# NTOP web interface cannot be accessed



## ryuusoultaker (Nov 27, 2011)

I installed NTOP 4.1.0 on my FreeBSD 8.2. The installation seems works fine, and no error occured when i start the NTOP. Since i activated ssl on my web server, so i port NTOP into 3001.
ntop @/etc/ntop.conf -d -w 3000 -W 3001 -i none 

```
Processing file /etc/ntop.conf for parameters...
Sun Nov 27 14:54:27 2011  NOTE: Interface merge enabled by default
Sun Nov 27 14:54:27 2011  Initializing gdbm databases
Sun Nov 27 14:54:27 2011  Setting administrator password...
Sun Nov 27 14:54:27 2011  Admin password set...
Sun Nov 27 14:54:27 2011  ntop v.4.1.0 (32 bit)
Sun Nov 27 14:54:27 2011  Configured on Nov 25 2011 19:16:57, built on Nov 25 2011 19:17:07.
Sun Nov 27 14:54:27 2011  Copyright 1998-2011 by Luca Deri <deri@ntop.org>
Sun Nov 27 14:54:27 2011  Get the freshest ntop from http://www.ntop.org/
Sun Nov 27 14:54:27 2011  NOTE: ntop is running from '/usr/local/bin'
Sun Nov 27 14:54:27 2011  NOTE: (but see warning on man page for the --instance parameter)
Sun Nov 27 14:54:27 2011  NOTE: ntop libraries are in '/usr/local/lib'
Sun Nov 27 14:54:27 2011  Initializing ntop
Sun Nov 27 14:54:27 2011  Creating dummy interface, 'none'
Sun Nov 27 14:54:27 2011  -i none, so initialized only a dummy device
Sun Nov 27 14:54:27 2011  Resetting traffic statistics for device none
Sun Nov 27 14:54:27 2011  Initialized events [mask: 0][path: ]
Sun Nov 27 14:54:27 2011  Initializing gdbm databases
Sun Nov 27 14:54:27 2011  VENDOR: Loading MAC address table.
Sun Nov 27 14:54:27 2011  VENDOR: Checking for MAC address table file
Sun Nov 27 14:54:27 2011  VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded
Sun Nov 27 14:54:27 2011  VENDOR: ntop continues ok
Sun Nov 27 14:54:27 2011  VENDOR: Checking for MAC address table file
Sun Nov 27 14:54:27 2011  VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded
Sun Nov 27 14:54:27 2011  VENDOR: ntop continues ok
Sun Nov 27 14:54:27 2011  Fingerprint: Loading signature file
Sun Nov 27 14:54:27 2011  Fingerprint: Checking for Fingerprint file... file
Sun Nov 27 14:54:27 2011  Fingerprint: Loading file '/usr/local/etc/ntop/etter.finger.os.gz'
Sun Nov 27 14:54:27 2011  Fingerprint: ...loaded 1765 records
Sun Nov 27 14:54:27 2011  INIT: Parent process is exiting (this is normal)
Sun Nov 27 14:54:27 2011  INIT: Bye bye: I'm becoming a daemon...
```

and when i check the error log, it seems fine.
 tail -f /var/log/messages

```
Nov 27 14:54:27 127 ntop[40281]:   THREADMGMT[t701185728]: SIH: Idle host scan thread running [p40281]
Nov 27 14:54:27 127 ntop[40281]:   THREADMGMT[t701186368]: SFP: Fingerprint scan thread running [p40281]
Nov 27 14:54:32 127 ntop[40281]:   CHKVER: Checking current ntop version at version.ntop.org/version.xml
Nov 27 14:54:33 127 ntop[40281]:   CHKVER: Version file is from 'version.ntop.org'
Nov 27 14:54:33 127 ntop[40281]:   CHKVER: as of date is '2011-08-15T11:00:47'
Nov 27 14:54:33 127 ntop[40281]:   CHKVER: This version of ntop is the CURRENT stable version
Nov 27 14:54:37 127 ntop[40281]:   THREADMGMT[t707911360]: RRD: Started thread for throughput data collection
Nov 27 14:54:37 127 ntop[40281]:   THREADMGMT[t701183808]: RRD: Data collection thread running [p40281]
Nov 27 14:54:37 127 ntop[40281]:   THREADMGMT[t707911360]: RRD: Throughput data collection: Thread starting [p40281]
Nov 27 14:54:37 127 ntop[40281]:   THREADMGMT[t707911360]: RRD: Throughput data collection: Thread running [p40281]
```

and when i check is ntop running or not, it runs normally
/usr/local/etc/rc.d/ntop status

```
ntop is running as pid 40281.
```

but when i try to access from https://myippublic:3001/ the browser said that the page is not available..
can you tell me what is wrong with my configuration?

best regards.
Ryuu


----------



## DutchDaemon (Nov 27, 2011)

Does the http port (3000) work? Check with [cmd=]sockstat -l4p3000[/cmd] and [cmd=]sockstat -l4p3001[/cmd] whether anything is actually listening on those ports and whether it's listening on the IP address where you want it to be.


