How To Install Ntopng on Manjaro

Ntopng is a powerful network traffic monitoring tool that provides comprehensive real-time analysis of network usage through an intuitive web interface. This detailed guide will walk you through the process of installing and configuring ntopng on Manjaro Linux, offering multiple installation methods and essential configuration steps to help you effectively monitor your network traffic.

Table of Contents

Introduction

What is Ntopng?

Ntopng (next generation ntop) is an advanced network traffic analysis and flow collection tool that provides real-time insights into network usage. It serves as a high-performance, low-resource alternative to the original ntop program, offering powerful features for monitoring network activity.

Why Install Ntopng on Manjaro?

Manjaro users can benefit from ntopng’s capabilities to monitor bandwidth consumption, identify network bottlenecks, detect security threats, and visualize network traffic patterns. The combination of Manjaro’s user-friendly Arch-based environment with ntopng’s powerful monitoring capabilities creates an excellent platform for network administration and security monitoring.

Installation Methods Overview

This article will cover multiple approaches to installing ntopng on Manjaro Linux, including using the Snap Store, installing from the Arch User Repository (AUR), and compiling from source. Each method has its advantages and considerations, which will be thoroughly explained to help you choose the most suitable approach for your specific needs.

Understanding Ntopng

Evolution and Purpose

Ntopng represents the evolution of the original ntop tool, designed specifically for modern network environments. The “ng” stands for “next generation,” indicating its advanced capabilities and improved performance over its predecessor. Developed in C++ with a Lua-based web interface, ntopng provides a comprehensive solution for network traffic analysis.

Key Features and Capabilities

Ntopng offers a robust set of features that make it an essential tool for network administrators and security professionals. It uses nDPI (Deep Packet Inspection) for protocol identification, allowing detailed visibility into network traffic. The tool provides geolocation of hosts, enabling you to track the geographical origin of connections. Real-time flow analysis for connected hosts gives immediate insights into network activity patterns, all while relying on the Redis key-value server rather than a traditional database for improved performance.

Available Editions

Ntopng is available in multiple editions, including a free Community Edition distributed under the GNU General Public License version 3 (GPLv3), as well as Pro and Enterprise editions with advanced features. This article focuses primarily on installing the Community Edition, which offers substantial functionality for most users.

System Requirements

For optimal performance, ntopng requires a system with sufficient processing power and memory. While it can run on modest hardware, a system with at least 4GB of RAM and a multi-core processor is recommended for monitoring busy networks. Manjaro Linux provides an excellent platform for running ntopng due to its performance-oriented design and rolling release model.

Preparation Before Installation

Update Your Manjaro System

Before installing ntopng, ensure your Manjaro system is fully updated to avoid potential conflicts with dependencies and ensure compatibility with the latest packages. Open a terminal and run:

sudo pacman -Syu

This command synchronizes the package databases and upgrades all installed packages to their latest versions.

Install Required Dependencies

Depending on the installation method you choose, different dependencies may be required. However, some common dependencies can be installed in advance:

sudo pacman -S base-devel git wget curl

These packages provide essential build tools and utilities that will be needed during the installation process.

Check System Compatibility

Verify that your system meets the minimum requirements for running ntopng effectively. While ntopng can operate on systems with modest resources, monitoring busy networks may require additional CPU power and memory. Ensure your network interfaces are properly configured and recognized by your system.

Create Backup (Optional)

If you’re installing ntopng on a production system, consider creating backups of critical configuration files and data before proceeding with the installation.

Method 1: Installing Ntopng Using Snap Store

Understanding Snap Packages

Snap is a package management system developed by Canonical that allows for the distribution of self-contained applications across various Linux distributions. The ntopng-blake snap package provides a convenient way to install ntopng on Manjaro with minimal configuration.

