Mailing List Archive

On 2016-08-26 15:39, ntop@funkpickle.com wrote:
> v.2.4.160818 [Professional Edition]
> GIT rev: 2.4-stable:d786da67470dd879c5bbe13d38a7f95f2b598626:20160818
> Pro rev: r641
> System Id: 3BB0D75C7A06AB13
> Built on: Ubuntu 14.04.5 LTS
>
> I am spawning 3 different ntopng instances to monitor different
> network segments on different ethernet adapters. When launching ntopng
> it is occasionally not running as the user specified via --user.
>
> Launching ntopng via: ntopng /etc/ntopng/this.ntopng.conf
>
> Launching using the following config:
>
> --daemon
> --community
> --http-port 15000
> --dns-mode 0
> --interface eth1
> --disable-login 1
> --data-dir /opt/ntopng/this
> --disable-alerts
> --user ntopng
> --pid /var/run/this.ntopng.pid
> --disable-autologout
> --disable-host-persistency
> --sticky-hosts none
>
> Occasionally it will run as user ntopng and function properly. When it
> doesn't it launches as root and will not function. I will have to
> manually kill the proc and relaunch a few times before it will finally
> run as user ntopng.
>
> This issue surfaced when updating from a 2015 community build to 2.4.
>
> Has anyone else run into this issue? Any suggestions on how to resolve?
>
> Thanks in advance,
> Nicholas
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop

Three instances..wow. Any reason you're not running just one instance
to monitor all three? I use the below cli options for two:

-i eth0 -i ppp0 -i view:eth0,ppp0

which allows me three "interfaces" to view in ntop, eth0, ppp0, and an
aggregate of both. I realize this doesn't address your question at all,
but I thought I'd throw it out there anyways.

James
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Hi,

As already suggested by James, using a single instance is recommended to
monitor multiple interfaces on the same box. ntopng is also multi-tenant so
you have the option to create users and associate interfaces and networks
to them. In this way you can create non-privileged users that don't have
access to all the traffic.

However, if you still want to run multiple instances on the same box, you
must use for each instance a different:
- redis database id
- data dir
- http port
- pid file

or things will be messed up...


simone

On Fri, Aug 26, 2016 at 11:54 PM, James Lay <jlay@slave-tothe-box.net>
wrote:

> On 2016-08-26 15:39, ntop@funkpickle.com wrote:
>
>> v.2.4.160818 [Professional Edition]
>> GIT rev: 2.4-stable:d786da67470dd879c5bbe13d38a7f95f2b598626:20160818
>> Pro rev: r641
>> System Id: 3BB0D75C7A06AB13
>> Built on: Ubuntu 14.04.5 LTS
>>
>> I am spawning 3 different ntopng instances to monitor different
>> network segments on different ethernet adapters. When launching ntopng
>> it is occasionally not running as the user specified via --user.
>>
>> Launching ntopng via: ntopng /etc/ntopng/this.ntopng.conf
>>
>> Launching using the following config:
>>
>> --daemon
>> --community
>> --http-port 15000
>> --dns-mode 0
>> --interface eth1
>> --disable-login 1
>> --data-dir /opt/ntopng/this
>> --disable-alerts
>> --user ntopng
>> --pid /var/run/this.ntopng.pid
>> --disable-autologout
>> --disable-host-persistency
>> --sticky-hosts none
>>
>> Occasionally it will run as user ntopng and function properly. When it
>> doesn't it launches as root and will not function. I will have to
>> manually kill the proc and relaunch a few times before it will finally
>> run as user ntopng.
>>
>> This issue surfaced when updating from a 2015 community build to 2.4.
>>
>> Has anyone else run into this issue? Any suggestions on how to resolve?
>>
>> Thanks in advance,
>> Nicholas
>> _______________________________________________
>> Ntop mailing list
>> Ntop@listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>
> Three instances..wow. Any reason you're not running just one instance to
> monitor all three? I use the below cli options for two:
>
> -i eth0 -i ppp0 -i view:eth0,ppp0
>
> which allows me three "interfaces" to view in ntop, eth0, ppp0, and an
> aggregate of both. I realize this doesn't address your question at all,
> but I thought I'd throw it out there anyways.
>
> James
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>

Simone/James,

Thanks for your replies and suggestions.

I may have inadvertently steered the conversation away from the core
issue by omitting some info.

When launching ntopng, regardless of launching a single instance or
multiple instances, the core issue is that the process does not
consistently launch as a specific user (instead of nobody).

I have adjusted the config to remove the specific user option and launch
as nobody instead. After doing a recursive chown of the ntopng data
folders, this appears to have resolved my issue of ntopng launching in a
hung state (in single and multiple instance). ntopng now launches as
nobody, and folders/files are owned nobody:nogroup.

