Hello -following the wonderful How to on network monitoring with ntop. This is exactly what I want to do. I am new to Linux - using Ubuntu/feisty. Have installed ntop, but when I try to start ntop, get the following in the error log: This is a brand new install, and I have done nothing to install/configure any sort of server, so I think the problem is there. If anyone has any suggestions, please, make them as if I were a slow five year old when it comes to linux. Tue 11 Mar 2008 03:16:09 PM EDT THREADMGMT[t3028437904]: DNSAR(1): Address resolution thread running [p6286] Tue 11 Mar 2008 03:16:10 PM EDT SSL is present but https is disabled: use -W <https port> for enabling it Tue 11 Mar 2008 03:16:10 PM EDT INITWEB: Initializing web server Tue 11 Mar 2008 03:16:10 PM EDT INITWEB: Initializing tcp/ip socket connections for web server Tue 11 Mar 2008 03:16:10 PM EDT **ERROR** INITWEB: binding problem - 'Address already in use'(98) Tue 11 Mar 2008 03:16:10 PM EDT Check if another instance of ntop is running Tue 11 Mar 2008 03:16:10 PM EDT or if the current user (-u) can bind to the specified port Tue 11 Mar 2008 03:16:10 PM EDT **FATAL_ERROR** Binding problem, ntop shutting down... Tue 11 Mar 2008 03:16:10 PM EDT CLEANUP[t3057198784]: ntop caught signal 2 Tue 11 Mar 2008 03:16:10 PM EDT THREADMGMT[t3057198784]: ntop RUNSTATE: SHUTDOWN(7)
requested netstat output hello falko, here is output you requested. tcp 0 0 localhost:2208 *:* LISTEN 4453/hpiod tcp 0 0 localhost:ipp *:* LISTEN 30030/cupsd tcp 0 0 localhost:2207 *:* LISTEN 4462/python tcp6 0 0 *:3000 *:* LISTEN 4698/ntop
errors after reboot, and apache install after reboot: Thu Mar 13 13:39:15 2008 NOTE: Interface merge enabled by default Thu Mar 13 13:39:15 2008 Initializing gdbm databases Thu Mar 13 13:39:15 2008 **ERROR** ....open of /var/lib/ntop/prefsCache.db failed: File open error Thu Mar 13 13:39:15 2008 Possible solution: please use '-P <directory>' Thu Mar 13 13:39:15 2008 **FATAL_ERROR** GDBM open failed, ntop shutting down... Thu Mar 13 13:39:15 2008 CLEANUP[t3057592000]: ntop caught signal 2 Thu Mar 13 13:39:15 2008 THREADMGMT[t3057592000]: ntop RUNSTATE: SHUTDOWN(7) Thu Mar 13 13:39:15 2008 CLEANUP[t3057592000] catching thread is MAIN Thu Mar 13 13:39:15 2008 CLEANUP: Running threads Thu Mar 13 13:39:15 2008 CLEANUP: Locking purge mutex (may block for a little while) Thu Mar 13 13:39:15 2008 CLEANUP: Locked purge mutex, continuing shutdown Thu Mar 13 13:39:15 2008 CLEANUP: Continues Thu Mar 13 13:39:15 2008 PLUGIN_TERM: Unloading plugins (if any) Thu Mar 13 13:39:15 2008 CLEANUP: Clean up complete Thu Mar 13 13:39:15 2008 THREADMGMT[t3057592000]: ntop RUNSTATE: TERM(8) Thu Mar 13 13:39:15 2008 =================================== Thu Mar 13 13:39:15 2008 ntop is shutdown... Thu Mar 13 13:39:15 2008 ===================================
Disregard previous - wasn't running as right user After reboot, and after installing apache, this is what I get : Thu 13 Mar 2008 02:23:05 PM EDT **WARNING** GDVERCHK: Unable to load gd, message is 'libgd.so: cannot open shared object file: No such file or directory' Thu 13 Mar 2008 02:23:05 PM EDT GDVERCHK: ... as 2.x Thu 13 Mar 2008 02:23:05 PM EDT Initializing external applications Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3051797392]: NPA: Started thread for network packet analyzer Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3043404688]: SFP: Started thread for fingerprinting Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3035011984]: SIH: Started thread for idle hosts detection Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3026619280]: DNSAR(1): Started thread for DNS address resolution Thu 13 Mar 2008 02:23:05 PM EDT Calling plugin start functions (if any) Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3051797392]: NPA: network packet analyzer (packet processor) thread running [p6752] Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3043404688]: SFP: Fingerprint