ntopng for Windows is a service The ntop installer stores an empty set of options into the registry. Users who need to modify those options can:
- Open a shell and test your options. In order to do this type “ntop /c myFlags”. The “/c” flag is needed to tell ntop not to read flags from the registry but rather from the command line.
- When you’re sure about your flags do “ntopng /i myFlags”. For instance “ntopng /i -i 0 -P C:”.
- Restart the ntop service from the Services control panel.
In particular it is possible to start ntop on a specific interface. In order to show the list of know interfaces type “ntop /h” and ntop will list the list of know interfaces. Each interface has a unique index as shown in this example:
C:\ntop\Binary> ntop /h
…
Available interfaces (-i <interface index>):
[index=0] Parallels Ethernet Adapter (Microsoft’s Packet Scheduler)
(\Device\NPF_{23BD6168-E0F5-4DA5-996C-64837D46572F})
[index=1] TAP-Win32 Adapter V8 (Microsoft’s Packet Scheduler)
(\Device\NPF_{71D604DB-C084-4C80-96AA-6CE4CA9B5926})
[index=2] TAP-Win32 Adapter V8 (Microsoft’s Packet Scheduler)
(\Device\NPF_{A6191646-2C76-4E5E-AA4E-DBDF5315F45E})
In order to start ntop on the interface “Parallels Ethernet Adapter” it’s necessary to use the index 0. In this case
- Remove the previous ntop registered service “ntopng /r”
- Add the new ntop service “ntopng /i -i 0”
- Restart the ntop service