Because I want to analyze the traffic across my LAN, and optimize accordingly.
On my Linux router, make a folder for this service:
mkdir /opt/ntopng cd /opt/ntopng mkdir -p data/ntopng mkdir -p data/redis chmod 777 data/ntopng # to make sure mounted folder is accessible chmod 777 data/redis # same as above
Note above I've given 777 permissions to data folders. This is because docker
-vcommand mounts the files/folders with the host ownership PID:GID attached, in this case
root:root. However in the
ntop/ntopngdocker image, the two data folders are originally owned by the
Next we create a
version: "3" services: ntopng: image: ntop/ntopng:stable command: --community -w 192.168.1.1:3000 volumes: - ./data/ntopng:/var/lib/ntopng - ./data/redis:/var/lib/redis network_mode: host restart: unless-stopped
network_mode: hostmakes it monitor the bare-metal host interfaces directly instead of a docker default virtual network. We may no longer specify the exposed port in this way, the original readme of
-p 3000:3000is probably wrong.
--communityprevents it from starting as a pro trial version first, I'm using the community version anyway.
-w 192.168.1.1:3000ensures the web service is only accessible from the LAN IP. I don't want to expose to the WAN IP yet.
volumesare for persistent config/data between restarts. The ntopng RRD data are written to
/var/lib/ntopng, while some other configs like the admin passwords are saved under
Now we run
docker-compose upin the folder, it should be up and running.
Open the web portal http://192.168.1.1:3000/ and you should be greeted with a password reset guide. After this you can start monitoring your network data
Let's navigate to notifications/endpoints
Click "+" on the top right
Get a bot via the provided steps and fill in the token here.
Create a new channel/group on Telegram and add your bot as an admin.
Send any message in the channel and forward it to a bot (say @getidsbot) to get your channel id, in the form of
Let's go back to ntopng/notifications/recipients, add the channel id above as the recipient. Click "Test Recipient" and you should get a test message:
Finally, navigate to ntopng/pools/pools and add your monitor as a recipient for each categories.
You should be able to get the alerts in the Telegram channel from now on.
- Optimize gaming experience by identifying the game server IP on ntopng and channel the traffic to a custom VPN (more on that next time)
- Identify suspicious network behavior
- You tell me?
- ntopng official docker https://hub.docker.com/r/ntop/ntopng
- another ntopng docker image https://hub.docker.com/r/vimagick/ntopng