scan thread starting [p6752] Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3035011984]: SIH: Idle host scan thread starting [p6752] Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3026619280]: DNSAR(1): Address resolution thread running [p6752] Thu 13 Mar 2008 02:23:05 PM EDT SSL is present but https is disabled: use -W <https port> for enabling it Thu 13 Mar 2008 02:23:05 PM EDT INITWEB: Initializing web server Thu 13 Mar 2008 02:23:05 PM EDT INITWEB: Initializing tcp/ip socket connections for web server Thu 13 Mar 2008 02:23:05 PM EDT **ERROR** INITWEB: binding problem - 'Address already in use'(98) Thu 13 Mar 2008 02:23:05 PM EDT Check if another instance of ntop is running Thu 13 Mar 2008 02:23:05 PM EDT or if the current user (-u) can bind to the specified port Thu 13 Mar 2008 02:23:05 PM EDT **FATAL_ERROR** Binding problem, ntop shutting down... Thu 13 Mar 2008 02:23:05 PM EDT CLEANUP[t3055380160]: ntop caught signal 2 Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3055380160]: ntop RUNSTATE: SHUTDOWN(7) Thu 13 Mar 2008 02:23:05 PM EDT CLEANUP[t3055380160] catching thread is MAIN Thu 13 Mar 2008 02:23:05 PM EDT CLEANUP: Running threads NPA SFP SIH DNSAR1 Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3051797392]: NPA: network packet analyzer (packet processor) thread terminated [p6752] Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3026619280]: DNSAR(1): Address resolution thread terminated [p6752] Thu 13 Mar 2008 02:23:05 PM EDT CLEANUP: Locking purge mutex (may block for a little while) Thu 13 Mar 2008 02:23:05 PM EDT CLEANUP: Locked purge mutex, continuing shutdown Thu 13 Mar 2008 02:23:05 PM EDT CLEANUP: Continues (still running SFP SIH) Thu 13 Mar 2008 02:23:05 PM EDT FREE_HOST: Start, 1 device(s) Thu 13 Mar 2008 02:23:05 PM EDT FREE_HOST: End, freed 0 Thu 13 Mar 2008 02:23:05 PM EDT PLUGIN_TERM: Unloading plugins (if any) Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3043404688]: SFP: Fingerprint scan thread running [p6752] Thu 13 Mar 2008 02:23:05 PM EDT THREADMGMT[t3035011984]: SIH: Idle host scan thread running [p6752] Thu 13 Mar 2008 02:23:05 PM EDT CLEANUP: Freeing device eth0 (idx=0) Thu 13 Mar 2008 02:23:06 PM EDT CLEANUP: Clean up complete Thu 13 Mar 2008 02:23:06 PM EDT THREADMGMT[t3055380160]: ntop RUNSTATE: TERM(8) Thu 13 Mar 2008 02:23:06 PM EDT CLEANUP[t3055380160]: Still running threads SFP SIH Thu 13 Mar 2008 02:23:06 PM EDT =================================== Thu 13 Mar 2008 02:23:06 PM EDT ntop is shutdown... Thu 13 Mar 2008 02:23:06 PM EDT ===================================
I'm new and do not speak your jargon language,I can follow directions as I'm already familiar with the Ubuntu operating system since 6.10. Originally I was interested in boosting my wifi signal through the use of an app and found out so far that this is only possible with an external hardware or better signal stability directly connected through Ethernet. Later-on, this search branched-off into ntop because network details for some reason became relevant to me. To get to the point, I'm having a very similar issue. A little less of the error messages on the output but here it goes. This is my error message when ntop is started: lazarus01111@A890GXM-A:~$ gksudo ntop Thu Jan 1 16:37:08 2015 Initializing gdbm databases Thu Jan 1 16:37:08 2015 ntop will be started as user nobody Thu Jan 1 16:37:08 2015 ntop v.5.0.1 (64 bit) Thu Jan 1 16:37:08 2015 Configured on Mar 30 2014 7:44:37, built on Mar 30 2014 07:45:35. Thu Jan 1 16:37:08 2015 Copyright 1998-2012 by Luca Deri <[email protected]> Thu Jan 1 16:37:08 2015 Get the freshest ntop from http://www.ntop.org/ Thu Jan 1 16:37:08 2015 NOTE: ntop is running from 'ntop' Thu Jan 1 16:37:08 2015 NOTE: (but see warning on man page for the --instance parameter) Thu Jan 1 16:37:08 2015 NOTE: ntop libraries are in '/usr/lib/ntop' Thu Jan 1 16:37:08 2015 Initializing ntop Thu Jan 1 16:37:08 2015 Checking eth0 for additional devices