5
ntop allows network traffic information to be stored in a database for further processing. The architecture is the following:
10
+--------+ TCP/IP +-----------+ +----+
11
| ntop | <---------> | DB Client | <--> | DB |
12
+--------+ | +-----------+ +----+
16
ntop and the DB client do not necessarely have to run on the same host. This design solution has been taken in order to decouple ntop from a specific database hence to include DB code inside ntop. UDP is the communication protocol being used. Messages are plain text valid SQL statements that are generated by ntop whenever a relevant event occours (e.g. a TCP connection is terminated) or periodically (e.g. ntop updates the nw traffic information of a certain host).
19
In order to activate DB support, the DB client must talk with a database. Currently a Ms Access database is provided. Other databases can be used provided that the needed SQL tables (see file XXXXXXXXXXXXXX) have been defined.
21
The client is written using the Java language. It communicates with the database via ODBC. The database must be registered (under Windows you do this using the ODBC control panel) with the name "NTOP" [Please change its name if you have named the DB differently]. The client is activated using the "startClient" script. The client opens a UDP socket at the port 4000 (this is an arbitrary port, you can chhose your one) and waits for incoming packets. Once a packet is received, the content (SQL statement) is printed on the screeen and the statement is executed on the the NTOP database.
23
In order to activate DB support on ntop, the '-b' switch has to be used. Supposing to run the client on host myhost.unipi.it, then you should use '-b myhost.unipi.it:4000'.
28
Luca Deri <deri@ntop.org>, June 1999.