----------



## ryuusoultaker (Nov 27, 2011)

the command only give an output

```
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
```

is there something that i missed here?


----------



## ryuusoultaker (Nov 27, 2011)

if i run
sockstat -p3000

it give an output

```
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
ntop     ntop       40281 2  tcp6   *:3000                *:*
ntop     ntop       40281 3  dgram  -> /var/run/logpriv
ryuu     sshd       6466  4  stream -> ??
root     sshd       6461  5  stream -> ??
root     cron       1487  5  dgram  -> /var/run/logpriv
mysql    mysqld     1393  12 stream /tmp/mysql.sock
root     snmpd      1242  13 stream /var/agentx/master
root     syslogd    1092  4  dgram  /var/run/log
root     syslogd    1092  5  dgram  /var/run/logpriv
root     devd       896   4  stream /var/run/devd.pipe
_pflogd  pflogd     607   5  stream -> ??
root     pflogd     594   4  stream -> ??
```

and if i run
sockstat -p3001
it give output

```
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
ntop     ntop       40281 3  dgram  -> /var/run/logpriv
ntop     ntop       40281 8  tcp6   *:3001                *:*
ryuu     sshd       6466  4  stream -> ??
root     sshd       6461  5  stream -> ??
root     cron       1487  5  dgram  -> /var/run/logpriv
mysql    mysqld     1393  12 stream /tmp/mysql.sock
root     snmpd      1242  13 stream /var/agentx/master
root     syslogd    1092  4  dgram  /var/run/log
root     syslogd    1092  5  dgram  /var/run/logpriv
root     devd       896   4  stream /var/run/devd.pipe
_pflogd  pflogd     607   5  stream -> ??
root     pflogd     594   4  stream -> ??
```


----------



## kpa (Nov 27, 2011)

Add -4 to ntop_flags in /etc/rc.conf, net/ntop defaults to IPv6 only.


----------



## ryuusoultaker (Nov 27, 2011)

i have add 

```
ntop_flags="-d --use-syslog=daemon -u ntop -A -4"
```

into /etc/rc.conf, but i still can't access the web interface from port 3001, since i used https.


----------



## DutchDaemon (Nov 27, 2011)

Yes, this is a recent change to NTOP that bit me before as well: without explicitly saying it needs to bind to an IPv4 address, it will bind to IPv6 only. Very unwise configuration change. Either set it explicitly, or remove IPv6 from the kernel.