Thu Jan 1 16:37:08 2015 Resetting traffic statistics for device eth0 Thu Jan 1 16:37:08 2015 Initializing device eth0 (0) Thu Jan 1 16:37:08 2015 DLT: Device 0 [eth0] is 1, mtu 1514, header 14 Thu Jan 1 16:37:08 2015 Initialized events [mask: 0][path: ] Thu Jan 1 16:37:08 2015 Initializing gdbm databases Thu Jan 1 16:37:08 2015 VENDOR: Loading MAC address table. Thu Jan 1 16:37:08 2015 VENDOR: Checking for MAC address table file Thu Jan 1 16:37:08 2015 VENDOR: File '/usr/share/ntop/specialMAC.txt' does not need to be reloaded Thu Jan 1 16:37:08 2015 VENDOR: ntop continues ok Thu Jan 1 16:37:08 2015 VENDOR: Checking for MAC address table file Thu Jan 1 16:37:08 2015 VENDOR: File '/usr/share/ntop/oui.txt' does not need to be reloaded Thu Jan 1 16:37:08 2015 VENDOR: ntop continues ok Thu Jan 1 16:37:08 2015 Fingerprint: Loading signature file Thu Jan 1 16:37:08 2015 Fingerprint: Checking for Fingerprint file... file Thu Jan 1 16:37:08 2015 Fingerprint: Loading file '/usr/share/ntop/etter.finger.os' Thu Jan 1 16:37:08 2015 Fingerprint: ...loaded 1765 records Thu Jan 1 16:37:08 2015 Initializing external applications Thu Jan 1 16:37:08 2015 THREADMGMT[t140177121154816]: SFP: Started thread for fingerprinting Thu Jan 1 16:37:08 2015 THREADMGMT[t140177112762112]: SIH: Started thread for idle hosts detection Thu Jan 1 16:37:08 2015 THREADMGMT[t140177121154816]: SFP: Fingerprint scan thread starting [p3058] Thu Jan 1 16:37:08 2015 THREADMGMT[t140177112762112]: SIH: Idle host scan thread starting [p3058] Thu Jan 1 16:37:08 2015 THREADMGMT[t140177104369408]: DNSAR(1): Started thread for DNS address resolution Thu Jan 1 16:37:08 2015 THREADMGMT[t140177104369408]: DNSAR(1): Address resolution thread running Thu Jan 1 16:37:08 2015 THREADMGMT[t140177095976704]: DNSAR(2): Started thread for DNS address resolution Thu Jan 1 16:37:08 2015 THREADMGMT[t140177095976704]: DNSAR(2): Address resolution thread running Thu Jan 1 16:37:08 2015 THREADMGMT[t140177087584000]: DNSAR(3): Started thread for DNS address resolution Thu Jan 1 16:37:08 2015 THREADMGMT[t140177087584000]: DNSAR(3): Address resolution thread running Thu Jan 1 16:37:08 2015 Calling plugin start functions (if any) Thu Jan 1 16:37:08 2015 GeoIP: loaded config file /usr/share/ntop/GeoLiteCity.dat Thu Jan 1 16:37:08 2015 GeoIP: loaded ASN config file /usr/share/ntop/GeoIPASNum.dat Thu Jan 1 16:37:08 2015 NOTE: Interface merge enabled by default Thu Jan 1 16:37:08 2015 INITWEB: Initializing web server Thu Jan 1 16:37:08 2015 CHKVER: Checking current ntop version at version.ntop.org/version.xml Thu Jan 1 16:37:08 2015 INITWEB: Initializing TCP/IP socket connections for web server Thu Jan 1 16:37:08 2015 **ERROR** INITWEB: binding problem - 'Bad file descriptor'(9) Thu Jan 1 16:37:08 2015 Check if another instance of ntop is running Thu Jan 1 16:37:08 2015 or if the current user (-u) can bind to the specified port Thu Jan 1 16:37:08 2015 **FATAL_ERROR** Binding problem, ntop shutting down... Thu Jan 1 16:37:08 2015 CLEANUP[t140177263573184]: ntop caught signal 2 [state=2] Thu Jan 1 16:37:08 2015 ntop is now quitting... This is both netstat -tap and sudo ps aux | grep -i ntop lazarus01111@A890GXM-A:~$ sudo netstat -tap Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 A890GXM-A:domain *:* LISTEN 1576/dnsmasq tcp 0 0 localhost:ipp *:* LISTEN 2489/cupsd tcp 0 0 *:3000 *:* LISTEN 1202/ntop tcp 0 0 A890GXM-A.home:49794 prodwebmail-wmail:https ESTABLISHED 2674/firefox tcp6 0 0 [::]:http [::]:* LISTEN 1283/apache2 tcp6 0 0 ip6-localhost:ipp [::]:* LISTEN 2489/cupsd tcp6 1 0 ip6-localhost:38349 ip6-localhost:ipp CLOSE_WAIT 1050/cups-browsed AND lazarus01111@A890GXM-A:~$ sudo ps aux | grep -i ntop ntop 1202 0.0 0.5 825332 32968 ? Ssl 15:30 0:01 /usr/sbin/ntop -d -L -u ntop -P /var/lib/ntop --access-log-file /var/log/ntop/access.log -i wlan0 -p /etc/ntop/protocol.list -O /var/log/ntop lazarus+ 2968 0.0 0.0 15944 916 pts/9 S+ 16:27 0:00 grep --color=auto -i ntop
