Home » Blog » Installing ntopng on Rocky Linux 8

Information

Installing ntopng on Rocky Linux 8

Benhcmark Administrator

01/10/2025

1 View 0

SaveSavedRemoved 0

Master Your Network: A Step-by-Step Guide to Installing ntopng on Rocky Linux 8

Gaining deep visibility into your network traffic is essential for performance tuning, troubleshooting, and security. Without the right tools, identifying bottlenecks, tracking down bandwidth hogs, or detecting suspicious activity can feel like searching for a needle in a haystack. This is where ntopng, a powerful, web-based network traffic analysis tool, becomes an indispensable asset for any system administrator.

ntopng provides a high-speed, intuitive dashboard that transforms raw network packets into easy-to-understand charts and tables. It allows you to sort traffic by numerous criteria, including IP address, port, and application protocol, giving you a comprehensive overview of what’s happening on your network in real-time.

This guide will walk you through the complete process of installing and configuring ntopng on a Rocky Linux 8 server.

Prerequisites

Before we begin, ensure you have the following:

• A server running a fresh installation of Rocky Linux 8.
• Root or sudo privileges.
• A basic understanding of the Linux command line.

Step 1: Prepare Your System and Install Dependencies

First, it’s crucial to ensure your system is up-to-date. Updating packages patches security vulnerabilities and resolves potential dependency conflicts. Open your terminal and run the following command:

sudo dnf update -y

Next, we need to install the Extra Packages for Enterprise Linux (EPEL) repository, which contains several dependencies required by ntopng.

sudo dnf install epel-release -y

With the EPEL repository enabled, install the necessary development tools and libraries that ntopng relies on for compiling and running correctly.

sudo dnf install wget redis libpcap-devel sqlite-devel libmaxminddb-devel -y

Step 2: Add the Official ntop Repository

To ensure we get the latest and most stable version of ntopng, we will add the official ntop repository to our system. This is the recommended method for installation on RHEL-based systems like Rocky Linux.

Use the wget command to download the repository package and then install it using dnf.

wget http://packages.ntop.org/centos-stable/ntop.repo -O /etc/yum.repos.d/ntop.repo

This command downloads the repository definition file and places it in the correct directory, making the ntop packages available to your system’s package manager.

Step 3: Install ntopng and Core Components

Now that the repository is configured, the installation process is straightforward. We will install ntopng along with PF_RING, a high-speed packet capture library that significantly boosts performance.

First, clean the package manager cache to ensure it recognizes the new repository:

sudo dnf clean all

Next, install the core packages:

sudo dnf install pfring ntopng ntopng-data -y

This command installs three key components:

• pfring: The high-performance packet processing framework that allows ntopng to handle high-traffic networks without dropping packets.
• ntopng: The main network monitoring service and web interface.
• ntopng-data: Contains necessary data files, such as geolocation databases, for enriching traffic information.

Step 4: Configure and Start Redis

ntopng uses the Redis in-memory database for caching and storing transient data. The redis package was installed as a dependency in Step 1. Now, we need to enable and start its service so it runs automatically on boot.

sudo systemctl start redis
sudo systemctl enable redis

You can verify that Redis is running correctly with:

sudo systemctl status redis

Step 5: Configure ntopng

Before starting ntopng, we need to create a configuration file to tell it which network interface to monitor and what local subnets to consider.

First, find the name of your primary network interface. You can do this with the ip a command:

ip a

Look for your main interface name, which is often eth0, ens160, or enp0s3.

Next, create and edit the primary configuration file at /etc/ntopng/ntopng.conf.

sudo nano /etc/ntopng/ntopng.conf

Add the following lines to the file, replacing enp0s3 with your actual interface name and 192.168.1.0/24 with your local network’s CIDR notation.

# Specify the network interface to monitor
-i=enp0s3

# Identify the local network(s)
-m="192.168.1.0/24"

# Set the path for data files
-w=/var/lib/ntopng

# Run as a daemon
--daemon

• The -i flag is the most critical, as it defines the listening interface.
• The -m flag helps ntopng distinguish between local and remote traffic.
• The -w flag specifies the directory where ntopng will store its historical data.

Save and close the file.

Step 6: Open the Firewall and Start ntopng

For security, Rocky Linux 8 comes with firewalld enabled by default. We must add a rule to allow external access to the ntopng web interface, which runs on port 3000.

sudo firewall-cmd --permanent --add-port=3000/tcp
sudo firewall-cmd --reload

With the firewall configured, it’s time to start the ntopng service and enable it to launch automatically at boot.

sudo systemctl start ntopng
sudo systemctl enable ntopng

Step 7: Access the ntopng Web Interface

Congratulations! You have successfully installed and configured ntopng. To access the dashboard, open a web browser and navigate to your server’s IP address on port 3000.

http://your-server-ip:3000

You will be greeted with a login screen. The default credentials are:

• Username: admin
• Password: admin

For security, your first action should be to change the default admin password. You will be prompted to do this immediately after your first login.

You can now begin exploring the powerful features of ntopng. From the dashboard, you can view live traffic flows, analyze protocols, track top talkers, and gain invaluable insight into the health and security of your network.

Source: https://kifarunix.com/install-ntopng-on-rocky-linux-8/