----------



## ryuusoultaker (Nov 27, 2011)

i have bind NTOP to IPv4 address, when i check with netstat -a, it show

```
Active Internet connections (including servers)
Proto Recv-Q Send-Q  Local Address          Foreign Address       (state)
tcp4       0      0 192.168.182.1.3990     *.*                    LISTEN
tcp4       0     52 manlabif.ssh           19.subnet125-163.22339 ESTABLISHED
tcp4       0      0 *.ssh                  *.*                    LISTEN
tcp6       0      0 *.ssh                  *.*                    LISTEN
tcp4       0      0 *.*                    *.*                    CLOSED
tcp46      0      0 *.https                *.*                    LISTEN
tcp4       0      0 *.*                    *.*                    CLOSED
tcp46      0      0 *.http                 *.*                    LISTEN
tcp4       0      0 *.3001                 *.*                    LISTEN
tcp4       0      0 *.3000                 *.*                    LISTEN
tcp4       0      0 *.3306                 *.*                    LISTEN
tcp4       0      0 *.smux                 *.*                    LISTEN
udp4       0      0 *.radacct              *.*
udp4       0      0 *.radius               *.*
udp4       0      0 *.63582                *.*
udp4       0      0 localhost.28331        *.*
udp4       0      0 *.snmp                 *.*
udp4       0      0 *.32476                *.*
udp4       0      0 *.21596                *.*
udp4       0      0 *.syslog               *.*
udp6       0      0 *.syslog               *.*
Active UNIX domain sockets
Address  Type   Recv-Q Send-Q    Inode     Conn     Refs  Nextref Addr
a5735c18 stream      0      0        0 a5735b6c        0        0 /tmp/mysql.sock
a5735b6c stream      0      0        0 a5735c18        0        0
a5735ac0 stream      0      0        0 a5735a14        0        0 /tmp/mysql.sock
a5735a14 stream      0      0        0 a5735ac0        0        0
a5735968 stream      0      0        0 a57358bc        0        0 /tmp/mysql.sock
a57358bc stream      0      0        0 a5735968        0        0
a5735810 stream      0      0        0 a5735764        0        0 /tmp/mysql.sock
a5735764 stream      0      0        0 a5735810        0        0
a5734ec8 stream      0      0        0 a5734e1c        0        0 /tmp/mysql.sock
a5734e1c stream      0      0        0 a5734ec8        0        0
a5734cc4 stream      0      0        0 a5734c18        0        0
a5734c18 stream      0      0        0 a5734cc4        0        0
a5734204 stream      0      0 a5b76648        0        0        0 /tmp/mysql.sock
a5734000 stream      0      0 a5b56000        0        0        0 /var/agentx/master
a573460c stream      0      0 a5b12218        0        0        0 /var/run/devd.pipe
a5734ac0 stream      0      0        0 a5734b6c        0        0
a5734b6c stream      0      0        0 a5734ac0        0        0
a5734d70 dgram       0      0        0 a5734158        0 a57346b8
a57346b8 dgram       0      0        0 a5734158        0 a5734408
a5734408 dgram       0      0        0 a5734158        0        0
a5734158 dgram       0      0 a5b39218        0 a5734d70        0 /var/run/logpriv
a57356b8 dgram       0      0 a5b1d430        0        0        0 /var/run/log
```

but still I can't access it from web,,any suggestion?


----------



## DutchDaemon (Nov 27, 2011)

Run ntop in the foreground and see what it prints when connecting to it.