To answer the why: I'm using apache in front of ntopng to allow for LDAP
authentication (and multi-tenant). When two users were simultaneously
using a single instance of ntopng to look at different segments
(interfaces), the traffic would default to the last interface selected
by either user. This was causing tug-o-wars between different users
looking at different segments. This is probably due to my using apache
in front of ntopng.

The workaround I came up with was to launch multiple instances to avoid
tug-o-war.

I'll need to take another look at ntopng's built in multi-tenant
options. Does it natively support LDAP authentication? When multiple
users login, does it keep the interface selected per user?

Again, thanks for the replies and suggestions.

-Nicholas

On 2016-08-28 02:55, Simone Mainardi wrote:
> Hi,
>
> As already suggested by James, using a single instance is recommended
> to monitor multiple interfaces on the same box. ntopng is also
> multi-tenant so you have the option to create users and associate
> interfaces and networks to them. In this way you can create
> non-privileged users that don't have access to all the traffic.
>
> However, if you still want to run multiple instances on the same box,
> you must use for each instance a different:
> - redis database id
> - data dir
> - http port
> - pid file
>
> or things will be messed up...
>
> simone
>
> On Fri, Aug 26, 2016 at 11:54 PM, James Lay <jlay@slave-tothe-box.net>
> wrote:
>
>> On 2016-08-26 15:39, ntop@funkpickle.com wrote:
>>
>>> v.2.4.160818 [Professional Edition]
>>> GIT rev:
>>> 2.4-stable:d786da67470dd879c5bbe13d38a7f95f2b598626:20160818
>>> Pro rev: r641
>>> System Id: 3BB0D75C7A06AB13
>>> Built on: Ubuntu 14.04.5 LTS
>>>
>>> I am spawning 3 different ntopng instances to monitor different
>>> network segments on different ethernet adapters. When launching
>>> ntopng
>>> it is occasionally not running as the user specified via --user.
>>>
>>> Launching ntopng via: ntopng /etc/ntopng/this.ntopng.conf
>>>
>>> Launching using the following config:
>>>
>>> --daemon
>>> --community
>>> --http-port 15000
>>> --dns-mode 0
>>> --interface eth1
>>> --disable-login 1
>>> --data-dir /opt/ntopng/this
>>> --disable-alerts
>>> --user ntopng
>>> --pid /var/run/this.ntopng.pid
>>> --disable-autologout
>>> --disable-host-persistency
>>> --sticky-hosts none
>>>
>>> Occasionally it will run as user ntopng and function properly.
>>> When it
>>> doesn't it launches as root and will not function. I will have to
>>> manually kill the proc and relaunch a few times before it will
>>> finally
>>> run as user ntopng.
>>>
>>> This issue surfaced when updating from a 2015 community build to
>>> 2.4.
>>>
>>> Has anyone else run into this issue? Any suggestions on how to
>>> resolve?
>>>
>>> Thanks in advance,
>>> Nicholas
>>> _______________________________________________
>>> Ntop mailing list
>>> Ntop@listgateway.unipi.it
>>> http://listgateway.unipi.it/mailman/listinfo/ntop [1]
>>
>> Three instances..wow. Any reason you're not running just one
>> instance to monitor all three? I use the below cli options for two:
>>
>> -i eth0 -i ppp0 -i view:eth0,ppp0
>>
>> which allows me three "interfaces" to view in ntop, eth0, ppp0, and
>> an aggregate of both. I realize this doesn't address your question
>> at all, but I thought I'd throw it out there anyways.
>>
>> James
>>
>> _______________________________________________
>> Ntop mailing list
>> Ntop@listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop [1]
>
>
>
> Links:
> ------
> [1] http://listgateway.unipi.it/mailman/listinfo/ntop
>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
_______________________________________________
Ntop mailing list
Ntop@listgateway.unipi.it
http://listgateway.unipi.it/mailman/listinfo/ntop

Hi

Thanks for clarifying. see below

On Tue, Sep 6, 2016 at 4:35 PM, <ntop@funkpickle.com> wrote:

> Simone/James,
>
> Thanks for your replies and suggestions.
>
> I may have inadvertently steered the conversation away from the core issue
> by omitting some info.
>
> When launching ntopng, regardless of launching a single instance or
> multiple instances, the core issue is that the process does not
> consistently launch as a specific user (instead of nobody).
>
> I have adjusted the config to remove the specific user option and launch
> as nobody instead. After doing a recursive chown of the ntopng data
> folders, this appears to have resolved my issue of ntopng launching in a
> hung state (in single and multiple instance). ntopng now launches as
> nobody, and folders/files are owned nobody:nogroup.
>
> To answer the why: I'm using apache in front of ntopng to allow for LDAP
> authentication (and multi-tenant). When two users were simultaneously using
> a single instance of ntopng to look at different segments (interfaces), the
> traffic would default to the last interface selected by either user. This
> was causing tug-o-wars between different users looking at different
> segments. This is probably due to my using apache in front of ntopng.
>
> The workaround I came up with was to launch multiple instances to avoid
> tug-o-war.
>
> I'll need to take another look at ntopng's built in multi-tenant options.
> Does it natively support LDAP authentication?


yes, it does support LDAP authentication.


