-0.14.0... [7/26] Extracting hidapi-0.14.0: .......... done [8/26] Installing norm-1.5r6_3... [8/26] Extracting norm-1.5r6_3: .... done [9/26] Installing graphite2-1.3.14... [9/26] Extracting graphite2-1.3.14: .......... done [10/26] Installing libfido2-1.13.0... [10/26] Extracting libfido2-1.13.0: .......... done [11/26] Installing libfontenc-1.1.7... [11/26] Extracting libfontenc-1.1.7: ......... done [12/26] Installing libunwind-20211201_2... [12/26] Extracting libunwind-20211201_2: .......... done [13/26] Installing openpgm-5.2.122_6... [13/26] Extracting openpgm-5.2.122_6: .......... done [14/26] Installing lua54-5.4.6... [14/26] Extracting lua54-5.4.6: ......... done [15/26] Installing mkfontscale-1.2.1... [15/26] Extracting mkfontscale-1.2.1: ....... done [16/26] Installing ndpi-4.6.d20230510,1... [16/26] Extracting ndpi-4.6.d20230510,1: .......... done [17/26] Installing harfbuzz-8.2.1... [17/26] Extracting harfbuzz-8.2.1: .......... done [18/26] Installing mysql80-client-8.0.33_3... [18/26] Extracting mysql80-client-8.0.33_3: .......... done [19/26] Installing fontconfig-2.14.2,1... [19/26] Extracting fontconfig-2.14.2,1: .......... done [20/26] Installing libzmq4-4.3.4... [20/26] Extracting libzmq4-4.3.4: .......... done [21/26] Installing ntopng-5.6.d20230920,1... ===> Creating groups. Creating group 'ntopng' with gid '288'. ===> Creating users Creating user 'ntopng' with uid '288'. [21/26] Extracting ntopng-5.6.d20230920,1: .......... done [22/26] Installing gdbm-1.23... [22/26] Extracting gdbm-1.23: .......... done [23/26] Installing graphviz-8.1.0_1... [23/26] Extracting graphviz-8.1.0_1: .......... done [24/26] Installing webfonts-0.30_14... [24/26] Extracting webfonts-0.30_14: .......... done [25/26] Installing redis-7.2.1... ===> Creating groups. Creating group 'redis' with gid '535'. ===> Creating users Creating user 'redis' with uid '535'. [25/26] Extracting redis-7.2.1: ......... done [26/26] Installing pfSense-pkg-ntopng-0.8.13_10... [26/26] Extracting pfSense-pkg-ntopng-0.8.13_10: ......... done Saving updated package information... done. Loading package configuration... done. Configuring package components... Loading package instructions... Custom commands... Executing custom_php_install_command()...done. Executing custom_php_resync_config_command()...done. Menu items... done. Services... done. Writing configuration... done. ==> Running trigger: fontconfig.ucl Running fc-cache to build fontconfig cache... ===== Message from groff-1.23.0_2: -- In order to be able to use the html driver, you need to install the following packages:  - ghostscript  - netpbm ===== Message from openpgm-5.2.122_6: -- ===>   NOTICE: The openpgm port currently does not have a maintainer. As a result, it is more likely to have unresolved issues, not be up-to-date, or even be removed in the future. To volunteer to maintain this port, please create an issue at: https://bugs.freebsd.org/bugzilla More information about port maintainership is available at: https://docs.freebsd.org/en/articles/contributing/#ports-contributing ===== Message from mysql80-client-8.0.33_3: -- This is the mysql CLIENT without the server. for complete server and client, please install databases/mysql80-server ===== Message from ntopng-5.6.d20230920,1: -- ntopng runs a web interface service by default, it is suggested to protect such network accessible services with packet filters or TCP wrappers. ntopng requires to connect to a redis server to work. Please install redis server from databases/redis or use -r option via ntopng_flags to specify a remote one. ntopng supports IP geolocation, to enable this you should use the ntopng-geoip2update.sh script to update the maxminddb geolocation data to the latest version. This script requires a maxmind.com account API key configured in /usr/local/etc/GeoIP.conf to work. To pass a configuration file to ntopng, which overrides any command line arguments, add something like the following to rc.conf: ntopng_flags="/path/to/file.conf" ===== Message from webfonts-0.30_14: -- IMPORTANT - READ CAREFULLY: You may not use these fonts if you do not agree to the terms of the Microsoft End-User License Agreement ("EULA").  You will find the EULA at /usr/local/share/doc/webfonts/LICENSE.  If you read and agree to the EULA, you can start using the fonts by following these instructions: Make sure that the freetype module is loaded.  If it is not, add the following line to the "Modules" section of xorg.conf or XF86Config: Load "freetype" Add the following line to the "Files" section of xorg.conf or XF86Config: FontPath "/usr/local/share/fonts/webfonts/" NOTE: Due to known freetype bug some glyphs (N, W) of y2006 Verdana Bold       font are not rendered correctly in anti-aliased mode within the range       9-16 ppem ===== Message from redis-7.2.1: -- To setup "redis" you need to edit the configuration file:       /usr/local/etc/redis.conf       To run redis from startup, add redis_enable="YES"       in your /etc/rc.conf. >>> Cleaning up cache... done. Success

 

서비스에서 ntopng가 stop 되어 있어 실행해도 바로 죽어 버린다.

 

service가 아니라 diagnostics에 왜 있냐..

아무튼 ntopng settings 가서

 

아래처럼 되어있는데 enable 해주고 암호 설정해주고 인터페이스 설정하고 dns resolve 해줄지 결정하면 끝

 

상단 메뉴 Accessing ntopng 누르면 ntopng용 페이지로 이동한다.

 

그나저나 위에서 설정했는데

admin / admin 으로 들어가지고 비밀번호를 바꾸어야 하는거구만..

 

아무튼 단 1개의 클라이언트만 있어서 먼가.. 첫 페이지는 밋밋한데

 

아래 설정된 5초에 주고 받는 데이터에 따라서 다르게 그려지는 듯?

 

경고는 먼가 빨개!!!!

 

들어가보니 SMBv1 으로 요청하는게 있나보네...??!?

 

Flow 에서는 현재 누가 얼마나 주고 받는지가 나온다.

 

interface에서는 간단한 통계가 이쁘게 보여짐