----------



## ryuusoultaker (Nov 28, 2011)

i try to run it foreground with command ntop @/etc/ntop.conf -w 0 -W 3001 -i none, and it give respond like this

```
Processing file /etc/ntop.conf for parameters...
Mon Nov 28 10:00:37 2011  NOTE: Interface merge enabled by default
Mon Nov 28 10:00:37 2011  Initializing gdbm databases
Mon Nov 28 10:00:37 2011  ntop v.4.1.0 (32 bit)
Mon Nov 28 10:00:37 2011  Configured on Nov 25 2011 19:16:57, built on Nov 25 2011 19:17:07.
Mon Nov 28 10:00:37 2011  Copyright 1998-2011 by Luca Deri <deri@ntop.org>
Mon Nov 28 10:00:37 2011  Get the freshest ntop from http://www.ntop.org/
Mon Nov 28 10:00:37 2011  NOTE: ntop is running from '/usr/local/bin'
Mon Nov 28 10:00:37 2011  NOTE: (but see warning on man page for the --instance parameter)
Mon Nov 28 10:00:37 2011  NOTE: ntop libraries are in '/usr/local/lib'
Mon Nov 28 10:00:37 2011  Initializing ntop
Mon Nov 28 10:00:37 2011  Creating dummy interface, 'none'
Mon Nov 28 10:00:37 2011  -i none, so initialized only a dummy device
Mon Nov 28 10:00:37 2011  Resetting traffic statistics for device none
Mon Nov 28 10:00:37 2011  Initialized events [mask: 0][path: ]
Mon Nov 28 10:00:37 2011  Initializing gdbm databases
Mon Nov 28 10:00:37 2011  VENDOR: Loading MAC address table.
Mon Nov 28 10:00:37 2011  VENDOR: Checking for MAC address table file
Mon Nov 28 10:00:37 2011  VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz' does not need to be reloaded
Mon Nov 28 10:00:37 2011  VENDOR: ntop continues ok
Mon Nov 28 10:00:37 2011  VENDOR: Checking for MAC address table file
Mon Nov 28 10:00:37 2011  VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded
Mon Nov 28 10:00:37 2011  VENDOR: ntop continues ok
Mon Nov 28 10:00:37 2011  Fingerprint: Loading signature file
Mon Nov 28 10:00:37 2011  Fingerprint: Checking for Fingerprint file... file
Mon Nov 28 10:00:37 2011  Fingerprint: Loading file '/usr/local/etc/ntop/etter.finger.os.gz'
Mon Nov 28 10:00:37 2011  Fingerprint: ...loaded 1765 records
Mon Nov 28 10:00:37 2011  Initializing external applications
Mon Nov 28 10:00:37 2011  THREADMGMT[t703353152]: SFP: Started thread for fingerprinting
Mon Nov 28 10:00:37 2011  THREADMGMT[t703353152]: SFP: Fingerprint scan thread starting [p10602]
Mon Nov 28 10:00:37 2011  THREADMGMT[t699596480]: SIH: Started thread for idle hosts detection
Mon Nov 28 10:00:37 2011  THREADMGMT[t699596160]: DNSAR(1): Started thread for DNS address resolution
Mon Nov 28 10:00:37 2011  THREADMGMT[t699596160]: DNSAR(1): Address resolution thread running
Mon Nov 28 10:00:37 2011  THREADMGMT[t699595840]: DNSAR(2): Address resolution thread running
Mon Nov 28 10:00:37 2011  THREADMGMT[t699595840]: DNSAR(2): Started thread for DNS address resolution
Mon Nov 28 10:00:37 2011  THREADMGMT[t699595520]: DNSAR(3): Started thread for DNS address resolution
Mon Nov 28 10:00:37 2011  Calling plugin start functions (if any)
Mon Nov 28 10:00:37 2011  THREADMGMT[t699596480]: SIH: Idle host scan thread starting [p10602]
Mon Nov 28 10:00:37 2011  THREADMGMT[t699595520]: DNSAR(3): Address resolution thread running
Mon Nov 28 10:00:37 2011  GeoIP: loaded config file /usr/local/etc/ntop/GeoLiteCity.dat
Mon Nov 28 10:00:37 2011  GeoIP: loaded ASN config file /usr/local/etc/ntop/GeoIPASNum.dat
Mon Nov 28 10:00:37 2011  SSL: Initializing...
Mon Nov 28 10:00:37 2011  SSL_PRNG: Automatically initialized!
Mon Nov 28 10:00:37 2011  SSL initialized successfully
Mon Nov 28 10:00:37 2011  INITWEB: Initializing web server
Mon Nov 28 10:00:37 2011  INITWEB: Initializing TCP/IP socket connections for web server
Mon Nov 28 10:00:37 2011  INITWEB: Initialized ssl socket, port 3001, address (any)
Mon Nov 28 10:00:37 2011  INITWEB: Waiting for HTTPS (SSL) connections on port 3001
Mon Nov 28 10:00:37 2011  INITWEB: Starting web server
Mon Nov 28 10:00:37 2011  THREADMGMT[t699594880]: INITWEB: Started thread for web server
Mon Nov 28 10:00:37 2011  Listening on [none]
Mon Nov 28 10:00:37 2011  Loading Plugins
Mon Nov 28 10:00:37 2011  Searching for plugins in /usr/local/lib/ntop/plugins
Mon Nov 28 10:00:37 2011  THREADMGMT[t699594880]: WEB: Server connection thread starting [p10602]
Mon Nov 28 10:00:37 2011  Note: SIGPIPE handler set (ignore)
Mon Nov 28 10:00:37 2011  THREADMGMT[t699594880]: WEB: Server connection thread running [p10602]
Mon Nov 28 10:00:37 2011  WEB: ntop's web server is now processing requests
Mon Nov 28 10:00:37 2011  ICMP: Welcome to ICMPWatch. (C) 1999-2005 by Luca Deri
Mon Nov 28 10:00:37 2011  NETFLOW: Welcome to NetFlow.(C) 2002-11 by Luca Deri
Mon Nov 28 10:00:37 2011  CPACKET: Welcome to cPacket.(C) 2008 by Luca Deri
Mon Nov 28 10:00:37 2011  RRD: Welcome to Round-Robin Database. (C) 2002-11 by Luca Deri.
Mon Nov 28 10:00:37 2011  SFLOW: Welcome to sFlow.(C) 2002-11 by Luca Deri
Mon Nov 28 10:00:37 2011  Calling plugin start functions (if any)
Mon Nov 28 10:00:37 2011  RRD: Welcome to the RRD plugin
Mon Nov 28 10:00:37 2011  RRD: Mask for new directories is 0700
Mon Nov 28 10:00:37 2011  RRD: Mask for new files is 0066
Mon Nov 28 10:00:37 2011  THREADMGMT: RRD: Started thread (t699594560) for data collection
Mon Nov 28 10:00:37 2011  THREADMGMT[t699594560]: RRD: Data collection thread starting [p10602]
Mon Nov 28 10:00:37 2011  INIT: Created pid file (/var/run/ntop.pid)
Mon Nov 28 10:00:37 2011  THREADMGMT[t685773120]: ntop RUNSTATE: INITNONROOT(3)
Mon Nov 28 10:00:37 2011  Now running as requested user 'ntop' (1004:65534)
Mon Nov 28 10:00:37 2011  Note: Reporting device initally set to 0 [none] (merged)
Mon Nov 28 10:00:37 2011  THREADMGMT[t685773120]: ntop RUNSTATE: RUN(4)
Mon Nov 28 10:00:37 2011  THREADMGMT[t703353152]: SFP: Fingerprint scan thread running [p10602]
Mon Nov 28 10:00:37 2011  THREADMGMT[t699596480]: SIH: Idle host scan thread running [p10602]
Mon Nov 28 10:00:42 2011  CHKVER: Checking current ntop version at version.ntop.org/version.xml
Mon Nov 28 10:00:44 2011  CHKVER: Version file is from 'version.ntop.org'
Mon Nov 28 10:00:44 2011  CHKVER: as of date is '2011-08-15T11:00:47'
Mon Nov 28 10:00:44 2011  CHKVER: This version of ntop is the CURRENT stable version
Mon Nov 28 10:00:47 2011  THREADMGMT[t703803072]: RRD: Started thread for throughput data collection
Mon Nov 28 10:00:47 2011  THREADMGMT[t703803072]: RRD: Throughput data collection: Thread starting [p10602]
Mon Nov 28 10:00:47 2011  THREADMGMT[t699594560]: RRD: Data collection thread running [p10602]
Mon Nov 28 10:00:47 2011  THREADMGMT[t703803072]: RRD: Throughput data collection: Thread running [p10602]
```

