Setting Up ntopng On My Home Network To Monitor Internet Traffic
Contents
This is a draft document
Goal
Monitor network traffic to and from the internet via my cable modem so that I can stay under my data cap.
Architectural Overview
Cable Modem <-> Router <-> Managed ethernet switch <-> LAN <-> "netmon" server with ntopng ^ | Mirrored port | +-> Raspebbry Pi w/nprobe
- The "Managed ethernet switch" connects all of the various components of my local LAN together with the "Router" that is my gateway to the internet.
- The "Managed ethernet switch" is configured to mirror all of the packets on the port that the "Router" is plugged into over to the port that the "Raspberry Pi" is plugged into.
- The Raspberry Pi runs the "nprobe" application to forward netflow data from the Pi to the "netmon" virtual server on my LAN which runs ntopng to collect and analyze the netflow data.
Installing nprobe On A Raspeberry Pi
- Install Raspian on the Pi. As of this writing that is the "Buster" version of Raspian.
- Add the ntopng development repositories
echo "deb http://apt.ntop.org/buster_pi armhf/" > /etc/apt/sources.list.d/ntop.list echo "deb http://apt.ntop.org/buster_pi all/" >> /etc/apt/sources.list.d/ntop.list