![]() mmdb files from MaxMind and place them in the folder "/usr/local/share/ntopng/httpdocs/geoip"Ħ- Edit the startup script of ntopng to add your custom command arguments located in "/usr/local/etc/rc.d/ntopng"ħ- Start redis and ntopng services, or simply reboot pfsense service start redisįirst of all, you need to decide whether you are comfortable using the official but unstable ntopng development build from the original author's package repository (), or otherwise the official stable FreeBSD port maintained by the FreeBSD developer madpilot (), however, the one in FreeBSD repo sometimes gets too behind in development. ![]() These are the needed steps in short:ġ- On pfsense 2.5, install ntopng and redis database using the shell pkg install ntopng redisĢ- Enable ntopng and redis services sysrc redis_enable="YES"ģ- Install Shellcmd package from pfsense gui package managerĤ- Add the below entries to Shellcmd settings and save service redis startĥ- Configure ntopng geolocation by downloading the relevant. The better way to integrate ntopng with pfsense is by installing the ntopng package directly from the command line. However, sometimes you are in a circumstance where it is not feasible to have a separate machine, or maybe the firewall box that you are using is powerful enough to add an active network monitoring function to it. ![]() Maybe the most optimal way to setup ntopng is to separate it from the firewall and use a dedicated box to record and analyze network traffic by using a port mirror. This all makes it useless to put in production environments. Also in the previous version of pfsense, which had ntopng 3.8, geolocation data was not being reported correctly. In the latest pfsense 2.5 release, they updated ntopng to 4.2 which is great, but it contains a lot of bugs, sometimes ntopng keeps restarting on itself, other times it seems very slow, and I personally faced an issue that whenever an ntopng service restart occurs, all the package's config gets wiped out, so any modifications you make, like interface rename or adding alerts endpoints and recipients gets lost on next service restart. Unfortunately, the pfsense port of ntopng package which is installed through the gui package manger has been broken for a long time. It is available on pfsense firewall through the builtin package manager. Ntopng is a great tool for diagnosing and monitoring your network. ![]()
0 Comments
Leave a Reply. |