when i check for the error with tail /var/log/message command, it show no error

```
Nov 28 10:00:37 127 ntop[10602]:   THREADMGMT[t685773120]: ntop RUNSTATE: PREINIT(1)
Nov 28 10:00:37 127 ntop[10602]:   THREADMGMT[t685773120]: ntop RUNSTATE: INIT(2)
```


----------



## wblock@ (Nov 28, 2011)

Are you using port 3001 in the URL entered into the browser?


----------



## DutchDaemon (Nov 28, 2011)

```
Mon Nov 28 10:00:37 2011  INITWEB: Waiting for HTTPS (SSL) connections on port 3001
Mon Nov 28 10:00:37 2011  INITWEB: Starting web server
Mon Nov 28 10:00:37 2011  THREADMGMT[t699594880]: INITWEB: Started thread for web server
Mon Nov 28 10:00:37 2011  Listening on [none]
```

Try giving it an IP address/interface to actually bind to, I'm not sure if this works as you expect.


----------



## ryuusoultaker (Nov 29, 2011)

wblock@ said:
			
		

> Are you using port 3001 in the URL entered into the browser?



i entered https://myippublic:3001/ in browser and it said the webpage is not available.


----------



## ryuusoultaker (Nov 29, 2011)

there's a router in front of my server, but i have forward the port into my server. so i don't know which IP address to bind to..

