| Both sides previous revision Previous revision Next revision | Previous revision |
| linux_router:misc [2023-04-22 Sat wk16 12:41] – [Reserved Ports and IPv4 Reserved Addresses] baumkp | linux_router:misc [2023-12-03 Sun wk48 13:58] (current) – [ntopng] baumkp |
|---|
| ====glances==== | ====glances==== |
| |
| | * ''sudo apt install pipx'' ([[https://pypa.github.io/pipx/|pipx]] — Install and Run Python Applications in Isolated Environments) |
| | * ''pipx ensurepath'' |
| | * ''pipx install glances'' (https://nicolargo.github.io/glances/|Glances]]) |
| | * ''%%pipx inject glances "glances[web]"%%'' ([[https://waylonwalker.com/pipx-w/|Glances webui with pipx]]) |
| | |
| | Like like the references for Debian 12 for glances install are out of date.... |
| * [[https://www.tecmint.com/glances-an-advanced-real-time-system-monitoring-tool-for-linux/|Glances – An Advanced Real Time System Monitoring Tool for Linux]] | * [[https://www.tecmint.com/glances-an-advanced-real-time-system-monitoring-tool-for-linux/|Glances – An Advanced Real Time System Monitoring Tool for Linux]] |
| * [[https://wiki.crowncloud.net/?How_to_install_Glances_on_Debian_11|How to Install Glances System Monitor on Debian 11]] | * [[https://wiki.crowncloud.net/?How_to_install_Glances_on_Debian_11|How to Install Glances System Monitor on Debian 11]] |
| |
| [Service] | [Service] |
| ExecStart=/usr/bin/glances -w -t 2 | #ExecStart=/usr/local/bin/glances -w -t 2 |
| | ExecStart=/home/baumkp/.local/bin/glances -w -t 2 |
| Restart=on-abort | Restart=on-abort |
| |
| ====ntopng==== | ====ntopng==== |
| |
| I tried ntopng. Unfortunately this program suite simply uses too many resources on my router which loads it up close to 100%. There are often reports of dropped packet and such, further indicating overload.\\ | I tried ntopng again in December 2023. I ran in a Docker container on my Router, although markedly improved since trying a few years ago this this program suite still uses uses a lot of resources on my router which loads it up close to 50%. There are occasional reports of dropped packet and such, further indicating overload.\\ I noted a problem with installing the Docker version. The Docker package documentation and defaults are to the ''latest'', yet the available package is listed as ''stable'', e.g. ''docker run -it -p 3000:3000 --net=host ntop/ntopng:stable -i br0'' versus the instructed ''docker run -it -p 3000:3000 -v $(pwd)/ntopng.license:/etc/ntopng.license:ro --net=host ntop/ntopng:latest -i br0'' \\ |
| I have decided to disable. //Worse than this this package suite caused difficulties with my system updates, so I removed it entirely. Note that this may be as it was previously disabled.//\\ | Another thing I do not like about this package is that the free community version is a significantly cut down of the full paid version. The cost on the paid versions are substantial and I can simply not justify for non-commercial home use. There is no general individual personal free full use version available. The Docker container image is 2GB in size, the biggest image I have seen to date. Seems a bit bloated....\\ |
| Another thing I do not like about this package is that the free version is a cut down of the full paid version. There is no general individual personal free full use version available. | **Hence I have decided not to use this software.** |
| |
| There seem to be 2 main services to enable/disable/start/stop, nprobe and ntopng: | **tl;dr** ++++Systemd stuff, not relevant with use of Docker version| |
| | <code>There seem to be 2 main services to enable/disable/start/stop, nprobe and ntopng: |
| * ''sudo systemctl stop ntopng'' | to stop (or start) | * ''sudo systemctl stop ntopng'' | to stop (or start) |
| * ''sudo systemctl disable ntopng'' | to disable (or enable) starting on computer startup | * ''sudo systemctl disable ntopng'' | to disable (or enable) starting on computer startup |
| We can also turn-off the redis service unless something else wnat to also use. | We can also turn-off the redis service unless something else wnat to also use. |
| * ''sudo systemctl stop redis'' | to stop (or start) | * ''sudo systemctl stop redis'' | to stop (or start) |
| * ''sudo systemctl disable redis'' | to disable (or enable) starting on computer startup | * ''sudo systemctl disable redis'' | to disable (or enable) starting on computer startup </code> |
| | ++++ |
| |
| ---- | ---- |
| The Docker installation instructions for Ubuntu from Docker [[https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu/#uninstall-old-versions|Get Docker CE for Ubuntu]]. | The Docker installation instructions for Ubuntu from Docker [[https://docs.docker.com/engine/installation/linux/docker-ce/ubuntu/#uninstall-old-versions|Get Docker CE for Ubuntu]]. |
| |
| __**This is pretty old, I played with it circa 2017, and have not used Docker since. I have successfully been using full KVM based VMs for my main machines and so have not had much need for Docker**__ \\ | __**This is pretty old, I played with it circa 2017, and have not used Docker since. I was successfully been using full KVM based VMs for my main machines and so did not have much need for Docker**__ \\ |
| That being said, I can see the benefits of containerisation, such as Docker, versus full virtual machines, such as KVM. Of course there are also benefits with full VMs!. | That being said, I can see the benefits of containerisation, such as Docker, versus full virtual machines, such as KVM. Of course there are also benefits with full VMs!. |
| | |
| | In 2022 I revisited Docker and basically have move my various VM applications to Docker containers/ stacks. I run my Docker instance in a VM to isolate Docker from bare metal. This is primarily as Docker plays around with iptables. I do not like this, particularly on my main router machine that I use on bare metal nftables as the router/fire software. |
| ====Docker Host Security==== | ====Docker Host Security==== |
| |
| * [[https://www.stationx.net/common-ports-cheat-sheet/|Common Ports Cheat Sheet: The Ultimate Ports & Protocols List]] | * [[https://www.stationx.net/common-ports-cheat-sheet/|Common Ports Cheat Sheet: The Ultimate Ports & Protocols List]] |
| * [[https://www.geeksforgeeks.org/50-common-ports-you-should-know/|50 Common Ports You Should Know]] | * [[https://www.geeksforgeeks.org/50-common-ports-you-should-know/|50 Common Ports You Should Know]] |
| | * Distribution List of Ports (information only) |
| | * <fc #ff00ff>Gentoo</fc> [[https://wiki.gentoo.org/wiki/Project:Quality_Assurance/UID_GID_Assignment|Project:Quality Assurance/UID GID Assignment]] |
| | * <fc #4682b4>Archlinux</fc> [[https://wiki.archlinux.org/title/DeveloperWiki:UID_/_GID_Database|DeveloperWiki:UID / GID Database]] |
| | * <fc #ff0000>Red Hat</fc> [[https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/5/html/deployment_guide/s1-users-groups-standard-users|37.3. Standard Users]] |
| |
| ---- | ---- |