Installing Snapd on Manjaro

Snapd is the daemon required to run snap packages. It can be installed from Manjaro’s Add/Remove Software application (Pamac) or via the command line:

sudo pacman -S snapd

After installation, enable the systemd unit that manages the main snap communication socket:

sudo systemctl enable --now snapd.socket

Enabling Classic Snap Support

To enable classic snap support, create a symbolic link between /var/lib/snapd/snap and /snap:

sudo ln -s /var/lib/snapd/snap /snap

Log out and back in or restart your system to ensure snap’s paths are updated correctly.

Installing Ntopng-Blake Snap

Once snapd is properly set up, install the ntopng-blake snap package:

sudo snap install ntopng-blake

Verifying Installation

After installation completes, verify that ntopng is running correctly:

snap services ntopng-blake

Method 2: Installing Ntopng from AUR

Introduction to Arch User Repository (AUR)

The Arch User Repository is a community-driven repository for Arch-based distributions like Manjaro. It contains package build scripts (PKGBUILDs) that allow users to compile and install packages that aren’t available in the official repositories.

Installing an AUR Helper

While you can manually build and install packages from AUR, using an AUR helper simplifies the process. Yay is a popular choice:

sudo pacman -S yay

If yay isn’t available in your repositories, you can install it manually:

git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si

Installing Ntopng from AUR

With an AUR helper installed, you can now install ntopng:

yay -S ntopng

During the installation process, you’ll be prompted to confirm the installation of dependencies. According to the AUR page, ntopng has several dependencies including curl, hiredis, json-c, libmariadbclient, libmaxminddb, libpcap, redis, rrdtool, sqlite, and zeromq.

Handling Dependencies

The AUR helper will attempt to resolve dependencies automatically, but you might need to manually install some dependencies if issues arise. Pay attention to any error messages during the build process.

Post-Installation Configuration

After installation, enable and start the Redis service, which is required by ntopng:

sudo systemctl enable --now redis

Then enable and start the ntopng service:

sudo systemctl enable --now ntopng

Method 3: Installing Ntopng from Source

When to Choose Source Installation

Building ntopng from source provides the most control over the installation process and ensures compatibility with your specific system. It’s particularly useful if you need to apply custom patches or want the latest development version.

Downloading the Source Code

Clone the ntopng repository from GitHub:

git clone https://github.com/ntop/ntopng.git
cd ntopng

Installing Build Dependencies

Before compilation, install the necessary build dependencies:

sudo pacman -S automake autoconf libtool libpcap hiredis libmaxminddb json-c zeromq libxml2 rrdtool sqlite libmariadbclient

Additional dependencies may be required for specific features.

Compilation Process

Follow these steps to compile ntopng:

./autogen.sh
./configure
make

The compilation process may take several minutes depending on your system’s performance.

Installation

After successful compilation, install ntopng:

sudo make install

Creating a Systemd Service

Create a systemd service file to manage ntopng:

sudo nano /etc/systemd/system/ntopng.service

Add appropriate service configuration, then enable and start the service:

sudo systemctl enable --now ntopng

Advantages and Considerations

Source installation provides the most recent version with all features enabled but requires more technical knowledge and maintenance effort. Updates will need to be performed manually by pulling new code and recompiling.

Initial Configuration of Ntopng

Accessing the Web Interface

Once installed, ntopng’s web interface is accessible via a web browser at:

http://localhost:3000

If accessing from another device on the network, replace “localhost” with the IP address of your Manjaro system.

Install Ntopng on Manjaro

First-time Login

The default login credentials are:

Username: admin
Password: admin

For security reasons, you’ll be prompted to change the default password upon first login.

Basic Interface Navigation

After logging in, you’ll see the ntopng dashboard displaying an overview of your network traffic. The left sidebar provides navigation to different sections, including real-time traffic, hosts, flows, and interfaces.

Configuring Monitored Interfaces

By default, ntopng monitors all available network interfaces. To specify which interfaces to monitor, edit the ntopng configuration file:

sudo nano /etc/ntopng/ntopng.conf

Add or modify the “-i” parameter to specify interfaces:

-i=eth0

Multiple interfaces can be specified by separating them with commas.