> When multiple users login, does it keep the interface selected per user?
>

yes, selected interface should be per user. If that is not the case, then
there may be a bug somewhere. In that case, please post an issue on our
github tracker.


>
> Again, thanks for the replies and suggestions.
>

Thank you


>
> -Nicholas
>
>
> On 2016-08-28 02:55, Simone Mainardi wrote:
>
>> Hi,
>>
>> As already suggested by James, using a single instance is recommended
>> to monitor multiple interfaces on the same box. ntopng is also
>> multi-tenant so you have the option to create users and associate
>> interfaces and networks to them. In this way you can create
>> non-privileged users that don't have access to all the traffic.
>>
>> However, if you still want to run multiple instances on the same box,
>> you must use for each instance a different:
>> - redis database id
>> - data dir
>> - http port
>> - pid file
>>
>> or things will be messed up...
>>
>> simone
>>
>> On Fri, Aug 26, 2016 at 11:54 PM, James Lay <jlay@slave-tothe-box.net>
>> wrote:
>>
>> On 2016-08-26 15:39, ntop@funkpickle.com wrote:
>>>
>>> v.2.4.160818 [Professional Edition]
>>>> GIT rev:
>>>> 2.4-stable:d786da67470dd879c5bbe13d38a7f95f2b598626:20160818
>>>> Pro rev: r641
>>>> System Id: 3BB0D75C7A06AB13
>>>> Built on: Ubuntu 14.04.5 LTS
>>>>
>>>> I am spawning 3 different ntopng instances to monitor different
>>>> network segments on different ethernet adapters. When launching
>>>> ntopng
>>>> it is occasionally not running as the user specified via --user.
>>>>
>>>> Launching ntopng via: ntopng /etc/ntopng/this.ntopng.conf
>>>>
>>>> Launching using the following config:
>>>>
>>>> --daemon
>>>> --community
>>>> --http-port 15000
>>>> --dns-mode 0
>>>> --interface eth1
>>>> --disable-login 1
>>>> --data-dir /opt/ntopng/this
>>>> --disable-alerts
>>>> --user ntopng
>>>> --pid /var/run/this.ntopng.pid
>>>> --disable-autologout
>>>> --disable-host-persistency
>>>> --sticky-hosts none
>>>>
>>>> Occasionally it will run as user ntopng and function properly.
>>>> When it
>>>> doesn't it launches as root and will not function. I will have to
>>>> manually kill the proc and relaunch a few times before it will
>>>> finally
>>>> run as user ntopng.
>>>>
>>>> This issue surfaced when updating from a 2015 community build to
>>>> 2.4.
>>>>
>>>> Has anyone else run into this issue? Any suggestions on how to
>>>> resolve?
>>>>
>>>> Thanks in advance,
>>>> Nicholas
>>>> _______________________________________________
>>>> Ntop mailing list
>>>> Ntop@listgateway.unipi.it
>>>> http://listgateway.unipi.it/mailman/listinfo/ntop [1]
>>>>
>>>
>>> Three instances..wow. Any reason you're not running just one
>>> instance to monitor all three? I use the below cli options for two:
>>>
>>> -i eth0 -i ppp0 -i view:eth0,ppp0
>>>
>>> which allows me three "interfaces" to view in ntop, eth0, ppp0, and
>>> an aggregate of both. I realize this doesn't address your question
>>> at all, but I thought I'd throw it out there anyways.
>>>
>>> James
>>>
>>> _______________________________________________
>>> Ntop mailing list
>>> Ntop@listgateway.unipi.it
>>> http://listgateway.unipi.it/mailman/listinfo/ntop [1]
>>>
>>
>>
>>
>> Links:
>> ------
>> [1] http://listgateway.unipi.it/mailman/listinfo/ntop
>>
>> _______________________________________________
>> Ntop mailing list
>> Ntop@listgateway.unipi.it
>> http://listgateway.unipi.it/mailman/listinfo/ntop
>>
> _______________________________________________
> Ntop mailing list
> Ntop@listgateway.unipi.it
> http://listgateway.unipi.it/mailman/listinfo/ntop
>