this is the respond when i used ntop @/etc/ntop.conf -w 3000 -W 3001 -i em0 


```
Processing file /etc/ntop.conf for parameters...
NOTE: Interface merge enabled by default
Initializing gdbm databases ntop v.4.1.0 (32 bit)
Configured on Nov 25 2011 19:16:57, built on Nov 25 2011 19:17:07.
Copyright 1998-2011 by Luca Deri <deri@ntop.org>
Get the freshest ntop from http://www.ntop.org/
NOTE: ntop is running from '/usr/local/bin'
NOTE: (but see warning on man page for the --instance parameter)
NOTE: ntop libraries are in '/usr/local/lib'
Initializing ntop
Checking em0 for additional devices
Resetting traffic statistics for device em0
Initializing device em0 (0)
DLT: Device 0 [em0] is 1, mtu 1514, header 14
Initialized events [mask: 0][path: ]
Initializing gdbm databases
VENDOR: Loading MAC address table.
VENDOR: Checking for MAC address table file
VENDOR: File '/usr/local/etc/ntop/specialMAC.txt.gz' doees not need to be reloaded
VENDOR: ntop continues ok
VENDOR: Checking for MAC address table file
VENDOR: File '/usr/local/etc/ntop/oui.txt.gz' does not need to be reloaded
VENDOR: ntop continues ok
Fingerprint: Loading signature file
Fingerprint: Checking for Fingerprint file... file
Fingerprint: Loading file '/usr/local/etc/ntop/etter.finger.os.gz'
Fingerprint: ...loaded 1765 records
Initializing external applications
THREADMGMT[t700424512]: SFP: Started thread for finger printing
THREADMGMT[t700424512]: SFP: Fingerprint scan thread starting [p2454]
THREADMGMT[t700423872]: SIH: Started thread for idle hosts detection
THREADMGMT[t700423552]: DNSAR(1): Started thread for DNS address resolution
THREADMGMT[t700423232]: DNSAR(2): Started thread for DNS address resolution
THREADMGMT[t700422912]: DNSAR(3): Started thread for DNS address resolution
Calling plugin start functions (if any)
THREADMGMT[t700423232]: DNSAR(2): Address resolution thread running
THREADMGMT[t700423552]: DNSAR(1): Address resolution thread running
GeoIP: loaded config file /usr/local/etc/ntop/GeoLiteCity.dat
THREADMGMT[t700422912]: DNSAR(3): Address resolution thread running
GeoIP: loaded ASN config file /usr/local/etc/ntop/GeoIPASNum.dat
THREADMGMT[t700423872]: SIH: Idle host scan thread starting [p2454]
SSL: Initializing...
SSL_PRNG: Automatically initialized!
SSL initialized successfully
INITWEB: Initializing web server
INITWEB: Initializing TCP/IP socket connections for web server
INITWEB: Initialized socket, port 3000, address (any)
INITWEB: Waiting for HTTP connections on port 3000
INITWEB: Initialized ssl socket, port 3001, address (any)
INITWEB: Waiting for HTTPS (SSL) connections on port 3001
INITWEB: Starting web server
THREADMGMT[t700422272]: INITWEB: Started thread for web server
Listening on [em0]
Loading Plugins
THREADMGMT[t700422272]: WEB: Server connection thread starting [p2454]
Note: SIGPIPE handler set (ignore)
Searching for plugins in /usr/local/lib/ntop/plugins
THREADMGMT[t700422272]: WEB: Server connection thread running [p2454]
WEB: ntop's web server is now processing requests
ICMP: Welcome to ICMPWatch. (C) 1999-2005 by Luca Deri
NETFLOW: Welcome to NetFlow.(C) 2002-11 by Luca Deri
CPACKET: Welcome to cPacket.(C) 2008 by Luca Deri
RRD: Welcome to Round-Robin Database. (C) 2002-11 by Luca Deri.
SFLOW: Welcome to sFlow.(C) 2002-11 by Luca Deri
Calling plugin start functions (if any)
RRD: Welcome to the RRD plugin
RRD: Mask for new directories is 0700
RRD: Mask for new files is 0066
THREADMGMT: RRD: Started thread (t700421952) for data collection
THREADMGMT[t700421952]: RRD: Data collection thread starting [p2454]
INIT: Created pid file (/var/run/ntop.pid)
THREADMGMT[t685773120]: ntop RUNSTATE: INITNONROOT(3)
Now running as requested user 'ntop' (1004:65534)
Note: Reporting device initally set to 0 [em0] (merged)
THREADMGMT[t685773120]: ntop RUNSTATE: RUN(4)
THREADMGMT[t700421632]: NPS(1): Started thread for network packet sniffing [em0]
THREADMGMT[t700421632]: NPS(em0): pcapDispatch thread starting [p2454]
THREADMGMT[t700421632]: NPS(em0): pcapDispatch thread running [p2454]
THREADMGMT[t700424512]: SFP: Fingerprint scan thread running [p2454]
THREADMGMT[t700423872]: SIH: Idle host scan thread running [p2454]
CHKVER: Checking current ntop version at version.ntop.org/version.xml
CHKVER: Version file is from 'version.ntop.org'
CHKVER: as of date is '2011-08-15T11:00:47'
CHKVER: This version of ntop is the CURRENT stable version
THREADMGMT[t730357440]: RRD: Started thread for throughput data collection
THREADMGMT[t730357440]: RRD: Throughput data collection: Thread starting [p2454]
THREADMGMT[t730357440]: RRD: Throughput data collection: Thread running [p2454]
THREADMGMT[t700421952]: RRD: Data collection thread running [p2454]
```


----------



## ryuusoultaker (Nov 30, 2011)

it solved guys, after i rebooting the router many times..
but thank you for all comment and suggestion.. 
i learn a lot


----------