Redis Configuration

Ntopng uses Redis for data storage. Ensure Redis is running and configured properly:

sudo systemctl status redis

If Redis isn’t running, start and enable it:

sudo systemctl enable --now redis

Restart Ntopng

After making configuration changes, restart ntopng to apply them:

sudo systemctl restart ntopng

Advanced Configuration

Editing the Configuration File

For advanced configuration, edit the ntopng configuration file:

sudo nano /etc/ntopng/ntopng.conf

Common configuration options include:

`-w=3000`: HTTP port for the web server
`-W=3001`: HTTPS port for the web server
`--disable-login=1`: Disable login authentication (not recommended for production)
`--data-dir=/var/lib/ntopng`: Data directory location
`--httpdocs-dir=/usr/share/ntopng/httpdocs`: Web interface files location

Setting Up SSL/TLS

For secure access, configure HTTPS:

-W=3001
--https-key=/etc/ntopng/cert.key
--https-cert=/etc/ntopng/cert.pem

Generate self-signed certificates if needed:

openssl req -x509 -newkey rsa:4096 -keyout /etc/ntopng/cert.key -out /etc/ntopng/cert.pem -days 365 -nodes

Data Retention Configuration

Configure how long ntopng retains historical data:

--flows-dump=86400

This sets flow data retention to 24 hours (86400 seconds).

Access Control

Create additional user accounts with different privilege levels through the web interface under “Settings > Users”.

Geolocation Setup

For geolocation features, download and install MaxMind GeoIP databases:

sudo mkdir -p /usr/share/ntopng/httpdocs/geoip
cd /usr/share/ntopng/httpdocs/geoip
sudo wget https://mirrors-cdn.liferay.com/geolite.maxmind.com/download/geoip/database/GeoIP.dat.gz
sudo gunzip GeoIP.dat.gz

Restart ntopng after configuring these advanced settings.

Troubleshooting Common Issues

Web Interface Not Accessible

If you cannot access the web interface, check:

1. Ntopng service status: sudo systemctl status ntopng
2. Firewall configuration: sudo ufw status (if using ufw)
3. Correct port configuration in ntopng.conf

To allow access through the firewall:

sudo ufw allow 3000/tcp

Redis Connection Issues

If ntopng fails to connect to Redis:

1. Verify Redis is running: sudo systemctl status redis
2. Check Redis connection settings in ntopng.conf
3. Restart Redis: sudo systemctl restart redis

Interface Detection Problems

If ntopng doesn’t detect network interfaces:

1. List available interfaces: ip addr
2. Manually specify interfaces in ntopng.conf
3. Ensure you have proper permissions for packet capture

High CPU or Memory Usage

If ntopng consumes excessive resources:

1. Reduce the number of monitored interfaces
2. Increase data purge frequency
3. Adjust packet sampling rate

Log Analysis

Examine ntopng logs for error messages:

sudo journalctl -u ntopng

Or check specific log files if configured:

cat /var/log/ntopng.log

Updating and Maintaining Ntopng

Updating Based on Installation Method

For snap installations, updates are automatic, but can be manually triggered:

sudo snap refresh ntopng-blake

For AUR installations, update using your AUR helper:

yay -Syu ntopng

For source installations, pull the latest code and recompile:

cd ntopng
git pull
make clean
./autogen.sh
./configure
make
sudo make install

Backup Configuration

Before updating, back up your configuration:

sudo cp -r /etc/ntopng /etc/ntopng.backup

Database Maintenance

Periodically clean up Redis data:

redis-cli flushdb

Note that this will erase all stored data.

Service Monitoring

Regularly check the ntopng service status:

sudo systemctl status ntopng

Set up monitoring for the ntopng service to ensure continuous operation.

Congratulations! You have successfully installed Ntopng. Thanks for using this tutorial for installing the Ntopng network traffic monitoring tool on Manjaro system. For additional help or useful information, we recommend you check the official Ntopng website.

VPS Manage Service Offer

If you don’t have time to do all of this stuff, or if this is not your area of expertise, we offer a service to do “VPS Manage Service Offer”, starting from $10 (Paypal payment). Please contact us to get the best deal!